Upload 251 files

.gitattributes

@@ -33,3 +33,8 @@ saved_model/**/* filter=lfs diff=lfs merge=lfs -text
 *.zip filter=lfs diff=lfs merge=lfs -text
 *.zst filter=lfs diff=lfs merge=lfs -text
 *tfevents* filter=lfs diff=lfs merge=lfs -text
+banner.png filter=lfs diff=lfs merge=lfs -text
+diagram.png filter=lfs diff=lfs merge=lfs -text
+holo.png filter=lfs diff=lfs merge=lfs -text
+mac.png filter=lfs diff=lfs merge=lfs -text
+worldoscollage.mp4 filter=lfs diff=lfs merge=lfs -text

20240414161707_basejump-setup.sql

@@ -0,0 +1,186 @@
+/**
+      ____                 _
+     |  _ \               (_)
+     | |_) | __ _ ___  ___ _ _   _ _ __ ___  _ __
+     |  _ < / _` / __|/ _ \ | | | | '_ ` _ \| '_ \
+     | |_) | (_| \__ \  __/ | |_| | | | | | | |_) |
+     |____/ \__,_|___/\___| |\__,_|_| |_| |_| .__/
+                         _/ |               | |
+                        |__/                |_|
+
+     Basejump is a starter kit for building SaaS products on top of Supabase.
+     Learn more at https://usebasejump.com
+ */
+
+
+/**
+  * -------------------------------------------------------
+  * Section - Basejump schema setup and utility functions
+  * -------------------------------------------------------
+ */
+
+-- revoke execution by default from public
+ALTER DEFAULT PRIVILEGES REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
+ALTER DEFAULT PRIVILEGES IN SCHEMA PUBLIC REVOKE EXECUTE ON FUNCTIONS FROM anon, authenticated;
+
+-- Create basejump schema
+CREATE SCHEMA IF NOT EXISTS basejump;
+GRANT USAGE ON SCHEMA basejump to authenticated;
+GRANT USAGE ON SCHEMA basejump to service_role;
+
+/**
+  * -------------------------------------------------------
+  * Section - Enums
+  * -------------------------------------------------------
+ */
+
+/**
+ * Invitation types are either email or link. Email invitations are sent to
+ * a single user and can only be claimed once.  Link invitations can be used multiple times
+ * Both expire after 24 hours
+ */
+DO
+$$
+    BEGIN
+        -- check it account_role already exists on basejump schema
+        IF NOT EXISTS(SELECT 1
+                      FROM pg_type t
+                               JOIN pg_namespace n ON n.oid = t.typnamespace
+                      WHERE t.typname = 'invitation_type'
+                        AND n.nspname = 'basejump') THEN
+            CREATE TYPE basejump.invitation_type AS ENUM ('one_time', '24_hour');
+        end if;
+    end;
+$$;
+
+/**
+  * -------------------------------------------------------
+  * Section - Basejump settings
+  * -------------------------------------------------------
+ */
+
+CREATE TABLE IF NOT EXISTS basejump.config
+(
+    enable_team_accounts            boolean default true,
+    enable_personal_account_billing boolean default true,
+    enable_team_account_billing     boolean default true,
+    billing_provider                text    default 'stripe'
+);
+
+-- create config row
+INSERT INTO basejump.config (enable_team_accounts, enable_personal_account_billing, enable_team_account_billing)
+VALUES (true, true, true);
+
+-- enable select on the config table
+GRANT SELECT ON basejump.config TO authenticated, service_role;
+
+-- enable RLS on config
+ALTER TABLE basejump.config
+    ENABLE ROW LEVEL SECURITY;
+
+create policy "Basejump settings can be read by authenticated users" on basejump.config
+    for select
+    to authenticated
+    using (
+    true
+    );
+
+/**
+  * -------------------------------------------------------
+  * Section - Basejump utility functions
+  * -------------------------------------------------------
+ */
+
+/**
+  basejump.get_config()
+  Get the full config object to check basejump settings
+  This is not accessible from the outside, so can only be used inside postgres functions
+ */
+CREATE OR REPLACE FUNCTION basejump.get_config()
+    RETURNS json AS
