@nordsym/apiclaw 1.8.6 → 1.8.7

package/convex/workspaces.js

@@ -1,991 +0,0 @@
-import { mutation, query } from "./_generated/server";
-import { internal } from "./_generated/api";
-import { v } from "convex/values";
-// ============================================
-// MAGIC LINK AUTH FOR WORKSPACES
-// ============================================
-// Create magic link for workspace email auth
-export const createMagicLink = mutation({
-    args: {
-        email: v.string(),
-        fingerprint: v.optional(v.string()),
-    },
-    handler: async (ctx, { email, fingerprint }) => {
-        const token = generateToken();
-        const expiresAt = Date.now() + 15 * 60 * 1000; // 15 minutes
-        await ctx.db.insert("workspaceMagicLinks", {
-            email: email.toLowerCase(),
-            token,
-            sessionFingerprint: fingerprint,
-            expiresAt,
-            createdAt: Date.now(),
-        });
-        return { token, expiresAt };
-    },
-});
-// Generate a unique referral code (CLAW-XXXXXX format)
-function generateReferralCode() {
-    const chars = "ABCDEFGHJKLMNPQRSTUVWXYZ23456789";
-    let code = "";
-    for (let i = 0; i < 6; i++) {
-        code += chars.charAt(Math.floor(Math.random() * chars.length));
-    }
-    return `CLAW-${code}`;
-}
-// Verify magic link and create workspace + session
-export const verifyMagicLink = mutation({
-    args: {
-        token: v.string(),
-        fingerprint: v.optional(v.string()),
-        referralCode: v.optional(v.string()), // Referral code from signup URL
-    },
-    handler: async (ctx, { token, fingerprint, referralCode }) => {
-        const magicLink = await ctx.db
-            .query("workspaceMagicLinks")
-            .withIndex("by_token", (q) => q.eq("token", token))
-            .first();
-        if (!magicLink) {
-            return { success: false, error: "Invalid token" };
-        }
-        if (magicLink.expiresAt < Date.now()) {
-            return { success: false, error: "Token expired" };
-        }
-        if (magicLink.usedAt) {
-            return { success: false, error: "Token already used" };
-        }
-        // Mark as used
-        await ctx.db.patch(magicLink._id, { usedAt: Date.now() });
-        // Find or create workspace
-        let workspace = await ctx.db
-            .query("workspaces")
-            .withIndex("by_email", (q) => q.eq("email", magicLink.email))
-            .first();
-        let isNewUser = false;
-        if (!workspace) {
-            isNewUser = true;
-            // Generate unique referral code for new user
-            let newReferralCode;
-            let attempts = 0;
-            do {
-                newReferralCode = generateReferralCode();
-                const existing = await ctx.db
-                    .query("workspaces")
-                    .withIndex("by_referralCode", (q) => q.eq("referralCode", newReferralCode))
-                    .first();
-                if (!existing)
-                    break;
-                attempts++;
-            } while (attempts < 10);
-            // Create new workspace with free tier + referral code
-            const workspaceId = await ctx.db.insert("workspaces", {
-                email: magicLink.email,
-                status: "active",
-                tier: "free",
-                usageCount: 0,
-                usageLimit: 50, // 50 calls/month for free tier
-                weeklyUsageCount: 0,
-                weeklyUsageLimit: 50, // Monthly limit (field name is legacy)
-                hourlyUsageCount: 0,
-                referralCode: newReferralCode,
-                createdAt: Date.now(),
-                updatedAt: Date.now(),
-            });
-            workspace = await ctx.db.get(workspaceId);
-        }
-        // REFERRAL DISABLED (2026-03-01): Risk of abuse with awesome-list exposure
-        // Tracking referredBy for analytics only, no credit bonus
-        if (isNewUser && referralCode) {
-            const referrer = await ctx.db
-                .query("workspaces")
-                .withIndex("by_referralCode", (q) => q.eq("referralCode", referralCode))
-                .first();
-            if (referrer && referrer._id !== workspace._id) {
-                // Track referral for analytics only
-                await ctx.db.patch(workspace._id, {
-                    referredBy: referrer._id,
-                    updatedAt: Date.now(),
-                });
-                // No credit bonus - referral rewards disabled
-            }
-        }
-        // Reuse existing session for same machine (fix: no more duplicate sessions per login)
-        const sessionToken = generateToken();
