@vezlo/assistant-server 1.3.0 → 2.0.0

package/dist/src/server.js

@@ -43,49 +43,51 @@ const compression_1 = __importDefault(require("compression"));
 const express_rate_limit_1 = __importDefault(require("express-rate-limit"));
 const http_1 = require("http");
 const socket_io_1 = require("socket.io");
-const dotenv_1 = require("dotenv");
-// Import configurations
-const logger_1 = __importDefault(require("./config/logger"));
-const database_1 = require("./config/database");
+const swagger_ui_express_1 = __importDefault(require("swagger-ui-express"));
 const swagger_1 = require("./config/swagger");
 const global_1 = require("./config/global");
+const logger_1 = __importDefault(require("./config/logger"));
 const errorHandler_1 = require("./middleware/errorHandler");
-// Import services
-const AIService_1 = require("./services/AIService");
+const auth_1 = require("./middleware/auth");
+const ChatController_1 = require("./controllers/ChatController");
+const KnowledgeController_1 = require("./controllers/KnowledgeController");
+const AuthController_1 = require("./controllers/AuthController");
+const ApiKeyController_1 = require("./controllers/ApiKeyController");
 const ChatManager_1 = require("./services/ChatManager");
 const KnowledgeBaseService_1 = require("./services/KnowledgeBaseService");
+const AIService_1 = require("./services/AIService");
+const ApiKeyService_1 = require("./services/ApiKeyService");
 const UnifiedStorage_1 = require("./storage/UnifiedStorage");
-// Import controllers
-const ChatController_1 = require("./controllers/ChatController");
-const KnowledgeController_1 = require("./controllers/KnowledgeController");
-// Load environment variables
-(0, dotenv_1.config)();
+const supabase_js_1 = require("@supabase/supabase-js");
+// Initialize Supabase client - use SERVICE_KEY for server-side operations
+// Service key bypasses RLS and is required for API key authentication
+const supabase = (0, supabase_js_1.createClient)(process.env.SUPABASE_URL, process.env.SUPABASE_SERVICE_KEY || process.env.SUPABASE_ANON_KEY);
 // Initialize Express app
 const app = (0, express_1.default)();
 const server = (0, http_1.createServer)(app);
 const io = new socket_io_1.Server(server, {
     cors: {
-        origin: process.env.CORS_ORIGINS?.split(',') || '*',
-        credentials: true
+        origin: "*",
+        methods: ["GET", "POST"]
     }
 });
 // Middleware
 app.use((0, helmet_1.default)());
-app.use((0, compression_1.default)());
 app.use((0, cors_1.default)({
     origin: process.env.CORS_ORIGINS?.split(',') || '*',
     credentials: true
 }));
+app.use((0, compression_1.default)());
 app.use(express_1.default.json({ limit: '10mb' }));
 app.use(express_1.default.urlencoded({ extended: true }));
-// Rate limiting with global config
+// Rate limiting
 const limiter = (0, express_rate_limit_1.default)({
     windowMs: global_1.config.api.rateLimiting.windowMs,
     max: global_1.config.api.rateLimiting.maxRequests,
     message: {
         error: {
             code: 'RATE_LIMIT_EXCEEDED',
-            message: 'Too many requests from this IP, please try again later.',
+            message: 'Too many requests, please try again later.',
             timestamp: new Date().toISOString()
         },
         success: false
@@ -94,47 +96,44 @@ const limiter = (0, express_rate_limit_1.default)({
     legacyHeaders: false
 });
 app.use('/api/', limiter);
-// Global services
-let aiService;
-let chatManager;
-let knowledgeBase;
-let storage;
+// Redirect root to docs
+app.get('/', (req, res) => {
+    res.redirect('/docs');
+});
+// API Documentation
+app.use('/docs', swagger_ui_express_1.default.serve, swagger_ui_express_1.default.setup(swagger_1.specs, swagger_1.swaggerUiOptions));
+// Initialize services
 let chatController;
 let knowledgeController;
+let authController;
+let apiKeyController;
 async function initializeServices() {
-    logger_1.default.info('Initializing Vezlo services...');
     try {
-        // Initialize Supabase
-        const supabase = (0, database_1.initializeSupabase)();
-        logger_1.default.info('Supabase client initialized');
-        // Initialize storage with new repository pattern
-        storage = new UnifiedStorage_1.UnifiedStorage(supabase, 'vezlo');
-        // Initialize knowledge base
-        knowledgeBase = new KnowledgeBaseService_1.KnowledgeBaseService({
+        logger_1.default.info('Initializing Vezlo services...');
+        // Initialize storage
+        const storage = new UnifiedStorage_1.UnifiedStorage(supabase, 'vezlo');
+        // Initialize knowledge base first
+        const knowledgeBase = new KnowledgeBaseService_1.KnowledgeBaseService({
             supabase,
             tableName: 'vezlo_knowledge_items'
         });
-        // Initialize AI service
-        aiService = new AIService_1.AIService({
+        // Initialize AI service with knowledge base
+        const aiService = new AIService_1.AIService({
             openaiApiKey: process.env.OPENAI_API_KEY,
             organizationName: process.env.ORGANIZATION_NAME || 'Vezlo',
-            assistantName: process.env.ASSISTANT_NAME || 'Vezlo Assistant',
-            model: process.env.AI_MODEL || 'gpt-4',
-            temperature: parseFloat(process.env.AI_TEMPERATURE || '0.7'),
-            maxTokens: parseInt(process.env.AI_MAX_TOKENS || '1000'),
-            enableFeedbackDetection: process.env.ENABLE_FEEDBACK_DETECTION === 'true',
+            assistantName: process.env.ASSISTANT_NAME || 'AI Assistant',
+            platformDescription: process.env.PLATFORM_DESCRIPTION || 'AI-powered assistant platform',
+            supportEmail: process.env.SUPPORT_EMAIL || 'support@vezlo.com',
             knowledgeBaseService: knowledgeBase
         });
-        // Initialize chat manager
-        chatManager = new ChatManager_1.ChatManager({
-            aiService,
-            storage,
-            enableConversationManagement: true,
-            conversationTimeout: 3600000 // 1 hour
-        });
+        const chatManager = new ChatManager_1.ChatManager({ aiService, storage });
         // Initialize controllers
-        chatController = new ChatController_1.ChatController(chatManager, storage);
+        chatController = new ChatController_1.ChatController(chatManager, storage, supabase);
         knowledgeController = new KnowledgeController_1.KnowledgeController(knowledgeBase, aiService);
+        authController = new AuthController_1.AuthController(supabase);
+        // Initialize API key service and controller
+        const apiKeyService = new ApiKeyService_1.ApiKeyService(supabase);
+        apiKeyController = new ApiKeyController_1.ApiKeyController(apiKeyService);
         logger_1.default.info('All services initialized successfully');
     }
     catch (error) {
@@ -142,599 +141,1021 @@ async function initializeServices() {
         throw error;
     }
 }
-// Redirect root to docs
-app.get('/', (req, res) => {
-    res.redirect('/docs');
-});
-// API Documentation
-app.use('/docs', swagger_1.swaggerUi.serve, swagger_1.swaggerUi.setup(swagger_1.specs, swagger_1.swaggerUiOptions));
-/**
- * @swagger
- * /health:
- *   get:
- *     summary: Health check endpoint
- *     description: Check server and database connectivity status
- *     tags: [Health]
- *     responses:
- *       200:
- *         description: Server is healthy
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/HealthCheck'
- *       503:
- *         description: Server is unhealthy
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/Error'
- */