+$$
+DECLARE
+    result RECORD;
+BEGIN
+    SELECT * from basejump.config limit 1 into result;
+    return row_to_json(result);
+END;
+$$ LANGUAGE plpgsql;
+
+grant execute on function basejump.get_config() to authenticated, service_role;
+
+
+/**
+  basejump.is_set("field_name")
+  Check a specific boolean config value
+ */
+CREATE OR REPLACE FUNCTION basejump.is_set(field_name text)
+    RETURNS boolean AS
+$$
+DECLARE
+    result BOOLEAN;
+BEGIN
+    execute format('select %I from basejump.config limit 1', field_name) into result;
+    return result;
+END;
+$$ LANGUAGE plpgsql;
+
+grant execute on function basejump.is_set(text) to authenticated;
+
+
+/**
+  * Automatic handling for maintaining created_at and updated_at timestamps
+  * on tables
+ */
+CREATE OR REPLACE FUNCTION basejump.trigger_set_timestamps()
+    RETURNS TRIGGER AS
+$$
+BEGIN
+    if TG_OP = 'INSERT' then
+        NEW.created_at = now();
+        NEW.updated_at = now();
+    else
+        NEW.updated_at = now();
+        NEW.created_at = OLD.created_at;
+    end if;
+    RETURN NEW;
+END
+$$ LANGUAGE plpgsql;
+
+
+/**
+  * Automatic handling for maintaining created_by and updated_by timestamps
+  * on tables
+ */
+CREATE OR REPLACE FUNCTION basejump.trigger_set_user_tracking()
+    RETURNS TRIGGER AS
+$$
+BEGIN
+    if TG_OP = 'INSERT' then
+        NEW.created_by = auth.uid();
+        NEW.updated_by = auth.uid();
+    else
+        NEW.updated_by = auth.uid();
+        NEW.created_by = OLD.created_by;
+    end if;
+    RETURN NEW;
+END
+$$ LANGUAGE plpgsql;
+
+/**
+  basejump.generate_token(length)
+  Generates a secure token - used internally for invitation tokens
+  but could be used elsewhere.  Check out the invitations table for more info on
+  how it's used
+ */
+CREATE OR REPLACE FUNCTION basejump.generate_token(length int)
+    RETURNS text AS
+$$
+select regexp_replace(replace(
+                              replace(replace(replace(encode(gen_random_bytes(length)::bytea, 'base64'), '/', ''), '+',
+                                              ''), '\', ''),
+                              '=',
+                              ''), E'[\\n\\r]+', '', 'g');
+$$ LANGUAGE sql;
+
+grant execute on function basejump.generate_token(int) to authenticated;

20240414161947_basejump-accounts.sql

@@ -0,0 +1,708 @@
+/**
+      ____                 _
+     |  _ \               (_)
+     | |_) | __ _ ___  ___ _ _   _ _ __ ___  _ __
+     |  _ < / _` / __|/ _ \ | | | | '_ ` _ \| '_ \
+     | |_) | (_| \__ \  __/ | |_| | | | | | | |_) |
+     |____/ \__,_|___/\___| |\__,_|_| |_| |_| .__/
+                         _/ |               | |
+                        |__/                |_|
+
+     Basejump is a starter kit for building SaaS products on top of Supabase.
+     Learn more at https://usebasejump.com
+ */
+
+/**
+  * -------------------------------------------------------
+  * Section - Accounts
+  * -------------------------------------------------------
+ */
+
+/**
+ * Account roles allow you to provide permission levels to users
+ * when they're acting on an account.  By default, we provide
+ * "owner" and "member".  The only distinction is that owners can
+ * also manage billing and invite/remove account members.
+ */
+DO
+$$
+    BEGIN
+        -- check it account_role already exists on basejump schema
+        IF NOT EXISTS(SELECT 1
+                      FROM pg_type t
+                               JOIN pg_namespace n ON n.oid = t.typnamespace
+                      WHERE t.typname = 'account_role'
+                        AND n.nspname = 'basejump') THEN
+            CREATE TYPE basejump.account_role AS ENUM ('owner', 'member');
+        end if;
+    end;
+$$;
+
+/**
+ * Accounts are the primary grouping for most objects within
+ * the system. They have many users, and all billing is connected to
+ * an account.
