@wopr-network/platform-core 1.13.0 → 1.13.2

package/src/api/routes/incident-response.ts

@@ -0,0 +1,159 @@
+import { Hono } from "hono";
+import { z } from "zod";
+import type { AuthEnv } from "../../auth/index.js";
+import { getCustomerTemplate, getInternalTemplate } from "../../monetization/incident/communication-templates.js";
+import { getEscalationMatrix } from "../../monetization/incident/escalation.js";
+import { generatePostMortemTemplate } from "../../monetization/incident/postmortem.js";
+import { getResponseProcedure } from "../../monetization/incident/response-procedures.js";
+import { classifySeverity } from "../../monetization/incident/severity.js";
+
+const severitySchema = z.enum(["SEV1", "SEV2", "SEV3"]);
+
+/**
+ * Create admin incident response routes.
+ *
+ * All imports come from platform-core's monetization/incident module.
+ * No external dependencies needed.
+ */
+export function createIncidentResponseRoutes(): Hono<AuthEnv> {
+  const routes = new Hono<AuthEnv>();
+
+  /**
+   * POST /severity
+   * Classify severity from provided signals.
+   */
+  routes.post("/severity", async (c) => {
+    try {
+      const body = await c.req.json();
+      const parsed = z
+        .object({
+          stripeReachable: z.boolean(),
+          webhooksReceiving: z.boolean().nullable(),
+          gatewayErrorRate: z.number(),
+          creditDeductionFailures: z.number(),
+          dlqDepth: z.number(),
+          tenantsWithNegativeBalance: z.number(),
+          autoTopupFailures: z.number(),
+          firingAlertCount: z.number(),
+        })
+        .parse(body);
+
+      const result = classifySeverity(parsed);
+      return c.json({ success: true, ...result });
+    } catch (err) {
+      if (err instanceof z.ZodError) {
+        return c.json({ success: false, error: "Invalid signals payload", details: err.issues }, 400);
+      }
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  /**
+   * GET /escalation/:severity
+   * Get escalation matrix for a severity level.
+   */
+  routes.get("/escalation/:severity", async (c) => {
+    const rawSeverity = c.req.param("severity");
+    const parsed = severitySchema.safeParse(rawSeverity);
+    if (!parsed.success) {
+      return c.json({ success: false, error: "Invalid severity. Must be SEV1, SEV2, or SEV3" }, 400);
+    }
+    const contacts = getEscalationMatrix(parsed.data);
+    return c.json({ success: true, severity: parsed.data, contacts });
+  });
+
+  /**
+   * GET /procedure/:severity
+   * Get response procedure for a severity level.
+   */
+  routes.get("/procedure/:severity", async (c) => {
+    const rawSeverity = c.req.param("severity");
+    const parsed = severitySchema.safeParse(rawSeverity);
+    if (!parsed.success) {
+      return c.json({ success: false, error: "Invalid severity. Must be SEV1, SEV2, or SEV3" }, 400);
+    }
+    const procedure = getResponseProcedure(parsed.data);
+    return c.json({ success: true, procedure });
+  });
+
+  /**
+   * POST /communicate
+   * Generate communication templates for an incident.
+   */
+  routes.post("/communicate", async (c) => {
+    try {
+      const body = await c.req.json();
+      const parsed = z
+        .object({
+          severity: severitySchema,
+          incidentId: z.string().min(1),
+          startedAt: z.string().datetime(),
+          affectedSystems: z.array(z.string()),
+          customerImpact: z.string(),
+          currentStatus: z.string(),
+        })
+        .parse(body);
+
+      const context = {
+        incidentId: parsed.incidentId,
+        startedAt: new Date(parsed.startedAt),
+        affectedSystems: parsed.affectedSystems,
+        customerImpact: parsed.customerImpact,
+        currentStatus: parsed.currentStatus,
+      };
+
+      const customer = getCustomerTemplate(parsed.severity, context);
+      const internal = getInternalTemplate(parsed.severity, context);
+      return c.json({ success: true, templates: { customer, internal } });
+    } catch (err) {
+      if (err instanceof z.ZodError) {
+        return c.json({ success: false, error: "Invalid payload", details: err.issues }, 400);
+      }
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  /**
+   * POST /postmortem
+   * Generate a post-mortem template for an incident.
+   */
+  routes.post("/postmortem", async (c) => {
+    try {
+      const body = await c.req.json();
+      const parsed = z
+        .object({
+          incidentId: z.string().min(1),
+          severity: severitySchema,
+          title: z.string().min(1),
+          startedAt: z.string().datetime(),
+          detectedAt: z.string().datetime(),
+          resolvedAt: z.string().datetime().nullable(),
+          affectedSystems: z.array(z.string()),
+          affectedTenantCount: z.number().int().min(0),
+          revenueImpactCents: z.number().int().nullable(),
+        })
+        .parse(body);
+
+      const report = generatePostMortemTemplate({
+        incidentId: parsed.incidentId,
+        severity: parsed.severity,
+        title: parsed.title,
+        startedAt: new Date(parsed.startedAt),
+        detectedAt: new Date(parsed.detectedAt),
+        resolvedAt: parsed.resolvedAt ? new Date(parsed.resolvedAt) : null,
+        affectedSystems: parsed.affectedSystems,
+        affectedTenantCount: parsed.affectedTenantCount,
+        revenueImpactCents: parsed.revenueImpactCents,
+      });
+
+      return c.json({ success: true, report });
+    } catch (err) {
+      if (err instanceof z.ZodError) {
+        return c.json({ success: false, error: "Invalid payload", details: err.issues }, 400);
+      }
+      return c.json({ success: false, error: err instanceof Error ? err.message : "Unknown error" }, 500);
+    }
+  });
+
+  return routes;
+}

