@nordsym/apiclaw 1.3.6 → 1.3.7

package/convex/crons.ts

@@ -0,0 +1,17 @@
+import { cronJobs } from "convex/server";
+import { internal } from "./_generated/api";
+
+const crons = cronJobs();
+
+/**
+ * Daily Usage Reporting to Stripe
+ * Runs at 00:05 UTC every day
+ * Reports metered usage for all active subscriptions
+ */
+crons.daily(
+  "report-usage-to-stripe",
+  { hourUTC: 0, minuteUTC: 5 },
+  internal.billing.reportAllUsageToStripe
+);
+
+export default crons;

package/convex/email.ts

@@ -8,84 +8,68 @@ import { action, internalAction } from "./_generated/server";
 const EMAIL_FROM = "APIClaw <noreply@apiclaw.nordsym.com>";
 const APP_URL = "https://apiclaw.nordsym.com";
 
-// Base email wrapper
+// Base email wrapper - using string concat for Convex compatibility
 function wrapEmail(content: string): string {
-  return `
-<!DOCTYPE html>
-<html>
-<head>
-  <meta charset="utf-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-</head>
-<body style="margin: 0; padding: 0; background-color: #f5f5f5; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif;">
-  <table width="100%" cellpadding="0" cellspacing="0" style="background-color: #f5f5f5; padding: 40px 20px;">
-    <tr>
-      <td align="center">
-        <table width="100%" cellpadding="0" cellspacing="0" style="max-width: 500px; background-color: #ffffff; border-radius: 12px; overflow: hidden; box-shadow: 0 1px 3px rgba(0,0,0,0.1);">
-          <!-- Header -->
-          <tr>
-            <td style="padding: 32px 32px 24px; text-align: center; border-bottom: 1px solid #f0f0f0;">
-              <span style="font-size: 48px;">🦞</span>
-              <h1 style="margin: 16px 0 0; font-size: 24px; font-weight: 700; color: #0a0a0a;">APIClaw</h1>
-            </td>
-          </tr>
-          <!-- Content -->
-          <tr>
-            <td style="padding: 32px;">
-              ${content}
-            </td>
-          </tr>
-          <!-- Footer -->
-          <tr>
-            <td style="padding: 24px 32px; background-color: #fafafa; border-top: 1px solid #f0f0f0;">
-              <p style="margin: 0; font-size: 12px; color: #737373; text-align: center;">
-                <a href="https://apiclaw.nordsym.com" style="color: #ef4444; text-decoration: none;">APIClaw</a> — The API Layer for AI Agents
-              </p>
-              <p style="margin: 8px 0 0; font-size: 12px; color: #a3a3a3; text-align: center;">
-                © ${new Date().getFullYear()} NordSym. Stockholm, Sweden.
-              </p>
-            </td>
-          </tr>
-        </table>
-      </td>
-    </tr>
-  </table>
-</body>
-</html>`;
+  const year = new Date().getFullYear();
+  return [
+    '<!DOCTYPE html>',
+    '<html>',
+    '<head>',
+    '<meta charset="utf-8">',
+    '<meta name="viewport" content="width=device-width, initial-scale=1.0">',
+    '</head>',
+    '<body style="margin: 0; padding: 0; background-color: #f5f5f5; font-family: -apple-system, BlinkMacSystemFont, Segoe UI, Roboto, Helvetica, Arial, sans-serif;">',
+    '<table width="100%" cellpadding="0" cellspacing="0" style="background-color: #f5f5f5; padding: 40px 20px;">',
+    '<tr>',
+    '<td align="center">',
+    '<table width="100%" cellpadding="0" cellspacing="0" style="max-width: 500px; background-color: #ffffff; border-radius: 12px; overflow: hidden; box-shadow: 0 1px 3px rgba(0,0,0,0.1);">',
+    '<tr>',
+    '<td style="padding: 32px 32px 24px; text-align: center; border-bottom: 1px solid #f0f0f0;">',
+    '<span style="font-size: 48px;">🦞</span>',
+    '<h1 style="margin: 16px 0 0; font-size: 24px; font-weight: 700; color: #0a0a0a;">APIClaw</h1>',
+    '</td>',
+    '</tr>',
+    '<tr>',
+    '<td style="padding: 32px;">',
+    content,
+    '</td>',
+    '</tr>',
+    '<tr>',
+    '<td style="padding: 24px 32px; background-color: #fafafa; border-top: 1px solid #f0f0f0;">',
+    '<p style="margin: 0; font-size: 12px; color: #737373; text-align: center;">',
+    '<a href="https://apiclaw.nordsym.com" style="color: #ef4444; text-decoration: none;">APIClaw</a> — The API Layer for AI Agents',
+    '</p>',
+    '<p style="margin: 8px 0 0; font-size: 12px; color: #a3a3a3; text-align: center;">',
+    '© ' + year + ' NordSym. Stockholm, Sweden.',
+    '</p>',
+    '</td>',
+    '</tr>',
+    '</table>',
+    '</td>',
+    '</tr>',
+    '</table>',
+    '</body>',
+    '</html>',
+  ].join('');
 }
 
