gitcast 1.0.0__py3-none-any.whl

api/server.py

@@ -0,0 +1,162 @@
+import uvicorn
+from fastapi import FastAPI, Request, HTTPException
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.staticfiles import StaticFiles
+from fastapi.responses import FileResponse, Response
+from fastapi.responses import JSONResponse
+from slowapi.errors import RateLimitExceeded
+from slowapi.middleware import SlowAPIMiddleware
+from api.routes import router
+from api.auth_routes import router as auth_router
+from config.settings import missing_api_keys, BASE_DIR, STORAGE_DIR, CONFIG_DIR
+from api.monitoring import init_sentry
+from api.ratelimit import limiter
+from api.auth import get_token
+
+# ── App setup ─────────────────────────────────────────────────────────────────
+
+init_sentry()
+
+app = FastAPI(
+    title="Gitcast",
+    description="Local AI server for build-in-public post generation",
+    version="0.1.0",
+    docs_url="/docs",
+    redoc_url=None,
+)
+app.state.limiter = limiter
+
+
+@app.exception_handler(RateLimitExceeded)
+async def rate_limit_handler(request: Request, exc: RateLimitExceeded):
+    retry_after = 60
+    headers = getattr(exc, "headers", None) or {}
+    try:
+        retry_after = int(headers.get("Retry-After", retry_after))
+    except (TypeError, ValueError):
+        retry_after = 60
+    headers["Retry-After"] = str(retry_after)
+    return JSONResponse(
+        status_code=429,
+        content={
+            "success": False,
+            "error": "rate limit exceeded",
+            "retry_after": retry_after,
+            "message": f"[!!] slow down. retry in {retry_after}s.",
+        },
+        headers=headers,
+    )
+
+# allow the UI layer to call the API from localhost
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"], # Relax for local dev
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+app.add_middleware(SlowAPIMiddleware)
+
+try:
+    from sentry_sdk.integrations.asgi import SentryAsgiMiddleware
+
+    app.add_middleware(SentryAsgiMiddleware)
+except Exception:
+    pass
+
+# Serve captured images without exposing local data files or Python modules.
+app.mount(
+    "/storage/data/screenshots",
+    StaticFiles(directory=str(STORAGE_DIR / "screenshots")),
+    name="screenshots",
+)
+
+app.mount(
+    "/assets",
+    StaticFiles(directory=str(BASE_DIR / "assets")),
+    name="assets",
+)
+
+
+# register routes
+app.include_router(router, prefix="/api")
+app.include_router(auth_router, prefix="/auth")
+
+
+# ── Startup Event ─────────────────────────────────────────────────────────────
+
+@app.on_event("startup")
+def startup_event():
+    print(f"\n[Auth] Session Token: {get_token()}")
+    print("[Server] Starting Gitcast API on http://127.0.0.1:8000")
+
+
+# ── Serve Frontend ────────────────────────────────────────────────────────────
+
+@app.get("/")
+async def read_landing():
+    return FileResponse(BASE_DIR / "web" / "landing.html")
+
+
+@app.get("/landing")
+async def read_landing_alias():
+    return FileResponse(BASE_DIR / "web" / "landing.html")
+
+
+@app.get("/app")
+async def read_app():
+    return FileResponse(BASE_DIR / "web" / "index.html")
+
+
+@app.get("/favicon.ico")
+async def favicon():
+    return FileResponse(BASE_DIR / "assets" / "favicon.ico")
+
+
+# ── Health check ──────────────────────────────────────────────────────────────
+
+@app.get("/health")
+def health_check():
+    missing = missing_api_keys()
+    return {
+        "status": "ok",
+        "missing_api_keys": missing,
+        "ready": len(missing) == 0,
+    }
+
+
+# ── Auth token retrieval (Localhost only) ───────────────────────────────────────
+
+@app.get("/api/token")
+def get_session_token(request: Request):
+    client_host = request.client.host if request.client else None
+    if client_host not in ["127.0.0.1", "localhost", "::1"]:
+        raise HTTPException(status_code=403, detail="Forbidden: Access allowed only from localhost")
+    return {"token": get_token()}
+
+
+# ── Entry point ───────────────────────────────────────────────────────────────
+
+def start_server():
+    """Starts the FastAPI server. Called from main.py in a background thread."""
+    # Write session token to config/session_token.txt
+    try:
+        token_file = CONFIG_DIR / "session_token.txt"
+        token_file.write_text(get_token(), encoding="utf-8")
+    except Exception as e:
+        print(f"[Server] Failed to write session token to file: {e}")
+
+    print(f"\n[Auth] Session Token: {get_token()}")
+    print("[Server] Starting Gitcast API on http://127.0.0.1:8000")
+    uvicorn.run(
+        "api.server:app",
+        host="127.0.0.1",
+        port=8000,
+        log_level="warning",  # keep console clean — only show warnings and errors
+        reload=False,
+    )
+
+
+if __name__ == "__main__":
+    print("[Server] Starting Gitcast API on http://127.0.0.1:8000")
+    print("[Server] Docs available at http://127.0.0.1:8000/docs")
+    start_server()

