claudmax 2.0.0 → 2.0.1

package/src/app/api/admin/login/route.ts

@@ -1,72 +0,0 @@
-import { NextResponse } from 'next/server';
-import { prisma } from '@/lib/prisma';
-import bcrypt from 'bcryptjs';
-import { signToken } from '@/lib/auth';
-
-export async function POST(req: Request) {
-  try {
-    const { username, password } = await req.json();
-
-    if (!username || !password) {
-      return NextResponse.json({ error: 'Username and password are required' }, { status: 400 });
-    }
-
-    const admin = await prisma.admin.findUnique({ where: { username } });
-
-    if (!admin) {
-      return NextResponse.json({ error: 'Invalid username or password' }, { status: 401 });
-    }
-
-    if (!admin.isActive) {
-      return NextResponse.json({ error: 'Invalid username or password' }, { status: 401 });
-    }
-
-    const valid = await bcrypt.compare(password, admin.password);
-    if (!valid) {
-      return NextResponse.json({ error: 'Invalid username or password' }, { status: 401 });
-    }
-
-    const token = signToken({
-      id: admin.id,
-      username: admin.username,
-      name: admin.name,
-      role: admin.role as 'super_admin' | 'admin' | 'reseller',
-      isActive: admin.isActive,
-      canCreateKey: admin.canCreateKey,
-      canDeleteKey: admin.canDeleteKey,
-      canBlockKey: admin.canBlockKey,
-      canManageTokens: admin.canManageTokens,
-      canCreateReseller: admin.canCreateReseller,
-      canManageResellers: admin.canManageResellers,
-      canManageUsers: admin.canManageUsers,
-    });
-
-    const { cookies } = await import('next/headers');
-    const cookieStore = await cookies();
-    cookieStore.set('admin_token', token, {
-      httpOnly: true,
-      secure: process.env.NODE_ENV === 'production',
-      sameSite: 'lax',
-      maxAge: 60 * 60 * 24,
-      path: '/',
-    });
-
-    return NextResponse.json({
-      id: admin.id,
-      username: admin.username,
-      name: admin.name,
-      role: admin.role,
-      isActive: admin.isActive,
-      canCreateKey: admin.canCreateKey,
-      canDeleteKey: admin.canDeleteKey,
-      canBlockKey: admin.canBlockKey,
-      canManageTokens: admin.canManageTokens,
-      canCreateReseller: admin.canCreateReseller,
-      canManageResellers: admin.canManageResellers,
-      canManageUsers: admin.canManageUsers,
-    });
-  } catch (err) {
-    console.error('Admin login error:', err);
-    return NextResponse.json({ error: 'Login failed' }, { status: 500 });
-  }
-}

package/src/app/api/admin/logout/route.ts

@@ -1,8 +0,0 @@
-import { NextResponse } from 'next/server';
-import { cookies } from 'next/headers';
-
-export async function POST() {
-  const cookieStore = await cookies();
-  cookieStore.delete('admin_token');
-  return NextResponse.json({ success: true });
-}

