vibehacker 4.1.0

package/src/supabase.js

@@ -0,0 +1,287 @@
+'use strict';
+
+// ── Supabase integration for Vibe Hacker ───────────────────────────────────────
+// Handles: user auth (signup/login), API key storage, usage tracking
+// Uses raw HTTP — no SDK dependency needed
+
+const axios = require('axios');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+// ── Config ──────────────────────────────────────────────────────────────────
+// Auto-fetched from the Vibe Hacker website, or set via env vars.
+// Public keys — safe to ship in the CLI.
+
+const WEBSITE_URL = 'https://vibsecurity.com';
+
+// Hardcoded Supabase config — these are PUBLIC keys, safe to ship.
+const SUPABASE_URL = process.env.VH_SUPABASE_URL || 'https://hyouvrekinaczqejszfd.supabase.co';
+const SUPABASE_ANON_KEY = process.env.VH_SUPABASE_ANON_KEY || 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Imh5b3V2cmVraW5hY3pxZWpzemZkIiwicm9sZSI6ImFub24iLCJpYXQiOjE3NzUyMjkxMzMsImV4cCI6MjA5MDgwNTEzM30.q5avvSV3OwnU3gWbF1gS7DnmewULizQmUk8LkONQqmc';
+
+// Local session storage
+const SESSION_FILE = path.join(os.homedir(), '.vibehacker', 'session.json');
+
+// ── Session persistence ─────────────────────────────────────────────────────
+
+function loadSession() {
+  try {
+    if (fs.existsSync(SESSION_FILE)) {
+      return JSON.parse(fs.readFileSync(SESSION_FILE, 'utf8'));
+    }
+  } catch (_) {}
+  return null;
+}
+
+function saveSession(session) {
+  try {
+    const dir = path.dirname(SESSION_FILE);
+    if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+    fs.writeFileSync(SESSION_FILE, JSON.stringify(session, null, 2));
+  } catch (_) {}
+}
+
+function clearSession() {
+  try { fs.unlinkSync(SESSION_FILE); } catch (_) {}
+}
+
+// ── Check if Supabase is configured ─────────────────────────────────────────
+
+function isConfigured() {
+  return !!(SUPABASE_URL && SUPABASE_ANON_KEY);
+}
+
+// ── Supabase Auth API ───────────────────────────────────────────────────────
+
+function headers(accessToken) {
+  const h = {
+    'Content-Type': 'application/json',
+    'apikey': SUPABASE_ANON_KEY,
+  };
+  if (accessToken) h['Authorization'] = `Bearer ${accessToken}`;
+  return h;
+}
+
+/**
+ * Sign up a new user
+ * @returns {{ user, session, error }}
+ */
+async function signUp(email, password) {
+  try {
+    const r = await axios.post(`${SUPABASE_URL}/auth/v1/signup`, {
+      email,
+      password,
+    }, { headers: headers(), timeout: 15000 });
+
+    const session = {
+      access_token: r.data.access_token,
+      refresh_token: r.data.refresh_token,
+      user: r.data.user,
+      expires_at: r.data.expires_at,
+    };
+    if (session.access_token) saveSession(session);
+    return { user: r.data.user, session, error: null };
+  } catch (err) {
+    const msg = err.response?.data?.msg || err.response?.data?.error_description || err.message;
+    return { user: null, session: null, error: msg };
+  }
+}
+
+/**
+ * Sign in existing user
+ * @returns {{ user, session, error }}
+ */
+async function signIn(email, password) {
+  try {
+    const r = await axios.post(`${SUPABASE_URL}/auth/v1/token?grant_type=password`, {
+      email,
+      password,
+    }, { headers: headers(), timeout: 15000 });
+
+    const session = {
+      access_token: r.data.access_token,
+      refresh_token: r.data.refresh_token,
+      user: r.data.user,
+      expires_at: Date.now() + (r.data.expires_in * 1000),
+    };
+    saveSession(session);
+    return { user: r.data.user, session, error: null };
+  } catch (err) {
+    const msg = err.response?.data?.msg || err.response?.data?.error_description || err.message;
+    return { user: null, session: null, error: msg };
+  }
+}
+
+/**
+ * Refresh the access token
+ */
+async function refreshSession() {
+  const session = loadSession();
+  if (!session || !session.refresh_token) return null;
+
+  try {
+    const r = await axios.post(`${SUPABASE_URL}/auth/v1/token?grant_type=refresh_token`, {
+      refresh_token: session.refresh_token,
