@nordsym/apiclaw 1.8.6 → 1.8.7

package/convex/http.js

@@ -1,1408 +0,0 @@
-import { httpRouter } from "convex/server";
-import { httpAction } from "./_generated/server";
-import { api, internal } from "./_generated/api";
-import { createCheckoutSession, createPortalSession, handleStripeWebhook, checkoutOptions, portalOptions, webhookOptions, } from "./stripeActions";
-const http = httpRouter();
-// Provider catalog
-const PROVIDERS = {
-    "46elks": {
-        name: "46elks",
-        description: "SMS API for EU/Nordics. GDPR compliant.",
-        category: "sms",
-        pricing: "~$0.035/SMS",
-        regions: ["EU", "Nordic"],
-        tags: ["sms", "eu", "gdpr", "nordic"],
-    },
-    twilio: {
-        name: "Twilio",
-        description: "SMS and Voice API. Global coverage.",
-        category: "sms",
-        pricing: "~$0.04/SMS, ~$0.01/min voice",
-        regions: ["Global"],
-        tags: ["sms", "voice", "global"],
-    },
-    resend: {
-        name: "Resend",
-        description: "Modern email API. Developer-friendly.",
-        category: "email",
-        pricing: "~$0.001/email",
-        regions: ["Global"],
-        tags: ["email", "transactional"],
-    },
-    brave_search: {
-        name: "Brave Search",
-        description: "Privacy-focused web search API.",
-        category: "search",
-        pricing: "~$0.005/search",
-        regions: ["Global"],
-        tags: ["search", "web", "privacy"],
-    },
-    openrouter: {
-        name: "OpenRouter",
-        description: "Multi-model LLM API. Access GPT, Claude, Llama, etc.",
-        category: "llm",
-        pricing: "Varies by model",
-        regions: ["Global"],
-        tags: ["llm", "ai", "gpt", "claude"],
-    },
-    elevenlabs: {
-        name: "ElevenLabs",
-        description: "Text-to-speech API. High quality voices.",
-        category: "tts",
-        pricing: "~$0.0003/char",
-        regions: ["Global"],
-        tags: ["tts", "voice", "audio"],
-    },
-    replicate: {
-        name: "Replicate",
-        description: "Run AI models (Whisper, SDXL, Llama, etc). Pay per prediction.",
-        category: "ai",
-        pricing: "Varies by model",
-        regions: ["Global"],
-        tags: ["ai", "ml", "whisper", "image", "audio", "transcription"],
-    },
-    firecrawl: {
-        name: "Firecrawl",
-        description: "Web scraping and crawling API. Extract clean data from any URL.",
-        category: "scraping",
-        pricing: "~$0.001/page",
-        regions: ["Global"],
-        tags: ["scraping", "web", "crawl", "extract"],
-    },
-    github: {
-        name: "GitHub",
-        description: "GitHub API. Search repos, manage code, access developer data.",
-        category: "code",
-        pricing: "Free tier available",
-        regions: ["Global"],
-        tags: ["github", "code", "repos", "developer"],
-    },
-    e2b: {
-        name: "E2B",
-        description: "Secure code sandbox for AI agents. Run Python, shell commands in isolated environments.",
-        category: "sandbox",
-        pricing: "$0.000028/s (2 vCPU)",
-        regions: ["Global"],
-        tags: ["sandbox", "code", "python", "execution", "ai", "agents"],
-    },
-    apilayer: {
-        name: "APILayer",
-        description: "14 APIs: exchange rates, market data, aviation, PDF, screenshots, email/phone verification, VAT, news, scraping, and more.",
-        category: "multi",
-        pricing: "Free tier available, paid plans per API",
-        regions: ["Global"],
-        tags: ["exchange", "stocks", "aviation", "pdf", "screenshot", "verification", "vat", "news", "scraping"],
-    },
-};
-// CORS headers
-const corsHeaders = {
-    "Access-Control-Allow-Origin": "*",
-    "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
-    "Access-Control-Allow-Headers": "Content-Type, Authorization",
-};
-// Helper for JSON responses
-function jsonResponse(data, status = 200) {
-    return new Response(JSON.stringify(data), {
-        status,
-        headers: { "Content-Type": "application/json", ...corsHeaders },
-    });
-}
-// Helper to validate session and log API usage
-async function validateAndLogProxyCall(ctx, request, provider, action) {
-    const identifier = request.headers.get("X-APIClaw-Identifier");
-    const subagentId = request.headers.get("X-APIClaw-Subagent") || "main";
-    console.log("[Proxy] Call received", { provider, action, identifier, subagentId });
-    // Resolve workspaceId from identifier if possible
-    let resolvedWorkspaceId;
-    if (identifier && !identifier.startsWith("anon:") && identifier !== "unknown" && identifier.length > 20) {
-        resolvedWorkspaceId = identifier;
-    }
-    // ALWAYS log to analytics (even if identifier is missing)
-    try {
-        const result = await ctx.runMutation(api.analytics.log, {
-            event: "api_call",
-            provider,
-            identifier: identifier || "unknown",
-            workspaceId: resolvedWorkspaceId,
-            metadata: { action, subagentId },
-        });
-        console.log("[Proxy] Analytics logged:", result);
-    }
-    catch (e) {
-        console.error("[Proxy] Analytics logging failed:", e.message, e.stack);
-        // Continue even if analytics fails
-    }
-    // If we have an identifier and it's a workspace ID (not anon:), log to workspace
-    if (resolvedWorkspaceId) {
-        try {
-            await ctx.runMutation(api.logs.createProxyLog, {
-                workspaceId: resolvedWorkspaceId,
-                provider,
-                action,