+ */
+CREATE TABLE IF NOT EXISTS basejump.accounts
+(
+    id                    uuid unique                NOT NULL DEFAULT extensions.uuid_generate_v4(),
+    -- defaults to the user who creates the account
+    -- this user cannot be removed from an account without changing
+    -- the primary owner first
+    primary_owner_user_id uuid references auth.users not null default auth.uid(),
+    -- Account name
+    name                  text,
+    slug                  text unique,
+    personal_account      boolean                             default false not null,
+    updated_at            timestamp with time zone,
+    created_at            timestamp with time zone,
+    created_by            uuid references auth.users,
+    updated_by            uuid references auth.users,
+    private_metadata      jsonb                               default '{}'::jsonb,
+    public_metadata       jsonb                               default '{}'::jsonb,
+    PRIMARY KEY (id)
+);
+
+-- constraint that conditionally allows nulls on the slug ONLY if personal_account is true
+-- remove this if you want to ignore accounts slugs entirely
+ALTER TABLE basejump.accounts
+    ADD CONSTRAINT basejump_accounts_slug_null_if_personal_account_true CHECK (
+            (personal_account = true AND slug is null)
+            OR (personal_account = false AND slug is not null)
+        );
+
+-- Open up access to accounts
+GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE basejump.accounts TO authenticated, service_role;
+
+/**
+ * We want to protect some fields on accounts from being updated
+ * Specifically the primary owner user id and account id.
+ * primary_owner_user_id should be updated using the dedicated function
+ */
+CREATE OR REPLACE FUNCTION basejump.protect_account_fields()
+    RETURNS TRIGGER AS
+$$
+BEGIN
+    IF current_user IN ('authenticated', 'anon') THEN
+        -- these are protected fields that users are not allowed to update themselves
+        -- platform admins should be VERY careful about updating them as well.
+        if NEW.id <> OLD.id
+            OR NEW.personal_account <> OLD.personal_account
+            OR NEW.primary_owner_user_id <> OLD.primary_owner_user_id
+        THEN
+            RAISE EXCEPTION 'You do not have permission to update this field';
+        end if;
+    end if;
+
+    RETURN NEW;
+END
+$$ LANGUAGE plpgsql;
+
+-- trigger to protect account fields
+CREATE TRIGGER basejump_protect_account_fields
+    BEFORE UPDATE
+    ON basejump.accounts
+    FOR EACH ROW
+EXECUTE FUNCTION basejump.protect_account_fields();
+
+-- convert any character in the slug that's not a letter, number, or dash to a dash on insert/update for accounts
+CREATE OR REPLACE FUNCTION basejump.slugify_account_slug()
+    RETURNS TRIGGER AS
+$$
+BEGIN
+    if NEW.slug is not null then
+        NEW.slug = lower(regexp_replace(NEW.slug, '[^a-zA-Z0-9-]+', '-', 'g'));
+    end if;
+
+    RETURN NEW;
+END
+$$ LANGUAGE plpgsql;
+
+-- trigger to slugify the account slug
+CREATE TRIGGER basejump_slugify_account_slug
+    BEFORE INSERT OR UPDATE
+    ON basejump.accounts
+    FOR EACH ROW
+EXECUTE FUNCTION basejump.slugify_account_slug();
+
+-- enable RLS for accounts
+alter table basejump.accounts
+    enable row level security;
+
+-- protect the timestamps
+CREATE TRIGGER basejump_set_accounts_timestamp
+    BEFORE INSERT OR UPDATE
+    ON basejump.accounts
+    FOR EACH ROW
+EXECUTE PROCEDURE basejump.trigger_set_timestamps();
+
+-- set the user tracking
+CREATE TRIGGER basejump_set_accounts_user_tracking
+    BEFORE INSERT OR UPDATE
+    ON basejump.accounts
+    FOR EACH ROW
+EXECUTE PROCEDURE basejump.trigger_set_user_tracking();
+
+/**
+  * Account users are the users that are associated with an account.
+  * They can be invited to join the account, and can have different roles.
