plotlink-ows 0.1.13

package/app/node_modules/.prisma/local-client/wasm.js

@@ -0,0 +1,191 @@
+
+/* !!! This is code generated by Prisma. Do not edit directly. !!!
+/* eslint-disable */
+// biome-ignore-all lint: generated file
+
+Object.defineProperty(exports, "__esModule", { value: true });
+
+const {
+  PrismaClientKnownRequestError,
+  PrismaClientUnknownRequestError,
+  PrismaClientRustPanicError,
+  PrismaClientInitializationError,
+  PrismaClientValidationError,
+  getPrismaClient,
+  sqltag,
+  empty,
+  join,
+  raw,
+  skip,
+  Decimal,
+  Debug,
+  objectEnumValues,
+  makeStrictEnum,
+  Extensions,
+  warnOnce,
+  defineDmmfProperty,
+  Public,
+  getRuntime,
+  createParam,
+} = require('./runtime/wasm-engine-edge.js')
+
+
+const Prisma = {}
+
+exports.Prisma = Prisma
+exports.$Enums = {}
+
+/**
+ * Prisma Client JS version: 6.19.3
+ * Query Engine version: c2990dca591cba766e3b7ef5d9e8a84796e47ab7
+ */
+Prisma.prismaVersion = {
+  client: "6.19.3",
+  engine: "c2990dca591cba766e3b7ef5d9e8a84796e47ab7"
+}
+
+Prisma.PrismaClientKnownRequestError = PrismaClientKnownRequestError;
+Prisma.PrismaClientUnknownRequestError = PrismaClientUnknownRequestError
+Prisma.PrismaClientRustPanicError = PrismaClientRustPanicError
+Prisma.PrismaClientInitializationError = PrismaClientInitializationError
+Prisma.PrismaClientValidationError = PrismaClientValidationError
+Prisma.Decimal = Decimal
+
+/**
+ * Re-export of sql-template-tag
+ */
+Prisma.sql = sqltag
+Prisma.empty = empty
+Prisma.join = join
+Prisma.raw = raw
+Prisma.validator = Public.validator
+
+/**
+* Extensions
+*/
+Prisma.getExtensionContext = Extensions.getExtensionContext
+Prisma.defineExtension = Extensions.defineExtension
+
+/**
+ * Shorthand utilities for JSON filtering
+ */
+Prisma.DbNull = objectEnumValues.instances.DbNull
+Prisma.JsonNull = objectEnumValues.instances.JsonNull
+Prisma.AnyNull = objectEnumValues.instances.AnyNull
+
+Prisma.NullTypes = {
+  DbNull: objectEnumValues.classes.DbNull,
+  JsonNull: objectEnumValues.classes.JsonNull,
+  AnyNull: objectEnumValues.classes.AnyNull
+}
+
+
+
+
+
+/**
+ * Enums
+ */
+exports.Prisma.TransactionIsolationLevel = makeStrictEnum({
+  Serializable: 'Serializable'
+});
+
+exports.Prisma.SessionScalarFieldEnum = {
+  id: 'id',
+  token: 'token',
+  createdAt: 'createdAt',
+  expiresAt: 'expiresAt'
+};
+
+exports.Prisma.SettingScalarFieldEnum = {
+  key: 'key',
+  value: 'value'
+};
+
+exports.Prisma.SortOrder = {
+  asc: 'asc',
+  desc: 'desc'
+};
+
+
+exports.Prisma.ModelName = {
+  Session: 'Session',
+  Setting: 'Setting'
+};
+/**
+ * Create the Client
+ */
+const config = {
+  "generator": {
+    "name": "client",
+    "provider": {
+      "fromEnvVar": null,
+      "value": "prisma-client-js"
+    },
+    "output": {
+      "value": "/Users/cho/Projects/plotlink-ows/app/node_modules/.prisma/local-client",
+      "fromEnvVar": null
+    },
+    "config": {
+      "engineType": "library"
+    },
+    "binaryTargets": [
+      {
+        "fromEnvVar": null,
+        "value": "darwin-arm64",
+        "native": true
+      }
+    ],
+    "previewFeatures": [],