-                subagentId,
-            });
-            // Increment workspace usage
-            await ctx.runMutation(api.workspaces.incrementUsage, {
-                workspaceId: resolvedWorkspaceId,
-            });
-            console.log("[Proxy] Workspace logged for:", resolvedWorkspaceId);
-            return { valid: true, workspaceId: resolvedWorkspaceId, subagentId };
-        }
-        catch (e) {
-            console.error("[Proxy] Workspace logging failed:", e.message);
-            // Continue even if workspace logging fails
-        }
-    }
-    // Return success regardless (don't block API calls)
-    return { valid: true, subagentId };
-}
-// OPTIONS handler for CORS
-http.route({
-    path: "/api/discover",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/api/details",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/api/balance",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/api/purchase",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/admin/grant-credits",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// Discover APIs
-http.route({
-    path: "/api/discover",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        try {
-            const startTime = Date.now();
-            const body = await request.json();
-            const query = (body.query || "").toLowerCase();
-            // Get optional auth context
-            const sessionToken = request.headers.get("X-APIClaw-Session");
-            const userAgent = request.headers.get("User-Agent");
-            const results = Object.entries(PROVIDERS)
-                .filter(([id, provider]) => {
-                if (!query)
-                    return true;
-                return (provider.name.toLowerCase().includes(query) ||
-                    provider.description.toLowerCase().includes(query) ||
-                    provider.category.toLowerCase().includes(query) ||
-                    provider.tags.some((tag) => tag.includes(query)));
-            })
-                .map(([id, provider]) => ({
-                providerId: id,
-                ...provider,
-            }));
-            const responseTimeMs = Date.now() - startTime;
-            // Log the search (fire and forget)
-            if (query) {
-                ctx.runMutation(internal.searchLogs.logSearch, {
-                    query: body.query || "", // Original query (not lowercased)
-                    resultsCount: results.length,
-                    matchedProviders: results.map(r => r.providerId),
-                    sessionToken: sessionToken || undefined,
-                    userAgent: userAgent || undefined,
-                    responseTimeMs,
-                }).catch(() => { }); // Ignore errors, don't block response
-            }
-            return jsonResponse({ providers: results, total: results.length });
-        }
-        catch (e) {
-            return jsonResponse({ error: "Invalid request" }, 400);
-        }
-    }),
-});
-// Get provider details
-http.route({
-    path: "/api/details",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        try {
-            const body = await request.json();
-            const { providerId } = body;
-            if (!providerId) {
-                return jsonResponse({ error: "providerId required" }, 400);
-            }
-            const provider = PROVIDERS[providerId];
-            if (!provider) {
-                return jsonResponse({ error: "Provider not found" }, 404);
-            }
-            return jsonResponse({
-                providerId,
-                ...provider,
-                creditsPerDollar: getCreditsPerDollar(providerId),
-                documentation: `https://apiclaw.com/docs/${providerId}`,
-            });
-        }
-        catch (e) {
-            return jsonResponse({ error: "Invalid request" }, 400);
-        }
-    }),
-});
-// Check balance
-http.route({
-    path: "/api/balance",
-    method: "GET",
-    handler: httpAction(async (ctx, request) => {
-        const url = new URL(request.url);
-        const agentId = url.searchParams.get("agentId");
-        if (!agentId) {
-            return jsonResponse({ error: "agentId required" }, 400);
-        }
-        const credits = await ctx.runQuery(api.credits.getAgentCredits, { agentId });
-        if (!credits) {
-            return jsonResponse({
-                agentId,
-                balanceUsd: 0,
-                currency: "USD",
-                message: "No account found. Top up to get started!",
-            });
-        }
-        return jsonResponse({
-            agentId: credits.agentId,
-            balanceUsd: credits.balanceUsd,
-            currency: credits.currency,
-        });
-    }),
-});
-// Purchase API access
-http.route({
-    path: "/api/purchase",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        try {
-            const body = await request.json();
-            const { agentId, providerId, amountUsd } = body;
-            if (!agentId || !providerId || !amountUsd) {
-                return jsonResponse({ error: "agentId, providerId, and amountUsd required" }, 400);
-            }
-            if (amountUsd < 1 || amountUsd > 1000) {
-                return jsonResponse({ error: "amountUsd must be between 1 and 1000" }, 400);
-            }
-            const provider = PROVIDERS[providerId];
-            if (!provider) {
-                return jsonResponse({ error: "Provider not found" }, 404);
-            }
-            // Check balance first
