kasy-cli 1.20.0 → 1.21.0-beta.0

package/lib/scaffold/backends/api/patch/lib/features/llm_chat/providers/llm_chat_notifier.dart

@@ -0,0 +1,317 @@
+import 'dart:convert';
+
+import 'package:dio/dio.dart';
+import 'package:flutter_riverpod/flutter_riverpod.dart';
+import 'package:kasy_kit/core/config/app_env.dart';
+import 'package:kasy_kit/core/data/api/http_client.dart';
+import 'package:kasy_kit/core/states/translations.dart';
+import 'package:kasy_kit/core/states/user_state_notifier.dart';
+import 'package:kasy_kit/features/llm_chat/api/llm_chat_api.dart';
+import 'package:kasy_kit/features/llm_chat/api/llm_chat_message_entity.dart';
+import 'package:logger/logger.dart';
+
+/// Maximum number of recent messages sent to the AI as context.
+///
+/// Lower values = fewer tokens = cheaper + faster responses.
+/// Higher values = more conversational memory but higher cost.
+///
+/// Each exchange = 2 messages (1 user + 1 assistant).
+/// Default: 20 messages = 10 exchanges of back-and-forth.
+///
+/// To change: update this constant and redeploy (no backend change needed).
+const int _kMaxContextMessages = 20;
+
+/// A single message in the chat conversation.
+class ChatMessage {
+  final String role; // 'user' or 'assistant'
+  final String content;
+
+  const ChatMessage({required this.role, required this.content});
+
+  factory ChatMessage.user(String content) =>
+      ChatMessage(role: 'user', content: content);
+
+  factory ChatMessage.assistant(String content) =>
+      ChatMessage(role: 'assistant', content: content);
+
+  factory ChatMessage.fromEntity(LlmChatMessageEntity entity) =>
+      ChatMessage(role: entity.role, content: entity.content);
+
+  LlmChatMessageEntity toEntity() => LlmChatMessageEntity(
+    role: role,
+    content: content,
+    createdAt: DateTime.now(),
+  );
+}
+
+/// UI state for the LLM chat screen.
+class LlmChatState {
+  final List<ChatMessage> messages;
+
+  /// True while the HTTP request to the LLM backend is in-flight.
+  final bool isReplying;
+
+  /// True once the first SSE chunk has been received.
+  /// While true the last message in [messages] is the partial assistant reply.
+  final bool streamingStarted;
+
+  const LlmChatState({
+    required this.messages,
+    this.isReplying = false,
+    this.streamingStarted = false,
+  });
+
+  LlmChatState copyWith({
+    List<ChatMessage>? messages,
+    bool? isReplying,
+    bool? streamingStarted,
+  }) {
+    return LlmChatState(
+      messages: messages ?? this.messages,
+      isReplying: isReplying ?? this.isReplying,
+      streamingStarted: streamingStarted ?? this.streamingStarted,
+    );
+  }
+}
+
+/// Manages LLM chat state: loads history from the backend on init,
+/// persists each message, and streams the assistant reply word-by-word via SSE.
+final llmChatNotifierProvider =
+    AsyncNotifierProvider<LlmChatNotifier, LlmChatState>(LlmChatNotifier.new);
+
+class LlmChatNotifier extends AsyncNotifier<LlmChatState> {
+  final Logger _logger = Logger();
+
+  @override
+  Future<LlmChatState> build() async {
+    final userId = ref.read(userStateNotifierProvider).user.idOrNull;
+    if (userId == null) return const LlmChatState(messages: []);
+
+    try {
+      final entities = await ref.read(llmChatApiProvider).loadMessages(userId);
+      return LlmChatState(
+        messages: entities.map(ChatMessage.fromEntity).toList(),
+      );
+    } catch (e) {
+      _logger.e('Failed to load LLM chat history: $e');
+      // Graceful fallback: start fresh if the backend is unavailable.
+      return const LlmChatState(messages: []);
+    }
+  }
+
+  /// Adds the user message to the conversation, persists it, then streams
+  /// the assistant reply chunk-by-chunk via SSE, updating state on each token.
+  Future<void> sendMessage(String prompt) async {
+    final current = switch (state) {
+      AsyncData(:final value) => value,
+      _ => null,
+    };
+    if (current == null || current.isReplying) return;
+
+    final userMsg = ChatMessage.user(prompt);
+    state = AsyncData(
+      current.copyWith(
+        messages: [...current.messages, userMsg],
+        isReplying: true,
+        streamingStarted: false,
+      ),
+    );
+
+    _persistMessage(userMsg);
+
+    // Pass only the last _kMaxContextMessages messages to the AI.
+    // The full history is still stored in the DB for the user to read.
+    final allMessages = (state as AsyncData<LlmChatState>).value.messages;
+    final history = allMessages.length > _kMaxContextMessages
+        ? allMessages.sublist(allMessages.length - _kMaxContextMessages)
+        : allMessages;
+    await _requestReplyStream(history);
+  }
+
+  // ---------------------------------------------------------------------------
+  // SSE streaming
+  // ---------------------------------------------------------------------------
+
+  Future<void> _requestReplyStream(List<ChatMessage> history) async {
+    final t = ref.read(translationsProvider).llm_chat;
+    final String llmChatEndpoint = AppEnv.llmChatEndpoint;
+
+    if (llmChatEndpoint.isEmpty) {
+      _finalizeAssistantMessage(t.error_not_configured);
+      return;
+    }
+
+    // API backend: reuse the Bearer token already managed by HttpClient
+    // (no Firebase Auth — the user authenticates against your REST backend).
+    final authToken = ref.read(httpClientProvider).authToken;
+    if (authToken == null) {
+      _finalizeAssistantMessage(t.error_not_configured);
+      return;
+    }
+
+    final dio = Dio(
+      BaseOptions(
+        headers: {
+          'Authorization': 'Bearer $authToken',
+          'Content-Type': 'application/json',
+        },
+      ),
+    );
