npm - @promptbook/cli - Versions diffs - 0.103.0-55 → 0.103.0-66 - Mend

@promptbook/cli 0.103.0-55 → 0.103.0-66

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (91) hide show

package/apps/agents-server/src/database/schema.ts CHANGED Viewed

@@ -128,6 +128,8 @@ export type AgentsServerDatabase = {
                     userAgent: string | null;
                     language: string | null;
                     platform: string | null;
+                    source: 'AGENT_PAGE_CHAT' | 'OPENAI_API_COMPATIBILITY' | null;
+                    apiKey: string | null;
                 };
                 Insert: {
                     id?: number;
@@ -143,6 +145,8 @@ export type AgentsServerDatabase = {
                     userAgent?: string | null;
                     language?: string | null;
                     platform?: string | null;
+                    source?: 'AGENT_PAGE_CHAT' | 'OPENAI_API_COMPATIBILITY' | null;
+                    apiKey?: string | null;
                 };
                 Update: {
                     id?: number;
@@ -158,6 +162,8 @@ export type AgentsServerDatabase = {
                     userAgent?: string | null;
                     language?: string | null;
                     platform?: string | null;
+                    source?: 'AGENT_PAGE_CHAT' | 'OPENAI_API_COMPATIBILITY' | null;
+                    apiKey?: string | null;
                 };
                 Relationships: [];
             };