-            const credits = await ctx.runQuery(api.credits.getAgentCredits, { agentId });
-            if (!credits || credits.balanceUsd < amountUsd) {
-                return jsonResponse({
-                    error: "Insufficient balance",
-                    currentBalance: credits?.balanceUsd || 0,
-                    required: amountUsd,
-                }, 402);
-            }
-            // Execute purchase
-            const purchase = await ctx.runMutation(api.purchases.purchaseAccess, {
-                agentId,
-                providerId,
-                amountUsd,
-                credentials: generateCredentials(providerId),
-            });
-            if (!purchase) {
-                return jsonResponse({ error: "Purchase failed" }, 500);
-            }
-            return jsonResponse({
-                success: true,
-                purchase: {
-                    id: purchase._id,
-                    providerId: purchase.providerId,
-                    amountUsd: purchase.amountUsd,
-                    creditsGranted: purchase.creditsGranted,
-                    status: purchase.status,
-                },
-                message: `Successfully purchased $${amountUsd} of ${provider.name} credits`,
-            });
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message || "Purchase failed" }, 400);
-        }
-    }),
-});
-// Admin: Grant credits
-http.route({
-    path: "/admin/grant-credits",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        try {
-            const body = await request.json();
-            const { agentId, amount, reason } = body;
-            if (!agentId || !amount) {
-                return jsonResponse({ error: "agentId and amount required" }, 400);
-            }
-            // TODO: Add admin auth check here
-            // For now, allow grants (this is for Hivr integration)
-            const result = await ctx.runMutation(api.credits.addCredits, {
-                agentId,
-                amountUsd: amount,
-                source: reason || "admin_grant",
-            });
-            return jsonResponse({
-                success: true,
-                agentId,
-                credited: amount,
-                newBalance: result?.balanceUsd,
-                reason,
-            });
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message || "Grant failed" }, 400);
-        }
-    }),
-});
-// Helper functions
-function getCreditsPerDollar(providerId) {
-    const rates = {
-        "46elks": 30,
-        twilio: 25,
-        resend: 1000,
-        brave_search: 200,
-        openrouter: 100,
-        elevenlabs: 3333,
-    };
-    return rates[providerId] || 100;
-}
-function generateCredentials(providerId) {
-    // In production, this would generate or retrieve actual API keys
-    // For now, return placeholder indicating how to use
-    return {
-        type: "apiclaw_proxy",
-        endpoint: `https://brilliant-puffin-712.convex.site/proxy/${providerId}`,
-        note: "Use APIClaw proxy endpoint. Credentials managed automatically.",
-    };
-}
-export default http;
-// ==============================================
-// DIRECT CALL PROXY ENDPOINTS
-// ==============================================
-// OpenRouter proxy
-http.route({
-    path: "/proxy/openrouter",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        await validateAndLogProxyCall(ctx, request, "openrouter", "chat");
-        const OPENROUTER_KEY = process.env.OPENROUTER_API_KEY;
-        if (!OPENROUTER_KEY) {
-            return jsonResponse({ error: "OpenRouter not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const response = await fetch("https://openrouter.ai/api/v1/chat/completions", {
-                method: "POST",
-                headers: {
-                    "Authorization": `Bearer ${OPENROUTER_KEY}`,
-                    "Content-Type": "application/json",
-                    "HTTP-Referer": "https://apiclaw.nordsym.com",
-                    "X-Title": "APIClaw",
-                },
-                body: JSON.stringify(body),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-// Brave Search proxy
-http.route({
-    path: "/proxy/brave_search",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        await validateAndLogProxyCall(ctx, request, "brave_search", "search");
-        const BRAVE_KEY = process.env.BRAVE_API_KEY;
-        if (!BRAVE_KEY) {
-            return jsonResponse({ error: "Brave Search not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { query, count = 10 } = body;
-            const url = new URL("https://api.search.brave.com/res/v1/web/search");
-            url.searchParams.set("q", query);
-            url.searchParams.set("count", String(count));
-            const response = await fetch(url.toString(), {
-                headers: { "X-Subscription-Token": BRAVE_KEY },
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-// Resend email proxy
-http.route({
-    path: "/proxy/resend",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        await validateAndLogProxyCall(ctx, request, "resend", "send_email");
-        const RESEND_KEY = process.env.RESEND_API_KEY;
-        if (!RESEND_KEY) {
-            return jsonResponse({ error: "Resend not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const response = await fetch("https://api.resend.com/emails", {
-                method: "POST",
-                headers: {
-                    "Authorization": `Bearer ${RESEND_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify(body),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-// ElevenLabs TTS proxy