+
+    try {
+      final response = await dio.post<ResponseBody>(
+        llmChatEndpoint,
+        data: {
+          'message': history.last.content,
+          'history': history
+              .map((e) => {'role': e.role, 'content': e.content})
+              .toList(growable: false),
+        },
+        options: Options(responseType: ResponseType.stream),
+      );
+
+      final lineBuffer = StringBuffer();
+      final contentBuffer = StringBuffer();
+
+      await for (final chunk in response.data!.stream) {
+        final text = utf8.decode(chunk, allowMalformed: true);
+        lineBuffer.write(text);
+
+        // Process only complete lines — keep the last incomplete fragment
+        // in the buffer for the next iteration.
+        final raw = lineBuffer.toString();
+        final lastNewline = raw.lastIndexOf('\n');
+        if (lastNewline == -1) continue;
+
+        final completeSection = raw.substring(0, lastNewline + 1);
+        lineBuffer.clear();
+        if (lastNewline < raw.length - 1) {
+          lineBuffer.write(raw.substring(lastNewline + 1));
+        }
+
+        for (final line in completeSection.split('\n')) {
+          final delta = _extractSSEDelta(line.trimRight());
+          if (delta.isEmpty) continue;
+
+          contentBuffer.write(delta);
+          _appendStreamingChunk(contentBuffer.toString());
+        }
+      }
+
+      // Persist the complete assistant reply once the stream ends.
+      final fullContent = contentBuffer.toString();
+      if (fullContent.isNotEmpty) {
+        _persistMessage(ChatMessage.assistant(fullContent));
+      } else {
+        // Stream ended with no content (e.g. error event)
+        _finalizeAssistantMessage(t.error_no_reply);
+        return;
+      }
+
+      // Mark the reply as finished without touching the message list.
+      final latest = switch (state) {
+        AsyncData(:final value) => value,
+        _ => null,
+      };
+      if (latest != null) {
+        state = AsyncData(
+          latest.copyWith(isReplying: false, streamingStarted: false),
+        );
+      }
+    } catch (error) {
+      _logger.e('LLM chat stream failed: $error');
+      _finalizeAssistantMessage(t.error_network);
+    }
+  }
+
+  /// Called on every incoming SSE token to update the last assistant bubble.
+  void _appendStreamingChunk(String partialContent) {
+    final current = switch (state) {
+      AsyncData(:final value) => value,
+      _ => null,
+    };
+    if (current == null) return;
+
+    final msgs = current.messages;
+    final newMsgs = current.streamingStarted
+        // Replace the in-progress bubble with the latest accumulated content.
+        ? [
+            ...msgs.sublist(0, msgs.length - 1),
+            ChatMessage.assistant(partialContent),
+          ]
+        // First chunk: append a new assistant bubble.
+        : [...msgs, ChatMessage.assistant(partialContent)];
+
+    state = AsyncData(
+      LlmChatState(messages: newMsgs, isReplying: true, streamingStarted: true),
+    );
+  }
+
+  /// Replaces (or appends) the assistant bubble with [content] and marks
+  /// the reply as finished. Used for error messages and empty-stream fallback.
+  void _finalizeAssistantMessage(String content) {
+    final current = switch (state) {
+      AsyncData(:final value) => value,
+      _ => const LlmChatState(messages: []),
+    };
+    final msgs = current.messages;
+    final newMsgs = current.streamingStarted
+        ? [...msgs.sublist(0, msgs.length - 1), ChatMessage.assistant(content)]
+        : [...msgs, ChatMessage.assistant(content)];
+    state = AsyncData(LlmChatState(messages: newMsgs));
+  }
+
+  // ---------------------------------------------------------------------------
+  // SSE parsing
+  // ---------------------------------------------------------------------------
+
+  /// Extracts the text delta from a single SSE `data:` line.
+  /// Supports both OpenAI (`choices[0].delta.content`) and
+  /// Gemini (`candidates[0].content.parts[0].text`) formats.
+  String _extractSSEDelta(String line) {
+    if (!line.startsWith('data: ')) return '';
+    final payload = line.substring(6);
+    if (payload == '[DONE]') return '';
+    try {
+      final json = jsonDecode(payload) as Map<String, dynamic>;
+
+      // OpenAI format
+      final choices = json['choices'] as List?;
+      if (choices != null && choices.isNotEmpty) {
+        final delta =
+            (choices.first as Map<String, dynamic>)['delta']
+                as Map<String, dynamic>?;
+        return (delta?['content'] as String?) ?? '';
+      }
+
+      // Gemini format
+      final candidates = json['candidates'] as List?;
+      if (candidates != null && candidates.isNotEmpty) {
+        final content =
+            (candidates.first as Map<String, dynamic>)['content']
+                as Map<String, dynamic>?;
+        final parts = content?['parts'] as List?;
+        if (parts != null && parts.isNotEmpty) {
+          return ((parts.first as Map<String, dynamic>)['text'] as String?) ??
+              '';
+        }
+      }
+    } catch (_) {}
+    return '';
+  }
+
+  // ---------------------------------------------------------------------------
+  // Persistence
+  // ---------------------------------------------------------------------------
+
+  void _persistMessage(ChatMessage message) {
+    final userId = ref.read(userStateNotifierProvider).user.idOrNull;
+    if (userId == null) return;
+    ref
+        .read(llmChatApiProvider)
+        .saveMessage(userId, message.toEntity())
+        .catchError((e) {
+          _logger.e('Failed to persist message: $e');
+        });
+  }
+}

