@nordsym/apiclaw 1.7.7 → 1.7.9

package/convex/workspaces.ts

@@ -95,9 +95,9 @@ export const verifyMagicLink = mutation({
         status: "active",
         tier: "free",
         usageCount: 0,
-        usageLimit: 50, // Legacy field, now using weekly limits
+        usageLimit: 50, // 50 calls/month for free tier
         weeklyUsageCount: 0,
-        weeklyUsageLimit: 50, // 50 calls/week for free tier
+        weeklyUsageLimit: 50, // Monthly limit (field name is legacy)
         hourlyUsageCount: 0,
         referralCode: newReferralCode!,
         createdAt: Date.now(),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nordsym/apiclaw",
-  "version": "1.7.7",
+  "version": "1.7.9",
   "description": "The API layer for AI agents. Dashboard + 22K APIs + 18 Direct Call providers. MCP native.",
   "type": "module",
   "main": "dist/index.js",

package/src/capability-router.ts

@@ -7,7 +7,7 @@ import { executeAPICall } from './execute.js';
 import { logAPICall } from './mcp-analytics.js';
 
 // Convex HTTP API for capability queries
-const CONVEX_URL = process.env.NEXT_PUBLIC_CONVEX_URL || 'https://adventurous-avocet-799.convex.cloud';
+const CONVEX_URL = process.env.NEXT_PUBLIC_CONVEX_URL || 'https://brilliant-puffin-712.eu-west-1.convex.cloud';
 
 interface ProviderMapping {
   providerId: string;

package/src/cli.ts

@@ -10,7 +10,7 @@ import { discoverAPIs, getAPIDetails, getCategories } from './discovery.js';
 import { executeAPICall, getConnectedProviders } from './execute.js';
 import { readSession, writeSession, clearSession, getMachineFingerprint } from './session.js';
 
-const CONVEX_URL = process.env.CONVEX_URL || 'https://adventurous-avocet-799.convex.cloud';
+const CONVEX_URL = process.env.CONVEX_URL || 'https://brilliant-puffin-712.eu-west-1.convex.cloud';
 const convex = new ConvexHttpClient(CONVEX_URL);
 
 // Colors for terminal

package/src/hivr-whitelist.ts

@@ -5,7 +5,7 @@
  */
 
 // Hivr PROD Convex deployment
-const HIVR_CONVEX_URL = "https://sensible-quail-275.convex.cloud";
+const HIVR_CONVEX_URL = "https://brilliant-puffin-712.eu-west-1.convex.cloud";
 
 // Fallback static whitelist (in case Convex is down)
 const STATIC_WHITELIST = [

package/src/index.ts

@@ -77,6 +77,7 @@ interface WorkspaceContext {
   email: string;
   tier: string;
   usageRemaining: number;
+  usageCount: number;
   status: string;
 }
 
@@ -96,7 +97,7 @@ const anonymousRateLimits = new Map<string, AnonymousRateLimitState>();
 // Rate limit constants
 const ANONYMOUS_HOURLY_LIMIT = 5;
 const ANONYMOUS_WEEKLY_LIMIT = 10;
-const FREE_WEEKLY_LIMIT = 50;
+const FREE_MONTHLY_LIMIT = 50;
 
 /**
  * Calculate minutes until next hour
@@ -111,14 +112,10 @@ function calculateMinutesUntilNextHour(): number {
 /**
  * Get next Monday 00:00 UTC as ISO string
  */
-function getNextMondayUTC(): string {
+function getNextMonthUTC(): string {
   const now = new Date();
-  const dayOfWeek = now.getUTCDay(); // 0 = Sunday, 1 = Monday, etc.
-  const daysUntilMonday = dayOfWeek === 0 ? 1 : 8 - dayOfWeek;
-  const nextMonday = new Date(now);
-  nextMonday.setUTCDate(now.getUTCDate() + daysUntilMonday);
-  nextMonday.setUTCHours(0, 0, 0, 0);
-  return nextMonday.toISOString().replace('T', ' ').slice(0, 16) + ' UTC';
+  const nextMonth = new Date(Date.UTC(now.getUTCFullYear(), now.getUTCMonth() + 1, 1));
+  return nextMonth.toISOString().replace('T', ' ').slice(0, 16) + ' UTC';
 }
 