package/src/api/routes/internal-gpu.ts

@@ -0,0 +1,92 @@
+import { timingSafeEqual } from "node:crypto";
+import { Hono } from "hono";
+import { logger } from "../../config/logger.js";
+
+const VALID_STAGES = [
+  "installing_drivers",
+  "installing_docker",
+  "downloading_models",
+  "starting_services",
+  "registering",
+  "done",
+] as const;
+
+type ProvisionStage = (typeof VALID_STAGES)[number];
+
+export interface GpuNodeStageUpdater {
+  updateStage(nodeId: string, stage: string): Promise<void>;
+  updateStatus(nodeId: string, status: string): Promise<void>;
+}
+
+/**
+ * Create internal GPU routes for node provisioning status updates.
+ *
+ * @param gpuSecretFactory - returns the GPU_NODE_SECRET (lazy to avoid env read at load time)
+ * @param repoFactory - returns the GPU node repository
+ */
+export function createInternalGpuRoutes(
+  gpuSecretFactory: () => string | undefined,
+  repoFactory: () => GpuNodeStageUpdater,
+): Hono {
+  const routes = new Hono();
+
+  routes.post("/register", async (c) => {
+    const gpuSecret = gpuSecretFactory();
+    if (!gpuSecret) {
+      logger.warn("GPU_NODE_SECRET not configured");
+      return c.json({ success: false, error: "Unauthorized" }, 401);
+    }
+
+    const authHeader = c.req.header("Authorization");
+    const bearer = authHeader?.replace(/^Bearer\s+/i, "");
+    if (!bearer) {
+      return c.json({ success: false, error: "Unauthorized" }, 401);
+    }
+
+    const a = Buffer.from(bearer);
+    const b = Buffer.from(gpuSecret);
+    if (a.length !== b.length || !timingSafeEqual(a, b)) {
+      return c.json({ success: false, error: "Unauthorized" }, 401);
+    }
+
+    const stage = c.req.query("stage") as ProvisionStage | undefined;
+    if (!stage || !VALID_STAGES.includes(stage)) {
+      return c.json({ success: false, error: `Invalid or missing stage. Valid: ${VALID_STAGES.join(", ")}` }, 400);
+    }
+
+    let rawBody: unknown;
+    try {
+      rawBody = await c.req.json();
+    } catch {
+      return c.json({ success: false, error: "Invalid JSON body" }, 400);
+    }
+
+    if (
+      typeof rawBody !== "object" ||
+      rawBody === null ||
+      typeof (rawBody as Record<string, unknown>).nodeId !== "string"
+    ) {
+      return c.json({ success: false, error: "Missing required field: nodeId" }, 400);
+    }
+
+    const { nodeId } = rawBody as { nodeId: string };
+
+    const repo = repoFactory();
+    try {
+      await repo.updateStage(nodeId, stage);
+      if (stage === "done") {
+        await repo.updateStatus(nodeId, "active");
+      }
+    } catch (err) {
+      if (err instanceof Error && err.message.includes("not found")) {
+        return c.json({ success: false, error: `GPU node not found: ${nodeId}` }, 404);
+      }
+      throw err;
+    }
+
+    logger.info(`GPU node ${nodeId} stage updated to ${stage}`);
+    return c.json({ success: true });
+  });
+
+  return routes;
+}