package/apps/agents-server/src/utils/handleChatCompletion.ts CHANGED Viewed

@@ -1,23 +1,53 @@
+import { $getTableName } from '@/src/database/$getTableName';
+import { $provideSupabaseForServer } from '@/src/database/$provideSupabaseForServer';
 import { $provideAgentCollectionForServer } from '@/src/tools/$provideAgentCollectionForServer';
-import { $provideExecutionToolsForServer } from '@/src/tools/$provideExecutionToolsForServer';
-import { Agent } from '@promptbook-local/core';
-import { ChatMessage, ChatPromptResult, Prompt, TODO_any } from '@promptbook-local/types';
+import { $provideOpenAiAssistantExecutionToolsForServer } from '@/src/tools/$provideOpenAiAssistantExecutionToolsForServer';
+import { Agent, computeAgentHash, PROMPTBOOK_ENGINE_VERSION } from '@promptbook-local/core';
+import { ChatMessage, ChatPromptResult, Prompt, string_book, TODO_any } from '@promptbook-local/types';
+import { computeHash } from '@promptbook-local/utils';
 import { NextRequest, NextResponse } from 'next/server';
+import { validateApiKey } from './validateApiKey';
 export async function handleChatCompletion(
     request: NextRequest,
-    params: { agentName: string },
-    title: string = 'API Chat Completion'
+    params: { agentName?: string },
+    title: string = 'API Chat Completion',
 ) {
-    const { agentName } = params;
+    const { agentName: agentNameFromParams } = params;
-    // Note: Authentication is handled by middleware
-    // If we are here, the request is either authenticated or public access is allowed (but middleware blocks it if not)
+    // Validate API key explicitly (in addition to middleware)
+    const apiKeyValidation = await validateApiKey(request);
+    if (!apiKeyValidation.isValid) {
+        return NextResponse.json(
+            {
+                error: {
+                    message: apiKeyValidation.error || 'Invalid API key',
+                    type: 'authentication_error',
+                },
+            },
+            { status: 401 },
+        );
+    }
+    const apiKey = apiKeyValidation.token || null;
     try {
         const body = await request.json();
         const { messages, stream, model } = body;
+        const agentName = agentNameFromParams || model;
+        if (!agentName) {
+            return NextResponse.json(
+                {
+                    error: {
+                        message: 'Agent name is required. Please provide it in the URL or as the "model" parameter.',
+                        type: 'invalid_request_error',
+                    },
+                },
+                { status: 400 },
+            );
+        }
         if (!messages || !Array.isArray(messages) || messages.length === 0) {
             return NextResponse.json(
                 {
@@ -31,7 +61,7 @@ export async function handleChatCompletion(
         }
         const collection = await $provideAgentCollectionForServer();
-        let agentSource;
+        let agentSource: string_book;
         try {
             agentSource = await collection.getAgentSource(agentName);
         } catch (error) {
@@ -48,16 +78,51 @@ export async function handleChatCompletion(
             );
         }
-        const executionTools = await $provideExecutionToolsForServer();
+        // Note: Handle system messages as CONTEXT
+        const systemMessages = messages.filter((msg: TODO_any) => msg.role === 'system');
+        if (systemMessages.length > 0) {
+            const contextString = systemMessages.map((msg: TODO_any) => `CONTEXT ${msg.content}`).join('\n');
+            agentSource = `${agentSource}\n\n${contextString}` as string_book;
+        }
+        const threadMessages = messages.filter((msg: TODO_any) => msg.role !== 'system');
+        if (threadMessages.length === 0) {
+            return NextResponse.json(
+                {
+                    error: {
+                        message: 'Messages array must contain at least one non-system message.',
+                        type: 'invalid_request_error',
+                    },
+                },
+                { status: 400 },
+            );
+        }
+        const openAiAssistantExecutionTools = await $provideOpenAiAssistantExecutionToolsForServer();
         const agent = new Agent({
             agentSource,
-            executionTools,
+            executionTools: {
+                llm: openAiAssistantExecutionTools, // Note: Use the same OpenAI Assistant LLM tools as the chat route
+            },
             isVerbose: true, // or false
         });
+        const agentHash = computeAgentHash(agentSource);
+        const userAgent = request.headers.get('user-agent');
+        const ip =
+            request.headers.get('x-forwarded-for') ||
+            request.headers.get('x-real-ip') ||
+            request.headers.get('x-client-ip');
+        // Note: Capture language and platform information
+        const language = request.headers.get('accept-language');
+        // Simple platform extraction from userAgent parentheses content (e.g., Windows NT 10.0; Win64; x64)
+        const platform = userAgent ? userAgent.match(/\(([^)]+)\)/)?.[1] : undefined; // <- TODO: [🧠] Improve platform parsing
         // Prepare thread and content
-        const lastMessage = messages[messages.length - 1];
-        const previousMessages = messages.slice(0, -1);
+        const lastMessage = threadMessages[threadMessages.length - 1];
+        const previousMessages = threadMessages.slice(0, -1);
         const thread: ChatMessage[] = previousMessages.map((msg: TODO_any, index: number) => ({
             id: `msg-${index}`, // Placeholder ID
@@ -67,6 +132,30 @@ export async function handleChatCompletion(
             date: new Date(), // We don't have the real date, using current
         }));
+        // Note: Identify the user message
+        const userMessageContent = {
+            role: 'USER',
+            content: lastMessage.content,
+        };
+        const supabase = $provideSupabaseForServer();
+        await supabase.from(await $getTableName('ChatHistory')).insert({
+            createdAt: new Date().toISOString(),
+            messageHash: computeHash(userMessageContent),
+            previousMessageHash: null,
+            agentName,
+            agentHash,
+            message: userMessageContent,
+            promptbookEngineVersion: PROMPTBOOK_ENGINE_VERSION,
+            url: request.url,
+            ip,
+            userAgent,
+            language,
+            platform,
+            source: 'OPENAI_API_COMPATIBILITY',
+            apiKey,
+        });
         const prompt: Prompt = {
             title,
             content: lastMessage.content,
@@ -86,10 +175,29 @@ export async function handleChatCompletion(
                     const runId = `chatcmpl-${Math.random().toString(36).substring(2, 15)}`;
                     const created = Math.floor(Date.now() / 1000);
+                    // Note: Send the initial chunk with role
+                    const initialChunkData = {
+                        id: runId,
+                        object: 'chat.completion.chunk',
+                        created,
+                        model: model || 'promptbook-agent',
+                        choices: [
+                            {
+                                index: 0,
+                                delta: {
+                                    role: 'assistant',
+                                    content: '',
+                                },
+                                finish_reason: null,
+                            },
+                        ],
+                    };
+                    controller.enqueue(encoder.encode(`data: ${JSON.stringify(initialChunkData)}\n\n`));
                     let previousContent = '';
                     try {
-                        await agent.callChatModelStream(prompt, (chunk: ChatPromptResult) => {
+                        const result = await agent.callChatModelStream(prompt, (chunk: ChatPromptResult) => {
                             const fullContent = chunk.content;
                             const deltaContent = fullContent.substring(previousContent.length);
                             previousContent = fullContent;
@@ -114,6 +222,36 @@ export async function handleChatCompletion(
                             }
                         });
+                        // Note: Identify the agent message
+                        const agentMessageContent = {
+                            role: 'MODEL',
+                            content: result.content,
+                        };
+                        // Record the agent message
+                        await supabase.from(await $getTableName('ChatHistory')).insert({
+                            createdAt: new Date().toISOString(),
+                            messageHash: computeHash(agentMessageContent),
+                            previousMessageHash: computeHash(userMessageContent),
+                            agentName,
+                            agentHash,
+                            message: agentMessageContent,
+                            promptbookEngineVersion: PROMPTBOOK_ENGINE_VERSION,
+                            url: request.url,
+                            ip,
+                            userAgent,
+                            language,
+                            platform,
+                            source: 'OPENAI_API_COMPATIBILITY',
+                            apiKey,
+                        });
+                        // Note: [🐱‍🚀] Save the learned data
+                        const newAgentSource = agent.agentSource.value;
+                        if (newAgentSource !== agentSource) {
+                            await collection.updateAgentSource(agentName, newAgentSource);
+                        }
                         const doneChunkData = {
                             id: runId,
                             object: 'chat.completion.chunk',
@@ -149,6 +287,36 @@ export async function handleChatCompletion(
         } else {
             const result = await agent.callChatModel(prompt);
+            // Note: Identify the agent message
+            const agentMessageContent = {
+                role: 'MODEL',
+                content: result.content,
+            };
+            // Record the agent message
+            await supabase.from(await $getTableName('ChatHistory')).insert({
+                createdAt: new Date().toISOString(),
+                messageHash: computeHash(agentMessageContent),
+                previousMessageHash: computeHash(userMessageContent),
+                agentName,
+                agentHash,
+                message: agentMessageContent,
+                promptbookEngineVersion: PROMPTBOOK_ENGINE_VERSION,
+                url: request.url,
+                ip,
+                userAgent,
+                language,
+                platform,
+                source: 'OPENAI_API_COMPATIBILITY',
+                apiKey,
+            });
+            // Note: [🐱‍🚀] Save the learned data
+            const newAgentSource = agent.agentSource.value;
+            if (newAgentSource !== agentSource) {
+                await collection.updateAgentSource(agentName, newAgentSource);
+            }
             return NextResponse.json({
                 id: `chatcmpl-${Math.random().toString(36).substring(2, 15)}`,
                 object: 'chat.completion',
@@ -181,3 +349,7 @@ export async function handleChatCompletion(
         );
     }
 }
+/**
+ * TODO: [🈹] Maybe move chat thread handling here
+ */