 /**
@@ -173,10 +170,10 @@ function checkAnonymousRateLimit(fingerprint: string): { allowed: boolean; error
       allowed: false,
       error: JSON.stringify({
         success: false,
-        error: `Weekly limit reached (${ANONYMOUS_WEEKLY_LIMIT} calls)`,
-        hint: "Register to get 50 calls/week",
+        error: `Monthly limit reached (${ANONYMOUS_WEEKLY_LIMIT} calls)`,
+        hint: "Register to get 50 calls/month",
         action: "Run: register_owner({ email: 'you@example.com' })",
-        retry_after: getNextMondayUTC()
+        retry_after: getNextMonthUTC()
       }, null, 2)
     };
   }
@@ -221,6 +218,7 @@ async function validateSession(): Promise<boolean> {
       email: result.email ?? '',
       tier: result.tier ?? 'free',
       usageRemaining: result.usageRemaining ?? 0,
+      usageCount: result.usageCount ?? 0,
       status: result.status ?? 'unknown',
     };
     
@@ -265,7 +263,7 @@ async function trackEarnProgress(workspaceId: string, provider: string, action:
 /**
  * Rate limiting for anonymous proxy usage
  * Limits: 10 calls/week, 5 calls/hour (anonymous)
- *         50 calls/week, 10 calls/hour (authenticated)
+ *         50 calls/month, 10 calls/hour (authenticated)
  */
 interface RateLimitState {
   hourly: { count: number; resetAt: number };
@@ -274,6 +272,9 @@ interface RateLimitState {
 
 const rateLimitStore = new Map<string, RateLimitState>();
 
+// Unregistered (auto-provisioned, no email) users get this many calls before signup required
+const UNREGISTERED_CALL_LIMIT = 5;
+
 /**
  * For proxy providers, allow anonymous usage with rate limiting
  */
@@ -308,12 +309,25 @@ function checkWorkspaceAccess(providerId?: string): { allowed: boolean; error?:
   }
   
   if (workspaceContext.status !== 'active') {
-    return { 
-      allowed: false, 
-      error: `Workspace status: ${workspaceContext.status}. Please verify your email.` 
+    return {
+      allowed: false,
+      error: `Workspace status: ${workspaceContext.status}. Please verify your email.`
     };
   }
-  
+
+  // Unregistered workspaces (auto-provisioned, no email) get limited calls then must register
+  if (!workspaceContext.email && workspaceContext.usageCount >= UNREGISTERED_CALL_LIMIT) {
+    return {
+      allowed: false,
+      error: JSON.stringify({
+        success: false,
+        error: `Register to continue. You've used ${UNREGISTERED_CALL_LIMIT} free calls.`,
+        hint: "Run register_owner with your email to unlock 50 calls/month.",
+        action: "register_owner"
+      }, null, 2)
+    };
+  }
+
   if (workspaceContext.usageRemaining === 0) {
     // Free tier hit weekly limit
     if (workspaceContext.tier === 'free') {
@@ -321,10 +335,10 @@ function checkWorkspaceAccess(providerId?: string): { allowed: boolean; error?:
         allowed: false, 
         error: JSON.stringify({
           success: false,
-          error: `Weekly limit reached (${FREE_WEEKLY_LIMIT} calls)`,
+          error: `Monthly limit reached (${FREE_MONTHLY_LIMIT} calls)`,
           hint: "Upgrade to Backer for unlimited calls",
           upgrade_url: "https://apiclaw.nordsym.com/upgrade",
-          retry_after: getNextMondayUTC()
+          retry_after: getNextMonthUTC()
         }, null, 2)
       };
     }
@@ -1532,6 +1546,7 @@ Docs: https://apiclaw.nordsym.com
             }) as { success: boolean; remaining?: number };
             if (usageResult.success) {
               workspaceContext.usageRemaining = usageResult.remaining ?? -1;
+              workspaceContext.usageCount = (workspaceContext.usageCount || 0) + 1;
             }
 
             // Track earn progress (first direct call + unique APIs)
@@ -1541,18 +1556,29 @@ Docs: https://apiclaw.nordsym.com
           }
         }
 