api/validators.py

@@ -0,0 +1,101 @@
+import logging
+import re
+from pathlib import Path
+
+from fastapi import HTTPException
+
+from config.settings import BASE_DIR, STORAGE_DIR
+
+
+CONTROL_CHARS = re.compile(r"[\x00-\x08\x0b\x0c\x0e-\x1f\x7f]")
+HTML_TAGS = re.compile(r"<[^>]*>")
+EMAIL_REGEX = re.compile(r"^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}$", re.IGNORECASE)
+INJECTION_PATTERNS = [
+    "ignore previous instructions",
+    "ignore all instructions",
+    "system prompt",
+    "you are now",
+    "disregard",
+    "forget everything",
+    "new instructions",
+]
+
+
+def sanitize_text(text: str) -> str:
+    if text is None:
+        return ""
+    clean = str(text).strip()
+    clean = CONTROL_CHARS.sub("", clean)
+    clean = HTML_TAGS.sub("", clean)
+    return clean[:2000]
+
+
+def sanitize_path(path: str) -> str:
+    if not path:
+        return ""
+
+    raw = str(path).strip()
+    if re.search(r"(^|[\\/])\.\.([\\/]|$)", raw) or raw in {".", ".."}:
+        raise HTTPException(status_code=400, detail="Invalid path traversal attempt")
+
+    storage_root = STORAGE_DIR.resolve()
+    candidate = Path(raw)
+    if not candidate.is_absolute():
+        if raw.replace("\\", "/").startswith("storage/"):
+            candidate = (BASE_DIR / raw).resolve()
+        else:
+            candidate = (storage_root / raw).resolve()
+    else:
+        candidate = candidate.resolve()
+
+    try:
+        candidate.relative_to(storage_root)
+    except ValueError:
+        raise HTTPException(status_code=400, detail="Path must stay within storage directory")
+
+    return str(candidate)
+
+
+def validate_email(email: str) -> bool:
+    if not email or len(email) > 254:
+        return False
+    return bool(EMAIL_REGEX.match(email.strip()))
+
+
+def validate_api_key(key: str, provider: str) -> bool:
+    value = (key or "").strip()
+    name = (provider or "").strip().lower()
+    if not value:
+        return False
+
+    if name == "groq":
+        return value.startswith("gsk_") and len(value) >= 40
+    if name == "gemini":
+        return len(value) >= 30
+    if name == "openai":
+        return value.startswith("sk-") and len(value) >= 40
+    return len(value) >= 20
+
+
+def check_prompt_injection(text: str) -> dict:
+    raw = text or ""
+    lowered = raw.lower()
+    flagged = [phrase for phrase in INJECTION_PATTERNS if phrase in lowered]
+    if not flagged:
+        return {"safe": True, "reason": ""}
+
+    logging.warning("[Validators] prompt injection phrase(s) removed: %s", ", ".join(flagged))
+    sanitized = raw
+    for phrase in flagged:
+        sanitized = re.sub(re.escape(phrase), "", sanitized, flags=re.IGNORECASE)
+
+    return {
+        "safe": False,
+        "reason": f"Removed prompt injection phrase(s): {', '.join(flagged)}",
+        "sanitized": sanitize_text(sanitized),
+    }
+
+
+if __name__ == "__main__":
+    print("[Validators] email valid:", validate_email("founder@example.com"))
+    print("[Validators] clean:", sanitize_text(" <b>hello</b>\x00 "))

assets/__init__.py

@@ -0,0 +1 @@
+# Make assets directory a Python package so it gets packaged and installed to site-packages.