package/apps/agents-server/src/utils/resolveInheritedAgentSource.ts CHANGED Viewed

@@ -35,13 +35,20 @@ export async function resolveInheritedAgentSource(
         // So we might need to parse the URL to extract agent name if it matches expected pattern.
         // For now, let's rely on fetch for external and check collection if it looks like a local reference (though FROM expects URL)
-        // If the URL is valid, we try to fetch it
-        // TODO: Handle authentication/tokens for private agents if needed
-        const response = await fetch(parentUrl);
+    // If the URL is valid, we try to fetch it
+    // TODO: Handle authentication/tokens for private agents if needed
-        if (!response.ok) {
-            throw new Error(`Failed to fetch parent agent from ${parentUrl}: ${response.status} ${response.statusText}`);
-        }
+    // TODO: [🧠] Do this logic more robustly
+    let fetchUrl = parentUrl;
+    if (!fetchUrl.endsWith('/api/book') && !fetchUrl.endsWith('.book') && !fetchUrl.endsWith('.md')) {
+        fetchUrl = `${fetchUrl.replace(/\/$/, '')}/api/book`;
+    }
+    const response = await fetch(fetchUrl);
+    if (!response.ok) {
+        throw new Error(`Failed to fetch parent agent from ${fetchUrl}: ${response.status} ${response.statusText}`);
+    }
         // We assume the response is the agent source text
         // TODO: Handle content negotiation or JSON responses if the server returns JSON