+        // Build response with signup nudge for unregistered users
+        const responseData: Record<string, unknown> = {
+          status: result.success ? 'success' : 'error',
+          provider: result.provider,
+          action: result.action,
+          type: apiType,
+          ...(result.success ? { data: result.data } : { error: result.error }),
+          ...(result.cost !== undefined ? { cost_sek: result.cost } : {})
+        };
+
+        // Nudge unregistered users
+        if (result.success && workspaceContext && !workspaceContext.email) {
+          const remaining = UNREGISTERED_CALL_LIMIT - (workspaceContext.usageCount || 0);
+          if (remaining > 0 && remaining <= 3) {
+            responseData._notice = `${remaining} free calls remaining. Run register_owner to unlock 50/month.`;
+          }
+        }
+
         return {
           content: [
             {
               type: 'text',
-              text: JSON.stringify({
-                status: result.success ? 'success' : 'error',
-                provider: result.provider,
-                action: result.action,
-                type: apiType,
-                ...(result.success ? { data: result.data } : { error: result.error }),
-                ...(result.cost !== undefined ? { cost_sek: result.cost } : {})
-              }, null, 2)
+              text: JSON.stringify(responseData, null, 2)
             }
           ],
           isError: !result.success
@@ -1729,6 +1755,7 @@ Docs: https://apiclaw.nordsym.com
                 email,
                 tier: existing.tier,
                 usageRemaining: existing.usageLimit - existing.usageCount,
+                usageCount: existing.usageCount,
                 status: existing.status,
               };
               
@@ -1770,7 +1797,7 @@ Docs: https://apiclaw.nordsym.com
           }) as { token: string; expiresAt: number };
           
           // Send magic link via email
-          const verifyUrl = `https://apiclaw.nordsym.com/verify?token=${magicLinkResult.token}`;
+          const verifyUrl = `https://apiclaw.nordsym.com/auth/verify?token=${magicLinkResult.token}`;
           
           const emailResponse = await fetch('https://api.resend.com/emails', {
             method: 'POST',
@@ -1860,6 +1887,7 @@ Docs: https://apiclaw.nordsym.com
             email: result.email ?? '',
             tier: result.tier ?? 'free',
             usageRemaining: result.usageRemaining ?? 0,
+            usageCount: result.usageCount ?? 0,
             status: result.status ?? 'unknown',
           };
           
@@ -1940,7 +1968,7 @@ Docs: https://apiclaw.nordsym.com
           }) as { token: string; expiresAt: number };
           
           // TODO: Agent 2 will implement actual email sending
-          const verifyUrl = `https://apiclaw.nordsym.com/verify?token=${magicLinkResult.token}`;
+          const verifyUrl = `https://apiclaw.nordsym.com/auth/verify?token=${magicLinkResult.token}`;
           
           return {
             content: [{

package/src/product-whitelist.ts

@@ -18,7 +18,7 @@ interface ProductSource {
 const PRODUCT_SOURCES: ProductSource[] = [
   {
     name: 'hivr',
-    convexUrl: 'https://sensible-quail-275.convex.cloud',
+    convexUrl: 'https://brilliant-puffin-712.eu-west-1.convex.cloud',
     queryPath: 'agents:list',
     agentIdField: 'handle', // ✅ Fixed: Hivr agents use 'handle', not 'agentId'
   },

package/src/proxy.ts

@@ -4,7 +4,7 @@
 
 import { readSession, getMachineFingerprint } from './session.js';
 
-const PROXY_BASE = "https://adventurous-avocet-799.convex.site/proxy";
+const PROXY_BASE = "https://brilliant-puffin-712.eu-west-1.convex.site/proxy";
 
 export async function callProxy(provider: string, params: any): Promise<any> {
   const url = `${PROXY_BASE}/${provider}`;

package/src/telemetry.ts

@@ -10,7 +10,7 @@
  * Disable with APICLAW_TELEMETRY=false
  */
 
-const TELEMETRY_ENDPOINT = 'https://agile-crane-840.convex.cloud/api/mutation';
+const TELEMETRY_ENDPOINT = 'https://brilliant-puffin-712.eu-west-1.convex.cloud/api/mutation';
 
 interface TelemetryEvent {
   type: 'startup' | 'search' | 'execute' | 'discovery';