-        const userFingerprint2 = fingerprint || magicLink.sessionFingerprint;
-        const existingSession = userFingerprint2
-            ? await ctx.db
-                .query("agentSessions")
-                .withIndex("by_workspaceId", (q) => q.eq("workspaceId", workspace._id))
-                .filter((q) => q.eq(q.field("fingerprint"), userFingerprint2))
-                .first()
-            : null;
-        if (existingSession) {
-            // Refresh existing session instead of creating duplicate
-            await ctx.db.patch(existingSession._id, {
-                sessionToken,
-                lastUsedAt: Date.now(),
-            });
-        }
-        else {
-            await ctx.db.insert("agentSessions", {
-                workspaceId: workspace._id,
-                sessionToken,
-                fingerprint: userFingerprint2 || undefined,
-                lastUsedAt: Date.now(),
-                createdAt: Date.now(),
-            });
-        }
-        // Link agent record to workspace (if agent exists for this fingerprint)
-        if (userFingerprint2) {
-            const agentForFingerprint = await ctx.db
-                .query("agents")
-                .filter((q) => q.eq(q.field("fingerprint"), userFingerprint2))
-                .first();
-            if (agentForFingerprint && !agentForFingerprint.workspaceId) {
-                await ctx.db.patch(agentForFingerprint._id, {
-                    workspaceId: workspace._id,
-                });
-            }
-        }
-        // Claim anonymous usage history
-        const userFingerprint = fingerprint || magicLink.sessionFingerprint;
-        if (userFingerprint) {
-            try {
-                // Find all analytics records with matching fingerprint and no workspaceId
-                const analyticsRecords = await ctx.db
-                    .query("analytics")
-                    .withIndex("by_identifier", (q) => q.eq("identifier", userFingerprint))
-                    .collect();
-                // Filter to only unclaimed records
-                const unclaimedRecords = analyticsRecords.filter((r) => !r.workspaceId);
-                // Update each record to link it to the workspace
-                for (const record of unclaimedRecords) {
-                    await ctx.db.patch(record._id, { workspaceId: workspace._id });
-                }
-            }
-            catch (err) {
-                // Non-critical error, just log it
-                console.error('Failed to claim anonymous usage:', err);
-            }
-        }
-        // Notify Inbound Net (ALERTS) — async, non-blocking
-        await ctx.scheduler.runAfter(0, internal.inbound.notifySignup, {
-            email: workspace.email,
-            workspaceId: workspace._id,
-            tier: workspace.tier,
-            isNewUser,
-            timestamp: Date.now(),
-        });
-        return {
-            success: true,
-            sessionToken,
-            workspace: {
-                id: workspace._id,
-                email: workspace.email,
-                tier: workspace.tier,
-                referralCode: workspace.referralCode,
-            },
-        };
-    },
-});
-// Get session from token
-export const getSession = query({
-    args: { token: v.string() },
-    handler: async (ctx, { token }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session) {
-            return null;
-        }
-        const workspace = await ctx.db.get(session.workspaceId);
-        if (!workspace)
-            return null;
-        return {
-            workspaceId: workspace._id,
-            email: workspace.email,
-            tier: workspace.tier,
-            status: workspace.status,
-            usageCount: workspace.usageCount,
-            usageLimit: workspace.usageLimit,
-        };
-    },
-});
-// ============================================
-// DASHBOARD QUERIES
-// ============================================
-// Get full workspace dashboard data
-export const getWorkspaceDashboard = query({
-    args: { token: v.string() },
-    handler: async (ctx, { token }) => {
-        // Verify session
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session) {
-            return null;
-        }
-        // Note: lastUsedAt is updated via touchSession mutation separately
-        const workspace = await ctx.db.get(session.workspaceId);
-        if (!workspace)
-            return null;
-        // Get all agent sessions for this workspace
-        const agentSessions = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_workspaceId", (q) => q.eq("workspaceId", session.workspaceId))
-            .collect();
-        // Count agents: 1 main agent (if exists) + subagents
