Merge branch 'dev' into feat/dev-tool

Author: mantrakp04

.cursor/commands/pre-push.md

@@ -1 +1 @@
-Please compare `dev` to `main` and ensure that all migrations are backwards compatible. In what ways could breakage occur? Report the result to me in detail.
+Please compare `dev` to `main` and ensure that all migrations are backwards compatible. In what ways could breakage occur? Report the result to me in detail. Anything else that's scary that could occur, or that we should think about while migrating?

apps/backend/.env

@@ -115,3 +115,6 @@ STACK_STRIPE_SECRET_KEY=# enter your stripe api key
 STACK_STRIPE_WEBHOOK_SECRET=# enter your stripe webhook secret
 STACK_TELEGRAM_BOT_TOKEN= # enter you telegram bot token
 STACK_TELEGRAM_CHAT_ID=# enter your telegram chat id
+
+# Docs AI tool bundle
+STACK_DOCS_INTERNAL_BASE_URL=# override the docs origin used by the backend's AI tool bundle to call the docs app's `/api/internal/docs-tools` endpoint. Defaults to http://localhost:${NEXT_PUBLIC_STACK_PORT_PREFIX:-81}04 in dev, https://mcp.stack-auth.com in prod

apps/backend/.env.development

@@ -78,6 +78,7 @@ STACK_STRIPE_SECRET_KEY=sk_test_mockstripekey
 STACK_STRIPE_WEBHOOK_SECRET=mock_stripe_webhook_secret
 STACK_OPENROUTER_API_KEY=FORWARD_TO_PRODUCTION
 STACK_FEEDBACK_MODE=FORWARD_TO_PRODUCTION
+# STACK_DOCS_INTERNAL_BASE_URL=http://localhost:8104
 # Email monitor configuration for tests
 STACK_EMAIL_MONITOR_VERIFICATION_CALLBACK_URL=http://localhost:8101/handler/email-verification
 STACK_EMAIL_MONITOR_PROJECT_ID=internal

apps/backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/backend",
-  "version": "2.8.81",
+  "version": "2.8.82",
   "repository": "https://github.com/stack-auth/stack-auth",
   "private": true,
   "type": "module",

apps/backend/prisma/migrations/20260327000000_add_ai_conversations/migration.sql

@@ -0,0 +1,29 @@
+-- CreateTable
+CREATE TABLE "AiConversation" (
+    "id" UUID NOT NULL,
+    "projectUserId" UUID NOT NULL,
+    "projectId" TEXT NOT NULL REFERENCES "Project"("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    "title" TEXT NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "AiConversation_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "AiMessage" (
+    "id" UUID NOT NULL,
+    "conversationId" UUID NOT NULL REFERENCES "AiConversation"("id") ON DELETE CASCADE ON UPDATE CASCADE,
+    "position" INTEGER NOT NULL,
+    "role" TEXT NOT NULL,
+    "content" JSONB NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "AiMessage_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "AiConversation_projectUserId_projectId_updatedAt_idx" ON "AiConversation"("projectUserId", "projectId", "updatedAt" DESC);
+
+-- CreateIndex
+CREATE INDEX "AiMessage_conversationId_position_idx" ON "AiMessage"("conversationId", "position" ASC);

apps/backend/prisma/migrations/20260406000000_add_signup_email_normalized_recent_idx/migration.sql

@@ -0,0 +1,5 @@
+-- SPLIT_STATEMENT_SENTINEL
+-- SINGLE_STATEMENT_SENTINEL
+-- RUN_OUTSIDE_TRANSACTION_SENTINEL
+CREATE INDEX CONCURRENTLY IF NOT EXISTS "ProjectUser_signUpEmailNormalized_recent_idx"
+  ON "ProjectUser"("tenancyId", "isAnonymous", "signUpEmailNormalized", "signedUpAt");

apps/backend/prisma/schema.prisma

@@ -43,6 +43,7 @@ model Project {
   branchConfigOverrides      BranchConfigOverride[]
   environmentConfigOverrides EnvironmentConfigOverride[]
   localEmulatorProject       LocalEmulatorProject?
+  aiConversations            AiConversation[]
 