-app.get('/health', async (req, res) => {
-    try {
-        const healthChecks = {
-            server: 'healthy',
-            timestamp: new Date().toISOString()
-        };
-        // Check Supabase connection
+// Setup routes function
+function setupRoutes() {
+    logger_1.default.info('Setting up routes...');
+    /**
+     * @swagger
+     * /health:
+     *   get:
+     *     summary: Health check endpoint
+     *     description: Check server and database connectivity status
+     *     tags: [Health]
+     *     responses:
+     *       200:
+     *         description: Server is healthy
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/HealthCheck'
+     *       503:
+     *         description: Server is unhealthy
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/Error'
+     */
+    app.get('/health', async (req, res) => {
         try {
-            const supabase = (0, database_1.getSupabaseClient)();
-            const { data, error } = await supabase.from('vezlo_conversations').select('count').limit(1);
-            if (!error) {
-                healthChecks.supabase = 'connected';
+            const healthChecks = {
+                server: 'healthy',
+                timestamp: new Date().toISOString()
+            };
+            // Check Supabase connection
+            try {
+                const { data, error } = await supabase.from('vezlo_conversations').select('count').limit(1);
+                healthChecks.database = error ? 'disconnected' : 'connected';
             }
-            else {
-                healthChecks.supabase = 'error';
+            catch (dbError) {
+                healthChecks.database = 'error';
             }
+            res.json(healthChecks);
         }
         catch (error) {
-            healthChecks.supabase = 'disconnected';
+            res.status(503).json({
+                server: 'unhealthy',
+                timestamp: new Date().toISOString(),
+                error: error instanceof Error ? error.message : 'Unknown error'
+            });
         }
-        res.json({
-            status: 'healthy',
-            checks: healthChecks
-        });
-    }
-    catch (error) {
-        res.status(503).json({
-            status: 'unhealthy',
-            error: error instanceof Error ? error.message : 'Unknown error'
-        });
-    }
-});
-// ============================================================================
-// CONVERSATION APIS (New 2-API Flow)
-// ============================================================================
-/**
- * @swagger
- * /api/conversations:
- *   post:
- *     summary: Create a new conversation
- *     description: Create a new conversation for chat
- *     tags: [Conversations]
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/CreateConversationRequest'
- *     responses:
- *       200:
- *         description: Conversation created successfully
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/ConversationResponse'
- *       400:
- *         description: Bad request
- *       500:
- *         description: Internal server error
- */
-app.post('/api/conversations', (req, res) => chatController.createConversation(req, res));
-/**
- * @swagger
- * /api/conversations/{uuid}:
- *   get:
- *     summary: Get conversation details with messages
- *     description: Retrieve conversation information and message history
- *     tags: [Conversations]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: Conversation UUID
- *     responses:
- *       200:
- *         description: Conversation details with messages
- *       404:
- *         description: Conversation not found
- *       500:
- *         description: Internal server error
- */
-app.get('/api/conversations/:uuid', (req, res) => chatController.getConversation(req, res));
-/**
- * @swagger
- * /api/conversations/{uuid}:
- *   delete:
- *     summary: Delete conversation
- *     description: Soft delete a conversation and its messages
- *     tags: [Conversations]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: Conversation UUID
- *     responses:
- *       200:
- *         description: Conversation deleted successfully
- *       404:
- *         description: Conversation not found
- *       500:
- *         description: Internal server error
- */
-app.delete('/api/conversations/:uuid', (req, res) => chatController.deleteConversation(req, res));
-/**
- * @swagger
- * /api/conversations/{uuid}/messages:
- *   post:
- *     summary: Create user message in conversation
- *     description: Add a user message to the conversation
- *     tags: [Messages]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: Conversation UUID
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/CreateMessageRequest'
- *     responses:
- *       200:
- *         description: User message created successfully
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/MessageResponse'
- *       400:
- *         description: Bad request
- *       404:
- *         description: Conversation not found
- *       500:
- *         description: Internal server error
- */
-app.post('/api/conversations/:uuid/messages', (req, res) => chatController.createUserMessage(req, res));
-/**
- * @swagger
- * /api/messages/{uuid}/generate:
- *   post:
- *     summary: Generate AI response for user message
- *     description: Generate AI assistant response to a user message
- *     tags: [Messages]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: User message UUID
- *     responses:
- *       200:
- *         description: AI response generated successfully
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/MessageResponse'
- *       404:
- *         description: Message not found
- *       500:
- *         description: Internal server error
- */
-app.post('/api/messages/:uuid/generate', (req, res) => chatController.generateResponse(req, res));
-/**
- * @swagger
- * /api/users/{uuid}/conversations:
- *   get:
- *     summary: Get user's conversations
- *     description: Retrieve all conversations for a specific user
- *     tags: [Conversations]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: User UUID
- *       - in: query
- *         name: company_uuid
- *         schema:
- *           type: string
- *         description: Optional company UUID filter
- *     responses:
- *       200:
- *         description: List of user conversations
- *       500:
- *         description: Internal server error
- */
-app.get('/api/users/:uuid/conversations', (req, res) => chatController.getUserConversations(req, res));
-/**
- * @swagger
- * /api/feedback:
- *   post:
- *     summary: Submit message feedback
- *     description: Submit rating and feedback for an AI response
- *     tags: [Messages]
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/FeedbackRequest'
- *     responses:
- *       200:
- *         description: Feedback submitted successfully
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/FeedbackResponse'
- *       400:
- *         description: Missing required fields
- *       500:
- *         description: Internal server error
- */
-app.post('/api/feedback', (req, res) => chatController.submitFeedback(req, res));
-// ============================================================================
-// KNOWLEDGE BASE APIS (Unified Items)
-// ============================================================================
-/**
- * @swagger
- * /api/knowledge/items:
- *   post:
- *     summary: Create knowledge item
- *     description: Create a new knowledge item (folder, document, file, url, etc.)