-        const hasMainAgent = workspace.mainAgentId ? 1 : 0;
-        const subagents = await ctx.db
-            .query("subagents")
-            .withIndex("by_workspaceId", (q) => q.eq("workspaceId", session.workspaceId))
-            .collect();
-        const totalAgentCount = hasMainAgent + subagents.length;
-        // Get usage logs for this workspace (via agent credits or purchases)
-        const credits = await ctx.db
-            .query("agentCredits")
-            .collect();
-        // Filter credits that belong to this workspace's agents
-        const workspaceCredits = credits.filter(c => agentSessions.some(s => c.agentId === s.sessionToken));
-        // Get purchases for workspace agents
-        const purchases = await ctx.db
-            .query("purchases")
-            .collect();
-        const workspacePurchases = purchases.filter(p => agentSessions.some(s => p.agentId === s.sessionToken));
-        // Calculate usage remaining — backer tier is unlimited
-        const now = Date.now();
-        const isBackerTier = workspace.tier === "backer" || workspace.tier === "founder" ||
-            (workspace.backerUntil && workspace.backerUntil > now);
-        const effectiveLimit = isBackerTier ? -1 : workspace.usageLimit; // -1 = unlimited
-        const usageRemaining = isBackerTier ? -1 : Math.max(0, workspace.usageLimit - workspace.usageCount);
-        const usagePercentage = isBackerTier ? 0 : (workspace.usageCount / workspace.usageLimit) * 100;
-        // Budget status (PRD 2.6)
-        const monthStart = getMonthStartForBudget();
-        let currentSpend = workspace.monthlySpendCents || 0;
-        if (!workspace.lastSpendResetAt || workspace.lastSpendResetAt < monthStart) {
-            currentSpend = 0;
-        }
-        const budgetCap = workspace.budgetCap || null;
-        return {
-            workspace: {
-                id: workspace._id,
-                email: workspace.email,
-                workspaceName: workspace.workspaceName,
-                tier: workspace.tier,
-                status: workspace.status,
-                usageCount: workspace.usageCount,
-                usageLimit: effectiveLimit,
-                usageRemaining,
-                usagePercentage,
-                stripeCustomerId: workspace.stripeCustomerId,
-                createdAt: workspace.createdAt,
-                mainAgentName: workspace.mainAgentName,
-                mainAgentId: workspace.mainAgentId,
-            },
-            stats: {
-                totalAgents: totalAgentCount,
-                totalCredits: workspaceCredits.reduce((sum, c) => sum + c.balanceUsd, 0),
-                totalPurchases: workspacePurchases.length,
-            },
-            budget: {
-                budgetCapCents: budgetCap,
-                budgetCapUsd: budgetCap ? budgetCap / 100 : null,
-                currentSpendCents: currentSpend,
-                currentSpendUsd: currentSpend / 100,
-                remainingCents: budgetCap ? Math.max(0, budgetCap - currentSpend) : null,
-                remainingUsd: budgetCap ? Math.max(0, (budgetCap - currentSpend) / 100) : null,
-                budgetPercentage: budgetCap ? Math.min(100, (currentSpend / budgetCap) * 100) : null,
-                pauseOnBudgetExceeded: workspace.pauseOnBudgetExceeded || false,
-                isOverBudget: budgetCap ? currentSpend >= budgetCap : false,
-                isNearBudget: budgetCap ? currentSpend >= budgetCap * 0.8 : false,
-            },
-        };
-    },
-});
-// Helper for budget month start
-function getMonthStartForBudget() {
-    const now = new Date();
-    return new Date(now.getUTCFullYear(), now.getUTCMonth(), 1, 0, 0, 0, 0).getTime();
-}
-// Get connected agents for workspace
-export const getConnectedAgents = query({
-    args: { token: v.string() },
-    handler: async (ctx, { token }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session) {
-            return [];
-        }
-        const agentSessions = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_workspaceId", (q) => q.eq("workspaceId", session.workspaceId))
-            .collect();
-        return agentSessions.map((s) => ({
-            id: s._id,
-            fingerprint: s.fingerprint || "Unknown",
-            customName: s.customName || null,
-            name: s.customName || s.fingerprint || "Unknown",
-            lastUsedAt: s.lastUsedAt,
-            createdAt: s.createdAt,
-            isCurrent: s.sessionToken === token,
-        }));
-    },
-});
-// Admin: Delete session by ID (for cleanup)
-export const adminDeleteSession = mutation({
-    args: { sessionId: v.id("agentSessions") },
-    handler: async (ctx, { sessionId }) => {