package/src/app/api/admin/migrate/route.ts

@@ -1,133 +0,0 @@
-/**
- * Migration route: Fix Plan.tokensPerWindow from TEXT/BigInt to INTEGER
- * Dynamically inspects existing schema and migrates data safely.
- * Call: POST /api/admin/migrate with { migrate: true }
- */
-import { NextResponse } from 'next/server';
-import { createClient } from '@libsql/client';
-import { getAuthUser } from '@/lib/auth';
-
-export async function POST(req: Request) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (me.role !== 'super_admin') return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-
-  const { migrate } = await req.json();
-  if (!migrate) return NextResponse.json({ error: 'migrate flag required' }, { status: 400 });
-
-  const databaseUrl = process.env.DATABASE_URL;
-  if (!databaseUrl) {
-    return NextResponse.json({ error: 'DATABASE_URL not configured' }, { status: 500 });
-  }
-
-  // Parse auth token from DATABASE_URL (format: libsql://host?authToken=xxx)
-  const url = new URL(databaseUrl);
-  const authToken = url.searchParams.get('authToken') ?? undefined;
-  const dbUrl = `${url.protocol}//${url.host}${url.pathname}`;
-  const db = createClient({ url: dbUrl, authToken });
-
-  try {
-    // Step 1: Inspect actual table schema
-    const tableInfo = await db.execute("PRAGMA table_info(Plan)");
-    const cols = tableInfo.rows as any[];
-    const colMap: Record<string, any> = {};
-    for (const c of cols) colMap[c.name] = c;
-    console.log('Current Plan columns:', Object.keys(colMap));
-
-    if (!colMap['tokensPerWindow']) {
-      return NextResponse.json({ error: 'tokensPerWindow column not found' }, { status: 500 });
-    }
-    console.log(`tokensPerWindow type: ${colMap['tokensPerWindow'].type}`);
-
-    // Step 2: Read all existing plan data
-    const plans = await db.execute("SELECT * FROM Plan");
-    console.log(`Found ${plans.rows.length} plan(s)`);
-
-    for (const row of plans.rows as any[]) {
-      const raw = String(row.tokensPerWindow ?? '5000000').replace('.0', '');
-      const cleaned = isNaN(parseInt(raw)) ? 500000 : parseInt(raw);
-      console.log(`  "${row.name}": tokensPerWindow="${row.tokensPerWindow}" -> ${cleaned}`);
-    }
-
-    // Step 3: Get all column names from existing table
-    const existingCols = Object.keys(colMap);
-    const newCols = ['id', 'name', 'tier', 'tokensPerWindow', 'requestsPerWindow',
-      'durationDays', 'displayMultiplier', 'minDurationDays', 'maxDurationDays',
-      'isActive', 'createdAt', 'updatedAt', 'createdByAdminId', 'adminsAllowed'];
-
-    // Build new table
-    await db.execute("DROP TABLE IF EXISTS _Plan_new");
-    await db.execute(`
-      CREATE TABLE _Plan_new (
-        id TEXT PRIMARY KEY,
-        name TEXT NOT NULL,
-        tier TEXT NOT NULL,
-        tokensPerWindow INTEGER NOT NULL,
-        requestsPerWindow INTEGER NOT NULL,
-        durationDays INTEGER NOT NULL,
-        displayMultiplier REAL DEFAULT 1.0,
-        minDurationDays INTEGER DEFAULT 0,
-        maxDurationDays INTEGER DEFAULT -1,
-        isActive INTEGER DEFAULT 1,
-        createdAt TEXT NOT NULL,
-        updatedAt TEXT NOT NULL,
-        createdByAdminId TEXT,
-        adminsAllowed TEXT DEFAULT '[]'
-      )
-    `);
-
-    // Step 4: Copy rows, converting tokensPerWindow to clean integer
-    for (const row of plans.rows as any[]) {
-      const raw = String(row.tokensPerWindow ?? '5000000').replace('.0', '');
-      const cleaned = isNaN(parseInt(raw)) ? 500000 : parseInt(raw);
-
-      const vals: any[] = [];
-      const usedCols: string[] = [];
-      for (const c of newCols) {
-        usedCols.push(c);
-        if (c === 'tokensPerWindow') {
-          vals.push(cleaned);
-        } else if (c === 'isActive') {
-          vals.push(row.isActive ?? 1);
-        } else if (row[c] !== undefined) {
-          vals.push(row[c]);
-        } else if (c === 'createdByAdminId') {
-          vals.push(null);
-        } else if (c === 'adminsAllowed') {
-          vals.push('[]');
-        } else {
-          vals.push(null);
-        }
-      }
-
-      try {
-        await db.execute({
-          sql: `INSERT INTO _Plan_new (${usedCols.join(', ')}) VALUES (${usedCols.map(() => '?').join(', ')})`,
-          args: vals,
-        });
-      } catch (insertErr: any) {
-        console.error(`Failed to insert plan "${row.name}":`, insertErr);
-      }
-    }
-
-    // Step 5: Swap tables
-    await db.execute("DROP TABLE Plan");
-    await db.execute("ALTER TABLE _Plan_new RENAME TO Plan");
-
-    // Step 6: Verify
-    const verify = await db.execute("SELECT id, name, tokensPerWindow, typeof(tokensPerWindow) as type FROM Plan");
-    console.log('\nPost-migration:');
-    for (const row of verify.rows as any[]) {
-      console.log(`  ${row.name}: ${row.tokensPerWindow} (type: ${row.type})`);
-    }
-
-    return NextResponse.json({
-      success: true,
-      message: 'Plan.tokensPerWindow migrated to INTEGER',
-      plansMigrated: verify.rows.length,
-    });
-  } catch (err: any) {
-    console.error('Migration error:', err);
-    return NextResponse.json({ error: 'Migration failed', detail: String(err) }, { status: 500 });
-  }
-}