-// Magic link email template
+// Magic link email template - ultra simple for Convex
 function magicLinkEmailTemplate(verifyUrl: string): string {
-  return wrapEmail(`
-    <h2 style="margin: 0 0 16px; font-size: 20px; font-weight: 600; color: #0a0a0a; text-align: center;">
-      An AI Agent Wants to Connect
-    </h2>
-    
-    <p style="margin: 0 0 24px; font-size: 16px; line-height: 1.6; color: #525252; text-align: center;">
-      Click the button below to verify your email and activate your APIClaw workspace. 
-      Your agent will be able to use APIs immediately.
-    </p>
-    
-    <table width="100%" cellpadding="0" cellspacing="0">
-      <tr>
-        <td align="center" style="padding: 8px 0 24px;">
-          <a href="${verifyUrl}" style="display: inline-block; background: #ef4444; color: white; text-decoration: none; padding: 14px 32px; border-radius: 8px; font-weight: 600; font-size: 16px;">
-            Verify Email & Activate
-          </a>
-        </td>
-      </tr>
-    </table>
-    
-    <div style="background: #fef2f2; border-radius: 8px; padding: 16px; margin-bottom: 16px;">
-      <p style="margin: 0; font-size: 14px; color: #991b1b;">
-        <strong>⚡ Free tier:</strong> 100 API calls included. No credit card required.
-      </p>
-    </div>
-    
-    <p style="margin: 0; font-size: 13px; color: #737373; text-align: center;">
-      This link expires in 1 hour. If you didn't request this, ignore this email.
-    </p>
-  `);
+  // Simple inline HTML - no arrays, no template literals
+  var html = "<!DOCTYPE html><html><head><meta charset='utf-8'></head>";
+  html += "<body style='margin:0;padding:40px;background:#f5f5f5;font-family:Arial,sans-serif;'>";
+  html += "<table width='100%' cellpadding='0' cellspacing='0'><tr><td align='center'>";
+  html += "<table width='500' cellpadding='0' cellspacing='0' style='background:#fff;border-radius:12px;'>";
+  html += "<tr><td style='padding:32px;text-align:center;'>";
+  html += "<div style='font-size:48px;'>🦞</div>";
+  html += "<h1 style='margin:16px 0;color:#0a0a0a;'>APIClaw</h1>";
+  html += "<h2 style='margin:0 0 16px;font-size:20px;color:#0a0a0a;'>An AI Agent Wants to Connect</h2>";
+  html += "<p style='margin:0 0 24px;color:#525252;'>Click below to verify your email and activate your workspace.</p>";
+  html += "<a href='" + verifyUrl + "' style='display:inline-block;background:#ef4444;color:white;padding:14px 32px;border-radius:8px;text-decoration:none;font-weight:600;'>Verify Email</a>";
+  html += "<p style='margin:24px 0 0;font-size:13px;color:#737373;'>Free tier: 50 API calls. This link expires in 1 hour.</p>";
+  html += "</td></tr></table>";
+  html += "</td></tr></table></body></html>";
+  return html;
 }
 
 // Reminder email template
@@ -170,26 +154,45 @@ export const sendMagicLinkEmail = action({
       throw new Error("RESEND_API_KEY not configured");
     }
 