+  * The system does not enforce any permissions for roles, other than restricting
+  * billing and account membership to only owners
+ */
+create table if not exists basejump.account_user
+(
+    -- id of the user in the account
+    user_id      uuid references auth.users on delete cascade        not null,
+    -- id of the account the user is in
+    account_id   uuid references basejump.accounts on delete cascade not null,
+    -- role of the user in the account
+    account_role basejump.account_role                               not null,
+    constraint account_user_pkey primary key (user_id, account_id)
+);
+
+GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE basejump.account_user TO authenticated, service_role;
+
+
+-- enable RLS for account_user
+alter table basejump.account_user
+    enable row level security;
+
+/**
+  * When an account gets created, we want to insert the current user as the first
+  * owner
+ */
+create or replace function basejump.add_current_user_to_new_account()
+    returns trigger
+    language plpgsql
+    security definer
+    set search_path = public
+as
+$$
+begin
+    if new.primary_owner_user_id = auth.uid() then
+        insert into basejump.account_user (account_id, user_id, account_role)
+        values (NEW.id, auth.uid(), 'owner');
+    end if;
+    return NEW;
+end;
+$$;
+
+-- trigger the function whenever a new account is created
+CREATE TRIGGER basejump_add_current_user_to_new_account
+    AFTER INSERT
+    ON basejump.accounts
+    FOR EACH ROW
+EXECUTE FUNCTION basejump.add_current_user_to_new_account();
+
+/**
+  * When a user signs up, we need to create a personal account for them
+  * and add them to the account_user table so they can act on it
+ */
+create or replace function basejump.run_new_user_setup()
+    returns trigger
+    language plpgsql
+    security definer
+    set search_path = public
+as
+$$
+declare
+    first_account_id    uuid;
+    generated_user_name text;
+begin
+
+    -- first we setup the user profile
+    -- TODO: see if we can get the user's name from the auth.users table once we learn how oauth works
+    if new.email IS NOT NULL then
+        generated_user_name := split_part(new.email, '@', 1);
+    end if;
+    -- create the new users's personal account
+    insert into basejump.accounts (name, primary_owner_user_id, personal_account, id)
+    values (generated_user_name, NEW.id, true, NEW.id)
+    returning id into first_account_id;
+
+    -- add them to the account_user table so they can act on it
+    insert into basejump.account_user (account_id, user_id, account_role)
+    values (first_account_id, NEW.id, 'owner');
+
+    return NEW;
+end;
+$$;
+
+-- trigger the function every time a user is created
+create trigger on_auth_user_created
+    after insert
+    on auth.users
+    for each row
+execute procedure basejump.run_new_user_setup();
+
+/**
+  * -------------------------------------------------------
+  * Section - Account permission utility functions
+  * -------------------------------------------------------
+  * These functions are stored on the basejump schema, and useful for things like
+  * generating RLS policies
+ */
+
+/**
+  * Returns true if the current user has the pass in role on the passed in account
+  * If no role is sent, will return true if the user is a member of the account
+  * NOTE: This is an inefficient function when used on large query sets. You should reach for the get_accounts_with_role and lookup
+  * the account ID in those cases.
+ */
+create or replace function basejump.has_role_on_account(account_id uuid, account_role basejump.account_role default null)
+    returns boolean
+    language sql
+    security definer
+    set search_path = public
+as
+$$
+select exists(
+               select 1
+               from basejump.account_user wu
+               where wu.user_id = auth.uid()
+                 and wu.account_id = has_role_on_account.account_id
+                 and (
+                           wu.account_role = has_role_on_account.account_role
+                       or has_role_on_account.account_role is null
+                   )
+           );
+$$;
+
+grant execute on function basejump.has_role_on_account(uuid, basejump.account_role) to authenticated, anon, public, service_role;
+
+
+/**
+  * Returns account_ids that the current user is a member of. If you pass in a role,
+  * it'll only return accounts that the user is a member of with that role.
+  */
+create or replace function basejump.get_accounts_with_role(passed_in_role basejump.account_role default null)
+    returns setof uuid
+    language sql
+    security definer
+    set search_path = public
+as
+$$
+select account_id
+from basejump.account_user wu
+where wu.user_id = auth.uid()
+  and (
+            wu.account_role = passed_in_role
+        or passed_in_role is null
+    );
+$$;
+
+grant execute on function basejump.get_accounts_with_role(basejump.account_role) to authenticated;
+
+/**
+  * -------------------------
+  * Section - RLS Policies
+  * -------------------------
+  * This is where we define access to tables in the basejump schema
+ */
+
+create policy "users can view their own account_users" on basejump.account_user
+    for select
+    to authenticated
+    using (
+    user_id = auth.uid()
+    );
+
+create policy "users can view their teammates" on basejump.account_user
+    for select
+    to authenticated
+    using (
+    basejump.has_role_on_account(account_id) = true
+    );
+
+create policy "Account users can be deleted by owners except primary account owner" on basejump.account_user
+    for delete
+    to authenticated
+    using (
+        (basejump.has_role_on_account(account_id, 'owner') = true)
+        AND
+        user_id != (select primary_owner_user_id
+                    from basejump.accounts