package/lib/scaffold/backends/api/patch/lib/features/notifications/api/device_api.dart

@@ -109,13 +109,28 @@ class FirebaseDeviceApi implements DeviceApi {
   Future<DeviceEntity> get() async {
     try {
       final installationId = await _installations.getId();
+      // On iOS, the APNS token may not be immediately available on first launch.
+      // We wait up to ~10 seconds before giving up.
+      if (defaultTargetPlatform == TargetPlatform.iOS && !kIsWeb) {
+        for (int i = 0; i < 10; i++) {
+          final apns = await _messaging.getAPNSToken();
+          if (apns != null) break;
+          await Future.delayed(const Duration(seconds: 1));
+        }
+      }
       final token = await _messaging.getToken();
+      if (token == null) {
+        throw ApiError(
+          code: 0,
+          message: 'FCM token is null — check Firebase setup and notification permissions',
+        );
+      }
       final os = Platform.isAndroid
           ? OperatingSystem.android //
           : OperatingSystem.ios;
       return DeviceEntity(
         installationId: installationId,
-        token: token!,
+        token: token,
         operatingSystem: os,
         creationDate: DateTime.now(),
         lastUpdateDate: DateTime.now(),
@@ -287,6 +302,7 @@ class FirebaseDeviceApi implements DeviceApi {
   }
 
