@tuturuuu/ai 0.0.10

package/src/chat/google/new/route.ts

@@ -0,0 +1,368 @@
+import { google } from '@ai-sdk/google';
+import { createClient } from '@tuturuuu/supabase/next/server';
+import type { SupabaseUser } from '@tuturuuu/supabase/next/user';
+import type { TypedSupabaseClient } from '@tuturuuu/supabase/types';
+import { extractIPFromHeaders } from '@tuturuuu/utils/abuse-protection';
+import {
+  cascadeBackendRateLimitToProxyBan,
+  isBackendRateLimitError,
+} from '@tuturuuu/utils/abuse-protection/backend-rate-limit';
+import { validateAiTempAuthRequest } from '@tuturuuu/utils/ai-temp-auth';
+import { generateText, type UIMessage } from 'ai';
+import { NextResponse } from 'next/server';
+import { normalizeStableModelId } from '../../../credits/model-mapping';
+import {
+  resolveAiMemoryWorkspaceIdForUser,
+  withAiMemory,
+} from '../../../memory';
+import {
+  isInternalTuturuuuAiUser,
+  resolveSupabaseSessionUser,
+} from '../route-auth';
+
+const HUMAN_PROMPT = '\n\nHuman:';
+const AI_PROMPT = '\n\nAssistant:';
+
+/** Always use a lightweight model for title generation */
+const TITLE_MODEL = 'gemini-3.1-flash-lite';
+
+async function buildRateLimitResponse(
+  req: Request,
+  {
+    source,
+    userId,
+  }: {
+    source: 'auth' | 'database';
+    userId?: string | null;
+  }
+) {
+  const ipAddress = extractIPFromHeaders(req.headers);
+  const blockInfo = await cascadeBackendRateLimitToProxyBan({
+    endpoint: new URL(req.url).pathname,
+    ipAddress,
+    source,
+    userId,
+  });
+  const retryAfter = blockInfo
+    ? Math.max(
+        1,
+        Math.ceil((blockInfo.expiresAt.getTime() - Date.now()) / 1000)
+      )
+    : 60;
+
+  return NextResponse.json(
+    { error: 'Too Many Requests', message: 'Rate limit exceeded' },
+    {
+      status: 429,
+      headers: {
+        'Retry-After': `${retryAfter}`,
+      },
+    }
+  );
+}
+
+function getErrorMessage(error: unknown): string {
+  if (
+    error &&
+    typeof error === 'object' &&
+    'message' in error &&
+    typeof error.message === 'string'
+  ) {
+    return error.message;
+  }
+
+  return 'Internal server error.';
+}
+
+type GatewayAuthenticatedClient = {
+  supabase: TypedSupabaseClient;
+  user: SupabaseUser;
+};
+
+type GatewayAuthResolution =
+  | {
+      auth: GatewayAuthenticatedClient;
+      ok: true;
+    }
+  | {
+      ok: false;
+      response: Response;
+    }
+  | null;
+
+type CreatePostOptions = {
+  /** Resolves gateway-level JWT auth without making @tuturuuu/ai depend on auth. */
+  resolveGatewayAuth?: (request: Request) => Promise<GatewayAuthResolution>;
+  /** Gateway provider prefix for bare model names. Defaults to 'google'. */
+  defaultProvider?: string;
+};
+
+type ChatMessageInsertMode = 'direct' | 'rpc';
+
+type AuthenticatedContext = GatewayAuthenticatedClient & {
+  messageInsertMode: ChatMessageInsertMode;
+};
+
+export function createPOST(options: CreatePostOptions = {}) {
+  return async function handler(req: Request) {
+    try {
+      const { id, model, message, isMiraMode } = (await req.json()) as {
+        id?: string;
+        model?: string;
+        message?: string;
+        isMiraMode?: boolean;
+      };
+
+      if (!message)
+        return NextResponse.json('No message provided', { status: 400 });
+
+      const tempAuth = await validateAiTempAuthRequest(req);
+      if (tempAuth.status === 'revoked') {
+        return NextResponse.json('Unauthorized', { status: 401 });
+      }
+
+      let auth: AuthenticatedContext | null = null;
+
+      if (tempAuth.status === 'valid') {
+        const supabase = (await createClient(req)) as TypedSupabaseClient;
+        auth = {
+          messageInsertMode: 'rpc',
+          supabase,
+          user: tempAuth.context.user as SupabaseUser,
+        };
+      } else {
+        const gatewayAuth = await options.resolveGatewayAuth?.(req);
+
+        if (gatewayAuth?.ok === false) {
+          return gatewayAuth.response;
+        }
+
+        if (gatewayAuth?.ok) {
+          auth = {
+            messageInsertMode: 'direct',
+            ...gatewayAuth.auth,
+          };
+        }
+      }
+
+      if (!auth) {
+        const supabase = (await createClient(req)) as TypedSupabaseClient;
+
+        const { user: sessionUser, authError } =
+          await resolveSupabaseSessionUser(supabase);
+
+        if (isBackendRateLimitError(authError)) {
+          return buildRateLimitResponse(req, { source: 'auth' });
+        }
+
+        if (sessionUser) {
+          auth = {
+            messageInsertMode: 'rpc',
+            supabase,
+            user: sessionUser,
+          };
+        }
+      }
+
+      if (!auth) return NextResponse.json('Unauthorized', { status: 401 });
+
+      const { messageInsertMode, supabase, user } = auth;
+
+      if (isMiraMode) {
+        const allowed = await isInternalTuturuuuAiUser({
+          ok: true,
+          supabase,
+          user,
+          ...(tempAuth.status === 'valid'
+            ? { tempAuthContext: tempAuth.context }
+            : {}),
+        });
+        if (!allowed) {
+          return NextResponse.json(
+            { error: 'Mira mode is limited to @tuturuuu.com accounts' },
+            { status: 403 }
+          );
+        }
+      }
+
+      const prompt = buildPrompt([
+        {