+    "sourceFilePath": "/Users/cho/Projects/plotlink-ows/app/prisma/schema.prisma",
+    "isCustomOutput": true
+  },
+  "relativeEnvPaths": {
+    "rootEnvPath": null
+  },
+  "relativePath": "../../../prisma",
+  "clientVersion": "6.19.3",
+  "engineVersion": "c2990dca591cba766e3b7ef5d9e8a84796e47ab7",
+  "datasourceNames": [
+    "db"
+  ],
+  "activeProvider": "sqlite",
+  "postinstall": false,
+  "inlineDatasources": {
+    "db": {
+      "url": {
+        "fromEnvVar": null,
+        "value": "file:../../data/local.db"
+      }
+    }
+  },
+  "inlineSchema": "generator client {\n  provider = \"prisma-client-js\"\n  output   = \"../node_modules/.prisma/local-client\"\n}\n\ndatasource db {\n  provider = \"sqlite\"\n  url      = \"file:../../data/local.db\"\n}\n\nmodel Session {\n  id        String   @id @default(cuid())\n  token     String   @unique\n  createdAt DateTime @default(now())\n  expiresAt DateTime\n}\n\nmodel Setting {\n  key   String @id\n  value String\n}\n",
+  "inlineSchemaHash": "e31b194b10534203be1d4e09555579ffc3126c3700c5558a06db395e2bdfcdd9",
+  "copyEngine": true
+}
+config.dirname = '/'
+
+config.runtimeDataModel = JSON.parse("{\"models\":{\"Session\":{\"fields\":[{\"name\":\"id\",\"kind\":\"scalar\",\"type\":\"String\"},{\"name\":\"token\",\"kind\":\"scalar\",\"type\":\"String\"},{\"name\":\"createdAt\",\"kind\":\"scalar\",\"type\":\"DateTime\"},{\"name\":\"expiresAt\",\"kind\":\"scalar\",\"type\":\"DateTime\"}],\"dbName\":null},\"Setting\":{\"fields\":[{\"name\":\"key\",\"kind\":\"scalar\",\"type\":\"String\"},{\"name\":\"value\",\"kind\":\"scalar\",\"type\":\"String\"}],\"dbName\":null}},\"enums\":{},\"types\":{}}")
+defineDmmfProperty(exports.Prisma, config.runtimeDataModel)
+config.engineWasm = {
+  getRuntime: async () => require('./query_engine_bg.js'),
+  getQueryEngineWasmModule: async () => {
+    const loader = (await import('#wasm-engine-loader')).default
+    const engine = (await loader).default
+    return engine
+  }
+}
+config.compilerWasm = undefined
+
+config.injectableEdgeEnv = () => ({
+  parsed: {}
+})
+
+if (typeof globalThis !== 'undefined' && globalThis['DEBUG'] || typeof process !== 'undefined' && process.env && process.env.DEBUG || undefined) {
+  Debug.enable(typeof globalThis !== 'undefined' && globalThis['DEBUG'] || typeof process !== 'undefined' && process.env && process.env.DEBUG || undefined)
+}
+
+const PrismaClient = getPrismaClient(config)
+exports.PrismaClient = PrismaClient
+Object.assign(exports, Prisma)
+

package/app/prisma/schema.prisma

@@ -0,0 +1,57 @@
+generator client {
+  provider = "prisma-client-js"
+  output   = "../../node_modules/.prisma/local-client"
+}
+
+datasource db {
+  provider = "sqlite"
+  url      = "file:../../data/local.db"
+}
+
+model Session {
+  id        String   @id @default(cuid())
+  token     String   @unique
+  createdAt DateTime @default(now())
+  expiresAt DateTime
+}
+
+model Setting {
+  key   String @id
+  value String
+}
+
+model StorySession {
+  id        String    @id @default(cuid())
+  title     String    @default("Untitled Story")
+  genre     String?