-    const verifyUrl = `${APP_URL}/auth/verify?token=${args.token}`;
-    const html = magicLinkEmailTemplate(verifyUrl);
-
-    const response = await fetch("https://api.resend.com/emails", {
+    var verifyUrl = APP_URL + "/auth/verify?token=" + args.token;
+    
+    // Generate HTML inline (same approach as debug that works)
+    var html = "<!DOCTYPE html><html><head><meta charset='utf-8'></head>";
+    html += "<body style='margin:0;padding:40px;background:#f5f5f5;font-family:Arial,sans-serif;'>";
+    html += "<table width='100%' cellpadding='0' cellspacing='0'><tr><td align='center'>";
+    html += "<table width='500' cellpadding='0' cellspacing='0' style='background:#fff;border-radius:12px;'>";
+    html += "<tr><td style='padding:32px;text-align:center;'>";
+    html += "<div style='font-size:48px;'>🦞</div>";
+    html += "<h1 style='margin:16px 0;color:#0a0a0a;'>APIClaw</h1>";
+    html += "<h2 style='margin:0 0 16px;font-size:20px;color:#0a0a0a;'>An AI Agent Wants to Connect</h2>";
+    html += "<p style='margin:0 0 24px;color:#525252;'>Click below to verify your email and activate your workspace.</p>";
+    html += "<a href='" + verifyUrl + "' style='display:inline-block;background:#ef4444;color:white;padding:14px 32px;border-radius:8px;text-decoration:none;font-weight:600;'>Verify Email</a>";
+    html += "<p style='margin:24px 0 0;font-size:13px;color:#737373;'>Free tier: 50 API calls. This link expires in 1 hour.</p>";
+    html += "</td></tr></table>";
+    html += "</td></tr></table></body></html>";
+    
+    var textContent = "APIClaw - An AI Agent Wants to Connect\n\n";
+    textContent += "Click the link: " + verifyUrl + "\n\n";
+    textContent += "Free tier: 50 API calls. Expires in 1 hour.";
+    
+    var response = await fetch("https://api.resend.com/emails", {
       method: "POST",
       headers: {
-        "Authorization": `Bearer ${RESEND_API_KEY}`,
+        "Authorization": "Bearer " + RESEND_API_KEY,
         "Content-Type": "application/json",
       },
       body: JSON.stringify({
         from: EMAIL_FROM,
         to: args.email,
         subject: "🦞 An AI Agent Wants to Connect — Verify Your Email",
-        html,
+        html: html,
+        text: textContent,
       }),
     });
 
     if (!response.ok) {
-      const error = await response.text();
-      throw new Error(`Failed to send email: ${error}`);
+      var errorText = await response.text();
+      throw new Error("Failed to send email: " + errorText);
     }
 
     return { success: true };
@@ -274,3 +277,53 @@ export const sendLimitReachedEmail = action({
     return { success: true };
   },
 });
+
+// Debug: Test email template generation
+export const debugEmailTemplate = action({
+  args: { email: v.string() },
+  handler: async (ctx, { email }) => {
+    const RESEND_API_KEY = process.env.RESEND_API_KEY;
+    const testUrl = "https://apiclaw.nordsym.com/auth/verify?token=DEBUG_TEST";
+    
+    // Generate HTML using the template
+    var html = "<!DOCTYPE html><html><head><meta charset='utf-8'></head>";
+    html += "<body style='margin:0;padding:40px;background:#f5f5f5;font-family:Arial,sans-serif;'>";
+    html += "<table width='100%' cellpadding='0' cellspacing='0'><tr><td align='center'>";
+    html += "<table width='500' cellpadding='0' cellspacing='0' style='background:#fff;border-radius:12px;'>";
+    html += "<tr><td style='padding:32px;text-align:center;'>";
+    html += "<div style='font-size:48px;'>🦞</div>";
+    html += "<h1 style='margin:16px 0;color:#0a0a0a;'>APIClaw DEBUG</h1>";
+    html += "<h2 style='margin:0 0 16px;font-size:20px;color:#0a0a0a;'>Debug Email Test</h2>";
+    html += "<p style='margin:0 0 24px;color:#525252;'>This is a debug test email.</p>";
+    html += "<a href='" + testUrl + "' style='display:inline-block;background:#ef4444;color:white;padding:14px 32px;border-radius:8px;text-decoration:none;font-weight:600;'>Test Link</a>";
+    html += "</td></tr></table>";
+    html += "</td></tr></table></body></html>";
+    
+    console.log("[Debug] HTML length:", html.length);
+    console.log("[Debug] HTML:", html);
+    
+    const response = await fetch("https://api.resend.com/emails", {
+      method: "POST",
+      headers: {
+        "Authorization": "Bearer " + RESEND_API_KEY,
+        "Content-Type": "application/json",
+      },
+      body: JSON.stringify({
+        from: "APIClaw <noreply@apiclaw.nordsym.com>",
+        to: email,
+        subject: "DEBUG EMAIL FROM CONVEX",
+        html: html,
+      }),
+    });
+    
+    const result = await response.text();
+    console.log("[Debug] Response:", response.status, result);
+    
+    return { 
+      htmlLength: html.length, 
+      htmlPreview: html.substring(0, 200),
+      resendStatus: response.status,
+      resendResult: result 
+    };
+  },
+});