-http.route({
-    path: "/proxy/elevenlabs",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        await validateAndLogProxyCall(ctx, request, "elevenlabs", "text_to_speech");
-        const ELEVENLABS_KEY = process.env.ELEVENLABS_API_KEY;
-        if (!ELEVENLABS_KEY) {
-            return jsonResponse({ error: "ElevenLabs not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { text, voice_id = "21m00Tcm4TlvDq8ikWAM" } = body;
-            const response = await fetch(`https://api.elevenlabs.io/v1/text-to-speech/${voice_id}`, {
-                method: "POST",
-                headers: {
-                    "xi-api-key": ELEVENLABS_KEY,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({
-                    text,
-                    model_id: "eleven_turbo_v2",
-                }),
-            });
-            if (!response.ok) {
-                const error = await response.text();
-                return jsonResponse({ error }, response.status);
-            }
-            // Return audio as base64
-            const arrayBuffer = await response.arrayBuffer();
-            const base64 = Buffer.from(arrayBuffer).toString("base64");
-            return jsonResponse({
-                audio_base64: base64,
-                content_type: "audio/mpeg",
-            });
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/openrouter",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/proxy/brave_search",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/proxy/resend",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/proxy/elevenlabs",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// 46elks SMS proxy
-http.route({
-    path: "/proxy/46elks",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        await validateAndLogProxyCall(ctx, request, "46elks", "send_sms");
-        const ELKS_USER = process.env.ELKS_API_USER;
-        const ELKS_PASS = process.env.ELKS_API_PASSWORD;
-        if (!ELKS_USER || !ELKS_PASS) {
-            return jsonResponse({ error: "46elks not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { to, message, from = "APIClaw" } = body;
-            const auth = btoa(`${ELKS_USER}:${ELKS_PASS}`);
-            const response = await fetch("https://api.46elks.com/a1/sms", {
-                method: "POST",
-                headers: {
-                    "Authorization": `Basic ${auth}`,
-                    "Content-Type": "application/x-www-form-urlencoded",
-                },
-                body: new URLSearchParams({ from, to, message }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-// Twilio SMS proxy
-http.route({
-    path: "/proxy/twilio",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        await validateAndLogProxyCall(ctx, request, "twilio", "send_sms");
-        const TWILIO_SID = process.env.TWILIO_ACCOUNT_SID;
-        const TWILIO_TOKEN = process.env.TWILIO_AUTH_TOKEN;
-        if (!TWILIO_SID || !TWILIO_TOKEN) {
-            return jsonResponse({ error: "Twilio not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { to, message, from } = body;
-            if (!from) {
-                return jsonResponse({ error: "Twilio requires 'from' number" }, 400);
-            }
-            const auth = btoa(`${TWILIO_SID}:${TWILIO_TOKEN}`);
-            const response = await fetch(`https://api.twilio.com/2010-04-01/Accounts/${TWILIO_SID}/Messages.json`, {
-                method: "POST",
-                headers: {
-                    "Authorization": `Basic ${auth}`,
-                    "Content-Type": "application/x-www-form-urlencoded",
-                },
-                body: new URLSearchParams({ To: to, From: from, Body: message }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-// CORS for new endpoints
-http.route({
-    path: "/proxy/46elks",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-http.route({
-    path: "/proxy/twilio",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// GitHub API proxy
-http.route({
-    path: "/proxy/github",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        // Validate session and log usage
-        const body = await request.json();
-        const action = body.action || "search_repos";
-        await validateAndLogProxyCall(ctx, request, "github", action);
-        const GITHUB_TOKEN = process.env.GITHUB_TOKEN;
-        if (!GITHUB_TOKEN) {
-            return jsonResponse({ error: "GitHub not configured" }, 500);
-        }
-        try {
-            const { action, ...params } = body;
-            let url;
-            let method = "GET";
-            let fetchBody;
-            // Route based on action
-            switch (action) {
-                case "search_repos":
-                    const { query, sort = "stars", limit = 10 } = params;
-                    url = `https://api.github.com/search/repositories?q=${encodeURIComponent(query)}&sort=${sort}&per_page=${limit}`;
-                    break;
-                case "get_repo":
-                    const { owner, repo } = params;
-                    url = `https://api.github.com/repos/${owner}/${repo}`;
-                    break;
-                case "list_issues":
-                    const { owner: issueOwner, repo: issueRepo, state = "open", limit: issueLimit = 10 } = params;
-                    url = `https://api.github.com/repos/${issueOwner}/${issueRepo}/issues?state=${state}&per_page=${issueLimit}`;
-                    break;
-                case "create_issue":