package/src/api/routes/internal-nodes.ts

@@ -0,0 +1,157 @@
+import { createHash, randomUUID } from "node:crypto";
+import { Hono } from "hono";
+import { z } from "zod";
+import type { NodeRegistration } from "../../fleet/repository-types.js";
+
+const RegisterNodeSchema = z.object({
+  node_id: z
+    .string()
+    .min(1)
+    .max(128)
+    .regex(/^[a-zA-Z0-9_-]+$/),
+  host: z
+    .string()
+    .min(1)
+    .max(253)
+    .regex(/^[a-zA-Z0-9._-]+$/),
+  capacity_mb: z.number().int().positive().max(1_048_576),
+  agent_version: z.string().min(1).max(32),
+});
+
+// ── Minimal interfaces for injectable deps ──
+
+export interface INodeRegistrar {
+  register(registration: NodeRegistration): Promise<unknown>;
+  registerSelfHosted(
+    registration: NodeRegistration & {
+      ownerUserId: string;
+      label: string | null;
+      nodeSecretHash: string;
+    },
+  ): Promise<unknown>;
+}
+
+export interface INodeRepoForRegistration {
+  getBySecret(secret: string): Promise<{ id: string } | null>;
+}
+
+export interface IRegistrationTokenStore {
+  consume(token: string, nodeId: string): Promise<{ userId: string; label: string | null } | null>;
+}
+
+export type HostValidator = (host: string) => void;
+
+export interface InternalNodeDeps {
+  nodeRegistrar: () => INodeRegistrar;
+  nodeRepo: () => INodeRepoForRegistration;
+  registrationTokenStore: () => IRegistrationTokenStore;
+  validateNodeHost: HostValidator;
+  logger?: { info(msg: string): void };
+  /** Prefix for self-hosted node IDs. Default: "self" */
+  nodeIdPrefix?: string;
+  /** Prefix for node secrets. Default: "wopr_node_" */
+  nodeSecretPrefix?: string;
+}
+
+/**
+ * Create internal node registration routes.
+ *
+ * These are machine-to-machine routes used by node agents, not dashboard UI.
+ */
+export function createInternalNodeRoutes(deps: InternalNodeDeps): Hono {
+  const routes = new Hono();
+
+  /**
+   * POST /register
+   * Node registration (called on agent boot).
+   *
+   * Supports 2 auth paths:
+   * 1. Per-node persistent secret (returning self-hosted agent)
+   * 2. One-time registration token (new self-hosted node, UUID format)
+   */
+  routes.post("/register", async (c) => {
+    const authHeader = c.req.header("Authorization");
+    const bearer = authHeader?.replace(/^Bearer\s+/i, "");
+
+    if (!bearer) {
+      return c.json({ success: false, error: "Unauthorized" }, 401);
+    }
+
+    let rawBody: unknown;
+    try {
+      rawBody = await c.req.json();
+    } catch {
+      return c.json({ success: false, error: "Invalid registration data" }, 400);
+    }
+
+    const parsed = RegisterNodeSchema.safeParse(rawBody);
+    if (!parsed.success) {
+      return c.json({ success: false, error: "Invalid registration data", details: parsed.error.flatten() }, 400);
+    }
+
+    const body = parsed.data;
+
+    try {
+      deps.validateNodeHost(body.host);
+    } catch (err) {
+      return c.json({ success: false, error: (err as Error).message }, 400);
+    }
+
+    const registrar = deps.nodeRegistrar();
+    const nodeRepo = deps.nodeRepo();
+
+    // Map snake_case HTTP body to camelCase domain type
+    const registration: NodeRegistration = {
+      nodeId: body.node_id,
+      host: body.host,
+      capacityMb: body.capacity_mb,
+      agentVersion: body.agent_version,
+    };
+
+    // Path 1: Per-node persistent secret (returning agent)
+    const uuidPattern = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+    if (!uuidPattern.test(bearer)) {
+      const existingNode = await nodeRepo.getBySecret(bearer);
+      if (existingNode) {
+        await registrar.register({ ...registration, nodeId: existingNode.id });
+        deps.logger?.info(`Node re-registered via per-node secret: ${existingNode.id}`);
+        return c.json({ success: true });
+      }
+      return c.json({ success: false, error: "Unauthorized" }, 401);
+    }
+
+    // Path 2: One-time registration token (UUID format = registration token)
+    const tokenStore = deps.registrationTokenStore();
+    const prefix = deps.nodeIdPrefix ?? "self";
+    const nodeId = `${prefix}-${randomUUID().slice(0, 8)}`;
+    const consumed = await tokenStore.consume(bearer, nodeId);
+
+    if (!consumed) {
+      return c.json({ success: false, error: "Invalid or expired token" }, 401);
+    }
+
+    // Generate persistent per-node secret
+    const secretPrefix = deps.nodeSecretPrefix ?? "wopr_node_";
+    const nodeSecret = `${secretPrefix}${randomUUID().replace(/-/g, "")}`;
+    const hashedSecret = createHash("sha256").update(nodeSecret).digest("hex");
+
+    // Register self-hosted node via registrar
+    await registrar.registerSelfHosted({
+      ...registration,
+      nodeId,
+      ownerUserId: consumed.userId,
+      label: consumed.label,
+      nodeSecretHash: hashedSecret,
+    });
+
+    deps.logger?.info(`Self-hosted node registered: ${nodeId} for user ${consumed.userId}`);
+
+    return c.json({
+      success: true,
+      node_id: nodeId,
+      node_secret: nodeSecret, // Agent saves this — only returned once
+    });
+  });
+
+  return routes;
+}