-        await ctx.db.delete(sessionId);
-        return { success: true };
-    },
-});
-// Debug: Get sessions by workspace email
-export const getSessionsByEmail = query({
-    args: { email: v.string() },
-    handler: async (ctx, { email }) => {
-        const workspace = await ctx.db
-            .query("workspaces")
-            .withIndex("by_email", (q) => q.eq("email", email.toLowerCase()))
-            .first();
-        if (!workspace) {
-            return { error: "Workspace not found", sessions: [] };
-        }
-        const sessions = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_workspaceId", (q) => q.eq("workspaceId", workspace._id))
-            .collect();
-        return {
-            workspaceId: workspace._id,
-            email: workspace.email,
-            sessions: sessions.map(s => ({
-                id: s._id,
-                fingerprint: s.fingerprint,
-                createdAt: s.createdAt,
-                lastUsedAt: s.lastUsedAt,
-            })),
-        };
-    },
-});
-// Rename an agent session
-export const renameAgent = mutation({
-    args: {
-        token: v.string(),
-        sessionId: v.id("agentSessions"),
-        name: v.string(),
-    },
-    handler: async (ctx, { token, sessionId, name }) => {
-        // Verify the requesting session
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session) {
-            throw new Error("Invalid session");
-        }
-        // Get the session to rename
-        const targetSession = await ctx.db.get(sessionId);
-        if (!targetSession || targetSession.workspaceId !== session.workspaceId) {
-            throw new Error("Session not found or access denied");
-        }
-        // Update the name (stored as customName field)
-        await ctx.db.patch(sessionId, { customName: name });
-        return { success: true };
-    },
-});
-// Get usage breakdown by provider
-export const getUsageBreakdown = query({
-    args: { token: v.string() },
-    handler: async (ctx, { token }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session) {
-            return { byProvider: [], byDay: [], total: 0 };
-        }
-        // Get all sessions for this workspace
-        const agentSessions = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_workspaceId", (q) => q.eq("workspaceId", session.workspaceId))
-            .collect();
-        const sessionTokens = agentSessions.map(s => s.sessionToken);
-        // Get purchases for these agents
-        const allPurchases = await ctx.db.query("purchases").collect();
-        const workspacePurchases = allPurchases.filter(p => sessionTokens.includes(p.agentId));
-        // Get usage for purchases
-        const allUsage = await ctx.db.query("usage").collect();
-        const purchaseIds = workspacePurchases.map(p => p._id);
-        const workspaceUsage = allUsage.filter(u => purchaseIds.includes(u.purchaseId));
-        // Aggregate by provider
-        const byProvider = {};
-        for (const usage of workspaceUsage) {
-            if (!byProvider[usage.providerId]) {
-                byProvider[usage.providerId] = { calls: 0, cost: 0 };
-            }
-            byProvider[usage.providerId].calls += usage.unitsUsed;
-            byProvider[usage.providerId].cost += usage.costIncurredUsd;
-        }
-        // Aggregate by day (last 14 days)
-        const now = Date.now();
-        const fourteenDaysAgo = now - 14 * 24 * 60 * 60 * 1000;
-        const byDay = {};
-        for (const usage of workspaceUsage) {
-            if (usage.lastUsedAt >= fourteenDaysAgo) {
-                const day = new Date(usage.lastUsedAt).toISOString().split("T")[0];
-                byDay[day] = (byDay[day] || 0) + usage.unitsUsed;
-            }
-        }
-        return {
-            byProvider: Object.entries(byProvider).map(([provider, data]) => ({
-                provider,
-                calls: data.calls,
-                cost: data.cost,
-            })),
-            byDay: Object.entries(byDay)
-                .map(([date, calls]) => ({ date, calls }))
-                .sort((a, b) => a.date.localeCompare(b.date)),
-            total: workspaceUsage.reduce((sum, u) => sum + u.unitsUsed, 0),
-        };
-    },
-});
-// ============================================
-// AGENT MANAGEMENT
-// ============================================
-// Revoke an agent session
-export const revokeAgentSession = mutation({
-    args: {
-        token: v.string(),
-        sessionId: v.id("agentSessions"),
-    },
-    handler: async (ctx, { token, sessionId }) => {
-        // Verify the requesting session
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session) {
-            throw new Error("Unauthorized");