-                    const { owner: createOwner, repo: createRepo, title, body: issueBody = "" } = params;
-                    url = `https://api.github.com/repos/${createOwner}/${createRepo}/issues`;
-                    method = "POST";
-                    fetchBody = JSON.stringify({ title, body: issueBody });
-                    break;
-                case "get_file":
-                    const { owner: fileOwner, repo: fileRepo, path } = params;
-                    url = `https://api.github.com/repos/${fileOwner}/${fileRepo}/contents/${path}`;
-                    break;
-                default:
-                    return jsonResponse({ error: `Unknown action: ${action}` }, 400);
-            }
-            const response = await fetch(url, {
-                method,
-                headers: {
-                    "Authorization": `Bearer ${GITHUB_TOKEN}`,
-                    "Accept": "application/vnd.github+json",
-                    "User-Agent": "APIClaw",
-                    ...(fetchBody ? { "Content-Type": "application/json" } : {}),
-                },
-                ...(fetchBody ? { body: fetchBody } : {}),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/github",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// SERPER (Google Search) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/serper",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "serper", "search");
-        const SERPER_KEY = process.env.SERPER_API_KEY;
-        if (!SERPER_KEY) {
-            return jsonResponse({ error: "Serper not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { query, q, num = 10, gl = "us", hl = "en" } = body;
-            const searchQuery = query || q;
-            if (!searchQuery) {
-                return jsonResponse({ error: "query required" }, 400);
-            }
-            const response = await fetch("https://google.serper.dev/search", {
-                method: "POST",
-                headers: {
-                    "X-API-KEY": SERPER_KEY,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ q: searchQuery, num, gl, hl }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/serper",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// FIRECRAWL (Web Scraping) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/firecrawl",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "firecrawl", "scrape");
-        const FIRECRAWL_KEY = process.env.FIRECRAWL_API_KEY;
-        if (!FIRECRAWL_KEY) {
-            return jsonResponse({ error: "Firecrawl not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { url, formats = ["markdown"], onlyMainContent = true } = body;
-            if (!url) {
-                return jsonResponse({ error: "url required" }, 400);
-            }
-            const response = await fetch("https://api.firecrawl.dev/v1/scrape", {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${FIRECRAWL_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ url, formats, onlyMainContent }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/firecrawl",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// GROQ (LLM) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/groq",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "groq", "chat");
-        const GROQ_KEY = process.env.GROQ_API_KEY;
-        if (!GROQ_KEY) {
-            return jsonResponse({ error: "Groq not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { model = "llama-3.3-70b-versatile", messages, temperature = 0.7, max_tokens = 1024 } = body;
-            if (!messages) {
-                return jsonResponse({ error: "messages required" }, 400);
-            }
-            const response = await fetch("https://api.groq.com/openai/v1/chat/completions", {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${GROQ_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ model, messages, temperature, max_tokens }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/groq",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// MISTRAL (LLM/Embeddings) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/mistral",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "mistral", "chat");
-        const MISTRAL_KEY = process.env.MISTRAL_API_KEY;
-        if (!MISTRAL_KEY) {
-            return jsonResponse({ error: "Mistral not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { model = "mistral-small-latest", messages, temperature = 0.7, max_tokens = 1024 } = body;
-            if (!messages) {
-                return jsonResponse({ error: "messages required" }, 400);
-            }
-            const response = await fetch("https://api.mistral.ai/v1/chat/completions", {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${MISTRAL_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ model, messages, temperature, max_tokens }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/mistral",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// COHERE (LLM/Rerank) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/cohere",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "cohere", "chat");
-        const COHERE_KEY = process.env.COHERE_API_KEY;
-        if (!COHERE_KEY) {
-            return jsonResponse({ error: "Cohere not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { model = "command-a-03-2025", message, chat_history, temperature = 0.7, max_tokens = 1024 } = body;
-            if (!message) {
-                return jsonResponse({ error: "message required" }, 400);
-            }