package/apps/agents-server/src/utils/validateApiKey.ts ADDED Viewed

@@ -0,0 +1,128 @@
+import { createClient } from '@supabase/supabase-js';
+import { NextRequest } from 'next/server';
+import { SERVERS, SUPABASE_TABLE_PREFIX } from '../../config';
+// Note: Re-implementing normalizeTo_PascalCase to avoid importing from @promptbook-local/utils which might have Node.js dependencies
+function normalizeTo_PascalCase(text: string): string {
+    return text
+        .replace(/(?:^\w|[A-Z]|\b\w)/g, (word) => {
+            return word.toUpperCase();
+        })
+        .replace(/\s+/g, '');
+}
+export type ApiKeyValidationResult = {
+    isValid: boolean;
+    token?: string;
+    error?: string;
+};
+/**
+ * Validates an API key from the Authorization header.
+ * Returns validation result with status and optional error message.
+ *
+ * Note: This function provides explicit API key validation in addition to middleware.
+ * Use this when you need to verify API key validity and return specific error messages.
+ */
+export async function validateApiKey(request: NextRequest): Promise<ApiKeyValidationResult> {
+    const authHeader = request.headers.get('authorization');
+    // If no auth header, check if user has a session cookie (logged in via web)
+    if (!authHeader) {
+        const hasSession = request.cookies.has('sessionToken');
+        if (hasSession) {
+            return { isValid: true };
+        }
+        return {
+            isValid: false,
+            error: 'Missing Authorization header. Provide a valid API key using "Authorization: Bearer ptbk_..."',
+        };
+    }
+    if (!authHeader.startsWith('Bearer ')) {
+        return {
+            isValid: false,
+            error: 'Invalid Authorization header format. Expected "Bearer <token>"',
+        };
+    }
+    const token = authHeader.split(' ')[1];
+    if (!token) {
+        return {
+            isValid: false,
+            error: 'No token provided in Authorization header',
+        };
+    }
+    if (!token.startsWith('ptbk_')) {
+        return {
+            isValid: false,
+            error: 'Invalid API key format. API keys must start with "ptbk_"',
+        };
+    }
+    // Determine the table prefix based on the host
+    const host = request.headers.get('host');
+    let tablePrefix = SUPABASE_TABLE_PREFIX;
+    if (host && SERVERS && SERVERS.length > 0) {
+        if (SERVERS.some((server) => server === host)) {
+            let serverName = host;
+            serverName = serverName.replace(/\.ptbk\.io$/, '');
+            serverName = normalizeTo_PascalCase(serverName);
+            tablePrefix = `server_${serverName}_`;
+        }
+    }
+    const supabaseUrl = process.env.NEXT_PUBLIC_SUPABASE_URL;
+    const supabaseKey = process.env.SUPABASE_SERVICE_ROLE_KEY || process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY;
+    if (!supabaseUrl || !supabaseKey) {
+        console.error('Supabase configuration missing for API key validation');
+        return {
+            isValid: false,
+            error: 'Server configuration error',
+        };
+    }
+    try {
+        const supabase = createClient(supabaseUrl, supabaseKey, {
+            auth: {
+                persistSession: false,
+                autoRefreshToken: false,
+            },
+        });
+        const { data, error } = await supabase
+            .from(`${tablePrefix}ApiTokens`)
+            .select('id, isRevoked')
+            .eq('token', token)
+            .single();
+        if (error || !data) {
+            return {
+                isValid: false,
+                error: 'Invalid API key',
+            };
+        }
+        if (data.isRevoked) {
+            return {
+                isValid: false,
+                error: 'API key has been revoked',
+            };
+        }
+        return {
+            isValid: true,
+            token,
+        };
+    } catch (error) {
+        console.error('Error validating API key:', error);
+        return {
+            isValid: false,
+            error: 'Error validating API key',
+        };
+    }
+}

package/apps/agents-server/tailwind.config.ts CHANGED Viewed

@@ -20,7 +20,7 @@ const config: Config = {
             },
         },
     },
-    plugins: [],
+    plugins: [require('@tailwindcss/typography')],
 };
 export default config;