+          id: 'initial-message',
+          parts: [{ type: 'text', text: `"${message}"` }],
+          role: 'user',
+        },
+      ]);
+
+      const wsId = await resolveAiMemoryWorkspaceIdForUser({
+        supabase,
+        userId: user.id,
+      });
+
+      // Always use TITLE_MODEL for generating chat titles (cheap + fast)
+      const result = await generateText({
+        model: await withAiMemory({
+          addMemory: 'never',
+          customId: id ? `chat-title-${id}` : `chat-title-${Date.now()}`,
+          model: google(TITLE_MODEL),
+          product: isMiraMode ? 'mira' : 'ai_chat',
+          source: 'ai_chat_title',
+          surface: 'ai_chat_title',
+          userId: user.id,
+          wsId,
+        }),
+        prompt,
+        providerOptions: {
+          google: {
+            safetySettings: [
+              {
+                category: 'HARM_CATEGORY_HARASSMENT',
+                threshold: 'BLOCK_NONE',
+              },
+              {
+                category: 'HARM_CATEGORY_HATE_SPEECH',
+                threshold: 'BLOCK_NONE',
+              },
+              {
+                category: 'HARM_CATEGORY_SEXUALLY_EXPLICIT',
+                threshold: 'BLOCK_NONE',
+              },
+              {
+                category: 'HARM_CATEGORY_DANGEROUS_CONTENT',
+                threshold: 'BLOCK_NONE',
+              },
+            ],
+          },
+        },
+      });
+
+      const title = result.text;
+
+      if (!title) {
+        return NextResponse.json(
+          {
+            message: 'Internal server error.',
+          },
+          { status: 500 }
+        );
+      }
+
+      // Store bare model name for DB compatibility (ai_models FK)
+      const resolvedModel = model
+        ? normalizeStableModelId(
+            model.includes('/') ? model.split('/').pop()! : model
+          ).toLowerCase()
+        : TITLE_MODEL;
+
+      const { data: chat, error: chatError } = await supabase
+        .from('ai_chats')
+        .insert({
+          id,
+          title,
+          creator_id: user.id,
+          model: resolvedModel,
+        })
+        .select('id')
+        .single();
+
+      if (chatError) {
+        if (isBackendRateLimitError(chatError)) {
+          return buildRateLimitResponse(req, {
+            source: 'database',
+            userId: user.id,
+          });
+        }
+
+        console.log(chatError);
+        return NextResponse.json(getErrorMessage(chatError), { status: 500 });
+      }
+
+      const source = isMiraMode ? 'Mira' : 'Rewise';
+      const { error: msgError } =
+        messageInsertMode === 'direct'
+          ? await supabase.from('ai_chat_messages').insert({
+              chat_id: chat.id,
+              content: message,
+              creator_id: user.id,
+              role: 'USER',
+              metadata: { source },
+            })
+          : await supabase.rpc('insert_ai_chat_message', {
+              message: message,
+              chat_id: chat.id,
+              source,
+            });
+
+      if (msgError) {
+        if (isBackendRateLimitError(msgError)) {
+          return buildRateLimitResponse(req, {
+            source: 'database',
+            userId: user.id,
+          });
+        }
+
+        console.log(msgError);
+        return NextResponse.json(getErrorMessage(msgError), { status: 500 });
+      }
+
+      return NextResponse.json({ id: chat.id, title }, { status: 200 });
+    } catch (error: unknown) {
+      console.log(error);
+      return NextResponse.json(
+        {
+          message: `## Edge API Failure\nCould not complete the request. Please view the **Stack trace** below.\n\`\`\`bash\n${error instanceof Error ? error.stack : 'Unknown error'}`,
+        },
+        {
+          status: 500,
+        }
+      );
+    }
+  };
+}
+
+const normalize = (message: UIMessage) => {
+  const { parts, role } = message;
+  // Extract text from parts array
+  const content =
+    parts?.map((part) => (part.type === 'text' ? part.text : '')).join('') ||
+    '';
+  if (role === 'user') return `${HUMAN_PROMPT} ${content}`;
+  if (role === 'assistant') return `${AI_PROMPT} ${content}`;
+  return content;
+};
+
+const normalizeMessages = (messages: UIMessage[]) =>
+  [...leadingMessages, ...messages, ...trailingMessages]
+    .map(normalize)
+    .join('')
+    .trim();
+
+function buildPrompt(messages: UIMessage[]) {
+  const normalizedMsgs = normalizeMessages(messages);
+  return normalizedMsgs + AI_PROMPT;
+}
+
+const leadingMessages: UIMessage[] = [
+  {
+    id: 'initial-message',
+    role: 'assistant',
+    parts: [
+      {
+        type: 'text',
+        text: 'Please provide an initial message so I can generate a short and comprehensive title for this chat conversation.',
+      },
+    ],
+  },
+];
+
+const trailingMessages: UIMessage[] = [
+  {
+    id: 'final-message',
+    role: 'assistant',
+    parts: [
+      {
+        type: 'text',
+        text: 'Thank you, I will respond with a title in my next response that will briefly demonstrate what the chat conversation is about, and it will only contain the title without any quotation marks, markdown, and anything else but the title. The title will be in the language you provided the initial message in.',
+      },
+    ],
+  },
+];