-            const response = await fetch("https://api.cohere.com/v2/chat", {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${COHERE_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ model, message, chat_history, temperature, max_tokens }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/cohere",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// REPLICATE (ML Models) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/replicate",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "replicate", "prediction");
-        const REPLICATE_KEY = process.env.REPLICATE_API_TOKEN;
-        if (!REPLICATE_KEY) {
-            return jsonResponse({ error: "Replicate not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { model, input, version } = body;
-            if (!model && !version) {
-                return jsonResponse({ error: "model or version required" }, 400);
-            }
-            const endpoint = version
-                ? "https://api.replicate.com/v1/predictions"
-                : `https://api.replicate.com/v1/models/${model}/predictions`;
-            const payload = version ? { version, input } : { input };
-            const response = await fetch(endpoint, {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${REPLICATE_KEY}`,
-                    "Content-Type": "application/json",
-                    Prefer: "wait",
-                },
-                body: JSON.stringify(payload),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/replicate",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// DEEPGRAM (Speech-to-Text) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/deepgram",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "deepgram", "transcribe");
-        const DEEPGRAM_KEY = process.env.DEEPGRAM_API_KEY;
-        if (!DEEPGRAM_KEY) {
-            return jsonResponse({ error: "Deepgram not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { url, model = "nova-3", language = "en", smart_format = true } = body;
-            if (!url) {
-                return jsonResponse({ error: "url required (audio file URL)" }, 400);
-            }
-            const params = new URLSearchParams({
-                model,
-                language,
-                smart_format: String(smart_format),
-            });
-            const response = await fetch(`https://api.deepgram.com/v1/listen?${params}`, {
-                method: "POST",
-                headers: {
-                    Authorization: `Token ${DEEPGRAM_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ url }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/deepgram",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// E2B (Code Sandbox) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/e2b",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "e2b", "execute");
-        const E2B_KEY = process.env.E2B_API_KEY;
-        if (!E2B_KEY) {
-            return jsonResponse({ error: "E2B not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { code, language = "python", template = "base" } = body;
-            if (!code) {
-                return jsonResponse({ error: "code required" }, 400);
-            }
-            const response = await fetch("https://api.e2b.dev/sandboxes", {
-                method: "POST",
-                headers: {
-                    "X-API-Key": E2B_KEY,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ templateID: template, metadata: { language } }),
-            });
-            const sandbox = await response.json();
-            if (!response.ok) {
-                return jsonResponse(sandbox, response.status);
-            }
-            const execResponse = await fetch(`https://api.e2b.dev/sandboxes/${sandbox.sandboxID}/code/execution`, {
-                method: "POST",
-                headers: {
-                    "X-API-Key": E2B_KEY,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ code, language }),
-            });
-            const result = await execResponse.json();
-            return jsonResponse(result, execResponse.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/e2b",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// TOGETHER AI (Open-source LLM Inference) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/together",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "together", "chat");
-        const TOGETHER_KEY = process.env.TOGETHER_API_KEY;
-        if (!TOGETHER_KEY) {
-            return jsonResponse({ error: "Together AI not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { model = "meta-llama/Llama-3.3-70B-Instruct-Turbo", messages, temperature = 0.7, max_tokens = 1024 } = body;
-            if (!messages || !Array.isArray(messages)) {
-                return jsonResponse({ error: "messages array required" }, 400);
-            }
-            const response = await fetch("https://api.together.xyz/v1/chat/completions", {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${TOGETHER_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ model, messages, temperature, max_tokens }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/together",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// STABILITY AI (Image Generation) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/stability",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "stability", "generate");
-        const STABILITY_KEY = process.env.STABILITY_API_KEY;
-        if (!STABILITY_KEY) {
-            return jsonResponse({ error: "Stability AI not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { prompt, model = "sd3.5-large", output_format = "png", aspect_ratio = "1:1" } = body;