package/src/app/api/admin/plans/[id]/route.ts

@@ -1,65 +0,0 @@
-import { NextResponse } from 'next/server';
-import { prisma } from '@/lib/prisma';
-import { getAuthUser } from '@/lib/auth';
-
-type Params = { params: Promise<{ id: string }> };
-
-export async function GET(req: Request, { params }: Params) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (!['super_admin', 'admin'].includes(me.role)) {
-    return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-  }
-
-  const { id } = await params;
-  const plan = await prisma.plan.findUnique({ where: { id } });
-  if (!plan) return NextResponse.json({ error: 'Not found' }, { status: 404 });
-
-  return NextResponse.json({ ...plan, tokensPerWindow: Number(plan.tokensPerWindow) });
-}
-
-export async function PUT(req: Request, { params }: Params) {
-  try {
-    const me = await getAuthUser();
-    if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-    if (me.role !== 'super_admin') {
-      return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-    }
-
-    const { id } = await params;
-    const body = await req.json();
-    const { name, tier, tokensPerWindow, requestsPerWindow, durationDays, displayMultiplier, minDurationDays, maxDurationDays, isActive } = body;
-
-    const plan = await prisma.plan.update({
-      where: { id },
-      data: {
-        name: name ?? undefined,
-        tier: tier ?? undefined,
-        tokensPerWindow: tokensPerWindow !== undefined ? tokensPerWindow : undefined,
-        requestsPerWindow: requestsPerWindow ?? undefined,
-        durationDays: durationDays ?? undefined,
-        displayMultiplier: displayMultiplier ?? undefined,
-        minDurationDays: minDurationDays ?? undefined,
-        maxDurationDays: maxDurationDays ?? undefined,
-        isActive: isActive ?? undefined,
-      },
-    });
-
-    return NextResponse.json({ ...plan, tokensPerWindow: Number(plan.tokensPerWindow) });
-  } catch (err) {
-    console.error('[/api/admin/plans/[id] PUT]', err);
-    return NextResponse.json({ error: 'Internal error', detail: String(err) }, { status: 500 });
-  }
-}
-
-export async function DELETE(req: Request, { params }: Params) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (me.role !== 'super_admin') {
-    return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-  }
-
-  const { id } = await params;
-  await prisma.plan.delete({ where: { id } });
-  return NextResponse.json({ success: true });
-}

