Add Supabase REST helper + schema; HF models route

src/app/api/huggingface-models/route.ts

@@ -0,0 +1,108 @@
+import { NextRequest, NextResponse } from "next/server";
+
+interface HuggingFaceModel {
+    id?: string;
+    modelId?: string;
+    tags?: string[];
+}
+
+type ModelOption = { id: string; name: string };
+
+type CacheEntry = {
+    timestamp: number;
+    data: ModelOption[];
+};
+
+const CACHE_DURATION = 1000 * 60 * 5; // 5 minutes
+const cache = new Map<string, CacheEntry>();
+
+function getCacheKey(query: string, limit: number) {
+    return `${query}::${limit}`;
+}
+
+function normalizeModelId(model: HuggingFaceModel) {
+    return model.id || model.modelId || "";
+}
+
+function hasTag(model: HuggingFaceModel, tag: string) {
+    return Array.isArray(model.tags) && model.tags.includes(tag);
+}
+
+function isExcludedFormat(model: HuggingFaceModel) {
+    if (!Array.isArray(model.tags)) return false;
+    const tags = new Set(model.tags);
+    if (tags.has("gguf")) return true;
+    if (tags.has("mlx")) return true;
+    if (tags.has("ggml")) return true;
+    return false;
+}
+
+export async function GET(request: NextRequest) {
+    const query = request.nextUrl.searchParams.get("q")?.trim() ?? "";
+    const limitParam = Number(request.nextUrl.searchParams.get("limit") ?? "20");
+    const limit = Number.isFinite(limitParam) ? Math.max(1, Math.min(50, limitParam)) : 20;
+
+    const cacheKey = getCacheKey(query.toLowerCase(), limit);
+    const now = Date.now();
+
+    const cached = cache.get(cacheKey);
+    if (cached && now - cached.timestamp < CACHE_DURATION) {
+        return NextResponse.json(cached.data);
+    }
+
+    try {
+        const url = new URL("https://huggingface.co/api/models");
+
+        if (query) {
+            url.searchParams.set("search", query);
+        } else {
+            url.searchParams.set("sort", "downloads");
+            url.searchParams.set("direction", "-1");
+        }
+
+        // Restrict to models that have the `safetensors` tag.
+        url.searchParams.append("filter", "safetensors");
+
+        url.searchParams.set("limit", String(limit));
+
+        const response = await fetch(url.toString(), {
+            headers: {
+                Accept: "application/json",
+            },
+            next: { revalidate: 300 },
+        });
+
+        if (!response.ok) {
+            throw new Error(`Hugging Face API error: ${response.status}`);
+        }
+
+        const data = (await response.json()) as HuggingFaceModel[];
+
+        const seen = new Set<string>();
+        const models: ModelOption[] = Array.isArray(data)
+            ? data
+                .filter((m) => hasTag(m, "safetensors") && !isExcludedFormat(m))
+                .map((m) => normalizeModelId(m))
+                .filter(Boolean)
+                .filter((id) => {
+                    if (seen.has(id)) return false;
+                    seen.add(id);
+                    return true;
+                })
+                .map((id) => ({
+                    id,
+                    name: id,
+                }))
+            : [];
+
+        cache.set(cacheKey, { timestamp: now, data: models });
+
+        return NextResponse.json(models);
+    } catch (error) {
+        console.error("Error fetching Hugging Face models:", error);
+        if (cached) {
+            return NextResponse.json(cached.data);
+        }
+        return NextResponse.json([], { status: 500 });
+    }
+}