cli/.env.example

@@ -0,0 +1,26 @@
+# Groq — primary AI inference
+GROQ_API_KEY=your_groq_api_key_here
+
+# DeepSeek & Moonshot — specialized/free-tier fallbacks
+DEEPSEEK_API_KEY=your_deepseek_api_key_here
+MOONSHOT_API_KEY=your_moonshot_api_key_here
+CEREBRAS_API_KEY=your_cerebras_api_key_here
+OPENROUTER_API_KEY=your_openrouter_api_key_here
+
+# Gemini — vision fallback (when OCR confidence is too low)
+GEMINI_API_KEY=your_gemini_api_key_here
+
+# Optional model overrides
+GROQ_MODEL=llama-3.3-70b-versatile
+DEEPSEEK_MODEL=deepseek-chat
+MOONSHOT_MODEL=moonshot-v1-8k
+GEMINI_MODEL=gemini-2.0-flash
+CEREBRAS_MODEL=llama-3.3-70b
+OPENROUTER_MODEL=meta-llama/llama-3.3-70b-instruct:free
+
+# X (Twitter) API v2 — all five are required for posting
+TWITTER_API_KEY=your_twitter_api_key_here
+TWITTER_API_SECRET=your_twitter_api_secret_here
+TWITTER_ACCESS_TOKEN=your_twitter_access_token_here
+TWITTER_ACCESS_SECRET=your_twitter_access_secret_here
+TWITTER_BEARER_TOKEN=your_twitter_bearer_token_here

cli/__init__.py

@@ -0,0 +1 @@
+# cli package

cli/gitcast.py

@@ -0,0 +1,79 @@
+import sys
+import os
+import shutil
+import subprocess
+import httpx
+import webbrowser
+
+def main():
+    if "--setup" in sys.argv:
+        env_path = os.path.join(
+            os.path.dirname(__file__), '..', '.env')
+        example_path = os.path.join(
+            os.path.dirname(__file__), '..', '.env.example')
+        if not os.path.exists(example_path):
+            example_path = os.path.join(
+                os.path.dirname(__file__), '.env.example')
+        
+        if not os.path.exists(env_path):
+            if os.path.exists(example_path):
+                shutil.copy(example_path, env_path)
+            else:
+                # If neither is found, create an empty or minimal env file
+                with open(env_path, 'w') as f:
+                    f.write("# Gitcast Environment Variables\nGROQ_API_KEY=\nGEMINI_API_KEY=\n")
+        
+        try:
+            if sys.platform == "win32":
+                subprocess.run(["notepad", env_path])
+            elif sys.platform == "darwin":
+                subprocess.run(["open", "-t", env_path])
+            else:
+                try:
+                    subprocess.run(["xdg-open", env_path])
+                except Exception:
+                    print(f"[Gitcast] Created/configured .env at: {env_path}")
+                    print("Please open it in an editor to add your API keys.")
+        except Exception as e:
+            print(f"[Gitcast] Created/configured .env at: {env_path}")
+            print(f"Could not automatically open editor: {e}")
+        sys.exit(0)
+
+    if len(sys.argv) < 2:
+        print("Usage:")
+        print("  gitcast \"your thought here\"  -> Quick single capture")
+        print("  gitcast capture            -> Start interactive multi-shot session")
+        print("  gitcast --setup            -> Setup environment variables")
+        sys.exit(1)
+
+    command = sys.argv[1]
+
+    if command == "capture":
+        from core.screenshot_session import ScreenshotSession
+        session = ScreenshotSession()
+        session.run()
+        return
+
+    thought = " ".join(sys.argv[1:])
+    print(f"[Gitcast] Initializing capture with thought: '{thought}'")
+
+    try:
+        # Call the internal trigger endpoint
+        response = httpx.post(
+            "http://127.0.0.1:8000/api/cli/trigger",
+            json={"thought": thought},
+            timeout=30
+        )
+        
+        if response.status_code == 200:
+            print("[Gitcast] Context captured. Opening Draft Room...")
+            webbrowser.open("http://127.0.0.1:8000")
+        else:
+            print(f"[Gitcast Error] Failed to trigger: {response.text}")
+            
+    except Exception as e:
+        print(f"[Gitcast Error] Connection failed: {e}")
+        print("Is Gitcast running? (python -m gitcast or python main.py)")
+
+if __name__ == "__main__":
+    main()