package/src/app/api/admin/plans/route.ts

@@ -1,66 +0,0 @@
-import { NextResponse } from 'next/server';
-import { prisma } from '@/lib/prisma';
-import { getAuthUser } from '@/lib/auth';
-
-export async function GET(req: Request) {
-  try {
-    const me = await getAuthUser();
-    if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-    if (!['super_admin', 'admin'].includes(me.role)) {
-      return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-    }
-
-    const plans = await prisma.plan.findMany({
-      where: { isActive: true },
-      orderBy: { tokensPerWindow: 'asc' },
-      select: {
-        id: true, name: true, tier: true,
-        tokensPerWindow: true, requestsPerWindow: true,
-        durationDays: true, displayMultiplier: true,
-        minDurationDays: true, maxDurationDays: true,
-        isActive: true, createdAt: true,
-      },
-    });
-
-    return NextResponse.json({ plans: plans.map(p => ({ ...p, tokensPerWindow: Number(p.tokensPerWindow) })) });
-  } catch (err) {
-    console.error('[/api/admin/plans GET]', err);
-    return NextResponse.json({ error: 'Internal error', detail: String(err) }, { status: 500 });
-  }
-}
-
-export async function POST(req: Request) {
-  try {
-    const me = await getAuthUser();
-    if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-    if (me.role !== 'super_admin') {
-      return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-    }
-
-    const body = await req.json();
-    const { name, tier, tokensPerWindow, requestsPerWindow, durationDays, displayMultiplier, minDurationDays, maxDurationDays } = body;
-
-    if (!name || !tier) {
-      return NextResponse.json({ error: 'Name and tier are required' }, { status: 400 });
-    }
-
-    const plan = await prisma.plan.create({
-      data: {
-        name,
-        tier: tier ?? 'free',
-        tokensPerWindow: tokensPerWindow ?? 500_000,
-        requestsPerWindow: requestsPerWindow ?? 100,
-        durationDays: durationDays ?? 30,
-        displayMultiplier: displayMultiplier ?? 1.0,
-        minDurationDays: minDurationDays ?? 0,
-        maxDurationDays: maxDurationDays ?? -1,
-        createdByAdminId: me.id,
-      },
-    });
-
-    return NextResponse.json({ ...plan, tokensPerWindow: Number(plan.tokensPerWindow) }, { status: 201 });
-  } catch (err) {
-    console.error('[/api/admin/plans POST]', err);
-    return NextResponse.json({ error: 'Internal error', detail: String(err) }, { status: 500 });
-  }
-}

package/src/app/api/admin/posts/[id]/route.ts

@@ -1,81 +0,0 @@
-import { NextResponse } from 'next/server';
-import { prisma } from '@/lib/prisma';
-import { getAuthUser } from '@/lib/auth';
-import { randomBytes } from 'crypto';
-
-function slugify(text: string): string {
-  return text
-    .toLowerCase()
-    .replace(/[^\w\s-]/g, '')
-    .replace(/\s+/g, '-')
-    .replace(/-+/g, '-')
-    .trim();
-}
-
-type Params = { params: Promise<{ id: string }> };
-
-export async function GET(req: Request, { params }: Params) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (!['super_admin', 'admin'].includes(me.role)) return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-  const { id } = await params;
-
-  const post = await prisma.post.findUnique({
-    where: { id },
-    include: { author: { select: { name: true } } },
-  });
-  if (!post) return NextResponse.json({ error: 'Not found' }, { status: 404 });
-
-  return NextResponse.json(post);
-}
-
-export async function PUT(req: Request, { params }: Params) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (!['super_admin', 'admin'].includes(me.role)) return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-  const { id } = await params;
-
-  const post = await prisma.post.findUnique({ where: { id } });
-  if (!post) return NextResponse.json({ error: 'Not found' }, { status: 404 });
-
-  const body = await req.json();
-  const { title, content, excerpt, coverImage, tags, seoTitle, seoDesc, published } = body;
-
-  let slug = post.slug;
-  if (title && slugify(title) !== post.slug) {
-    const newSlug = slugify(title);
-    const existing = await prisma.post.findUnique({ where: { slug: newSlug } });
-    slug = existing ? `${newSlug}-${randomBytes(4).toString('hex').slice(0, 6)}` : newSlug;
-  }
-
-  const wasPublished = post.published;
-  const nowPublishing = published && !wasPublished;
-
-  const updated = await prisma.post.update({
-    where: { id },
-    data: {
-      title: title ?? post.title,
-      slug,
-      content: content ?? post.content,
-      excerpt: excerpt !== undefined ? excerpt : post.excerpt,
-      coverImage: coverImage !== undefined ? coverImage : post.coverImage,
-      tags: tags !== undefined ? tags : post.tags,
-      seoTitle: seoTitle !== undefined ? seoTitle : post.seoTitle,
-      seoDesc: seoDesc !== undefined ? seoDesc : post.seoDesc,
-      published: published !== undefined ? published : post.published,
-      publishedAt: nowPublishing ? new Date() : post.publishedAt,
-    },
-  });
-
-  return NextResponse.json(updated);
-}
-
-export async function DELETE(req: Request, { params }: Params) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (!['super_admin', 'admin'].includes(me.role)) return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-  const { id } = await params;
-
-  await prisma.post.delete({ where: { id } });
-  return NextResponse.json({ success: true });
-}