src/lib/supabaseRest.ts

@@ -0,0 +1,116 @@
+type SupabaseEnv = {
+    url: string;
+    anonKey: string;
+    serviceRoleKey?: string;
+};
+
+function getSupabaseEnv(): SupabaseEnv {
+    const url = process.env.NEXT_PUBLIC_SUPABASE_URL || "";
+    const anonKey = process.env.NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY || "";
+    const serviceRoleKey = process.env.SUPABASE_SERVICE_ROLE_KEY || "";
+
+    if (!url || !anonKey) {
+        throw new Error("Supabase env vars missing: NEXT_PUBLIC_SUPABASE_URL and/or NEXT_PUBLIC_SUPABASE_PUBLISHABLE_DEFAULT_KEY");
+    }
+
+    return { url, anonKey, serviceRoleKey: serviceRoleKey || undefined };
+}
+
+export type SupabaseRestError = {
+    message: string;
+    details?: string;
+    hint?: string;
+    code?: string;
+};
+
+export async function supabaseRest<T>(
+    path: string,
+    init: RequestInit & {
+        query?: Record<string, string | number | boolean | undefined | null>;
+        preferReturn?: "representation" | "minimal";
+        acceptObject?: boolean;
+        count?: "exact" | "planned" | "estimated";
+    } = {}
+): Promise<{ data: T | null; error: SupabaseRestError | null; status: number; count: number | null }> {
+    const { url, anonKey, serviceRoleKey } = getSupabaseEnv();
+    const apiKey = serviceRoleKey || anonKey;
+
+    const endpoint = new URL(path.startsWith("/") ? path : `/${path}`, url);
+    if (init.query) {
+        for (const [k, v] of Object.entries(init.query)) {
+            if (v === undefined || v === null) continue;
+            endpoint.searchParams.set(k, String(v));
+        }
+    }
+
+    const headers = new Headers(init.headers);
+    headers.set("apikey", apiKey);
+    headers.set("Authorization", `Bearer ${apiKey}`);
+
+    if (!headers.has("Content-Type") && init.body) {
+        headers.set("Content-Type", "application/json");
+    }
+
+    if (init.preferReturn) {
+        const existing = headers.get("Prefer");
+        const next = `return=${init.preferReturn}`;
+        headers.set("Prefer", existing ? `${existing}, ${next}` : next);
+    }
+
+    if (init.count) {
+        const existing = headers.get("Prefer");
+        const next = `count=${init.count}`;
+        headers.set("Prefer", existing ? `${existing}, ${next}` : next);
+    }
+
+    if (init.acceptObject) {
+        headers.set("Accept", "application/vnd.pgrst.object+json");
+    }
+
+    const res = await fetch(endpoint.toString(), {
+        ...init,
+        headers,
+    });
+
+    const status = res.status;
+
+    const contentRange = res.headers.get("content-range") || res.headers.get("Content-Range");
+    let count: number | null = null;
+    if (contentRange) {
+        const slash = contentRange.lastIndexOf("/");
+        if (slash !== -1) {
+            const total = Number(contentRange.slice(slash + 1));
+            if (Number.isFinite(total)) count = total;
+        }
+    }
+
+    const text = await res.text();
+
+    if (!res.ok) {
+        let err: SupabaseRestError = { message: `Supabase REST error: ${status}` };
+        try {
+            const parsed = JSON.parse(text);
+            if (parsed && typeof parsed === "object") {
+                err = {
+                    message: typeof (parsed as any).message === "string" ? (parsed as any).message : err.message,
+                    details: typeof (parsed as any).details === "string" ? (parsed as any).details : undefined,
+                    hint: typeof (parsed as any).hint === "string" ? (parsed as any).hint : undefined,
+                    code: typeof (parsed as any).code === "string" ? (parsed as any).code : undefined,
+                };
+            }
+        } catch {
+            if (text) err = { message: text };
+        }
+        return { data: null, error: err, status, count };
+    }
+
+    if (!text) {
+        return { data: null, error: null, status, count };
+    }
+
+    try {
+        return { data: JSON.parse(text) as T, error: null, status, count };
+    } catch {
+        return { data: null, error: null, status, count };
+    }
+}