   Future<String?> getIpAddress() async {
+    if (kIsWeb) return null;
     try {
       // First, try to find a public IP in network interfaces
       final interfaces = await io.NetworkInterface.list();
@@ -331,6 +347,29 @@ class FirebaseDeviceApi implements DeviceApi {
   /// Returns a map with all device information
   @override
   Future<Map<String, String>> fetchDeviceProperties() async {
+    // On web there is no native device layer (no NetworkInterface, no Platform):
+    // return static values so the app works as a PWA without throwing at runtime.
+    if (kIsWeb) {
+      final webLocale = PlatformDispatcher.instance.locale.toLanguageTag().replaceAll('-', '_');
+      return {
+        'appLongVersion': '',
+        'osVersion': 'web',
+        'deviceModel': 'browser',
+        'deviceLocale': webLocale,
+        'timezone': '',
+        'carrier': '',
+        'screenWidth': '',
+        'screenHeight': '',
+        'screenDensity': '',
+        'cpuCores': '',
+        'storageSize': '',
+        'freeStorage': '',
+        'deviceTimezone': '',
+        'mobileAdvertiserId': '',
+        'anonymousFbId': '',
+        'clientIpAddress': '',
+      };
+    }
     try {
       final deviceInfo = DeviceInfoPlugin();
       final packageInfo = await PackageInfo.fromPlatform();

package/lib/scaffold/backends/api/patch/lib/features/notifications/api/entities/notifications_entity.dart

@@ -1,3 +1,5 @@
+// ignore_for_file: invalid_annotation_target, constant_identifier_names
+
 import 'package:freezed_annotation/freezed_annotation.dart';
 
 part 'notifications_entity.freezed.dart';

package/lib/scaffold/backends/api/patch/lib/features/onboarding/api/entities/user_info_entity.dart

@@ -17,7 +17,7 @@ sealed class UserInfoEntity with _$UserInfoEntity {
     @JsonKey(name: 'user_id') required String userId,
     @JsonKey(name: 'key') required String key,
     @JsonKey(name: 'value') required String value,
-  }) = SubscriptionEntityData;
+  }) = UserInfoEntityData;
 
   factory UserInfoEntity.fromJson(Map<String, Object?> json) =>
       _$UserInfoEntityFromJson(json);

package/lib/scaffold/backends/api/patch/lib/features/subscription/api/entities/subscription_entity.dart

@@ -20,7 +20,7 @@ enum SubscriptionStatus {
 sealed class SubscriptionEntity with _$SubscriptionEntity {
   const factory SubscriptionEntity({
     @JsonKey(includeIfNull: false) String? id,
-    @JsonKey(name: 'offer_id') required String offerId,
+    @JsonKey(name: 'offer_id') String? offerId,
     @JsonKey(name: 'sku_id') required String skuId,
     @JsonKey(name: 'creation_date') DateTime? creationDate,
     @JsonKey(name: 'last_update_date') DateTime? lastUpdateDate,

package/lib/scaffold/backends/api/patch/lib/features/subscription/shared/maybeshow_premium.dart

@@ -13,8 +13,6 @@ import 'package:kasy_kit/router.dart';
 
 const _lastAskKey = 'subscription_last_asking_date';
 
-const _lastShowPromoKey = 'subscription_last_show_promo_date';
-
 const _kDaysToAsk = 2;
 
 class MaybeShowPremiumPage implements MaybeShowWithRef {

package/lib/scaffold/backends/api/pubspec.yaml.tpl

@@ -51,6 +51,7 @@ dependencies:
   intl: ^0.20.2
   jiffy: ^6.4.4
   json_annotation: ^4.9.0
+  local_auth: ^3.0.1
   logger: ^2.6.2
   lucide_icons_flutter: ^3.1.10
   mixpanel_flutter: ^2.5.0
@@ -71,6 +72,7 @@ dependencies:
   universal_html: ^2.3.0
   universal_io: ^2.3.1
   url_launcher: ^6.3.2
+  web: ^1.1.1
 