package/src/app/api/admin/posts/route.ts

@@ -1,83 +0,0 @@
-import { NextResponse } from 'next/server';
-import { prisma } from '@/lib/prisma';
-import { getAuthUser } from '@/lib/auth';
-import { randomBytes } from 'crypto';
-
-function slugify(text: string): string {
-  return text
-    .toLowerCase()
-    .replace(/[^\w\s-]/g, '')
-    .replace(/\s+/g, '-')
-    .replace(/-+/g, '-')
-    .trim();
-}
-
-export async function GET(req: Request) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (!['super_admin', 'admin'].includes(me.role)) return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-
-  const { searchParams } = new URL(req.url);
-  const page = parseInt(searchParams.get('page') ?? '1');
-  const limit = parseInt(searchParams.get('limit') ?? '10');
-  const status = searchParams.get('status'); // published | draft
-  const skip = (page - 1) * limit;
-
-  const where: any = {};
-  if (status === 'published') where.published = true;
-  if (status === 'draft') where.published = false;
-
-  const [posts, total] = await Promise.all([
-    prisma.post.findMany({
-      where,
-      orderBy: { createdAt: 'desc' },
-      skip,
-      take: limit,
-      select: {
-        id: true, title: true, slug: true, excerpt: true, coverImage: true,
-        published: true, publishedAt: true, tags: true, views: true, seoTitle: true, seoDesc: true,
-        createdAt: true, updatedAt: true,
-        author: { select: { name: true } },
-      },
-    }),
-    prisma.post.count({ where }),
-  ]);
-
-  return NextResponse.json({ posts, total, pages: Math.ceil(total / limit), page });
-}
-
-export async function POST(req: Request) {
-  const me = await getAuthUser();
-  if (!me) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-  if (!['super_admin', 'admin'].includes(me.role)) return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
-
-  const body = await req.json();
-  const { title, content, excerpt, coverImage, tags, seoTitle, seoDesc, published } = body;
-
-  if (!title || !content) {
-    return NextResponse.json({ error: 'Title and content are required' }, { status: 400 });
-  }
-
-  let slug = slugify(title);
-  // Ensure unique slug
-  const existing = await prisma.post.findUnique({ where: { slug } });
-  if (existing) slug = `${slug}-${randomBytes(4).toString('hex').slice(0, 6)}`;
-
-  const post = await prisma.post.create({
-    data: {
-      title,
-      slug,
-      content,
-      excerpt: excerpt ?? null,
-      coverImage: coverImage ?? null,
-      tags: tags ?? '',
-      seoTitle: seoTitle ?? null,
-      seoDesc: seoDesc ?? null,
-      published: published ?? false,
-      publishedAt: published ? new Date() : null,
-      authorId: me.id,
-    },
-  });
-
-  return NextResponse.json(post, { status: 201 });
-}