package/convex/feedback.ts

@@ -0,0 +1,265 @@
+import { v } from "convex/values";
+import { mutation, query } from "./_generated/server";
+
+// ============================================
+// SUBMIT FEEDBACK
+// ============================================
+
+export const submitFeedback = mutation({
+  args: {
+    token: v.string(),
+    type: v.union(v.literal("bug"), v.literal("feature"), v.literal("general")),
+    content: v.string(),
+  },
+  handler: async (ctx, args) => {
+    // Verify session
+    const session = await ctx.db
+      .query("agentSessions")
+      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
+      .first();
+
+    if (!session) {
+      throw new Error("Invalid session");
+    }
+
+    // Create feedback entry
+    const feedbackId = await ctx.db.insert("feedback", {
+      workspaceId: session.workspaceId,
+      type: args.type,
+      content: args.content,
+      votes: 0,
+      votedBy: [],
+      status: "new",
+      createdAt: Date.now(),
+    });
+
+    return { success: true, feedbackId };
+  },
+});
+
+// ============================================
+// VOTE ON FEEDBACK
+// ============================================
+
+export const voteFeedback = mutation({
+  args: {
+    token: v.string(),
+    feedbackId: v.id("feedback"),
+    direction: v.union(v.literal("up"), v.literal("down")),
+  },
+  handler: async (ctx, args) => {
+    // Verify session
+    const session = await ctx.db
+      .query("agentSessions")
+      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
+      .first();
+
+    if (!session) {
+      throw new Error("Invalid session");
+    }
+
+    // Get feedback
+    const feedback = await ctx.db.get(args.feedbackId);
+    if (!feedback) {
+      throw new Error("Feedback not found");
+    }
+
+    const workspaceIdStr = session.workspaceId.toString();
+    const hasVoted = feedback.votedBy.includes(workspaceIdStr);
+
+    // Calculate new vote count and votedBy array
+    let newVotes = feedback.votes;
+    let newVotedBy = [...feedback.votedBy];
+
+    if (args.direction === "up") {
+      if (hasVoted) {
+        // Already voted, remove vote
+        newVotes -= 1;
+        newVotedBy = newVotedBy.filter((id) => id !== workspaceIdStr);
+      } else {
+        // Add upvote
+        newVotes += 1;
+        newVotedBy.push(workspaceIdStr);
+      }
+    } else {
+      // Downvote
+      if (hasVoted) {
+        // Already voted up, switch to down (remove 2)
+        newVotes -= 2;
+        newVotedBy = newVotedBy.filter((id) => id !== workspaceIdStr);
+      } else {
+        // Downvote
+        newVotes -= 1;
+      }
+    }
+
+    // Update feedback
+    await ctx.db.patch(args.feedbackId, {
+      votes: newVotes,
+      votedBy: newVotedBy,
+    });
+
+    return { success: true, votes: newVotes, hasVoted: newVotedBy.includes(workspaceIdStr) };
+  },
+});
+
+// ============================================
+// GET FEEDBACK (with filters and sorting)
+// ============================================
+
+export const getFeedback = query({
+  args: {
+    token: v.string(),
+    filterType: v.optional(v.union(v.literal("bug"), v.literal("feature"), v.literal("general"))),
+    filterStatus: v.optional(v.union(v.literal("new"), v.literal("reviewing"), v.literal("planned"), v.literal("shipped"))),
+    sortBy: v.optional(v.union(v.literal("votes"), v.literal("recent"))),
+    limit: v.optional(v.number()),
+  },
+  handler: async (ctx, args) => {
+    // Verify session
+    const session = await ctx.db
+      .query("agentSessions")
+      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
+      .first();
+
+    if (!session) {
+      return { error: "Invalid session" };
+    }
+