config/settings.py

@@ -0,0 +1,213 @@
+import json
+import os
+from pathlib import Path
+
+from dotenv import load_dotenv
+
+
+BASE_DIR = Path(__file__).resolve().parent.parent
+CONFIG_DIR = BASE_DIR / "config"
+load_dotenv(BASE_DIR / ".env")
+STORAGE_DIR = BASE_DIR / "storage" / "data"
+POSTHOG_API_KEY = os.getenv("POSTHOG_API_KEY", "")
+SENTRY_DSN = os.getenv("SENTRY_DSN", "")
+SUPABASE_URL = os.getenv("SUPABASE_URL", "")
+SUPABASE_SERVICE_KEY = os.getenv("SUPABASE_SERVICE_KEY", "")
+SUPABASE_ANON_KEY = os.getenv("SUPABASE_ANON_KEY", "")
+SUPABASE_JWT_SECRET = os.getenv("SUPABASE_JWT_SECRET", "")
+SUPABASE_JWT_AUDIENCE = os.getenv("SUPABASE_JWT_AUDIENCE", "authenticated")
+APP_BASE_URL = os.getenv("APP_BASE_URL", "http://127.0.0.1:8000")
+WAITLIST_FILE = STORAGE_DIR / "waitlist.txt"
+METRICS_LOG = STORAGE_DIR / "metrics_log.json"
+PROMPTS_FILE = STORAGE_DIR / "prompts.json"
+CURRENT_DRAFT = STORAGE_DIR / "current_draft.json"
+SPRINT_LOG = STORAGE_DIR / "sprint_log.txt"
+POST_LOG = STORAGE_DIR / "post_log.json"
+TONE_LOG = STORAGE_DIR / "tone_log.json"
+ENGAGEMENT_LOG = STORAGE_DIR / "engagement_log.json"
+ENCRYPTION_KEY_PATH = CONFIG_DIR / ".secret_key"
+SETTINGS_FILE = CONFIG_DIR / "user_settings.json"
+screenshot_retention_hours = 24
+
+STORAGE_DIR.mkdir(parents=True, exist_ok=True)
+
+
+API_KEY_ENV_MAP = {
+    "groq": "GROQ_API_KEY",
+    "gemini": "GEMINI_API_KEY",
+    "kimi": "MOONSHOT_API_KEY",
+    "cerebras": "CEREBRAS_API_KEY",
+    "openrouter": "OPENROUTER_API_KEY",
+}
+
+GROQ_API_KEY = ""
+MOONSHOT_API_KEY = ""
+GEMINI_API_KEY = ""
+CEREBRAS_API_KEY = ""
+OPENROUTER_API_KEY = ""
+GROQ_MODEL = ""
+MOONSHOT_MODEL = ""
+GEMINI_MODEL = ""
+CEREBRAS_MODEL = ""
+OPENROUTER_MODEL = ""
+
+
+def reload_api_keys() -> None:
+    global GROQ_API_KEY
+    global MOONSHOT_API_KEY
+    global GEMINI_API_KEY
+    global CEREBRAS_API_KEY
+    global OPENROUTER_API_KEY
+    global GROQ_MODEL
+    global MOONSHOT_MODEL
+    global GEMINI_MODEL
+    global CEREBRAS_MODEL
+    global OPENROUTER_MODEL
+
+    load_dotenv(BASE_DIR / ".env", override=True)
+    GROQ_API_KEY = os.getenv("GROQ_API_KEY", "")
+    MOONSHOT_API_KEY = os.getenv("MOONSHOT_API_KEY", "")
+    GEMINI_API_KEY = os.getenv("GEMINI_API_KEY", "")
+    CEREBRAS_API_KEY = os.getenv("CEREBRAS_API_KEY", "")
+    OPENROUTER_API_KEY = os.getenv("OPENROUTER_API_KEY", "")
+    GROQ_MODEL = os.getenv("GROQ_MODEL", "llama-3.3-70b-versatile")
+    MOONSHOT_MODEL = os.getenv("MOONSHOT_MODEL", "moonshot-v1-8k")
+    GEMINI_MODEL = os.getenv("GEMINI_MODEL", "gemini-2.0-flash")
+    CEREBRAS_MODEL = os.getenv("CEREBRAS_MODEL", "gpt-oss-120b")
+    OPENROUTER_MODEL = os.getenv("OPENROUTER_MODEL", "qwen/qwen3-coder:free")
+
+
+reload_api_keys()
+
+# ── AI Provider Routing ───────────────────────────────────────────────────────
+
+# Maps format_key -> preferred provider alias
+# Providers: 'groq', 'kimi', 'gemini', 'cerebras', 'openrouter'
+AI_ROUTING_MAP = {
+    "article": "kimi",        # Better for long context
+    "linkedin": "groq",       # Fast
+    "deep_tech": "groq",      # Fast
+    "shitpost": "groq",       # Fast
+    "sprint_summary": "kimi",
+    "default": "groq"
+}
+TWITTER_API_KEY = os.getenv("TWITTER_API_KEY", "")
+TWITTER_API_SECRET = os.getenv("TWITTER_API_SECRET", "")