-        }
-        // Get the session to revoke
-        const targetSession = await ctx.db.get(sessionId);
-        if (!targetSession) {
-            throw new Error("Session not found");
-        }
-        // Verify same workspace
-        if (targetSession.workspaceId !== session.workspaceId) {
-            throw new Error("Unauthorized");
-        }
-        // Prevent revoking current session
-        if (targetSession.sessionToken === token) {
-            throw new Error("Cannot revoke current session");
-        }
-        // Delete the session
-        await ctx.db.delete(sessionId);
-        return { success: true };
-    },
-});
-// Logout (delete current session)
-export const logout = mutation({
-    args: { token: v.string() },
-    handler: async (ctx, { token }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (session) {
-            await ctx.db.delete(session._id);
-        }
-        return { success: true };
-    },
-});
-// ============================================
-// WORKSPACE MANAGEMENT
-// ============================================
-// Update workspace tier (for Stripe webhooks)
-export const updateTier = mutation({
-    args: {
-        workspaceId: v.id("workspaces"),
-        tier: v.string(),
-        usageLimit: v.number(),
-        stripeCustomerId: v.optional(v.string()),
-    },
-    handler: async (ctx, { workspaceId, tier, usageLimit, stripeCustomerId }) => {
-        const updates = {
-            tier,
-            usageLimit,
-            updatedAt: Date.now(),
-        };
-        if (stripeCustomerId) {
-            updates.stripeCustomerId = stripeCustomerId;
-        }
-        await ctx.db.patch(workspaceId, updates);
-        return { success: true };
-    },
-});
-// Increment usage count
-// Constants for rate limiting
-const FREE_WEEKLY_LIMIT = 50;
-const FREE_HOURLY_LIMIT = 10;
-const BACKER_END_DATE = new Date("2026-12-31T23:59:59Z").getTime();
-// Helper: Get start of current week (Monday 00:00 UTC)
-function getWeekStart() {
-    const now = new Date();
-    const dayOfWeek = now.getUTCDay();
-    const diff = dayOfWeek === 0 ? 6 : dayOfWeek - 1; // Monday = 0
-    const monday = new Date(now);
-    monday.setUTCDate(now.getUTCDate() - diff);
-    monday.setUTCHours(0, 0, 0, 0);
-    return monday.getTime();
-}
-// Helper: Get start of current hour
-function getHourStart() {
-    const now = new Date();
-    now.setUTCMinutes(0, 0, 0);
-    return now.getTime();
-}
-export const incrementUsage = mutation({
-    args: {
-        workspaceId: v.id("workspaces"),
-        amount: v.optional(v.number()),
-    },
-    handler: async (ctx, { workspaceId, amount = 1 }) => {
-        const workspace = await ctx.db.get(workspaceId);
-        if (!workspace) {
-            throw new Error("Workspace not found");
-        }
-        const now = Date.now();
-        const weekStart = getWeekStart();
-        const hourStart = getHourStart();
-        // Check if Backer (unlimited until end of 2026)
-        const isBacker = workspace.tier === "backer" || workspace.tier === "founder" ||
-            (workspace.backerUntil && workspace.backerUntil > now);
-        // Initialize weekly/hourly counters if needed
-        let weeklyCount = workspace.weeklyUsageCount || 0;
-        let hourlyCount = workspace.hourlyUsageCount || 0;
-        // Reset weekly counter if new week
-        if (!workspace.lastWeeklyResetAt || workspace.lastWeeklyResetAt < weekStart) {
-            weeklyCount = 0;
-        }
-        // Reset hourly counter if new hour
-        if (!workspace.lastHourlyResetAt || workspace.lastHourlyResetAt < hourStart) {
-            hourlyCount = 0;
-        }
-        // Check rate limits for free tier
-        if (!isBacker && workspace.tier !== "pro" && workspace.tier !== "enterprise") {
-            // Check hourly limit (10/hour for free)
-            if (hourlyCount + amount > FREE_HOURLY_LIMIT) {
-                throw new Error(`Hourly rate limit exceeded (${FREE_HOURLY_LIMIT}/hour). Upgrade to Backer for unlimited.`);
-            }
-            // Check weekly limit (50/week for free)
-            if (weeklyCount + amount > FREE_WEEKLY_LIMIT) {
-                throw new Error(`Weekly limit exceeded (${FREE_WEEKLY_LIMIT}/week). Upgrade to Backer for unlimited.`);
-            }
-        }
-        const newTotalCount = workspace.usageCount + amount;
-        const newWeeklyCount = weeklyCount + amount;
-        const newHourlyCount = hourlyCount + amount;
-        await ctx.db.patch(workspaceId, {
-            usageCount: newTotalCount,
-            weeklyUsageCount: newWeeklyCount,
-            hourlyUsageCount: newHourlyCount,
-            lastWeeklyResetAt: weekStart,