+  status    String    @default("active") // active, finalized, archived
+  createdAt DateTime  @default(now())
+  updatedAt DateTime  @updatedAt
+  messages  Message[]
+  drafts    Draft[]
+}
+
+model Message {
+  id        String       @id @default(cuid())
+  sessionId String
+  session   StorySession @relation(fields: [sessionId], references: [id], onDelete: Cascade)
+  role      String       // user, assistant, system
+  content   String
+  createdAt DateTime     @default(now())
+}
+
+model Draft {
+  id          String       @id @default(cuid())
+  sessionId   String
+  session     StorySession @relation(fields: [sessionId], references: [id], onDelete: Cascade)
+  title       String
+  content     String
+  genre       String?
+  status      String       @default("draft") // draft, ready, published
+  txHash      String?
+  storylineId Int?
+  contentCid  String?
+  gasCost     String?      // ETH cost in wei
+  createdAt   DateTime     @default(now())
+  updatedAt   DateTime     @updatedAt
+}

package/app/routes/auth.ts

@@ -0,0 +1,173 @@
+import { Hono } from "hono";
+import { createHmac, randomBytes } from "crypto";
+import { db } from "../db";
+import fs from "fs";
+import { ENV_FILE } from "../lib/paths";
+
+const envPath = ENV_FILE;
+
+const auth = new Hono();
+
+const SESSION_TTL_MS = 24 * 60 * 60 * 1000; // 24 hours
+
+function hashPassphrase(passphrase: string): string {
+  return createHmac("sha256", "plotlink-ows").update(passphrase).digest("hex");
+}
+
+function readEnvPassphrase(): string | null {
+  // Check process.env first
+  if (process.env.OWS_PASSPHRASE) return process.env.OWS_PASSPHRASE;
+  // Then read from .env file directly
+  try {
+    if (fs.existsSync(envPath)) {
+      const content = fs.readFileSync(envPath, "utf-8");
+      const match = content.match(/^OWS_PASSPHRASE=(.+)$/m);
+      if (match) return match[1].trim();
+    }
+  } catch { /* ignore */ }
+  return null;
+}
+
+async function getStoredHash(): Promise<string | null> {
+  const passphrase = readEnvPassphrase();
+  if (passphrase) return hashPassphrase(passphrase);
+  // Fallback to DB setting
+  const setting = await db.setting.findUnique({ where: { key: "passphrase_hash" } });
+  return setting?.value ?? null;
+}
+
+/** GET /api/auth/status — check if passphrase is configured (first-run detection) */
+auth.get("/status", async (c) => {
+  const hash = await getStoredHash();
+  return c.json({ configured: !!hash });
+});
+
+/** POST /api/auth/setup — first-run passphrase setup */
+auth.post("/setup", async (c) => {
+  const existing = await getStoredHash();
+  if (existing) {
+    return c.json({ error: "Passphrase already configured" }, 409);
+  }
+
+  const body = await c.req.json<{ passphrase: string }>();
+  if (!body.passphrase || body.passphrase.length < 4) {
+    return c.json({ error: "Passphrase must be at least 4 characters" }, 400);
+  }
+
+  // Persist passphrase to .env file
+  const envLine = `OWS_PASSPHRASE=${body.passphrase}`;
+  if (fs.existsSync(envPath)) {
+    const content = fs.readFileSync(envPath, "utf-8");
+    if (content.includes("OWS_PASSPHRASE=")) {
+      fs.writeFileSync(envPath, content.replace(/^OWS_PASSPHRASE=.*$/m, envLine));
+    } else {
+      fs.appendFileSync(envPath, `\n${envLine}\n`);
+    }
+  } else {
+    fs.writeFileSync(envPath, `${envLine}\n`);
+  }
+  // Also set in process.env for immediate use
+  process.env.OWS_PASSPHRASE = body.passphrase;
+
+  // Auto-login after setup
+  const token = randomBytes(32).toString("hex");
+  await db.session.create({
+    data: {
+      token,
+      expiresAt: new Date(Date.now() + SESSION_TTL_MS),
+    },
+  });
+
+  return c.json({ token });
+});
+
+/** POST /api/auth/login — validate passphrase, return session token */
+auth.post("/login", async (c) => {