package/src/chat/google/route-auth.ts

@@ -0,0 +1,81 @@
+import { resolveAuthenticatedSessionUser } from '@tuturuuu/supabase/next/auth-session-user';
+import { createClient } from '@tuturuuu/supabase/next/server';
+import type { SupabaseUser } from '@tuturuuu/supabase/next/user';
+import type { TypedSupabaseClient } from '@tuturuuu/supabase/types';
+import {
+  type AiTempAuthContext,
+  validateAiTempAuthRequest,
+} from '@tuturuuu/utils/ai-temp-auth';
+import { isExactTuturuuuDotComEmail } from '@tuturuuu/utils/email/client';
+import { NextResponse } from 'next/server';
+
+export type AiRouteAuthResult =
+  | {
+      ok: true;
+      supabase: TypedSupabaseClient;
+      user: SupabaseUser;
+      tempAuthContext?: AiTempAuthContext;
+    }
+  | {
+      ok: false;
+      response: Response;
+    };
+
+export const resolveSupabaseSessionUser = resolveAuthenticatedSessionUser;
+
+export async function resolveAiRouteAuth(
+  request: Request
+): Promise<AiRouteAuthResult> {
+  const supabase = (await createClient(request)) as TypedSupabaseClient;
+  const tempAuth = await validateAiTempAuthRequest(request);
+
+  if (tempAuth.status === 'revoked') {
+    return {
+      ok: false,
+      response: NextResponse.json({ error: 'Unauthorized' }, { status: 401 }),
+    };
+  }
+
+  if (tempAuth.status === 'valid') {
+    return {
+      ok: true,
+      supabase,
+      user: tempAuth.context.user as SupabaseUser,
+      tempAuthContext: tempAuth.context,
+    };
+  }
+
+  const { user } = await resolveSupabaseSessionUser(supabase);
+
+  if (!user) {
+    return {
+      ok: false,
+      response: new Response('Unauthorized', { status: 401 }),
+    };
+  }
+
+  return { ok: true, supabase, user };
+}
+
+export async function isInternalTuturuuuAiUser(
+  auth: Extract<AiRouteAuthResult, { ok: true }>
+) {
+  const tempEmail =
+    typeof auth.tempAuthContext?.user?.email === 'string'
+      ? auth.tempAuthContext.user.email
+      : null;
+  const sessionEmail =
+    typeof auth.user.email === 'string' ? auth.user.email : null;
+
+  if (isExactTuturuuuDotComEmail(tempEmail ?? sessionEmail)) {
+    return true;
+  }
+
+  const { data } = await auth.supabase
+    .from('user_private_details')
+    .select('email')
+    .eq('user_id', auth.user.id)
+    .maybeSingle();
+
+  return isExactTuturuuuDotComEmail(data?.email);
+}