-            lastHourlyResetAt: hourStart,
-            updatedAt: now,
-        });
-        // Calculate remaining for free tier
-        const weeklyRemaining = isBacker ? Infinity : Math.max(0, FREE_WEEKLY_LIMIT - newWeeklyCount);
-        const hourlyRemaining = isBacker ? Infinity : Math.max(0, FREE_HOURLY_LIMIT - newHourlyCount);
-        return {
-            success: true,
-            usageCount: newTotalCount,
-            weeklyUsageCount: newWeeklyCount,
-            weeklyRemaining,
-            hourlyRemaining,
-            isBacker,
-        };
-    },
-});
-// ============================================
-// POLLING & VERIFICATION ENDPOINTS (for HTTP API)
-// ============================================
-// Poll magic link status (for agents to check if user clicked)
-export const pollMagicLink = query({
-    args: { token: v.string() },
-    handler: async (ctx, { token }) => {
-        const magicLink = await ctx.db
-            .query("workspaceMagicLinks")
-            .withIndex("by_token", (q) => q.eq("token", token))
-            .first();
-        if (!magicLink) {
-            return { status: "not_found" };
-        }
-        const now = Date.now();
-        if (magicLink.usedAt) {
-            // Get the workspace and session
-            const workspace = await ctx.db
-                .query("workspaces")
-                .withIndex("by_email", (q) => q.eq("email", magicLink.email))
-                .first();
-            // Get the latest session for this workspace
-            const session = workspace
-                ? await ctx.db
-                    .query("agentSessions")
-                    .withIndex("by_workspaceId", (q) => q.eq("workspaceId", workspace._id))
-                    .order("desc")
-                    .first()
-                : null;
-            return {
-                status: "verified",
-                workspace: workspace
-                    ? {
-                        id: workspace._id,
-                        email: workspace.email,
-                        tier: workspace.tier,
-                        usageCount: workspace.usageCount,
-                        usageLimit: workspace.usageLimit,
-                    }
-                    : null,
-                sessionToken: session?.sessionToken,
-            };
-        }
-        if (magicLink.expiresAt < now) {
-            return { status: "expired" };
-        }
-        return {
-            status: "pending",
-            expiresAt: magicLink.expiresAt,
-        };
-    },
-});
-// Verify session token (for HTTP API)
-export const verifySession = query({
-    args: { sessionToken: v.string() },
-    handler: async (ctx, { sessionToken }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", sessionToken))
-            .first();
-        if (!session) {
-            return null;
-        }
-        const workspace = await ctx.db.get(session.workspaceId);
-        if (!workspace || workspace.status !== "active") {
-            return null;
-        }
-        return {
-            workspaceId: workspace._id,
-            email: workspace.email,
-            tier: workspace.tier,
-            usageCount: workspace.usageCount,
-            usageLimit: workspace.usageLimit,
-        };
-    },
-});
-// Get workspace by email (for HTTP API)
-export const getByEmail = query({
-    args: { email: v.string() },
-    handler: async (ctx, { email }) => {
-        const workspace = await ctx.db
-            .query("workspaces")
-            .withIndex("by_email", (q) => q.eq("email", email.toLowerCase()))
-            .first();
-        if (!workspace) {
-            return null;
-        }
-        return {
-            id: workspace._id,
-            email: workspace.email,
-            status: workspace.status,
-            tier: workspace.tier,
-            usageCount: workspace.usageCount,
-            usageLimit: workspace.usageLimit,
-        };
-    },
-});
-// Touch session (update lastUsedAt)
-export const touchSession = mutation({
-    args: { sessionToken: v.string() },
-    handler: async (ctx, { sessionToken }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", sessionToken))
-            .first();
-        if (session) {
-            await ctx.db.patch(session._id, { lastUsedAt: Date.now() });
-        }
-    },
-});
-// ============================================
-// MCP WORKSPACE FUNCTIONS
-// ============================================
-// Create a new workspace (called from MCP register_owner)
-export const createWorkspace = mutation({
-    args: { email: v.string() },
-    handler: async (ctx, { email }) => {
-        const normalizedEmail = email.toLowerCase().trim();
-        // Check if workspace exists