 dev_dependencies:
   build_runner: ^2.11.1

package/lib/scaffold/backends/firebase/enable-auth-via-cli.js

@@ -34,14 +34,17 @@ async function getGcloudAccountEmail() {
  */
 async function mergeAuthIntoFirebaseJson(projectDir, providers) {
   const firebaseJsonPath = path.join(projectDir, 'firebase.json');
-  if (!(await fs.pathExists(firebaseJsonPath))) {
-    return { ok: false, error: 'firebase.json not found in project root' };
-  }
-  let config;
-  try {
-    config = await fs.readJson(firebaseJsonPath);
-  } catch (err) {
-    return { ok: false, error: `Failed to parse firebase.json: ${err.message}` };
+  // Supabase projects have no firebase.json (Firebase is only used there for FCM
+  // and to create the Google OAuth client). Start from an empty config so the
+  // `firebase deploy --only auth` below has a file to read — the deploy only
+  // touches the auth block, leaving everything else untouched.
+  let config = {};
+  if (await fs.pathExists(firebaseJsonPath)) {
+    try {
+      config = await fs.readJson(firebaseJsonPath);
+    } catch (err) {
+      return { ok: false, error: `Failed to parse firebase.json: ${err.message}` };
+    }
   }
   config.auth = {
     ...(config.auth || {}),

package/lib/scaffold/backends/firebase/setup-from-scratch.js

@@ -18,6 +18,7 @@ const { promisify } = require('node:util');
 const path = require('node:path');
 const fs = require('fs-extra');
 const os = require('node:os');
+const { getInstallGuide } = require('../../../utils/checks');
 
 const execAsync = promisify(exec);
 
@@ -104,14 +105,15 @@ async function checkGcloudAuth() {
  * Get platform-specific install instructions for gcloud CLI.
  */
 function getGcloudInstallInstructions() {
-  const platform = process.platform;
-  if (platform === 'darwin') {
-    return { install: 'brew install --cask google-cloud-sdk', after: 'gcloud auth login', url: 'https://cloud.google.com/sdk/docs/install' };
-  }
-  if (platform === 'win32') {
-    return { install: null, hint: 'Download and run the installer from the link below, then restart the terminal.', after: 'gcloud auth login', url: 'https://cloud.google.com/sdk/docs/install#windows' };
-  }
-  return { install: 'curl https://sdk.cloud.google.com | bash', after: 'gcloud auth login', url: 'https://cloud.google.com/sdk/docs/install' };
+  // Delegates to the single source of truth in utils/checks so the install
+  // command shown here can never drift from the one the env checks suggest.
+  const guide = getInstallGuide('gcloud');
+  return {
+    install: guide.cmd,
+    hint: guide.cmd ? null : 'Download and run the installer from the link below, then restart the terminal.',
+    after: guide.after,
+    url: guide.url,
+  };
 }
 
 /**

package/lib/scaffold/backends/supabase/deploy.js

@@ -197,6 +197,51 @@ async function enableGoogleSignIn(projectRef, webClientId, clientSecret) {
   }
 }
 
+/**
+ * Enable Apple Sign-In on the Supabase project via Management API.
+ *
+ * For native iOS sign-in (signInWithIdToken) Supabase validates the ID token's
+ * audience against external_apple_client_id, a comma-separated list of allowed
+ * client IDs. For a native iOS app that audience is the app's bundle ID, so we
+ * set it there. No secret is required for native sign-in; external_apple_secret
+ * is only needed for the web OAuth flow (Sign in with Apple JS), which requires
+ * an Apple Developer Service ID and is configured manually later.
+ *
+ * Note: external_apple_additional_client_ids is NOT used here. The Management API
+ * only appends it onto external_apple_client_id on write and always returns it as
+ * null on read, which makes the configured value impossible to verify.
+ *
+ * @param {string} projectRef
+ * @param {string} bundleId - iOS bundle identifier (e.g. com.acme.app)
+ */
+async function enableAppleSignIn(projectRef, bundleId) {
+  if (!bundleId) return { ok: false, error: 'bundleId is required' };
+  const token = await getSupabaseAccessToken();
+  if (!token) return { ok: false, error: 'Could not retrieve Supabase access token' };
+  const payload = JSON.stringify({
+    external_apple_enabled: true,
+    external_apple_client_id: bundleId,
+  });
+  const result = await run(
+    `curl -s -X PATCH "https://api.supabase.com/v1/projects/${projectRef}/config/auth" ` +
+    `-H "Authorization: Bearer ${token}" ` +
+    `-H "Content-Type: application/json" ` +
+    `-d '${payload}'`,
+    process.cwd()
+  );
+  if (!result.ok) return { ok: false, error: result.error };
+  try {
+    const data = JSON.parse(result.stdout);
+    const allowedIds = String(data.external_apple_client_id || '')
+      .split(',')
+      .map((s) => s.trim());
+    if (data.external_apple_enabled === true && allowedIds.includes(bundleId)) return { ok: true };
+    return { ok: false, error: data.message || JSON.stringify(data) };
+  } catch {
+    return { ok: false, error: 'Could not parse Management API response' };
+  }
+}
+
 /**
  * Configure auth settings via Supabase Management API:
  *  - Enable anonymous sign-in
@@ -386,12 +431,13 @@ async function createProjectAndGetKeys(projectName, dbPassword, region = 'sa-eas
 