-            if (!prompt) {
-                return jsonResponse({ error: "prompt required" }, 400);
-            }
-            const formData = new FormData();
-            formData.append("prompt", prompt);
-            formData.append("output_format", output_format);
-            formData.append("aspect_ratio", aspect_ratio);
-            const response = await fetch(`https://api.stability.ai/v2beta/stable-image/generate/${model}`, {
-                method: "POST",
-                headers: {
-                    Authorization: `Bearer ${STABILITY_KEY}`,
-                    Accept: "application/json",
-                },
-                body: formData,
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/stability",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// ASSEMBLYAI (Audio Intelligence) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/assemblyai",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "assemblyai", "transcribe");
-        const ASSEMBLYAI_KEY = process.env.ASSEMBLYAI_API_KEY;
-        if (!ASSEMBLYAI_KEY) {
-            return jsonResponse({ error: "AssemblyAI not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { audio_url, language_detection = true, speaker_labels = true } = body;
-            if (!audio_url) {
-                return jsonResponse({ error: "audio_url required" }, 400);
-            }
-            const response = await fetch("https://api.assemblyai.com/v2/transcript", {
-                method: "POST",
-                headers: {
-                    Authorization: ASSEMBLYAI_KEY,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({ audio_url, language_detection, speaker_labels }),
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/assemblyai",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// APILAYER (Multi-API: Exchange, Stocks, Aviation, etc.) PROXY
-// ==============================================
-http.route({
-    path: "/proxy/apilayer",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        await validateAndLogProxyCall(ctx, request, "apilayer", "call");
-        const APILAYER_KEY = process.env.APILAYER_API_KEY;
-        if (!APILAYER_KEY) {
-            return jsonResponse({ error: "APILayer not configured" }, 500);
-        }
-        try {
-            const body = await request.json();
-            const { service, endpoint, params = {} } = body;
-            if (!service || !endpoint) {
-                return jsonResponse({ error: "service and endpoint required (e.g. service:'exchangerates', endpoint:'/latest')" }, 400);
-            }
-            const queryString = new URLSearchParams(params).toString();
-            const url = `https://api.apilayer.com/${service}${endpoint}${queryString ? '?' + queryString : ''}`;
-            const response = await fetch(url, {
-                method: "GET",
-                headers: {
-                    apikey: APILAYER_KEY,
-                },
-            });
-            const data = await response.json();
-            return jsonResponse(data, response.status);
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/proxy/apilayer",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// WORKSPACE / MAGIC LINK ENDPOINTS
-// ==============================================
-// Create magic link and send email
-http.route({
-    path: "/workspace/magic-link",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        try {
-            const body = await request.json();
-            const { email, fingerprint } = body;
-            if (!email || !email.includes("@")) {
-                return jsonResponse({ error: "Valid email required" }, 400);
-            }
-            // Create magic link
-            const result = await ctx.runMutation(api.workspaces.createMagicLink, {
-                email: email.toLowerCase(),
-                fingerprint,
-            });
-            // Send email directly - SIMPLE HTML (complex tables get stripped by Gmail)
-            const verifyUrl = `https://apiclaw.nordsym.com/auth/verify?token=${result.token}`;
-            const html = `<div style="font-family:Arial,sans-serif;max-width:500px;margin:0 auto;padding:20px;">
-<h1>🦞 APIClaw</h1>
-<h2>An AI Agent Wants to Connect</h2>
-<p>Click below to verify your email and activate your workspace.</p>
-<p><a href="${verifyUrl}" style="background:#ef4444;color:white;padding:14px 32px;border-radius:8px;text-decoration:none;display:inline-block;">Verify Email</a></p>
-<p style="color:#666;font-size:13px;">Free tier: 50 API calls. This link expires in 1 hour.</p>
-<p style="color:#999;font-size:11px;">Or copy this link: ${verifyUrl}</p>
-</div>`;
-            const RESEND_KEY = process.env.RESEND_API_KEY;
-            if (!RESEND_KEY) {
-                console.error("RESEND_API_KEY not configured");
-                return jsonResponse({ error: "Email service not configured" }, 500);
-            }
-            const emailResponse = await fetch("https://api.resend.com/emails", {
-                method: "POST",
-                headers: {
-                    "Authorization": `Bearer ${RESEND_KEY}`,
-                    "Content-Type": "application/json",
-                },
-                body: JSON.stringify({
-                    from: "APIClaw <noreply@apiclaw.nordsym.com>",
-                    to: email.toLowerCase(),
-                    subject: "🦞 Verify Your Email — APIClaw",
-                    html: html,
-                }),
-            });
-            if (!emailResponse.ok) {
-                const errorText = await emailResponse.text();