- *     tags: [Knowledge]
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/CreateKnowledgeItemRequest'
- *     responses:
- *       200:
- *         description: Knowledge item created successfully
- *       400:
- *         description: Bad request
- *       500:
- *         description: Internal server error
- */
-app.post('/api/knowledge/items', (req, res) => knowledgeController.createItem(req, res));
-/**
- * @swagger
- * /api/knowledge/items:
- *   get:
- *     summary: List knowledge items
- *     description: Get list of knowledge items with optional filtering and pagination
- *     tags: [Knowledge]
- *     parameters:
- *       - in: query
- *         name: parent_uuid
- *         schema:
- *           type: string
- *         description: Filter by parent UUID
- *       - in: query
- *         name: company_uuid
- *         schema:
- *           type: integer
- *         description: Filter by company UUID
- *       - in: query
- *         name: type
- *         schema:
- *           type: string
- *         description: Filter by item type
- *       - in: query
- *         name: limit
- *         schema:
- *           type: integer
- *           default: 50
- *         description: Maximum number of items to return
- *       - in: query
- *         name: offset
- *         schema:
- *           type: integer
- *           default: 0
- *         description: Number of items to skip
- *     responses:
- *       200:
- *         description: List of knowledge items
- *       500:
- *         description: Internal server error
- */
-app.get('/api/knowledge/items', (req, res) => knowledgeController.listItems(req, res));
-/**
- * @swagger
- * /api/knowledge/search:
- *   post:
- *     summary: Search knowledge items
- *     description: Search through knowledge items using semantic or keyword search
- *     tags: [Knowledge]
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/KnowledgeSearchRequest'
- *     responses:
- *       200:
- *         description: Search results
- *       400:
- *         description: Bad request
- *       500:
- *         description: Internal server error
- */
-app.post('/api/knowledge/search', (req, res) => knowledgeController.search(req, res));
-/**
- * @swagger
- * /api/search:
- *   post:
- *     summary: RAG Search
- *     description: Perform RAG (Retrieval-Augmented Generation) search that combines knowledge base search with AI response generation
- *     tags: [Search]
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/RAGSearchRequest'
- *     responses:
- *       200:
- *         description: RAG search response
- *         content:
- *           application/json:
- *             schema:
- *               $ref: '#/components/schemas/RAGSearchResponse'
- *       400:
- *         description: Bad request
- *       500:
- *         description: Internal server error
- */
-app.post('/api/search', (req, res) => knowledgeController.ragSearch(req, res));
-/**
- * @swagger
- * /api/knowledge/items/{uuid}:
- *   get:
- *     summary: Get knowledge item
- *     description: Retrieve a specific knowledge item by UUID
- *     tags: [Knowledge]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: Knowledge item UUID
- *     responses:
- *       200:
- *         description: Knowledge item details
- *       404:
- *         description: Knowledge item not found
- *       500:
- *         description: Internal server error
- */
-app.get('/api/knowledge/items/:uuid', (req, res) => knowledgeController.getItem(req, res));
-/**
- * @swagger
- * /api/knowledge/items/{uuid}:
- *   put:
- *     summary: Update knowledge item
- *     description: Update an existing knowledge item
- *     tags: [Knowledge]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: Knowledge item UUID
- *     requestBody:
- *       required: true
- *       content:
- *         application/json:
- *           schema:
- *             $ref: '#/components/schemas/UpdateKnowledgeItemRequest'
- *     responses:
- *       200:
- *         description: Knowledge item updated successfully
- *       404:
- *         description: Knowledge item not found
- *       500:
- *         description: Internal server error
- */
-app.put('/api/knowledge/items/:uuid', (req, res) => knowledgeController.updateItem(req, res));
-/**
- * @swagger
- * /api/knowledge/items/{uuid}:
- *   delete:
- *     summary: Delete knowledge item
- *     description: Remove a knowledge item from the knowledge base
- *     tags: [Knowledge]
- *     parameters:
- *       - in: path
- *         name: uuid
- *         required: true
- *         schema:
- *           type: string
- *         description: Knowledge item UUID
- *     responses:
- *       200:
- *         description: Knowledge item deleted successfully
- *       404:
- *         description: Knowledge item not found
- *       500:
- *         description: Internal server error
- */
-app.delete('/api/knowledge/items/:uuid', (req, res) => knowledgeController.deleteItem(req, res));
-// ============================================================================
-// MIGRATION ENDPOINTS
-// ============================================================================
-/**
- * @swagger
- * /api/migrate:
- *   get:
- *     summary: Run database migrations
- *     description: Executes pending database migrations with API key authentication
- *     tags: [System]
- *     parameters:
- *       - in: query
- *         name: key
- *         required: true
- *         schema:
- *           type: string
- *         description: Migration API key
- *     responses:
- *       200:
- *         description: Migrations completed successfully