package/src/chat/google/route-chat-resolution.ts

@@ -0,0 +1,98 @@
+type AdminClientLike = {
+  message?: string;
+};
+
+export async function resolveChatIdForUser(
+  requestedChatId: string | undefined,
+  fetchLatestChatId: () => PromiseLike<{
+    data: { id: string } | null;
+    error: { message: string } | null;
+  }>
+): Promise<{ chatId: string } | { error: Response }> {
+  if (requestedChatId) {
+    return { chatId: requestedChatId };
+  }
+
+  const { data, error } = await fetchLatestChatId();
+
+  if (error) {
+    console.error(error.message);
+    return { error: new Response(error.message, { status: 500 }) };
+  }
+
+  if (!data) {
+    return { error: new Response('Internal Server Error', { status: 500 }) };
+  }
+
+  return { chatId: data.id };
+}
+
+type MoveTempFilesToThreadParams = {
+  loadThread: () => PromiseLike<{
+    data: { role?: string }[] | null;
+    error: { message: string } | null;
+  }>;
+  listFiles: (tempStoragePath: string) => PromiseLike<{
+    data: { name: string }[] | null;
+    error: AdminClientLike | null;
+  }>;
+  moveFile: (
+    fromPath: string,
+    toPath: string
+  ) => PromiseLike<{ error: AdminClientLike | null }>;
+  wsId?: string;
+  chatId: string;
+  userId: string;
+};
+
+export async function moveTempFilesToThread({
+  loadThread,
+  listFiles,
+  moveFile,
+  wsId,
+  chatId,
+  userId,
+}: MoveTempFilesToThreadParams): Promise<Response | null> {
+  if (!wsId) {
+    return null;
+  }
+
+  const { data: thread, error: threadError } = await loadThread();
+
+  if (threadError) {
+    console.error('Error getting thread:', threadError);
+    return new Response(threadError.message, { status: 500 });
+  }
+
+  if (!thread || thread.length === 0) {
+    return null;
+  }
+
+  const tempStoragePath = `${wsId}/chats/ai/resources/temp/${userId}`;
+  const { data: files, error: listError } = await listFiles(tempStoragePath);
+
+  if (listError) {
+    console.error('Error getting files:', listError);
+    return null;
+  }
+
+  if (!files?.length) {
+    return null;
+  }
+
+  await Promise.all(
+    files.map(async (file) => {
+      const fileName = file.name;
+      const { error: copyError } = await moveFile(
+        `${tempStoragePath}/${fileName}`,
+        `${wsId}/chats/ai/resources/${chatId}/${fileName}`
+      );
+
+      if (copyError) {
+        console.error('File copy error:', { fileName, copyError });
+      }
+    })
+  );
+
+  return null;
+}

package/src/chat/google/route-credits.ts

@@ -0,0 +1,61 @@
+import { capMaxOutputTokensByCredits } from '@tuturuuu/ai/credits/cap-output-tokens';
+import { checkAiCredits } from '@tuturuuu/ai/credits/check-credits';
+import type { SupabaseClient } from '@tuturuuu/supabase';
+
+type AdminRpcClientLike = SupabaseClient;
+
+type CreditPreflightParams = {
+  wsId?: string;
+  model: string;
+  userId: string;
+  sbAdmin: AdminRpcClientLike;
+};
+
+export async function performCreditPreflight({
+  wsId,
+  model,
+  userId,
+  sbAdmin,
+}: CreditPreflightParams): Promise<
+  { cappedMaxOutput: number | null } | { error: Response }
+> {
+  const creditCheck = await checkAiCredits(wsId ?? undefined, model, 'chat', {
+    userId,
+  });
+
+  if (creditCheck && !creditCheck.allowed) {
+    return {
+      error: Response.json(
+        {
+          error: creditCheck.errorMessage || 'AI credits insufficient',
+          code: creditCheck.errorCode,
+        },
+        { status: 403 }
+      ),
+    };
+  }
+
+  const cappedMaxOutput = creditCheck
+    ? await capMaxOutputTokensByCredits(
+        sbAdmin,
+        model,
+        creditCheck.maxOutputTokens,
+        creditCheck.remainingCredits
+      )
+    : null;
+
+  if (
+    cappedMaxOutput === null &&
+    creditCheck &&
+    creditCheck.remainingCredits <= 0
+  ) {
+    return {
+      error: Response.json(
+        { error: 'AI credits insufficient', code: 'CREDITS_EXHAUSTED' },
+        { status: 403 }
+      ),
+    };
+  }
+
+  return { cappedMaxOutput };
+}