-                console.error("Resend error:", emailResponse.status, errorText);
-                return jsonResponse({ error: "Failed to send email", details: errorText }, 500);
-            }
-            const emailResult = await emailResponse.json();
-            console.log("Email sent successfully:", emailResult.id);
-            return jsonResponse({
-                success: true,
-                token: result.token,
-                expiresAt: result.expiresAt,
-                message: "Magic link sent! Check your email.",
-                emailId: emailResult.id,
-            });
-        }
-        catch (e) {
-            console.error("Magic link error:", e);
-            return jsonResponse({ error: e.message || "Failed to create magic link" }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/workspace/magic-link",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// Poll magic link status (for agents to check if user clicked)
-http.route({
-    path: "/workspace/poll",
-    method: "GET",
-    handler: httpAction(async (ctx, request) => {
-        const url = new URL(request.url);
-        const token = url.searchParams.get("token");
-        if (!token) {
-            return jsonResponse({ error: "token required" }, 400);
-        }
-        const result = await ctx.runQuery(api.workspaces.pollMagicLink, { token });
-        return jsonResponse(result);
-    }),
-});
-http.route({
-    path: "/workspace/poll",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// Verify session token
-http.route({
-    path: "/workspace/verify-session",
-    method: "GET",
-    handler: httpAction(async (ctx, request) => {
-        const url = new URL(request.url);
-        const sessionToken = url.searchParams.get("sessionToken");
-        if (!sessionToken) {
-            return jsonResponse({ error: "sessionToken required" }, 400);
-        }
-        const result = await ctx.runQuery(api.workspaces.verifySession, { sessionToken });
-        if (!result) {
-            return jsonResponse({ error: "Invalid or expired session" }, 401);
-        }
-        return jsonResponse(result);
-    }),
-});
-http.route({
-    path: "/workspace/verify-session",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// Get workspace by email
-http.route({
-    path: "/workspace/by-email",
-    method: "GET",
-    handler: httpAction(async (ctx, request) => {
-        const url = new URL(request.url);
-        const email = url.searchParams.get("email");
-        if (!email) {
-            return jsonResponse({ error: "email required" }, 400);
-        }
-        const result = await ctx.runQuery(api.workspaces.getByEmail, { email });
-        if (!result) {
-            return jsonResponse({ exists: false });
-        }
-        return jsonResponse({ exists: true, workspace: result });
-    }),
-});
-http.route({
-    path: "/workspace/by-email",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// Send reminder email
-http.route({
-    path: "/workspace/send-reminder",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        try {
-            const body = await request.json();
-            const { email, token } = body;
-            if (!email || !token) {
-                return jsonResponse({ error: "email and token required" }, 400);
-            }
-            await ctx.runAction(api.email.sendReminderEmail, { email, token });
-            return jsonResponse({ success: true });
-        }
-        catch (e) {
-            return jsonResponse({ error: e.message }, 500);
-        }
-    }),
-});
-http.route({
-    path: "/workspace/send-reminder",
-    method: "OPTIONS",
-    handler: httpAction(async () => new Response(null, { headers: corsHeaders })),
-});
-// ==============================================
-// STRIPE BILLING ENDPOINTS
-// ==============================================
-// Create checkout session
-http.route({
-    path: "/api/billing/checkout",
-    method: "POST",
-    handler: createCheckoutSession,
-});
-http.route({
-    path: "/api/billing/checkout",
-    method: "OPTIONS",
-    handler: checkoutOptions,
-});
-// Create billing portal session
-http.route({
-    path: "/api/billing/portal",
-    method: "POST",
-    handler: createPortalSession,
-});
-http.route({
-    path: "/api/billing/portal",
-    method: "OPTIONS",
-    handler: portalOptions,
-});
-// Stripe webhook handler
-http.route({
-    path: "/api/webhooks/stripe",
-    method: "POST",
-    handler: handleStripeWebhook,
-});
-http.route({
-    path: "/api/webhooks/stripe",
-    method: "OPTIONS",
-    handler: webhookOptions,
-});
-// Test endpoint to debug logging
-http.route({
-    path: "/proxy/test-logging",
-    method: "POST",
-    handler: httpAction(async (ctx, request) => {
-        const identifier = request.headers.get("X-APIClaw-Identifier");
-        try {
-            const logId = await ctx.runMutation(api.analytics.log, {
-                event: "test_endpoint",
-                provider: "test",
-                identifier: identifier || "test",
-                metadata: { test: true },
-            });
-            return jsonResponse({
-                success: true,
-                identifier,
-                logId,
-                message: "Logged successfully"
-            });
-        }
-        catch (e) {
-            return jsonResponse({
-                success: false,
-                error: e.message,
-                stack: e.stack
-            }, 500);
-        }
-    }),
-});
-//# sourceMappingURL=http.js.map