- *         content:
- *           application/json:
- *             schema:
- *               type: object
- *               properties:
- *                 success:
- *                   type: boolean
- *                 message:
- *                   type: string
- *                 currentVersion:
- *                   type: string
- *                 details:
- *                   type: object
- *       400:
- *         description: Bad request (missing API key or environment variables)
- *       401:
- *         description: Unauthorized (invalid API key)
- *       500:
- *         description: Internal server error
- */
-app.get('/api/migrate', (0, errorHandler_1.asyncHandler)(async (req, res) => {
-    const { MigrationService } = await Promise.resolve().then(() => __importStar(require('./services/MigrationService')));
-    const apiKey = req.query.key || req.headers['x-migration-key'];
-    if (!apiKey) {
-        return res.status(400).json({
-            success: false,
-            message: 'Migration API key is required',
-            error: 'MISSING_API_KEY',
-            details: {
-                usage: 'Add ?key=your-secret-key to the URL or x-migration-key header'
-            }
-        });
-    }
-    const result = await MigrationService.runMigrations(apiKey);
-    const statusCode = result.success ? 200 :
-        result.error === 'UNAUTHORIZED' ? 401 :
-            result.error === 'MISSING_ENV_VARS' || result.error === 'DATABASE_CONNECTION_FAILED' ? 400 : 500;
-    res.status(statusCode).json(result);
-}));
-/**
- * @swagger
- * /api/migrate/status:
- *   get:
- *     summary: Get migration status
- *     description: Check current migration status without running migrations
- *     tags: [System]
- *     parameters:
- *       - in: query
- *         name: key
- *         required: true
- *         schema:
- *           type: string
- *         description: Migration API key
- *     responses:
- *       200:
- *         description: Migration status retrieved
- *       401:
- *         description: Unauthorized (invalid API key)
- *       500:
- *         description: Internal server error
- */
-app.get('/api/migrate/status', (0, errorHandler_1.asyncHandler)(async (req, res) => {
-    const { MigrationService } = await Promise.resolve().then(() => __importStar(require('./services/MigrationService')));
-    const apiKey = req.query.key || req.headers['x-migration-key'];
-    if (!apiKey) {
-        return res.status(400).json({
-            success: false,
-            message: 'Migration API key is required',
-            error: 'MISSING_API_KEY'
-        });
-    }
-    const result = await MigrationService.getStatus(apiKey);
-    const statusCode = result.success ? 200 :
-        result.error === 'UNAUTHORIZED' ? 401 : 500;
-    res.status(statusCode).json(result);
-}));
-// ============================================================================
-// WEBSOCKET HANDLING
-// ============================================================================
-// WebSocket handling
-io.on('connection', (socket) => {
-    logger_1.default.info(`Client connected: ${socket.id}`);
-    socket.on('join-conversation', (conversationId) => {
-        socket.join(`conversation:${conversationId}`);
-        logger_1.default.info(`Socket ${socket.id} joined conversation ${conversationId}`);
     });
-    socket.on('message', async (data) => {
+    /**
+     * @swagger
+     * /api/auth/login:
+   *   post:
+   *     summary: User login
+   *     description: Authenticate user and return access token
+   *     tags: [Authentication]
+   *     requestBody:
+   *       required: true
+   *       content:
+   *         application/json:
+   *           schema:
+   *             $ref: '#/components/schemas/LoginRequest'
+   *     responses:
+   *       200:
+   *         description: Login successful
+   *         content:
+   *           application/json:
+   *             schema:
+   *               $ref: '#/components/schemas/LoginResponse'
+   *       401:
+   *         description: Invalid credentials
+   *       500:
+   *         description: Internal server error
+   */
+    app.post('/api/auth/login', (req, res) => authController.login(req, res));
+    /**
+     * @swagger
+     * /api/auth/logout:
+     *   post:
+     *     summary: User logout
+     *     description: Logout user and invalidate tokens
+     *     tags: [Authentication]
+     *     security:
+     *       - bearerAuth: []
+     *     responses:
+     *       200:
+     *         description: Logout successful
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/LogoutResponse'
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/auth/logout', (0, auth_1.authenticateUser)(supabase), (req, res) => authController.logout(req, res));
+    /**
+     * @swagger
+     * /api/auth/me:
+     *   get:
+     *     summary: Get current user info
+     *     description: Get current authenticated user information
+     *     tags: [Authentication]
+     *     security:
+     *       - bearerAuth: []
+     *     responses:
+     *       200:
+     *         description: User information retrieved
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/MeResponse'
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.get('/api/auth/me', (0, auth_1.authenticateUser)(supabase), (req, res) => authController.getMe(req, res));
+    // API Key Management Routes
+    /**
+     * @swagger
+     * /api/api-keys:
+     *   post:
+     *     summary: Generate or update API key
+     *     description: Generate or update API key for the authenticated user's company. Only admins can generate API keys.