   @@index([ownerTeamId], map: "Project_ownerTeamId_idx")
 }
@@ -332,6 +333,7 @@ model ProjectUser {
   @@index([tenancyId, createdAt(sort: Desc)], name: "ProjectUser_createdAt_desc")
   @@index([tenancyId, isAnonymous, signedUpAt(sort: Asc)], name: "ProjectUser_signedUpAt_asc")
   @@index([tenancyId, isAnonymous, signUpIp, signedUpAt], name: "ProjectUser_signUpIp_recent_idx")
+  @@index([tenancyId, isAnonymous, signUpEmailNormalized, signedUpAt], name: "ProjectUser_signUpEmailNormalized_recent_idx")
   @@index([tenancyId, isAnonymous, signUpEmailBase, signedUpAt], name: "ProjectUser_signUpEmailBase_recent_idx")
   @@index([tenancyId, sequenceId], name: "ProjectUser_tenancyId_sequenceId_idx")
   @@index([shouldUpdateSequenceId, tenancyId], name: "ProjectUser_shouldUpdateSequenceId_idx")
@@ -1142,6 +1144,31 @@ model ThreadMessage {
   @@id([tenancyId, id])
 }
 
+model AiConversation {
+  id            String   @id @default(uuid()) @db.Uuid
+  projectUserId String   @db.Uuid
+  projectId     String
+  project       Project  @relation(fields: [projectId], references: [id], onDelete: Cascade)
+  title         String
+  createdAt     DateTime @default(now())
+  updatedAt     DateTime @updatedAt
+  messages      AiMessage[]
+
+  @@index([projectUserId, projectId, updatedAt(sort: Desc)])
+}
+
+model AiMessage {
+  id             String         @id @default(uuid()) @db.Uuid
+  conversationId String         @db.Uuid
+  position       Int
+  role           String
+  content        Json
+  createdAt      DateTime       @default(now())
+  conversation   AiConversation @relation(fields: [conversationId], references: [id], onDelete: Cascade)
+
+  @@index([conversationId, position])
+}
+
 enum CustomerType {
   USER
   TEAM

apps/backend/src/app/api/latest/ai/query/[mode]/route.ts

@@ -118,7 +118,7 @@ export const POST = createSmartRouteHandler({
       return {
         statusCode: 200,
         bodyType: "json" as const,
-        body: { content: contentBlocks },
+        body: { content: contentBlocks, finalText: result.text },
       };
     }
   },

apps/backend/src/app/api/latest/auth/oauth/callback/[provider_id]/route.tsx

@@ -46,12 +46,23 @@ async function createProjectUserOAuthAccountForLink(prisma: PrismaClientTransact
   });
 }
 
-const redirectOrThrowError = (error: KnownError, tenancy: Tenancy, errorRedirectUrl?: string) => {
-  if (!errorRedirectUrl || (!validateRedirectUrl(errorRedirectUrl, tenancy) && !isAcceptedNativeAppUrl(errorRedirectUrl))) {
+const redirectOrThrowError = (error: KnownError, tenancy: Tenancy, options: {
+  oauthCallbackRedirectUrl?: string,
+  errorRedirectUrl?: string,
+}) => {
+  const targetRedirectUrl =
+    options.oauthCallbackRedirectUrl && (validateRedirectUrl(options.oauthCallbackRedirectUrl, tenancy) || isAcceptedNativeAppUrl(options.oauthCallbackRedirectUrl))
+      ? options.oauthCallbackRedirectUrl
+      : options.errorRedirectUrl && (validateRedirectUrl(options.errorRedirectUrl, tenancy) || isAcceptedNativeAppUrl(options.errorRedirectUrl))
+        ? options.errorRedirectUrl
+        : null;
+  if (!targetRedirectUrl) {
     throw error;
   }
 