+  const body = await c.req.json<{ passphrase: string }>();
+  if (!body.passphrase) {
+    return c.json({ error: "Passphrase required" }, 400);
+  }
+
+  const storedHash = await getStoredHash();
+  if (!storedHash) {
+    return c.json({ error: "Passphrase not configured. Complete first-run setup." }, 500);
+  }
+
+  const inputHash = hashPassphrase(body.passphrase);
+  if (inputHash !== storedHash) {
+    return c.json({ error: "Invalid passphrase" }, 401);
+  }
+
+  const token = randomBytes(32).toString("hex");
+  await db.session.create({
+    data: {
+      token,
+      expiresAt: new Date(Date.now() + SESSION_TTL_MS),
+    },
+  });
+
+  return c.json({ token });
+});
+
+/** GET /api/auth/verify — check token validity */
+auth.get("/verify", async (c) => {
+  const token = c.req.header("Authorization")?.replace("Bearer ", "");
+  if (!token) return c.json({ valid: false }, 401);
+
+  const session = await db.session.findUnique({ where: { token } });
+  if (!session || session.expiresAt < new Date()) {
+    if (session) await db.session.delete({ where: { token } });
+    return c.json({ valid: false }, 401);
+  }
+
+  return c.json({ valid: true });
+});
+
+/** POST /api/auth/reset-passphrase — update passphrase (requires auth) */
+auth.post("/reset-passphrase", async (c) => {
+  // Verify session first
+  const token = c.req.header("Authorization")?.replace("Bearer ", "");
+  if (!token) return c.json({ error: "Unauthorized" }, 401);
+  const session = await db.session.findUnique({ where: { token } });
+  if (!session || session.expiresAt < new Date()) {
+    return c.json({ error: "Unauthorized" }, 401);
+  }
+
+  const body = await c.req.json<{ passphrase: string }>();
+  if (!body.passphrase || body.passphrase.length < 4) {
+    return c.json({ error: "Passphrase must be at least 4 characters" }, 400);
+  }
+
+  // Update .env file
+  const envLine = `OWS_PASSPHRASE=${body.passphrase}`;
+  if (fs.existsSync(envPath)) {
+    const content = fs.readFileSync(envPath, "utf-8");
+    if (content.includes("OWS_PASSPHRASE=")) {
+      fs.writeFileSync(envPath, content.replace(/^OWS_PASSPHRASE=.*$/m, envLine));
+    } else {
+      fs.appendFileSync(envPath, `\n${envLine}\n`);
+    }
+  } else {
+    fs.writeFileSync(envPath, `${envLine}\n`);
+  }
+  process.env.OWS_PASSPHRASE = body.passphrase;
+
+  return c.json({ success: true });
+});
+
+/** Auth middleware for protected routes */
+// eslint-disable-next-line @typescript-eslint/no-explicit-any -- Hono middleware signature
+export async function requireAuth(c: any, next: () => Promise<void>) {
+  const token = c.req.header("Authorization")?.replace("Bearer ", "");
+  if (!token) return c.json({ error: "Unauthorized" }, 401);
+
+  const session = await db.session.findUnique({ where: { token } });
+  if (!session || session.expiresAt < new Date()) {
+    if (session) await db.session.delete({ where: { token } });
+    return c.json({ error: "Session expired" }, 401);
+  }
+
+  return next();
+}
+
+export { auth as authRoutes };

package/app/routes/chat.ts

@@ -0,0 +1,135 @@
+import { Hono } from "hono";
+import { streamSSE } from "hono/streaming";
+import { db } from "../db";
+import { streamChat, type ChatMessage } from "../lib/llm-client";
+import { WRITER_SYSTEM_PROMPT } from "../lib/writer-prompt";
+
+const chat = new Hono();
+
+/** POST /api/chat/sessions — create a new story session */
+chat.post("/sessions", async (c) => {
+  const body = await c.req.json<{ title?: string; genre?: string }>();
+  const session = await db.storySession.create({
+    data: { title: body.title || "Untitled Story", genre: body.genre || null },
+  });
+  return c.json(session);
+});
+
+/** GET /api/chat/sessions — list all sessions */
+chat.get("/sessions", async (c) => {
