Merge branch 'phase1d/sponsor-pipeline' into dev

# Conflicts:
#	package.json
#	pnpm-lock.yaml

Author: Miriad

app/api/cron/sponsor-outreach/route.ts

@@ -0,0 +1,126 @@
+export const fetchCache = 'force-no-store'
+
+import { NextResponse } from 'next/server'
+import { sanityWriteClient } from '@/lib/sanity-write-client'
+import { generateOutreachEmail } from '@/lib/sponsor/gemini-outreach'
+import { sendSponsorEmail } from '@/lib/sponsor/email-service'
+import type { SponsorPoolEntry } from '@/lib/sponsor/gemini-outreach'
+
+const MAX_PER_RUN = 5
+const COOLDOWN_DAYS = 14
+
+export async function POST(request: Request) {
+  // Auth: Bearer token check against CRON_SECRET
+  const authHeader = request.headers.get('authorization')
+  if (authHeader !== `Bearer ${process.env.CRON_SECRET}`) {
+    console.error('[SPONSOR] Outreach cron: unauthorized request')
+    return new Response('Unauthorized', { status: 401 })
+  }
+
+  try {
+    console.log('[SPONSOR] Starting outbound sponsor outreach cron...')
+
+    // Calculate the cutoff date for cooldown
+    const cutoffDate = new Date()
+    cutoffDate.setDate(cutoffDate.getDate() - COOLDOWN_DAYS)
+    const cutoffISO = cutoffDate.toISOString()
+
+    // Query Sanity for eligible sponsor pool entries
+    const query = `*[
+      _type == "sponsorPool"
+      && optedOut != true
+      && (
+        !defined(lastContactedAt)
+        || lastContactedAt < $cutoffDate
+      )
+    ] | order(relevanceScore desc) [0...${MAX_PER_RUN - 1}] {
+      _id,
+      companyName,
+      contactName,
+      contactEmail,
+      website,
+      category,
+      relevanceScore,
+      optOutToken
+    }`
+
+    const sponsors: SponsorPoolEntry[] = await sanityWriteClient.fetch(query, {
+      cutoffDate: cutoffISO,
+    })
+
+    console.log(`[SPONSOR] Found ${sponsors.length} eligible sponsors for outreach`)
+
+    if (sponsors.length === 0) {
+      return NextResponse.json({
+        success: true,
+        message: 'No eligible sponsors for outreach',
+        processed: 0,
+      })
+    }
+
+    const results: Array<{ companyName: string; success: boolean; error?: string }> = []
+
+    for (const sponsor of sponsors) {
+      try {
+        // Generate personalized outreach email
+        const email = await generateOutreachEmail(sponsor)
+
+        // Send the email (stubbed)
+        const sendResult = await sendSponsorEmail(
+          sponsor.contactEmail,
+          email.subject,
+          email.body
+        )
+
+        if (sendResult.success) {
+          // Update lastContactedAt on the sponsor pool entry
+          await sanityWriteClient
+            .patch(sponsor._id)
+            .set({ lastContactedAt: new Date().toISOString() })
+            .commit()
+
+          // Create a sponsorLead with source='outbound'
+          await sanityWriteClient.create({
+            _type: 'sponsorLead',
+            companyName: sponsor.companyName,
+            contactName: sponsor.contactName,
+            contactEmail: sponsor.contactEmail,
+            source: 'outbound',
+            status: 'contacted',
+            threadId: crypto.randomUUID(),
+            lastEmailAt: new Date().toISOString(),
+          })
+
+          results.push({ companyName: sponsor.companyName, success: true })
+          console.log(`[SPONSOR] Outreach sent to: ${sponsor.companyName}`)
+        } else {
+          results.push({
+            companyName: sponsor.companyName,
+            success: false,
+            error: 'Email send failed',
+          })
+        }
+      } catch (error) {
+        const errorMsg = error instanceof Error ? error.message : String(error)
+        console.error(`[SPONSOR] Outreach failed for ${sponsor.companyName}:`, errorMsg)
+        results.push({ companyName: sponsor.companyName, success: false, error: errorMsg })
+      }
+    }
+
+    const successCount = results.filter((r) => r.success).length
+    console.log(`[SPONSOR] Outreach cron complete: ${successCount}/${results.length} successful`)
+
+    return NextResponse.json({
+      success: true,
+      processed: results.length,
+      successful: successCount,
+      results,
+    })
+  } catch (error) {
+    console.error('[SPONSOR] Outreach cron error:', error)
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    )
+  }
+}