-        const existing = await ctx.db
-            .query("workspaces")
-            .withIndex("by_email", (q) => q.eq("email", normalizedEmail))
-            .first();
-        if (existing) {
-            return {
-                success: false,
-                error: "workspace_exists",
-                workspaceId: existing._id,
-                status: existing.status,
-            };
-        }
-        // Create new workspace
-        const workspaceId = await ctx.db.insert("workspaces", {
-            email: normalizedEmail,
-            status: "pending",
-            tier: "free",
-            usageCount: 0,
-            usageLimit: 50, // Free tier limit
-            createdAt: Date.now(),
-            updatedAt: Date.now(),
-        });
-        return { success: true, workspaceId };
-    },
-});
-// Update workspace name
-export const updateWorkspaceName = mutation({
-    args: {
-        token: v.string(),
-        name: v.string(),
-    },
-    handler: async (ctx, { token, name }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session)
-            throw new Error("Invalid session");
-        const trimmed = name.trim();
-        if (trimmed.length < 1 || trimmed.length > 100) {
-            throw new Error("Name must be between 1 and 100 characters");
-        }
-        await ctx.db.patch(session.workspaceId, {
-            workspaceName: trimmed,
-            updatedAt: Date.now(),
-        });
-        return { success: true, name: trimmed };
-    },
-});
-// Set or update password
-export const setPassword = mutation({
-    args: {
-        token: v.string(),
-        password: v.string(),
-    },
-    handler: async (ctx, { token, password }) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", token))
-            .first();
-        if (!session)
-            throw new Error("Invalid session");
-        if (password.length < 8)
-            throw new Error("Password must be at least 8 characters");
-        // Simple hash using built-in crypto
-        const encoder = new TextEncoder();
-        const data = encoder.encode(password + "apiclaw-salt-v1");
-        const hashBuffer = await crypto.subtle.digest("SHA-256", data);
-        const hashArray = Array.from(new Uint8Array(hashBuffer));
-        const hashHex = hashArray.map(b => b.toString(16).padStart(2, "0")).join("");
-        await ctx.db.patch(session.workspaceId, {
-            passwordHash: hashHex,
-            updatedAt: Date.now(),
-        });
-        return { success: true };
-    },
-});
-// Create agent session for workspace (called from MCP after verification)
-export const createAgentSession = mutation({
-    args: {
-        workspaceId: v.id("workspaces"),
-        fingerprint: v.optional(v.string()),
-    },
-    handler: async (ctx, { workspaceId, fingerprint }) => {
-        const workspace = await ctx.db.get(workspaceId);
-        if (!workspace) {
-            return { success: false, error: "workspace_not_found" };
-        }
-        if (workspace.status !== "active") {
-            return { success: false, error: "workspace_not_active" };
-        }
-        const sessionToken = "apiclaw_" + generateToken();
-        await ctx.db.insert("agentSessions", {
-            workspaceId,
-            sessionToken,
-            fingerprint,
-            lastUsedAt: Date.now(),
-            createdAt: Date.now(),
-        });
-        return { success: true, sessionToken };
-    },
-});
-// ============================================
-// HELPER FUNCTIONS
-// ============================================
-function generateToken() {
-    const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
-    let result = "";
-    for (let i = 0; i < 48; i++) {
-        result += chars.charAt(Math.floor(Math.random() * chars.length));
-    }
-    return result;
-}
-// Get workspace status (for MCP check_workspace_status tool)
-export const getWorkspaceStatus = query({
-    args: {
-        sessionToken: v.string(),
-    },
-    handler: async (ctx, args) => {
-        const session = await ctx.db
-            .query("agentSessions")
-            .withIndex("by_sessionToken", (q) => q.eq("sessionToken", args.sessionToken))
-            .first();
-        if (!session) {
-            return { authenticated: false };
-        }
-        const workspace = await ctx.db.get(session.workspaceId);
-        if (!workspace) {
-            return { authenticated: false };
-        }
-        const usageRemaining = workspace.usageLimit > 0
-            ? workspace.usageLimit - workspace.usageCount
-            : -1; // -1 = unlimited
-        return {
-            authenticated: true,
-            email: workspace.email,
-            status: workspace.status,