+  const sessions = await db.storySession.findMany({
+    orderBy: { updatedAt: "desc" },
+    include: { _count: { select: { messages: true, drafts: true } } },
+  });
+  return c.json(sessions);
+});
+
+/** GET /api/chat/sessions/:id — get session with messages */
+chat.get("/sessions/:id", async (c) => {
+  const id = c.req.param("id");
+  const session = await db.storySession.findUnique({
+    where: { id },
+    include: { messages: { orderBy: { createdAt: "asc" } }, drafts: { orderBy: { createdAt: "desc" } } },
+  });
+  if (!session) return c.json({ error: "Session not found" }, 404);
+  return c.json(session);
+});
+
+/** DELETE /api/chat/sessions/:id — delete a session */
+chat.delete("/sessions/:id", async (c) => {
+  const id = c.req.param("id");
+  await db.storySession.delete({ where: { id } });
+  return c.json({ success: true });
+});
+
+/** POST /api/chat/sessions/:id/send — send a message and stream AI response */
+chat.post("/sessions/:id/send", async (c) => {
+  const id = c.req.param("id");
+  const body = await c.req.json<{ content: string }>();
+
+  if (!body.content?.trim()) {
+    return c.json({ error: "Message content required" }, 400);
+  }
+
+  // Save user message
+  await db.message.create({
+    data: { sessionId: id, role: "user", content: body.content },
+  });
+
+  // Build context from conversation history
+  const messages = await db.message.findMany({
+    where: { sessionId: id },
+    orderBy: { createdAt: "asc" },
+  });
+
+  const chatMessages: ChatMessage[] = [
+    { role: "system", content: WRITER_SYSTEM_PROMPT },
+    ...messages.map((m) => ({ role: m.role as ChatMessage["role"], content: m.content })),
+  ];
+
+  // Stream response via SSE
+  return streamSSE(c, async (stream) => {
+    let fullResponse = "";
+
+    try {
+      for await (const chunk of streamChat(chatMessages)) {
+        fullResponse += chunk;
+        await stream.writeSSE({ data: JSON.stringify({ type: "chunk", content: chunk }) });
+      }
+
+      // Save assistant message
+      await db.message.create({
+        data: { sessionId: id, role: "assistant", content: fullResponse },
+      });
+
+      // Update session title from first exchange if still "Untitled Story"
+      const session = await db.storySession.findUnique({ where: { id } });
+      if (session?.title === "Untitled Story" && messages.length <= 2) {
+        const title = body.content.slice(0, 60) + (body.content.length > 60 ? "..." : "");
+        await db.storySession.update({ where: { id }, data: { title } });
+      }
+
+      await stream.writeSSE({ data: JSON.stringify({ type: "done", messageId: fullResponse.slice(0, 20) }) });
+    } catch (err: unknown) {
+      const message = err instanceof Error ? err.message : "Stream error";
+      await stream.writeSSE({ data: JSON.stringify({ type: "error", message }) });
+    }
+  });
+});
+
+/** POST /api/chat/sessions/:id/finalize — create a draft from conversation */
+chat.post("/sessions/:id/finalize", async (c) => {
+  const id = c.req.param("id");
+  const body = await c.req.json<{ title: string; content: string; genre?: string }>();
+
+  if (!body.title || !body.content) {
+    return c.json({ error: "Title and content required" }, 400);
+  }
+
+  const draft = await db.draft.create({
+    data: {
+      sessionId: id,
+      title: body.title,
+      content: body.content,
+      genre: body.genre || null,
+      status: "ready",
+    },
+  });
+
+  await db.storySession.update({
+    where: { id },
+    data: { status: "finalized" },
+  });
+
+  return c.json(draft);
+});
+
+/** GET /api/chat/drafts — list all drafts */
+chat.get("/drafts", async (c) => {
+  const drafts = await db.draft.findMany({
+    orderBy: { createdAt: "desc" },
+  });
+  return c.json(drafts);
+});
+
+export { chat as chatRoutes };