supabase/schema.sql

@@ -0,0 +1,213 @@
+create extension if not exists pgcrypto;
+
+create table if not exists public.distillation_requests (
+    id uuid primary key default gen_random_uuid (),
+    source_dataset text not null,
+    student_model text not null,
+    additional_notes text not null default '',
+    upvotes integer not null default 0,
+    voted_ips text [] not null default '{}',
+    owner_id text not null,
+    created_at timestamptz not null default now(),
+    status text not null default 'pending'
+);
+
+create table if not exists public.dataset_requests (
+    id uuid primary key default gen_random_uuid (),
+    source_model text not null,
+    dataset_size text not null default '250x',
+    reasoning_depth text not null default 'high',
+    topics text [] not null default '{}',
+    additional_notes text not null default '',
+    upvotes integer not null default 0,
+    voted_ips text [] not null default '{}',
+    owner_id text not null,
+    created_at timestamptz not null default now(),
+    status text not null default 'pending'
+);
+
+create table if not exists public.request_comments (
+    id uuid primary key default gen_random_uuid (),
+    request_type text not null check (
+        request_type in ('distillation', 'dataset')
+    ),
+    request_id uuid not null,
+    body text not null,
+    author text not null,
+    role text not null check (role in ('admin', 'user')),
+    owner_id text not null,
+    created_at timestamptz not null default now(),
+    edited_at timestamptz null
+);
+
+create index if not exists idx_request_comments_request on public.request_comments (request_type, request_id);
+
+create index if not exists idx_request_comments_created_at on public.request_comments (created_at);
+
+create or replace function public.toggle_upvote_distillation(request_id uuid, voter_ip text)
+returns table(success boolean, upvotes integer, action text)
+language plpgsql
+security definer
+as $$
+declare
+    current_ips text[];
+    current_upvotes integer;
+begin
+    select r.voted_ips, r.upvotes
+    into current_ips, current_upvotes
+    from public.distillation_requests r
+    where r.id = request_id
+    for update;
+
+    if not found then
+        success := false;
+        upvotes := 0;
+        action := null;
+        return next;
+        return;
+    end if;
+
+    if voter_ip = any(current_ips) then
+        update public.distillation_requests
+        set
+            voted_ips = array_remove(voted_ips, voter_ip),
+            upvotes = greatest(upvotes - 1, 0)
+        where id = request_id
+        returning public.distillation_requests.upvotes into upvotes;
+
+        success := true;
+        action := 'unvoted';
+        return next;
+        return;
+    end if;
+
+    update public.distillation_requests
+    set
+        voted_ips = array_append(voted_ips, voter_ip),
+        upvotes = upvotes + 1
+    where id = request_id
+    returning public.distillation_requests.upvotes into upvotes;
+
+    success := true;
+    action := 'upvoted';
+    return next;
+end;
+$$;
+
+create or replace function public.toggle_upvote_dataset(request_id uuid, voter_ip text)
+returns table(success boolean, upvotes integer, action text)
+language plpgsql
+security definer
+as $$
+declare
+    current_ips text[];
+    current_upvotes integer;
+begin
+    select r.voted_ips, r.upvotes
+    into current_ips, current_upvotes
+    from public.dataset_requests r
+    where r.id = request_id
+    for update;
+
+    if not found then
+        success := false;
+        upvotes := 0;
+        action := null;
+        return next;
+        return;
+    end if;
+
+    if voter_ip = any(current_ips) then
+        update public.dataset_requests
+        set
+            voted_ips = array_remove(voted_ips, voter_ip),
+            upvotes = greatest(upvotes - 1, 0)
+        where id = request_id
+        returning public.dataset_requests.upvotes into upvotes;
+
+        success := true;
+        action := 'unvoted';
+        return next;
+        return;
+    end if;
+
+    update public.dataset_requests
+    set
+        voted_ips = array_append(voted_ips, voter_ip),
+        upvotes = upvotes + 1
+    where id = request_id
+    returning public.dataset_requests.upvotes into upvotes;
+
+    success := true;
+    action := 'upvoted';
+    return next;
+end;
+$$;
+
+alter table public.distillation_requests enable row level security;
+
+alter table public.dataset_requests enable row level security;
+
+alter table public.request_comments enable row level security;
+
+drop policy if exists public_select on public.distillation_requests;
+
+drop policy if exists public_insert on public.distillation_requests;
+
+drop policy if exists public_update on public.distillation_requests;
+
+drop policy if exists public_delete on public.distillation_requests;
+
+drop policy if exists public_select on public.dataset_requests;
+
+drop policy if exists public_insert on public.dataset_requests;
+
+drop policy if exists public_update on public.dataset_requests;
+
+drop policy if exists public_delete on public.dataset_requests;
+
+drop policy if exists public_select on public.request_comments;
+
+drop policy if exists public_insert on public.request_comments;
+
+drop policy if exists public_update on public.request_comments;
+
+drop policy if exists public_delete on public.request_comments;
+
+create policy public_select on public.distillation_requests for
+select using (true);
+
+create policy public_insert on public.distillation_requests for insert
+with
+    check (true);
+
+create policy public_select on public.dataset_requests for
+select using (true);
+
+create policy public_insert on public.dataset_requests for insert
+with
+    check (true);
+
+create policy public_select on public.request_comments for
+select using (true);
+
+create policy public_insert on public.request_comments for insert
+with
+    check (role = 'user');
+
+grant
+select, insert on table public.distillation_requests to anon, authenticated;
+
+grant
+select, insert on table public.dataset_requests to anon, authenticated;
+
+grant
+select, insert on table public.request_comments to anon, authenticated;
+
+grant
+execute on function public.toggle_upvote_distillation (uuid, text) to anon,
+authenticated;
+
+grant
+execute on function public.toggle_upvote_dataset (uuid, text) to anon,
+authenticated;