+     *     tags: [API Keys]
+     *     security:
+     *       - bearerAuth: []
+     *     responses:
+     *       200:
+     *         description: API key generated successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                 uuid:
+     *                   type: string
+     *                 api_key:
+     *                   type: string
+     *                 message:
+     *                   type: string
+     *       403:
+     *         description: Only admins can generate API keys
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/api-keys', (0, auth_1.authenticateUser)(supabase), (req, res) => apiKeyController.generateApiKey(req, res));
+    /**
+     * @swagger
+     * /api/api-keys/status:
+     *   get:
+     *     summary: Get API key status
+     *     description: Check if API key exists for the authenticated user's company
+     *     tags: [API Keys]
+     *     security:
+     *       - bearerAuth: []
+     *     responses:
+     *       200:
+     *         description: API key status retrieved
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 exists:
+     *                   type: boolean
+     *                 uuid:
+     *                   type: string
+     *                 message:
+     *                   type: string
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.get('/api/api-keys/status', (0, auth_1.authenticateUser)(supabase), (req, res) => apiKeyController.getApiKeyStatus(req, res));
+    // Chat API Routes
+    /**
+     * @swagger
+     * /api/conversations:
+     *   post:
+     *     summary: Create a new conversation
+     *     description: Create a new conversation (Public API - No authentication required)
+     *     tags: [Chat]
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/CreateConversationRequest'
+     *     responses:
+     *       201:
+     *         description: Conversation created successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/CreateConversationResponse'
+     *       400:
+     *         description: Invalid request
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/conversations', (req, res) => chatController.createConversation(req, res));
+    /**
+     * @swagger
+     * /api/conversations/{uuid}:
+     *   get:
+     *     summary: Get conversation by UUID
+     *     description: Retrieve a specific conversation by its UUID (Public API - No authentication required)
+     *     tags: [Chat]
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Conversation UUID
+     *     responses:
+     *       200:
+     *         description: Conversation retrieved successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/GetConversationResponse'
+     *       404:
+     *         description: Conversation not found
+     *       500:
+     *         description: Internal server error
+     */
+    app.get('/api/conversations/:uuid', (req, res) => chatController.getConversation(req, res));
+    /**
+     * @swagger
+     * /api/conversations/{uuid}:
+     *   delete:
+     *     summary: Delete conversation
+     *     description: Delete a specific conversation by its UUID
+     *     tags: [Chat]
+     *     security:
+     *       - bearerAuth: []
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Conversation UUID
+     *     responses:
+     *       200:
+     *         description: Conversation deleted successfully
+     *       404:
+     *         description: Conversation not found
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.delete('/api/conversations/:uuid', (0, auth_1.authenticateUser)(supabase), (req, res) => chatController.deleteConversation(req, res));
+    /**
+     * @swagger
+     * /api/conversations/{uuid}/messages:
+     *   post:
+     *     summary: Send a message
+     *     description: Send a user message to a conversation (Public API - No authentication required)
+     *     tags: [Chat]
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Conversation UUID
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/CreateMessageRequest'
+     *     responses:
+     *       201:
+     *         description: Message sent successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/SendMessageResponse'
+     *       400:
+     *         description: Invalid request
+     *       404:
+     *         description: Conversation not found
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/conversations/:uuid/messages', (req, res) => chatController.createUserMessage(req, res));
+    /**
+     * @swagger
+     * /api/messages/{uuid}/generate:
+     *   post:
+     *     summary: Generate AI response
+     *     description: Generate an AI response for a specific message (Public API - No authentication required)
+     *     tags: [Chat]
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Message UUID
+     *     responses:
+     *       200:
+     *         description: AI response generated successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/GenerateResponseResponse'
+     *       400:
+     *         description: Invalid request
+     *       404:
+     *         description: Message not found
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/messages/:uuid/generate', (req, res) => chatController.generateResponse(req, res));
+    /**
+     * @swagger
+     * /api/conversations:
+     *   get:
+     *     summary: Get user conversations
+     *     description: Get all conversations for the authenticated user
+     *     tags: [Chat]
+     *     security:
+     *       - bearerAuth: []
+     *     responses:
+     *       200:
+     *         description: Conversations retrieved successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/ConversationListResponse'
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.get('/api/conversations', (0, auth_1.authenticateUser)(supabase), (req, res) => chatController.getUserConversations(req, res));
+    /**
+     * @swagger
+     * /api/feedback:
+     *   post:
+     *     summary: Submit message feedback
+     *     description: Submit feedback for a specific message
+     *     tags: [Chat]
+     *     security:
+     *       - bearerAuth: []
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/FeedbackRequest'
+     *     responses:
+     *       200:
+     *         description: Feedback submitted successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/SubmitFeedbackResponse'
+     *       400:
+     *         description: Invalid request
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/feedback', (0, auth_1.authenticateUser)(supabase), (req, res) => chatController.submitFeedback(req, res));
+    // Knowledge Base API Routes
+    /**
+     * @swagger
+     * /api/knowledge/items:
+     *   post:
+     *     summary: Create knowledge item
+     *     description: Create a new knowledge base item. Can be authenticated with Bearer token or X-API-Key header.
+     *     tags: [Knowledge Base]
+     *     security:
+     *       - bearerAuth: []
+     *       - apiKeyAuth: []
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/CreateKnowledgeItemRequest'
+     *     responses:
+     *       201:
+     *         description: Knowledge item created successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/CreateKnowledgeItemResponse'
+     *       400:
+     *         description: Invalid request
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/knowledge/items', (0, auth_1.authenticateUserOrApiKey)(supabase), (req, res) => knowledgeController.createItem(req, res));
+    /**
+     * @swagger
+     * /api/knowledge/items:
+     *   get:
+     *     summary: List knowledge items
+     *     description: Get all knowledge base items for the authenticated user's company
+     *     tags: [Knowledge Base]
+     *     security:
+     *       - bearerAuth: []
+     *     parameters:
+     *       - in: query
+     *         name: limit
+     *         schema:
+     *           type: integer
+     *           default: 10
+     *         description: Maximum number of items to return
+     *       - in: query
+     *         name: offset
+     *         schema:
+     *           type: integer
+     *           default: 0
+     *         description: Number of items to skip
+     *     responses:
+     *       200:
+     *         description: Knowledge items retrieved successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/KnowledgeItemListResponse'
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.get('/api/knowledge/items', (0, auth_1.authenticateUser)(supabase), (req, res) => knowledgeController.listItems(req, res));
+    /**
+     * @swagger
+     * /api/knowledge/search:
+     *   post:
+     *     summary: Search knowledge base
+     *     description: Search the knowledge base for relevant items. Can be authenticated with Bearer token or X-API-Key header.