package/src/app/api/admin/seed/route.ts

@@ -1,145 +0,0 @@
-import { NextResponse } from 'next/server';
-import { Resend } from 'resend';
-import { prisma } from '@/lib/prisma';
-import bcrypt from 'bcryptjs';
-import { randomBytes } from 'crypto';
-
-function getResendClient() {
-  if (!process.env.RESEND_API_KEY) return null;
-  return new Resend(process.env.RESEND_API_KEY);
-}
-
-const DEFAULT_SUPERADMIN_PASSWORD = '@Monu123';
-
-const DEFAULT_PLANS = [
-  {
-    name: '5x Max Trial',
-    tier: '5x',
-    tokensPerWindow: 5000000,
-    requestsPerWindow: 18000,
-    durationDays: 7,
-    displayMultiplier: 3.0,
-    minDurationDays: 7,
-    maxDurationDays: 90,
-  },
-  {
-    name: '5x Max',
-    tier: '5x',
-    tokensPerWindow: 5000000,
-    requestsPerWindow: 18000,
-    durationDays: 30,
-    displayMultiplier: 3.0,
-    minDurationDays: 7,
-    maxDurationDays: 90,
-  },
-  {
-    name: '20x Max Trial',
-    tier: '20x',
-    tokensPerWindow: 20000000,
-    requestsPerWindow: 18000,
-    durationDays: 7,
-    displayMultiplier: 3.0,
-    minDurationDays: 7,
-    maxDurationDays: 90,
-  },
-  {
-    name: '20x Max',
-    tier: '20x',
-    tokensPerWindow: 20000000,
-    requestsPerWindow: 18000,
-    durationDays: 30,
-    displayMultiplier: 3.0,
-    minDurationDays: 7,
-    maxDurationDays: 90,
-  },
-];
-
-export async function POST(req: Request) {
-  try {
-    const { secret } = await req.json();
-
-    if (secret !== (process.env.SUPER_ADMIN_PASSWORD || DEFAULT_SUPERADMIN_PASSWORD)) {
-      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
-    }
-
-    let plansCreated = 0;
-    await prisma.plan.deleteMany({});
-    for (const plan of DEFAULT_PLANS) {
-      await prisma.plan.create({ data: plan });
-      plansCreated++;
-    }
-
-    // Create or update superadmin — always use DEFAULT_SUPERADMIN_PASSWORD
-    const allPlans = await prisma.plan.findMany();
-    const existing = await prisma.admin.findUnique({ where: { username: 'superadmin' } });
-    const passwordHash = await bcrypt.hash(DEFAULT_SUPERADMIN_PASSWORD, 12);
-
-    if (existing) {
-      // Update password to the new credential
-      const updateData: any = {
-        password: passwordHash,
-        allowedPlanIds: JSON.stringify(allPlans.map(p => p.id)),
-        defaultPlanId: allPlans[0]?.id ?? null,
-        supportEnabled: true,
-      };
-      await prisma.admin.update({ where: { username: 'superadmin' }, data: updateData });
-    } else {
-      const createData: any = {
-        username: 'superadmin',
-        password: passwordHash,
-        name: 'Super Admin',
-        role: 'super_admin',
-        isActive: true,
-        canCreateKey: true,
-        canDeleteKey: true,
-        canBlockKey: true,
-        canManageTokens: true,
-        canCreateReseller: true,
-        canManageResellers: true,
-        canManageUsers: true,
-        allowedPlanIds: JSON.stringify(allPlans.map(p => p.id)),
-        defaultPlanId: allPlans[0]?.id ?? null,
-        supportEnabled: true,
-      };
-      await prisma.admin.create({ data: createData });
-    }
-
-    // Create a default API key if none exist
-    const keyCount = await prisma.apiKey.count();
-    if (keyCount === 0) {
-      const rawKey = randomBytes(32).toString('hex');
-      const key = `sk-cmx_${rawKey}`;
-      const defaultPlan = await prisma.plan.findFirst({ where: { name: '20x Max' } });
-      const expiresAt = defaultPlan && defaultPlan.durationDays > 0
-        ? new Date(Date.now() + defaultPlan.durationDays * 24 * 60 * 60 * 1000)
-        : null;
-      await prisma.apiKey.create({
-        data: {
-          key,
-          name: 'ClaudMax Default Key',
-          prefix: `sk-cmx_${rawKey.slice(0, 6)}`,
-          tier: '20x',
-          isActive: true,
-          windowStartAt: new Date(),
-          windowTokensUsed: 0,
-          windowRequestsUsed: 0,
-          totalTokensUsed: 0,
-          displayMultiplier: 3.0,
-          planId: defaultPlan?.id,
-          expiresAt,
-        },
-      });
-    }
-
-    return NextResponse.json({
-      success: true,
-      message: 'Database seeded successfully',
-      superadmin: existing ? 'password updated' : 'created',
-      plansCreated,
-      apiKey: keyCount === 0 ? 'generated and created' : 'already exists',
-    });
-  } catch (err) {
-    console.error('Seed error:', err);
-    return NextResponse.json({ error: 'Seed failed', detail: String(err) }, { status: 500 });
-  }
-}