package/src/api/routes/login-history.ts

@@ -0,0 +1,28 @@
+import { Hono } from "hono";
+import type { AuthEnv } from "../../auth/index.js";
+import type { ILoginHistoryRepository } from "../../auth/login-history-repository.js";
+
+/**
+ * Create login history routes.
+ *
+ * Returns recent login sessions for the authenticated user.
+ * Query params:
+ *   - limit: max results (default 20, max 100)
+ */
+export function createLoginHistoryRoutes(repoFactory: () => ILoginHistoryRepository): Hono<AuthEnv> {
+  const routes = new Hono<AuthEnv>();
+
+  routes.get("/", async (c) => {
+    const user = c.get("user");
+    if (!user) return c.json({ error: "Unauthorized" }, 401);
+
+    const limitRaw = c.req.query("limit");
+    const limit = limitRaw ? Math.min(Math.max(1, Number.parseInt(limitRaw, 10) || 20), 100) : 20;
+
+    const repo = repoFactory();
+    const entries = await repo.findByUserId(user.id, limit);
+    return c.json(entries);
+  });
+
+  return routes;
+}

package/src/api/routes/public-pricing.ts

@@ -0,0 +1,36 @@
+import { Hono } from "hono";
+import type { RateStore } from "../../admin/rates/rate-store.js";
+
+/**
+ * Create public pricing routes.
+ *
+ * Public, unauthenticated endpoint returning active sell rates grouped by capability.
+ * Used by pricing pages to display current rates.
+ */
+export function createPublicPricingRoutes(storeFactory: () => RateStore): Hono {
+  const routes = new Hono();
+
+  routes.get("/", async (c) => {
+    try {
+      const store = storeFactory();
+      const rates = await store.listPublicRates();
+
+      // Group by capability for the UI
+      const grouped: Record<string, Array<{ name: string; unit: string; price: number }>> = {};
+      for (const rate of rates) {
+        if (!grouped[rate.capability]) grouped[rate.capability] = [];
+        grouped[rate.capability].push({
+          name: rate.display_name,
+          unit: rate.unit,
+          price: rate.price_usd,
+        });
+      }
+
+      return c.json({ rates: grouped });
+    } catch {
+      return c.json({ error: "Internal server error" }, 500);
+    }
+  });
+
+  return routes;
+}

package/src/api/routes/quota.ts

@@ -0,0 +1,136 @@
+import { Hono } from "hono";
+import type { ICreditLedger } from "../../credits/credit-ledger.js";
+import { checkInstanceQuota, DEFAULT_INSTANCE_LIMITS } from "../../monetization/quotas/quota-check.js";
+import { buildResourceLimits, DEFAULT_RESOURCE_CONFIG } from "../../monetization/quotas/resource-limits.js";
+
+/**
+ * Create quota routes.
+ *
+ * @param ledgerFactory - Factory returning the credit ledger
+ */
+export function createQuotaRoutes(ledgerFactory: () => ICreditLedger): Hono {
+  const routes = new Hono();
+
+  /**
+   * GET /
+   *
+   * Returns the authenticated tenant's credit balance and resource limits.
+   */
+  routes.get("/", async (c) => {
+    const tenantId = c.req.query("tenant");
+    if (!tenantId) {
+      return c.json({ error: "tenant query param is required" }, 400);
+    }
+
+    const activeRaw = c.req.query("activeInstances");
+    const activeInstances = activeRaw != null ? Number.parseInt(activeRaw, 10) : 0;
+
+    if (Number.isNaN(activeInstances) || activeInstances < 0) {