+    const workspaceIdStr = session.workspaceId.toString();
+    const limit = args.limit || 50;
+
+    // Get all feedback
+    let feedbackList = await ctx.db.query("feedback").collect();
+
+    // Apply filters
+    if (args.filterType) {
+      feedbackList = feedbackList.filter((f) => f.type === args.filterType);
+    }
+    if (args.filterStatus) {
+      feedbackList = feedbackList.filter((f) => f.status === args.filterStatus);
+    }
+
+    // Sort
+    if (args.sortBy === "votes" || !args.sortBy) {
+      feedbackList.sort((a, b) => b.votes - a.votes);
+    } else if (args.sortBy === "recent") {
+      feedbackList.sort((a, b) => b.createdAt - a.createdAt);
+    }
+
+    // Limit
+    feedbackList = feedbackList.slice(0, limit);
+
+    // Add hasVoted flag for current user
+    const result = feedbackList.map((f) => ({
+      ...f,
+      hasVoted: f.votedBy.includes(workspaceIdStr),
+      isOwn: f.workspaceId.toString() === workspaceIdStr,
+    }));
+
+    return { feedback: result };
+  },
+});
+
+// ============================================
+// GET MY FEEDBACK
+// ============================================
+
+export const getMyFeedback = query({
+  args: {
+    token: v.string(),
+  },
+  handler: async (ctx, args) => {
+    // Verify session
+    const session = await ctx.db
+      .query("agentSessions")
+      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
+      .first();
+
+    if (!session) {
+      return { error: "Invalid session" };
+    }
+
+    const feedbackList = await ctx.db
+      .query("feedback")
+      .withIndex("by_workspaceId", (q) => q.eq("workspaceId", session.workspaceId))
+      .collect();
+
+    // Sort by created date (most recent first)
+    feedbackList.sort((a, b) => b.createdAt - a.createdAt);
+
+    return { feedback: feedbackList };
+  },
+});
+
+// ============================================
+// ADMIN: UPDATE FEEDBACK STATUS
+// ============================================
+
+export const updateFeedbackStatus = mutation({
+  args: {
+    token: v.string(),
+    feedbackId: v.id("feedback"),
+    status: v.union(v.literal("new"), v.literal("reviewing"), v.literal("planned"), v.literal("shipped")),
+  },
+  handler: async (ctx, args) => {
+    // Verify session
+    const session = await ctx.db
+      .query("agentSessions")
+      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
+      .first();
+
+    if (!session) {
+      throw new Error("Invalid session");
+    }
+
+    // For now, allow workspace owners to update status
+    // In future, add admin check
+    const feedback = await ctx.db.get(args.feedbackId);
+    if (!feedback) {
+      throw new Error("Feedback not found");
+    }
+
+    await ctx.db.patch(args.feedbackId, {
+      status: args.status,
+    });
+
+    return { success: true };
+  },
+});
+
+// ============================================
+// DELETE FEEDBACK (own only)
+// ============================================
+
+export const deleteFeedback = mutation({
+  args: {
+    token: v.string(),
+    feedbackId: v.id("feedback"),
+  },
+  handler: async (ctx, args) => {
+    // Verify session
+    const session = await ctx.db
+      .query("agentSessions")
+      .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.token))
+      .first();
+
+    if (!session) {
+      throw new Error("Invalid session");
+    }
+
+    const feedback = await ctx.db.get(args.feedbackId);
+    if (!feedback) {
+      throw new Error("Feedback not found");
+    }
+
+    // Only allow owner to delete
+    if (feedback.workspaceId.toString() !== session.workspaceId.toString()) {
+      throw new Error("Not authorized");
+    }
+
+    await ctx.db.delete(args.feedbackId);
+
+    return { success: true };
+  },
+});