+     *     tags: [Search]
+     *     security:
+     *       - bearerAuth: []
+     *       - apiKeyAuth: []
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/KnowledgeSearchRequest'
+     *     responses:
+     *       200:
+     *         description: Search completed successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/SearchKnowledgeResponse'
+     *       400:
+     *         description: Invalid request
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/knowledge/search', (0, auth_1.authenticateUserOrApiKey)(supabase), (req, res) => knowledgeController.search(req, res));
+    /**
+     * @swagger
+     * /api/search:
+     *   post:
+     *     summary: RAG search
+     *     description: Perform Retrieval-Augmented Generation search. Can be authenticated with Bearer token or X-API-Key header.
+     *     tags: [Search]
+     *     security:
+     *       - bearerAuth: []
+     *       - apiKeyAuth: []
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/RAGSearchRequest'
+     *     responses:
+     *       200:
+     *         description: RAG search completed successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/RAGSearchResponse'
+     *       400:
+     *         description: Invalid request
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.post('/api/search', (0, auth_1.authenticateUserOrApiKey)(supabase), (req, res) => knowledgeController.ragSearch(req, res));
+    /**
+     * @swagger
+     * /api/knowledge/items/{uuid}:
+     *   get:
+     *     summary: Get knowledge item
+     *     description: Get a specific knowledge base item by UUID
+     *     tags: [Knowledge Base]
+     *     security:
+     *       - bearerAuth: []
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Knowledge item UUID
+     *     responses:
+     *       200:
+     *         description: Knowledge item retrieved successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/GetKnowledgeItemResponse'
+     *       404:
+     *         description: Knowledge item not found
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.get('/api/knowledge/items/:uuid', (0, auth_1.authenticateUser)(supabase), (req, res) => knowledgeController.getItem(req, res));
+    /**
+     * @swagger
+     * /api/knowledge/items/{uuid}:
+     *   put:
+     *     summary: Update knowledge item
+     *     description: Update a specific knowledge base item
+     *     tags: [Knowledge Base]
+     *     security:
+     *       - bearerAuth: []
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Knowledge item UUID
+     *     requestBody:
+     *       required: true
+     *       content:
+     *         application/json:
+     *           schema:
+     *             $ref: '#/components/schemas/UpdateKnowledgeItemRequest'
+     *     responses:
+     *       200:
+     *         description: Knowledge item updated successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               $ref: '#/components/schemas/UpdateKnowledgeItemResponse'
+     *       400:
+     *         description: Invalid request
+     *       401:
+     *         description: Not authenticated
+     *       404:
+     *         description: Knowledge item not found
+     *       500:
+     *         description: Internal server error
+     */
+    app.put('/api/knowledge/items/:uuid', (0, auth_1.authenticateUser)(supabase), (req, res) => knowledgeController.updateItem(req, res));
+    /**
+     * @swagger
+     * /api/knowledge/items/{uuid}:
+     *   delete:
+     *     summary: Delete knowledge item
+     *     description: Delete a specific knowledge base item
+     *     tags: [Knowledge Base]
+     *     security:
+     *       - bearerAuth: []
+     *     parameters:
+     *       - in: path
+     *         name: uuid
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Knowledge item UUID
+     *     responses:
+     *       200:
+     *         description: Knowledge item deleted successfully
+     *       404:
+     *         description: Knowledge item not found
+     *       401:
+     *         description: Not authenticated
+     *       500:
+     *         description: Internal server error
+     */
+    app.delete('/api/knowledge/items/:uuid', (0, auth_1.authenticateUser)(supabase), (req, res) => knowledgeController.deleteItem(req, res));
+    // ============================================================================
+    // MIGRATION ENDPOINTS
+    // ============================================================================
+    /**
+     * @swagger
+     * /api/migrate:
+     *   get:
+     *     summary: Run database migrations
+     *     description: Run pending database migrations. Requires migration secret key.
+     *     tags: [System]
+     *     parameters:
+     *       - in: query
+     *         name: key
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Migration secret key from MIGRATION_SECRET_KEY environment variable
+     *     security:
+     *       - migrationKey: []
+     *     responses:
+     *       200:
+     *         description: Migrations completed successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: true
+     *                 message:
+     *                   type: string
+     *                   example: "Migrations completed successfully"
+     *                 currentVersion:
+     *                   type: string
+     *                   example: "002_multitenancy_schema.ts"
+     *                 previousVersion:
+     *                   type: string
+     *                   example: "001_initial_schema.ts"
+     *                 details:
+     *                   type: object
+     *                   properties:
+     *                     timestamp:
+     *                       type: string
+     *                       format: date-time
+     *       400:
+     *         description: Missing API key or invalid configuration
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                   example: "Migration API key is required"
+     *                 error:
+     *                   type: string
+     *                   example: "MISSING_API_KEY"
+     *       401:
+     *         description: Unauthorized - Invalid migration key
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                   example: "Invalid or missing migration API key"
+     *                 error:
+     *                   type: string
+     *                   example: "UNAUTHORIZED"
+     *       500:
+     *         description: Migration failed
+     */
+    app.get('/api/migrate', (0, errorHandler_1.asyncHandler)(async (req, res) => {
+        const apiKey = req.query.key || req.headers['x-migration-key'];
+        // Import MigrationService to use the proper validation
+        const { MigrationService } = await Promise.resolve().then(() => __importStar(require('./services/MigrationService')));
+        const result = await MigrationService.runMigrations(apiKey);
+        const statusCode = result.success ? 200 :
+            result.error === 'UNAUTHORIZED' ? 401 :
+                result.error === 'MISSING_ENV_VARS' || result.error === 'DATABASE_CONNECTION_FAILED' ? 400 : 500;
+        res.status(statusCode).json(result);
+    }));
+    /**
+     * @swagger
+     * /api/migrate/status:
+     *   get:
+     *     summary: Get migration status
+     *     description: Get the current status of database migrations. Requires migration secret key.