+    }, { headers: headers(), timeout: 15000 });
+
+    const newSession = {
+      access_token: r.data.access_token,
+      refresh_token: r.data.refresh_token,
+      user: r.data.user,
+      expires_at: Date.now() + (r.data.expires_in * 1000),
+    };
+    saveSession(newSession);
+    return newSession;
+  } catch (_) {
+    clearSession();
+    return null;
+  }
+}
+
+/**
+ * Get current authenticated session (auto-refresh if expired)
+ */
+async function getSession() {
+  const session = loadSession();
+  if (!session) return null;
+
+  // If expired, try to refresh
+  if (session.expires_at && Date.now() > session.expires_at - 60000) {
+    return await refreshSession();
+  }
+  return session;
+}
+
+/**
+ * Logout — clear local session
+ */
+function logout() {
+  clearSession();
+}
+
+// ── API key management (via Supabase database) ─────────────────────────────
+
+/**
+ * Fetch user's stored API key from Supabase `api_keys` table
+ */
+async function getApiKey(session) {
+  if (!session || !session.access_token) return null;
+
+  try {
+    const r = await axios.get(
+      `${SUPABASE_URL}/rest/v1/api_keys?user_id=eq.${session.user.id}&select=provider_key,provider_type&limit=1`,
+      { headers: headers(session.access_token), timeout: 10000 }
+    );
+    if (r.data && r.data.length > 0) {
+      return r.data[0];
+    }
+  } catch (_) {}
+  return null;
+}
+
+/**
+ * Store user's API key in Supabase `api_keys` table
+ */
+async function saveApiKey(session, providerKey, providerType) {
+  if (!session || !session.access_token) return false;
+
+  try {
+    // Upsert — update if exists, insert if not
+    await axios.post(
+      `${SUPABASE_URL}/rest/v1/api_keys`,
+      {
+        user_id: session.user.id,
+        provider_key: providerKey,
+        provider_type: providerType || 'openrouter',
+      },
+      {
+        headers: {
+          ...headers(session.access_token),
+          'Prefer': 'resolution=merge-duplicates',
+        },
+        timeout: 10000,
+      }
+    );
+    return true;
+  } catch (_) {
+    return false;
+  }
+}
+
+/**
+ * Log usage (optional — for dashboard analytics)
+ */
+async function logUsage(session, { tokens, model, provider }) {
+  if (!session || !session.access_token) return;
+
+  try {
+    await axios.post(
+      `${SUPABASE_URL}/rest/v1/usage_logs`,
+      {
+        user_id: session.user.id,
+        tokens: tokens || 0,
+        model: model || '',
+        provider: provider || '',
+      },
+      { headers: headers(session.access_token), timeout: 5000 }
+    );
+  } catch (_) {
+    // Non-critical — don't error out
+  }
+}
+
+// ── Tier management (via Supabase RPC functions) ────────────────────────────
+
+/**
+ * Check API key tier and remaining requests.
+ * Calls the check_api_key Supabase function.
+ * @returns {{ valid, tier, daily_limit, requests_today, remaining, email } | null}
+ */
+async function checkApiKey(apiKey) {
+  if (!apiKey) return null;
+  try {
+    const r = await axios.post(
+      `${SUPABASE_URL}/rest/v1/rpc/check_api_key`,
+      { p_key: apiKey },
+      { headers: headers(), timeout: 5000 }
+    );
+    return r.data || null;
+  } catch (_) {
+    return null; // Network error — don't block the user
+  }
+}
+
+/**
+ * Use a request — increments counter, checks limit.
+ * Calls the use_request Supabase function.
+ * @returns {{ allowed, tier, remaining, error, upgrade_url } | null}
+ */
+async function useRequest(apiKey) {
+  if (!apiKey) return null;
+  try {
+    const r = await axios.post(
+      `${SUPABASE_URL}/rest/v1/rpc/use_request`,
+      { p_key: apiKey },
+      { headers: headers(), timeout: 5000 }
+    );
+    return r.data || null;
+  } catch (_) {
+    return null; // Network error — allow request to proceed
+  }
+}
+
+module.exports = {
+  isConfigured,
+  signUp,
+  signIn,
+  getSession,
+  refreshSession,
+  logout,
+  getApiKey,
+  saveApiKey,
+  logUsage,
+  loadSession,
+  checkApiKey,
+  useRequest,
+  WEBSITE_URL,
+};