+      return c.json({ error: "Invalid activeInstances parameter" }, 400);
+    }
+
+    const balance = await ledgerFactory().balance(tenantId);
+
+    return c.json({
+      balanceCents: balance.toCentsRounded(),
+      instances: {
+        current: activeInstances,
+        max: DEFAULT_INSTANCE_LIMITS.maxInstances,
+        remaining:
+          DEFAULT_INSTANCE_LIMITS.maxInstances === 0
+            ? -1
+            : Math.max(0, DEFAULT_INSTANCE_LIMITS.maxInstances - activeInstances),
+      },
+      resources: DEFAULT_RESOURCE_CONFIG,
+    });
+  });
+
+  /**
+   * POST /check
+   *
+   * Check whether an instance creation would be allowed.
+   */
+  routes.post("/check", async (c) => {
+    let body: Record<string, unknown>;
+    try {
+      body = (await c.req.json()) as Record<string, unknown>;
+    } catch {
+      return c.json({ error: "Invalid JSON body" }, 400);
+    }
+
+    const tenantId = body.tenant as string;
+    if (!tenantId) {
+      return c.json({ error: "tenant is required" }, 400);
+    }
+
+    const activeInstances = Number(body.activeInstances ?? 0);
+    const softCap = Boolean(body.softCap);
+
+    if (Number.isNaN(activeInstances) || activeInstances < 0) {
+      return c.json({ error: "Invalid activeInstances" }, 400);
+    }
+
+    // Check credit balance
+    const balance = await ledgerFactory().balance(tenantId);
+    if (balance.isNegative() || balance.isZero()) {
+      return c.json(
+        {
+          allowed: false,
+          reason: "Insufficient credit balance",
+          currentBalanceCents: balance.toCentsRounded(),
+          purchaseUrl: "/settings/billing",
+        },
+        402,
+      );
+    }
+
+    const result = checkInstanceQuota(DEFAULT_INSTANCE_LIMITS, activeInstances, {
+      softCapEnabled: softCap,
+      gracePeriodMs: 7 * 24 * 60 * 60 * 1000,
+    });
+
+    const status = result.allowed ? 200 : 403;
+    return c.json(result, status);
+  });
+
+  /**
+   * GET /balance/:tenant
+   *
+   * Get a tenant's credit balance.
+   */
+  routes.get("/balance/:tenant", async (c) => {
+    const tenantId = c.req.param("tenant");
+    const balance = await ledgerFactory().balance(tenantId);
+    return c.json({ tenantId, balanceCents: balance.toCentsRounded() });
+  });
+
+  /**
+   * GET /history/:tenant
+   *
+   * Get a tenant's credit transaction history.
+   */
+  routes.get("/history/:tenant", async (c) => {
+    const tenantId = c.req.param("tenant");
+    const limitRaw = c.req.query("limit");
+    const offsetRaw = c.req.query("offset");
+    const type = c.req.query("type");
+
+    const limit = limitRaw != null ? Number.parseInt(limitRaw, 10) : 50;
+    const offset = offsetRaw != null ? Number.parseInt(offsetRaw, 10) : 0;
+
+    const transactions = await ledgerFactory().history(tenantId, { limit, offset, type: type || undefined });
+    return c.json({ transactions });
+  });
+
+  /**
+   * GET /resource-limits
+   *
+   * Get default Docker resource constraints for bot containers.
+   */
+  routes.get("/resource-limits", (c) => {
+    const limits = buildResourceLimits();
+    return c.json(limits);
+  });
+
+  return routes;
+}