-            tier: workspace.tier,
-            usageCount: workspace.usageCount,
-            usageLimit: workspace.usageLimit,
-            usageRemaining,
-            hasStripe: !!workspace.stripeCustomerId,
-            createdAt: workspace.createdAt,
-        };
-    },
-});
-// Admin functions for Hivr integration
-export const adminActivateWorkspace = mutation({
-    args: { workspaceId: v.id("workspaces") },
-    handler: async (ctx, { workspaceId }) => {
-        const workspace = await ctx.db.get(workspaceId);
-        if (!workspace) {
-            return { success: false, error: "not_found" };
-        }
-        await ctx.db.patch(workspaceId, {
-            status: "active",
-            tier: "backer",
-            weeklyUsageLimit: 999999,
-            updatedAt: Date.now(),
-        });
-        return { success: true };
-    },
-});
-export const adminCreateSession = mutation({
-    args: { workspaceId: v.id("workspaces") },
-    handler: async (ctx, { workspaceId }) => {
-        const workspace = await ctx.db.get(workspaceId);
-        if (!workspace || workspace.status !== "active") {
-            return { success: false, error: "workspace_not_active" };
-        }
-        const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
-        let token = '';
-        for (let i = 0; i < 32; i++) {
-            token += chars.charAt(Math.floor(Math.random() * chars.length));
-        }
-        const sessionToken = "apiclaw_" + token;
-        await ctx.db.insert("agentSessions", {
-            workspaceId,
-            sessionToken,
-            fingerprint: "hivr-bees",
-            lastUsedAt: Date.now(),
-            createdAt: Date.now(),
-        });
-        return { success: true, sessionToken };
-    },
-});
-// TEMP: Admin query to debug workspace data
-export const adminGetFullWorkspace = query({
-    args: { email: v.string() },
-    handler: async (ctx, { email }) => {
-        const workspace = await ctx.db
-            .query("workspaces")
-            .withIndex("by_email", (q) => q.eq("email", email.toLowerCase()))
-            .first();
-        if (!workspace) {
-            return null;
-        }
-        return {
-            _id: workspace._id,
-            email: workspace.email,
-            status: workspace.status,
-            tier: workspace.tier,
-            mainAgentId: workspace.mainAgentId || null,
-            mainAgentName: workspace.mainAgentName || null,
-            aiBackend: workspace.aiBackend || null,
-            usageCount: workspace.usageCount,
-            usageLimit: workspace.usageLimit,
-            createdAt: workspace.createdAt,
-            updatedAt: workspace.updatedAt,
-        };
-    },
-});
-/**
- * Claim anonymous usage history when a user registers
- * Links all analytics records with matching fingerprint to the workspace
- */
-export const claimAnonymousUsage = mutation({
-    args: {
-        workspaceId: v.id("workspaces"),
-        machineFingerprint: v.string(),
-    },
-    handler: async (ctx, { workspaceId, machineFingerprint }) => {
-        // Verify workspace exists
-        const workspace = await ctx.db.get(workspaceId);
-        if (!workspace) {
-            return { success: false, error: "Workspace not found" };
-        }
-        // Find all analytics records with matching fingerprint and no workspaceId
-        const analyticsRecords = await ctx.db
-            .query("analytics")
-            .withIndex("by_identifier", (q) => q.eq("identifier", machineFingerprint))
-            .collect();
-        // Filter to only unclaimed records
-        const unclaimedRecords = analyticsRecords.filter((r) => !r.workspaceId);
-        // Update each record to link it to the workspace
-        let claimedCount = 0;
-        for (const record of unclaimedRecords) {
-            await ctx.db.patch(record._id, { workspaceId });
-            claimedCount++;
-        }
-        return {
-            success: true,
-            claimedCount,
-            message: `Claimed ${claimedCount} anonymous usage records`,
-        };
-    },
-});
-export const adminUpdateEmail = mutation({
-    args: { workspaceId: v.id("workspaces"), newEmail: v.string() },
-    handler: async (ctx, { workspaceId, newEmail }) => {
-        await ctx.db.patch(workspaceId, { email: newEmail });
-        return { success: true, email: newEmail };
-    },
-});
-export const adminSetTier = mutation({
-    args: { workspaceId: v.id("workspaces"), tier: v.string() },
-    handler: async (ctx, { workspaceId, tier }) => {
-        await ctx.db.patch(workspaceId, { tier, updatedAt: Date.now() });
-        return { success: true, tier };
-    },
-});
-//# sourceMappingURL=workspaces.js.map