app/api/sponsor/opt-out/route.ts

@@ -0,0 +1,89 @@
+import { sanityWriteClient } from '@/lib/sanity-write-client'
+
+export async function GET(request: Request) {
+  const { searchParams } = new URL(request.url)
+  const token = searchParams.get('token')
+
+  if (!token) {
+    return new Response(
+      renderHtml('Invalid Request', 'No opt-out token provided.'),
+      { status: 400, headers: { 'Content-Type': 'text/html; charset=utf-8' } }
+    )
+  }
+
+  try {
+    // Query Sanity for sponsorPool entry with matching optOutToken
+    const query = '*[_type == "sponsorPool" && optOutToken == $token][0]{ _id, companyName }'
+    const params = { token } as Record<string, string>
+    const sponsor = await sanityWriteClient.fetch(
+      query,
+      params
+    ) as { _id: string; companyName: string } | null
+
+    if (!sponsor) {
+      console.warn('[SPONSOR] Opt-out: invalid token:', token)
+      return new Response(
+        renderHtml('Not Found', 'This opt-out link is invalid or has already been processed.'),
+        { status: 404, headers: { 'Content-Type': 'text/html; charset=utf-8' } }
+      )
+    }
+
+    // Set optedOut = true
+    await sanityWriteClient.patch(sponsor._id).set({ optedOut: true }).commit()
+
+    console.log('[SPONSOR] Opt-out processed for:', sponsor.companyName)
+
+    return new Response(
+      renderHtml(
+        'Opted Out Successfully',
+        `You have been successfully removed from CodingCat.dev sponsor outreach. You will no longer receive emails from us regarding sponsorship opportunities.`
+      ),
+      { status: 200, headers: { 'Content-Type': 'text/html; charset=utf-8' } }
+    )
+  } catch (error) {
+    console.error('[SPONSOR] Opt-out error:', error)
+    return new Response(
+      renderHtml('Error', 'Something went wrong processing your opt-out. Please try again later.'),
+      { status: 500, headers: { 'Content-Type': 'text/html; charset=utf-8' } }
+    )
+  }
+}
+
+function renderHtml(title: string, message: string): string {
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>${title} — CodingCat.dev</title>
+  <style>
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+      display: flex;
+      justify-content: center;
+      align-items: center;
+      min-height: 100vh;
+      margin: 0;
+      background: #f5f5f5;
+      color: #333;
+    }
+    .container {
+      text-align: center;
+      padding: 2rem;
+      max-width: 500px;
+      background: white;
+      border-radius: 12px;
+      box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+    }
+    h1 { color: #7c3aed; margin-bottom: 1rem; }
+    p { line-height: 1.6; color: #666; }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <h1>${title}</h1>
+    <p>${message}</p>
+  </div>
+</body>
+</html>`
+}