package/convex/http.ts

@@ -1,6 +1,14 @@
 import { httpRouter } from "convex/server";
 import { httpAction } from "./_generated/server";
 import { api, internal } from "./_generated/api";
+import {
+  createCheckoutSession,
+  createPortalSession,
+  handleStripeWebhook,
+  checkoutOptions,
+  portalOptions,
+  webhookOptions,
+} from "./stripeActions";
 
 const http = httpRouter();
 
@@ -632,10 +640,35 @@ http.route({
         fingerprint,
       });
 
-      // Send email
-      await ctx.runAction(api.email.sendMagicLinkEmail, {
-        email: email.toLowerCase(),
-        token: result.token,
+      // Send email directly (bypassing action)
+      var verifyUrl = "https://apiclaw.nordsym.com/auth/verify?token=" + result.token;
+      var html = "<!DOCTYPE html><html><head><meta charset='utf-8'></head>";
+      html += "<body style='margin:0;padding:40px;background:#f5f5f5;font-family:Arial,sans-serif;'>";
+      html += "<table width='100%' cellpadding='0' cellspacing='0'><tr><td align='center'>";
+      html += "<table width='500' cellpadding='0' cellspacing='0' style='background:#fff;border-radius:12px;'>";
+      html += "<tr><td style='padding:32px;text-align:center;'>";
+      html += "<div style='font-size:48px;'>🦞</div>";
+      html += "<h1 style='margin:16px 0;color:#0a0a0a;'>APIClaw</h1>";
+      html += "<h2 style='margin:0 0 16px;font-size:20px;color:#0a0a0a;'>An AI Agent Wants to Connect</h2>";
+      html += "<p style='margin:0 0 24px;color:#525252;'>Click below to verify your email and activate your workspace.</p>";
+      html += "<a href='" + verifyUrl + "' style='display:inline-block;background:#ef4444;color:white;padding:14px 32px;border-radius:8px;text-decoration:none;font-weight:600;'>Verify Email</a>";
+      html += "<p style='margin:24px 0 0;font-size:13px;color:#737373;'>Free tier: 50 API calls. This link expires in 1 hour.</p>";
+      html += "</td></tr></table>";
+      html += "</td></tr></table></body></html>";
+      
+      var RESEND_KEY = process.env.RESEND_API_KEY;
+      await fetch("https://api.resend.com/emails", {
+        method: "POST",
+        headers: {
+          "Authorization": "Bearer " + RESEND_KEY,
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({
+          from: "APIClaw <noreply@apiclaw.nordsym.com>",
+          to: email.toLowerCase(),
+          subject: "🦞 Verify Your Email — APIClaw",
+          html: html,
+        }),
       });
 
       return jsonResponse({
@@ -762,3 +795,46 @@ http.route({
   method: "OPTIONS",
   handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
 });
+
+// ==============================================
+// STRIPE BILLING ENDPOINTS
+// ==============================================
+
+// Create checkout session
+http.route({
+  path: "/api/billing/checkout",
+  method: "POST",
+  handler: createCheckoutSession,
+});
+
+http.route({
+  path: "/api/billing/checkout",
+  method: "OPTIONS",
+  handler: checkoutOptions,
+});
+
+// Create billing portal session
+http.route({
+  path: "/api/billing/portal",
+  method: "POST",
+  handler: createPortalSession,
+});
+
+http.route({
+  path: "/api/billing/portal",
+  method: "OPTIONS",
+  handler: portalOptions,
+});
+
+// Stripe webhook handler
+http.route({
+  path: "/api/webhooks/stripe",
+  method: "POST",
+  handler: handleStripeWebhook,
+});
+
+http.route({
+  path: "/api/webhooks/stripe",
+  method: "OPTIONS",
+  handler: webhookOptions,
+});