 /**
  * Setup linked project: init, link, db push, anonymous sign-in, Google Sign-In,
- * functions deploy, secrets.
+ * Apple Sign-In, functions deploy, secrets.
  * Run AFTER generate.
  * @param {object} secrets - { rcWebhookKey, metaAccessToken, metaDatasetId, firebaseProjectId }
- * @param {object} google  - { webClientId, clientSecret } — optional, configures Google OAuth
+ * @param {object} google  - { webClientId, clientSecret } - optional, configures Google OAuth
+ * @param {object} apple   - { bundleId } - optional, enables native iOS Apple Sign-In
  */
-async function setupLinkedProject(projectDir, projectRef, dbPassword, secrets = {}, google = {}) {
+async function setupLinkedProject(projectDir, projectRef, dbPassword, secrets = {}, google = {}, apple = {}) {
   const steps = [];
 
   const init = await ensureSupabaseInit(projectDir);
@@ -413,6 +459,12 @@ async function setupLinkedProject(projectDir, projectRef, dbPassword, secrets =
     steps.push({ name: 'google sign-in', ok: googleResult.ok, detail: googleResult.error });
   }
 
+  // Enable native iOS Apple Sign-In if a bundle ID was provided (no secret needed).
+  if (apple.bundleId) {
+    const appleResult = await enableAppleSignIn(projectRef, apple.bundleId);
+    steps.push({ name: 'apple sign-in', ok: appleResult.ok, detail: appleResult.error });
+  }
+
   // Always deploy all edge functions (send-push-notification, revenuecat-webhook, etc.)
   const fnResult = await deployFunctions(projectDir);
   if (Array.isArray(fnResult)) {
@@ -473,6 +525,7 @@ module.exports = {
   setupLinkedProject,
   enableAnonymousSignIn,
   enableGoogleSignIn,
+  enableAppleSignIn,
   checkLoggedIn,
   getOrgsList,
   getProjectsByOrg,

package/lib/scaffold/backends/supabase/patch/lib/core/data/api/storage_api.dart

@@ -11,24 +11,18 @@ final storageApiProvider = Provider<StorageApi>(
   ),
 );
 
-class StorageApi {
-  StorageApi();
-
-  /// upload a file to firebase storage
-  /// and return a stream of the upload progress
+abstract class StorageApi {
+  /// upload a file to storage and return a stream of the upload progress
   Stream<UploadResult> uploadData(
     Uint8List data,
     String folder,
     String filename, {
     String? mimeType, // ex 'image/jpg'
     bool isPublic = true,
-  }) async* {
-    throw UnimplementedError();
-  }
+  });
 
-  Future<void> deleteFile(String? imagePath) {
-    throw UnimplementedError();
-  }
+  /// request to delete a file from path
+  Future<void> deleteFile(String? path);
 }
 
 class SupabaseStorageApi implements StorageApi {

package/lib/scaffold/backends/supabase/patch/lib/core/data/entities/user_entity.dart

@@ -29,7 +29,7 @@ class Credentials {
   final String id;
   // session access token — used internally for session tracking
   // Supabase manages token refresh automatically via SupabaseClient
-  final String token;
+  final String? token;
 
   Credentials({
     required this.id,
@@ -42,7 +42,7 @@ class Credentials {
     }
     return Credentials(
       id: json['id']! as String,
-      token: json['token'] as String? ?? '',
+      token: json['token'] as String?,
     );
   }
 }