app/api/webhooks/sponsor-inbound/route.ts

@@ -0,0 +1,98 @@
+import { NextResponse } from 'next/server'
+import { z } from 'zod'
+import { sanityWriteClient } from '@/lib/sanity-write-client'
+import { extractSponsorIntent } from '@/lib/sponsor/gemini-intent'
+import { sendSponsorEmail } from '@/lib/sponsor/email-service'
+
+const RATE_CARD = `
+CodingCat.dev Sponsorship Tiers:
+- Dedicated Video ($4,000) — Full dedicated video about your product
+- Integrated Mid-Roll Ad ($1,800) — Mid-roll advertisement in our videos
+- Quick Shout-Out ($900) — Brief mention in our videos
+- Blog Post / Newsletter ($500) — Featured in our blog or newsletter
+- Video Series (Custom) — Multi-video partnership series
+
+Learn more: https://codingcat.dev/sponsorships
+`.trim()
+
+const inboundSchema = z.object({
+  fullName: z.string().min(1, 'Full name is required'),
+  email: z.string().email('Valid email is required'),
+  company: z.string().optional().default(''),
+  message: z.string().optional().default(''),
+  tiers: z.array(z.string()).optional().default([]),
+})
+
+export async function POST(request: Request) {
+  // Verify webhook secret
+  const webhookSecret = request.headers.get('x-webhook-secret')
+  if (!webhookSecret || webhookSecret !== process.env.SPONSOR_WEBHOOK_SECRET) {
+    console.error('[SPONSOR] Inbound webhook: unauthorized request')
+    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+  }
+
+  try {
+    const body = await request.json()
+    const parsed = inboundSchema.safeParse(body)
+
+    if (!parsed.success) {
+      console.error('[SPONSOR] Inbound webhook: validation failed', parsed.error.issues)
+      return NextResponse.json(
+        { error: 'Validation failed', details: parsed.error.issues },
+        { status: 400 }
+      )
+    }
+
+    const { fullName, email, company, message, tiers } = parsed.data
+
+    // Extract intent using Gemini
+    const combinedMessage = [
+      company ? `Company: ${company}` : '',
+      `From: ${fullName} (${email})`,
+      tiers.length ? `Interested tiers: ${tiers.join(', ')}` : '',
+      message,
+    ]
+      .filter(Boolean)
+      .join('\n')
+
+    console.log('[SPONSOR] Processing inbound inquiry from:', email)
+
+    const intent = await extractSponsorIntent(combinedMessage)
+
+    // Create sponsorLead in Sanity
+    const leadDoc = {
+      _type: 'sponsorLead',
+      companyName: intent.companyName || company || 'Unknown',
+      contactName: intent.contactName || fullName,
+      contactEmail: email,
+      source: 'inbound',
+      status: 'new',
+      intent: intent.intent,
+      rateCard: tiers.length > 0 ? tiers.join(', ') : intent.suggestedTiers.join(', '),
+      threadId: crypto.randomUUID(),
+      lastEmailAt: new Date().toISOString(),
+    }
+
+    const created = await sanityWriteClient.create(leadDoc)
+    console.log('[SPONSOR] Created sponsor lead:', created._id)
+
+    // Send auto-reply with rate card (stubbed)
+    await sendSponsorEmail(
+      email,
+      `Thanks for your interest in sponsoring CodingCat.dev!`,
+      `Hi ${fullName},\n\nThanks for reaching out about sponsoring CodingCat.dev! I'm excited to explore how we can work together.\n\nHere's our current rate card:\n\n${RATE_CARD}\n\nI'll review your inquiry and get back to you within 48 hours.\n\nBest,\nAlex Patterson\nCodingCat.dev`
+    )
+
+    return NextResponse.json({
+      success: true,
+      leadId: created._id,
+      message: 'Sponsor inquiry received and processed',
+    })
+  } catch (error) {
+    console.error('[SPONSOR] Inbound webhook error:', error)
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    )
+  }
+}

app/api/webhooks/stripe-sponsor/route.ts

@@ -0,0 +1,53 @@
+import { NextResponse } from 'next/server'
+
+/**
+ * Stripe webhook handler for sponsor invoices.
+ *
+ * STUBBED — needs STRIPE_SECRET_KEY and STRIPE_WEBHOOK_SECRET
+ *
+ * Will handle:
+ * - invoice.paid → update sponsorLead status to 'paid', assign to next video
+ * - invoice.payment_failed → update sponsorLead stripePaymentStatus to 'failed'
+ *
+ * TODO: Wire up Stripe webhook verification and event handling
+ */
+export async function POST(request: Request) {
+  try {
+    const body = await request.text()
+
+    // TODO: Verify Stripe webhook signature
+    // const sig = request.headers.get('stripe-signature')
+    // const event = stripe.webhooks.constructEvent(body, sig!, process.env.STRIPE_WEBHOOK_SECRET!)
+
+    console.log('[SPONSOR] Stripe webhook received (stubbed):', {
+      contentLength: body.length,
+      timestamp: new Date().toISOString(),
+    })
+
+    // TODO: Handle events
+    // switch (event.type) {
+    //   case 'invoice.paid': {
+    //     const invoice = event.data.object
+    //     // Find sponsorLead by stripeInvoiceId
+    //     // Update status to 'paid'
+    //     // Update stripePaymentStatus to 'paid'
+    //     // Assign to next available video
+    //     break
+    //   }
+    //   case 'invoice.payment_failed': {
+    //     const invoice = event.data.object
+    //     // Find sponsorLead by stripeInvoiceId
+    //     // Update stripePaymentStatus to 'failed'
+    //     break
+    //   }
+    // }
+
+    return NextResponse.json({ received: true })
+  } catch (error) {
+    console.error('[SPONSOR] Stripe webhook error:', error)
+    return NextResponse.json(
+      { error: 'Webhook processing failed' },
+      { status: 500 }
+    )
+  }
+}