+     *     tags: [System]
+     *     parameters:
+     *       - in: query
+     *         name: key
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Migration secret key from MIGRATION_SECRET_KEY environment variable
+     *     security:
+     *       - migrationKey: []
+     *     responses:
+     *       200:
+     *         description: Migration status retrieved
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: true
+     *                 status:
+     *                   type: string
+     *                   example: "completed"
+     *                 data:
+     *                   type: object
+     *                   properties:
+     *                     currentVersion:
+     *                       type: string
+     *                       example: "002_multitenancy_schema.ts"
+     *                     timestamp:
+     *                       type: string
+     *                       format: date-time
+     *       400:
+     *         description: Missing API key
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                   example: "Migration API key is required"
+     *                 error:
+     *                   type: string
+     *                   example: "MISSING_API_KEY"
+     *       401:
+     *         description: Unauthorized - Invalid migration key
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                   example: "Invalid or missing migration API key"
+     *                 error:
+     *                   type: string
+     *                   example: "UNAUTHORIZED"
+     *       500:
+     *         description: Failed to get migration status
+     */
+    app.get('/api/migrate/status', (0, errorHandler_1.asyncHandler)(async (req, res) => {
+        const apiKey = req.query.key || req.headers['x-migration-key'];
+        // Import MigrationService to use the proper validation
+        const { MigrationService } = await Promise.resolve().then(() => __importStar(require('./services/MigrationService')));
+        const result = await MigrationService.getStatus(apiKey);
+        const statusCode = result.success ? 200 :
+            result.error === 'UNAUTHORIZED' ? 401 : 500;
+        res.status(statusCode).json(result);
+    }));
+    /**
+     * @swagger
+     * /api/seed-default:
+     *   post:
+     *     summary: Seed default data
+     *     description: Creates default company and admin user for initial setup. Uses environment variables for configuration. Returns existing data if already created.
+     *     tags: [System]
+     *     parameters:
+     *       - in: query
+     *         name: key
+     *         required: true
+     *         schema:
+     *           type: string
+     *         description: Migration secret key from MIGRATION_SECRET_KEY environment variable
+     *     security:
+     *       - migrationKey: []
+     *     responses:
+     *       200:
+     *         description: Default data seeded successfully or already exists
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 company_name:
+     *                   type: string
+     *                   example: "Vezlo"
+     *                 email:
+     *                   type: string
+     *                   example: "admin@vezlo.org"
+     *                 password:
+     *                   type: string
+     *                   example: "admin123"
+     *                 admin_name:
+     *                   type: string
+     *                   example: "Default Admin"
+     *       400:
+     *         description: Missing API key or invalid request
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                 error:
+     *                   type: string
+     *       401:
+     *         description: Unauthorized - Invalid migration key
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                   example: "Invalid or missing migration API key"
+     *                 error:
+     *                   type: string
+     *                   example: "UNAUTHORIZED"
+     *       500:
+     *         description: Failed to seed default data
+     */
+    app.post('/api/seed-default', (0, errorHandler_1.asyncHandler)(async (req, res) => {
+        // Extract API key from query or header
+        const apiKey = req.query.key || req.headers['x-migration-key'];
         try {
-            const { message, conversation_id, context } = data;
-            const response = await chatManager.sendMessage(message, conversation_id, context);
-            socket.emit('response', {
-                message: response.content,
-                conversation_id: response.conversationId,
-                message_id: response.messageId,
-                feedback_detection: response.feedbackDetection,
-                suggested_links: response.suggestedLinks
+            // Validate API key
+            const { MigrationService } = await Promise.resolve().then(() => __importStar(require('./services/MigrationService')));
+            const keyValid = MigrationService.validateApiKey(apiKey);
+            if (!keyValid) {
+                res.status(401).json({
+                    success: false,
+                    message: 'Invalid or missing migration API key',
+                    error: 'UNAUTHORIZED'
+                });
+                return;
+            }
+            // Initialize Supabase
+            const supabase = (0, supabase_js_1.createClient)(process.env.SUPABASE_URL, process.env.SUPABASE_SERVICE_KEY);
+            // Execute seed using SetupService
+            const { SetupService } = await Promise.resolve().then(() => __importStar(require('./services/SetupService')));
+            const setupService = new SetupService(supabase);
+            const response = await setupService.executeSeedDefault();
+            res.status(200).json(response);
+        }
+        catch (error) {
+            logger_1.default.error('Seed default failed:', error);
+            res.status(500).json({
+                success: false,
+                message: 'Failed to seed default data',
+                error: error.message || 'SEED_DEFAULT_FAILED',
+                details: {
+                    error: error.message
+                }
             });
-            // Broadcast to all clients in the conversation
-            if (response.conversationId) {
-                io.to(`conversation:${response.conversationId}`).emit('new-message', {
-                    role: 'assistant',
-                    content: response.content,
-                    timestamp: new Date()
+        }
+    }));
+    /**
+     * @swagger
+     * /api/generate-key:
+     *   post:
+     *     summary: Generate API key for the default admin
+     *     description: Generates an API key for the default admin user's company
+     *     tags: [System]
+     *     security:
+     *       - migrationKey: []
+     *     parameters:
+     *       - in: query
+     *         name: key
+     *         description: Migration secret key
+     *         required: true
+     *         schema:
+     *           type: string
+     *     responses:
+     *       200:
+     *         description: API key generated successfully
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: true
+     *                 message:
+     *                   type: string
+     *                   example: "API key generated successfully"
+     *                 api_key_details:
+     *                   type: object
+     *                   properties:
+     *                     company_name:
+     *                       type: string
+     *                       example: "Vezlo"
+     *                     user_name:
+     *                       type: string
+     *                       example: "Admin User"
+     *                     api_key:
+     *                       type: string
+     *                       example: "v.bzkO2h7Ga.c5MGe0zX-2CU-IeZPqreT6xSRCgq3Tw"
+     *       401:
+     *         description: Unauthorized
+     *         content:
+     *           application/json:
+     *             schema:
+     *               type: object
+     *               properties:
+     *                 success:
+     *                   type: boolean
+     *                   example: false
+     *                 message:
+     *                   type: string
+     *                   example: "Invalid or missing migration API key"
+     *                 error:
+     *                   type: string
+     *                   example: "UNAUTHORIZED"
+     *       500:
+     *         description: Failed to generate API key
+     */
+    app.post('/api/generate-key', (0, errorHandler_1.asyncHandler)(async (req, res) => {
+        // Extract API key from query or header
+        const apiKey = req.query.key || req.headers['x-migration-key'];
+        try {
+            // Validate API key
+            const { MigrationService } = await Promise.resolve().then(() => __importStar(require('./services/MigrationService')));
+            const keyValid = MigrationService.validateApiKey(apiKey);
+            if (!keyValid) {
+                res.status(401).json({
+                    success: false,
+                    message: 'Invalid or missing migration API key',
+                    error: 'UNAUTHORIZED'
                 });
+                return;
             }
+            // Initialize Supabase
+            const supabase = (0, supabase_js_1.createClient)(process.env.SUPABASE_URL, process.env.SUPABASE_SERVICE_KEY);
+            // Execute generate-key using SetupService
+            const { SetupService } = await Promise.resolve().then(() => __importStar(require('./services/SetupService')));
+            const setupService = new SetupService(supabase);
+            const response = await setupService.executeGenerateKey();
+            res.status(200).json({
+                success: true,
+                message: 'API key generated successfully',
+                api_key_details: response
+            });
         }
         catch (error) {
-            socket.emit('error', {
-                message: error instanceof Error ? error.message : 'Unknown error'
+            logger_1.default.error('Generate key failed:', error);
+            res.status(500).json({
+                success: false,
+                message: 'Failed to generate API key',
+                error: error.message || 'GENERATE_KEY_FAILED',
+                details: {
+                    error: error.message
+                }
             });
         }
+    }));
+    // Error handling middleware (must be after all routes)
+    app.use(errorHandler_1.errorHandler);
+    app.use(errorHandler_1.notFoundHandler);
+    logger_1.default.info('Routes setup completed');
+}
+// WebSocket connection handling
+io.on('connection', (socket) => {
+    logger_1.default.info(`Client connected: ${socket.id}`);
+    socket.on('join_conversation', (conversationId) => {
+        socket.join(`conversation_${conversationId}`);
+        logger_1.default.info(`Client ${socket.id} joined conversation ${conversationId}`);
+    });
+    socket.on('leave_conversation', (conversationId) => {
+        socket.leave(`conversation_${conversationId}`);
+        logger_1.default.info(`Client ${socket.id} left conversation ${conversationId}`);
     });
     socket.on('disconnect', () => {
         logger_1.default.info(`Client disconnected: ${socket.id}`);
     });
 });
-// Error handling middleware
-// Global error handling middleware
-app.use(errorHandler_1.errorHandler);
-// 404 handler for undefined routes
-app.use(errorHandler_1.notFoundHandler);
 // Start server
-const PORT = global_1.config.app.port;
+const PORT = process.env.PORT ? parseInt(process.env.PORT) : 3002;
 async function start() {
     try {
         // Validate configuration
-        (0, global_1.validateConfig)();
+        validateConfig();
         await initializeServices();
+        // Setup routes after services are initialized
+        setupRoutes();
         server.listen(PORT, '0.0.0.0', () => {
-            logger_1.default.info(`🚀 ${global_1.config.app.name} v${global_1.config.app.version} running on port ${PORT}`);
-            logger_1.default.info(`📊 Environment: ${global_1.config.app.environment}`);
-            logger_1.default.info(`🌐 API available at http://localhost:${PORT}${global_1.config.api.prefix}`);
-            if (global_1.config.swagger.enabled) {
-                logger_1.default.info(`📚 API Documentation: http://localhost:${PORT}${global_1.config.swagger.path}`);
-            }
+            logger_1.default.info(`🚀 AI Assistant API v1.0.0 running on port ${PORT}`);
+            logger_1.default.info(`📊 Environment: ${process.env.NODE_ENV || 'development'}`);
+            logger_1.default.info(`🌐 API available at http://localhost:${PORT}/api`);
+            logger_1.default.info(`📚 API Documentation: http://localhost:${PORT}/docs`);
             logger_1.default.info(`🔌 WebSocket available at ws://localhost:${PORT}`);
             logger_1.default.info(`💓 Health check: http://localhost:${PORT}/health`);
         });
@@ -744,16 +1165,27 @@ async function start() {
         process.exit(1);
     }
 }
+function validateConfig() {
+    const requiredEnvVars = [
+        'SUPABASE_URL',
+        'SUPABASE_SERVICE_KEY',
+        'OPENAI_API_KEY'
+    ];
+    const missingVars = requiredEnvVars.filter(varName => !process.env[varName]);
+    if (missingVars.length > 0) {
+        throw new Error(`Missing required environment variables: ${missingVars.join(', ')}`);
+    }
+}
 // Graceful shutdown
-process.on('SIGTERM', async () => {
-    logger_1.default.info('SIGTERM received, shutting down gracefully...');
+process.on('SIGINT', async () => {
+    logger_1.default.info('SIGINT received, shutting down gracefully...');
     server.close(() => {
         logger_1.default.info('HTTP server closed');
         process.exit(0);
     });
 });
-process.on('SIGINT', async () => {
-    logger_1.default.info('SIGINT received, shutting down gracefully...');
+process.on('SIGTERM', async () => {
+    logger_1.default.info('SIGTERM received, shutting down gracefully...');
     server.close(() => {
         logger_1.default.info('HTTP server closed');
         process.exit(0);