-  const url = new URL(errorRedirectUrl);
+  const url = new URL(targetRedirectUrl);
+  url.searchParams.set("error", "server_error");
+  url.searchParams.set("error_description", error.message);
   url.searchParams.set("errorCode", error.errorCode);
   url.searchParams.set("message", error.message);
   url.searchParams.set("details", error.details ? JSON.stringify(error.details) : JSON.stringify({}));
@@ -113,6 +124,7 @@ const handler = createSmartRouteHandler({
       projectUserId,
       providerScope,
       errorRedirectUrl,
+      redirectUri,
       afterCallbackRedirectUrl,
     } = outerInfo;
 
@@ -152,7 +164,7 @@ const handler = createSmartRouteHandler({
         });
       } catch (error) {
         if (KnownErrors['OAuthProviderAccessDenied'].isInstance(error)) {
-          redirectOrThrowError(error, tenancy, errorRedirectUrl);
+          redirectOrThrowError(error, tenancy, { oauthCallbackRedirectUrl: redirectUri, errorRedirectUrl });
         }
         throw error;
       }
@@ -387,7 +399,7 @@ const handler = createSmartRouteHandler({
       return oauthResponseToSmartResponse(oauthResponse);
     } catch (error) {
       if (KnownError.isKnownError(error)) {
-        redirectOrThrowError(error, tenancy, errorRedirectUrl);
+        redirectOrThrowError(error, tenancy, { oauthCallbackRedirectUrl: redirectUri, errorRedirectUrl });
       }
       throw error;
     }

apps/backend/src/app/api/latest/internal/ai-conversations/[conversationId]/messages/route.tsx

@@ -0,0 +1,67 @@
+import { globalPrismaClient } from "@/prisma-client";
+import { createSmartRouteHandler } from "@/route-handlers/smart-route-handler";
+import { adaptSchema, yupArray, yupMixed, yupNumber, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { getOwnedConversation } from "../../utils";
+
+export const PUT = createSmartRouteHandler({
+  metadata: {
+    summary: "Replace conversation messages",
+    description: "Replace all messages in a conversation",
+  },
+  request: yupObject({
+    auth: yupObject({
+      type: adaptSchema,
+      user: adaptSchema.defined(),
+      project: yupObject({
+        id: yupString().oneOf(["internal"]).defined(),
+      }).defined(),
+    }).defined(),
+    params: yupObject({
+      conversationId: yupString().defined(),
+    }),
+    body: yupObject({
+      messages: yupArray(
+        yupObject({
+          role: yupString().oneOf(["user", "assistant"]).defined(),
+          content: yupMixed().defined(),
+        })
+      ).defined(),
+    }),
+  }),
+  response: yupObject({
+    statusCode: yupNumber().oneOf([200]).defined(),
+    bodyType: yupString().oneOf(["json"]).defined(),
+    body: yupObject({}).defined(),
+  }),
+  handler: async ({ auth, params, body }) => {
+    await getOwnedConversation(params.conversationId, auth.user.id);
+
+    await globalPrismaClient.$executeRaw`
+      WITH input AS (
+        SELECT
+          (ord - 1)::int AS position,
+          (elem->>'role')::text AS role,
+          elem->'content' AS content
+        FROM jsonb_array_elements(${JSON.stringify(body.messages)}::jsonb)
+          WITH ORDINALITY AS t(elem, ord)
+      ),
+      deleted AS (
+        DELETE FROM "AiMessage" WHERE "conversationId" = ${params.conversationId}::uuid
+      ),
+      inserted AS (
+        INSERT INTO "AiMessage" ("id", "conversationId", "position", "role", "content")
+        SELECT gen_random_uuid(), ${params.conversationId}::uuid, position, role, content
+        FROM input
+      )
+      UPDATE "AiConversation"
+      SET "updatedAt" = NOW()
+      WHERE "id" = ${params.conversationId}::uuid
+    `;
+
+    return {
+      statusCode: 200 as const,
+      bodyType: "json" as const,
+      body: {},
+    };
+  },
+});