package/src/api/routes/secret-audit.ts

@@ -0,0 +1,55 @@
+import { Hono } from "hono";
+import type { AuditEnv } from "../../audit/types.js";
+import type { CredentialSummaryRow, ISecretAuditRepository } from "../../security/index.js";
+
+type GetCredentialOwner = (id: string) => Promise<CredentialSummaryRow | null>;
+
+/**
+ * Create secret audit routes.
+ *
+ * @param getRepo - factory for the secret audit repository (lazy init)
+ * @param getCredentialOwner - lookup function to find credential and check ownership
+ */
+export function createSecretAuditRoutes(
+  getRepo: () => ISecretAuditRepository,
+  getCredentialOwner: GetCredentialOwner,
+): Hono<AuditEnv> {
+  const routes = new Hono<AuditEnv>();
+
+  routes.get("/:id/audit", async (c) => {
+    const user = c.get("user");
+    if (!user) return c.json({ error: "Unauthorized" }, 401);
+
+    const credentialId = c.req.param("id");
+
+    // Verify credential exists and is owned by this user
+    const credential = await getCredentialOwner(credentialId);
+    if (!credential || credential.createdBy !== user.id) {
+      return c.json({ error: "Not found" }, 404);
+    }
+
+    const limitRaw = c.req.query("limit") ? Number(c.req.query("limit")) : 50;
+    const offsetRaw = c.req.query("offset") ? Number(c.req.query("offset")) : 0;
+    const limit = Number.isFinite(limitRaw) ? limitRaw : 50;
+    const offset = Number.isFinite(offsetRaw) ? offsetRaw : 0;
+
+    const repo = getRepo();
+    const [events, total] = await Promise.all([
+      repo.listByCredentialId(credentialId, { limit, offset }),
+      repo.countByCredentialId(credentialId),
+    ]);
+
+    return c.json({
+      events: events.map((e) => ({
+        id: e.id,
+        accessedAt: new Date(e.accessedAt).toISOString(),
+        accessedBy: e.accessedBy,
+        action: e.action,
+        ...(e.ip !== null ? { ip: e.ip } : {}),
+      })),
+      total,
+    });
+  });
+
+  return routes;
+}