Update app.js

app.js

@@ -3,6 +3,169 @@ import { createServer } from 'http';
 import { WebSocketServer, WebSocket } from 'ws';
 import cors from 'cors';
 import jwt from 'jsonwebtoken';
+import { createClient } from '@supabase/supabase-js';
+
+const PORT = 7860;
+const SUPABASE_URL = process.env.SUPABASE_URL;
+const SUPABASE_KEY = process.env.SUPABASE_SERVICE_KEY;
+const CORE_URL = process.env.CORE_URL || "http://localhost:7862"; 
+
+if (!SUPABASE_URL) { console.error("❌ Config Missing"); process.exit(1); }
+
+const app = express();
+const server = createServer(app);
+const wss = new WebSocketServer({ noServer: true });
+const supabase = createClient(SUPABASE_URL, SUPABASE_KEY);
+
+const clients = new Map(); // UserId -> Set<WebSocket>
+
+app.use(cors());
+app.use(express.json({ limit: '50mb' }));
+
+app.get('/', (req, res) => res.send('Gateway Active'));
+
+// Internal Notification Webhook
+app.post('/internal/notify', (req, res) => {
+    const { user_id, type, message } = req.body;
+    if (clients.has(user_id)) {
+        clients.get(user_id).forEach(ws => {
+            if (ws.readyState === WebSocket.OPEN) ws.send(JSON.stringify({ type, message }));
+        });
+        return res.json({ success: true });
+    }
+    res.json({ success: false });
+});
+
+// Verify JWT against DB Secret
+async function verifyThrustToken(token) {
+    const decoded = jwt.decode(token);
+    if (!decoded || !decoded.sid) return null;
+
+    const { data: session } = await supabase
+        .from('user_sessions')
+        .select('session_secret')
+        .eq('id', decoded.sid)
+        .single();
+
+    if (!session) return null; 
+
+    try {
+        return jwt.verify(token, session.session_secret);
+    } catch (e) {
+        return null;
+    }
+}
+
+// --- NEW: FETCH PAGINATED PROJECTS VIA JWT ---
+app.get('/api/projects', async (req, res) => {
+    const authHeader = req.headers.authorization;
+    if (!authHeader?.startsWith('Bearer ')) return res.status(401).json({ error: 'Unauthorized' });
+
+    const token = authHeader.split(' ')[1];
+    const decoded = await verifyThrustToken(token);
+    
+    if (!decoded || !decoded.uid) return res.status(403).json({ error: 'Invalid Token' });
+
+    // Pagination Logic (Default: 9 items per page for a 3x3 grid)
+    const page = parseInt(req.query.page) || 1;
+    const limit = parseInt(req.query.limit) || 9;
+    const start = (page - 1) * limit;
+    const end = start + limit - 1;
+
+    const { data, count, error } = await supabase
+        .from('leads')
+        .select('*', { count: 'exact' })
+        .eq('user_id', decoded.uid)
+        .order('created_at', { ascending: false })
+        .range(start, end);
+
+    if (error) return res.status(500).json({ error: error.message });
+
+    res.json({
+        projects: data,
+        total: count,
+        page: page,
+        totalPages: Math.ceil(count / limit) || 1
+    });
+});
+
+// WS Upgrade
+server.on('upgrade', async (request, socket, head) => {
+    const url = new URL(request.url, `http://${request.headers.host}`);
+    const token = url.searchParams.get('token');
+
+    if (!token) { socket.write('HTTP/1.1 401 Unauthorized\r\n\r\n'); socket.destroy(); return; }
+
+    const decodedData = await verifyThrustToken(token);
+
+    if (!decodedData) { socket.write('HTTP/1.1 403 Forbidden\r\n\r\n'); socket.destroy(); return; }
+  
+    wss.handleUpgrade(request, socket, head, (ws) => {
+        wss.emit('connection', ws, request, decodedData);
+    });
+});
+
+// WS Logic
+wss.on('connection', (ws, req, user) => {
+    // Note: 'uid' is what we encoded into the JWT in the Auth Proxy
+    const userId = user.uid; 
+    
+    if (!clients.has(userId)) clients.set(userId, new Set());
+    clients.get(userId).add(ws);
+
+    ws.isAlive = true;
+    ws.on('pong', () => { ws.isAlive = true; });
+
+    ws.on('message', async (message) => {
+        try {
+            const data = JSON.parse(message.toString());
+
+            if (data.type === 'prompt') {
+                ws.send(JSON.stringify({ type: 'status', status: 'thinking' }));
+
+                const response = await fetch(`${CORE_URL}/process`, {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({
+                        userId: userId,
+                        projectId: data.projectId,
+                        prompt: data.content,
+                        context: data.context,
+                        task_type: 'chat' 
+                    })
+                });
+
+                if (!response.ok) throw new Error("Core API Failed");
+                const result = await response.json();
+
+                ws.send(JSON.stringify({ type: 'response', text: result.text, should_reload: result.should_reload, usage: result.usage }));
+            }
+        } catch (e) {
+            console.error("WS Error", e);
+            ws.send(JSON.stringify({ type: 'error', message: "Processing Error" }));
+        }
+    });
+
+    ws.on('close', () => {
+        if (clients.has(userId)) clients.get(userId).delete(ws);
+    });
+});
+
+setInterval(() => {
+    wss.clients.forEach((ws) => {
+        if (ws.isAlive === false) return ws.terminate();
+        ws.isAlive = false;
+        ws.ping();
+    });
+}, 30000);
+
+server.listen(PORT, () => console.log(`🚀 Gateway on ${PORT}`));
+
+/* import express from 'express';
+import { createServer } from 'http';
+import { WebSocketServer, WebSocket } from 'ws';
+import cors from 'cors';
+import jwt from 'jsonwebtoken';
 import { v4 as uuidv4 } from 'uuid';
 import { createClient } from '@supabase/supabase-js';
 
@@ -150,4 +313,5 @@ setInterval(() => {
     });
 }, 30000);
 
-server.listen(PORT, () => console.log(`🚀 Gateway on ${PORT}`));
+server.listen(PORT, () => console.log(`🚀 Gateway on ${PORT}`));
+*/