+TWITTER_ACCESS_TOKEN = os.getenv("TWITTER_ACCESS_TOKEN", "")
+TWITTER_ACCESS_SECRET = os.getenv("TWITTER_ACCESS_SECRET", "")
+TWITTER_BEARER_TOKEN = os.getenv("TWITTER_BEARER_TOKEN", "")
+
+
+DEFAULTS = {
+    "project_narrative": "",
+    "sprint_mode": False,
+    "tone_memory_enabled": True,
+    "ocr_confidence_threshold": 60,
+    "post_char_limit": 280,
+    "twitter_plan": "free",
+    "onboarding_complete": False,
+}
+
+
+def load_settings() -> dict:
+    if not SETTINGS_FILE.exists():
+        save_settings(DEFAULTS)
+        return DEFAULTS.copy()
+    try:
+        with open(SETTINGS_FILE, "r", encoding="utf-8") as file:
+            stored = json.load(file)
+        return {**DEFAULTS, **stored}
+    except (json.JSONDecodeError, OSError):
+        return DEFAULTS.copy()
+
+
+def save_settings(settings: dict) -> None:
+    SETTINGS_FILE.parent.mkdir(parents=True, exist_ok=True)
+    with open(SETTINGS_FILE, "w", encoding="utf-8") as file:
+        json.dump(settings, file, indent=2)
+
+
+def get(key: str):
+    return load_settings().get(key, DEFAULTS.get(key))
+
+
+def set(key: str, value) -> None:
+    settings = load_settings()
+    settings[key] = value
+    save_settings(settings)
+
+
+def get_project_narrative() -> str:
+    return str(get("project_narrative") or "")
+
+
+def set_project_narrative(narrative: str) -> None:
+    set("project_narrative", narrative.strip())
+
+
+def is_sprint_mode() -> bool:
+    return bool(get("sprint_mode"))
+
+
+def toggle_sprint_mode() -> bool:
+    current = is_sprint_mode()
+    set("sprint_mode", not current)
+    return not current
+
+
+def is_tone_memory_enabled() -> bool:
+    return bool(get("tone_memory_enabled"))
+
+
+def get_ocr_threshold() -> int:
+    return int(get("ocr_confidence_threshold") or DEFAULTS["ocr_confidence_threshold"])
+
+
+def get_tesseract_cmd() -> str:
+    configured = os.getenv("TESSERACT_CMD", "").strip()
+    if configured:
+        return configured
+    return "tesseract"
+
+
+def is_onboarding_complete() -> bool:
+    return bool(get("onboarding_complete"))
+
+
+def complete_onboarding() -> None:
+    set("onboarding_complete", True)
+
+
+def get_twitter_plan() -> str:
+    return str(get("twitter_plan") or "free")
+
+
+def set_twitter_plan(plan: str) -> None:
+    if plan.lower() in ["free", "basic", "premium"]:
+        set("twitter_plan", plan.lower())
+
+
+def validate_api_keys() -> dict:
+    return {
+        "groq": bool(GROQ_API_KEY),
+        "kimi": bool(MOONSHOT_API_KEY),
+        "gemini": bool(GEMINI_API_KEY),
+        "cerebras": bool(CEREBRAS_API_KEY),
+        "openrouter": bool(OPENROUTER_API_KEY),
+        "twitter_api_key": bool(TWITTER_API_KEY),
+        "twitter_api_secret": bool(TWITTER_API_SECRET),
+        "twitter_access_token": bool(TWITTER_ACCESS_TOKEN),
+        "twitter_access_secret": bool(TWITTER_ACCESS_SECRET),
+        "twitter_bearer_token": bool(TWITTER_BEARER_TOKEN),
+    }
+
+
+def missing_api_keys() -> list:
+    return [key for key, present in validate_api_keys().items() if not present]
+
+
+def ai_provider_key_status() -> dict:
+    return {
+        provider: bool(os.getenv(env_name, "").strip())
+        for provider, env_name in API_KEY_ENV_MAP.items()
+    }