+                    where account_id = accounts.id)
+    );
+
+create policy "Accounts are viewable by members" on basejump.accounts
+    for select
+    to authenticated
+    using (
+    basejump.has_role_on_account(id) = true
+    );
+
+-- Primary owner should always have access to the account
+create policy "Accounts are viewable by primary owner" on basejump.accounts
+    for select
+    to authenticated
+    using (
+    primary_owner_user_id = auth.uid()
+    );
+
+create policy "Team accounts can be created by any user" on basejump.accounts
+    for insert
+    to authenticated
+    with check (
+            basejump.is_set('enable_team_accounts') = true
+        and personal_account = false
+    );
+
+
+create policy "Accounts can be edited by owners" on basejump.accounts
+    for update
+    to authenticated
+    using (
+    basejump.has_role_on_account(id, 'owner') = true
+    );
+
+/**
+  * -------------------------------------------------------
+  * Section - Public functions
+  * -------------------------------------------------------
+  * Each of these functions exists in the public name space because they are accessible
+  * via the API.  it is the primary way developers can interact with Basejump accounts
+ */
+
+/**
+* Returns the account_id for a given account slug
+*/
+
+create or replace function public.get_account_id(slug text)
+    returns uuid
+    language sql
+as
+$$
+select id
+from basejump.accounts
+where slug = get_account_id.slug;
+$$;
+
+grant execute on function public.get_account_id(text) to authenticated, service_role;
+
+/**
+ * Returns the current user's role within a given account_id
+*/
+create or replace function public.current_user_account_role(account_id uuid)
+    returns jsonb
+    language plpgsql
+as
+$$
+DECLARE
+    response jsonb;
+BEGIN
+
+    select jsonb_build_object(
+                   'account_role', wu.account_role,
+                   'is_primary_owner', a.primary_owner_user_id = auth.uid(),
+                   'is_personal_account', a.personal_account
+               )
+    into response
+    from basejump.account_user wu
+             join basejump.accounts a on a.id = wu.account_id
+    where wu.user_id = auth.uid()
+      and wu.account_id = current_user_account_role.account_id;
+
+    -- if the user is not a member of the account, throw an error
+    if response ->> 'account_role' IS NULL then
+        raise exception 'Not found';
+    end if;
+
+    return response;
+END
+$$;
+
+grant execute on function public.current_user_account_role(uuid) to authenticated;
+
+/**
+  * Let's you update a users role within an account if you are an owner of that account
+  **/
+create or replace function public.update_account_user_role(account_id uuid, user_id uuid,
+                                                           new_account_role basejump.account_role,
+                                                           make_primary_owner boolean default false)
+    returns void
+    security definer
+    set search_path = public
+    language plpgsql
+as
+$$
+declare
+    is_account_owner         boolean;
+    is_account_primary_owner boolean;
+    changing_primary_owner   boolean;
+begin
+    -- check if the user is an owner, and if they are, allow them to update the role
+    select basejump.has_role_on_account(update_account_user_role.account_id, 'owner') into is_account_owner;
+
+    if not is_account_owner then
+        raise exception 'You must be an owner of the account to update a users role';
+    end if;
+
+    -- check if the user being changed is the primary owner, if so its not allowed
+    select primary_owner_user_id = auth.uid(), primary_owner_user_id = update_account_user_role.user_id
+    into is_account_primary_owner, changing_primary_owner
+    from basejump.accounts
+    where id = update_account_user_role.account_id;
+
+    if changing_primary_owner = true and is_account_primary_owner = false then
+        raise exception 'You must be the primary owner of the account to change the primary owner';
+    end if;
+
+    update basejump.account_user au
+    set account_role = new_account_role
+    where au.account_id = update_account_user_role.account_id
+      and au.user_id = update_account_user_role.user_id;
+
+    if make_primary_owner = true then
+        -- first we see if the current user is the owner, only they can do this
+        if is_account_primary_owner = false then
+            raise exception 'You must be the primary owner of the account to change the primary owner';
+        end if;
+
+        update basejump.accounts
+        set primary_owner_user_id = update_account_user_role.user_id
+        where id = update_account_user_role.account_id;
+    end if;
+end;
+$$;
+
+grant execute on function public.update_account_user_role(uuid, uuid, basejump.account_role, boolean) to authenticated;
+
+/**
+  Returns the current user's accounts
+ */
+create or replace function public.get_accounts()
+    returns json
+    language sql
+as
+$$
+select coalesce(json_agg(
+                        json_build_object(
+                                'account_id', wu.account_id,
+                                'account_role', wu.account_role,
+                                'is_primary_owner', a.primary_owner_user_id = auth.uid(),
+                                'name', a.name,
+                                'slug', a.slug,
+                                'personal_account', a.personal_account,
+                                'created_at', a.created_at,
+                                'updated_at', a.updated_at
+                            )
+                    ), '[]'::json)
+from basejump.account_user wu
+         join basejump.accounts a on a.id = wu.account_id
+where wu.user_id = auth.uid();
+$$;
+
+grant execute on function public.get_accounts() to authenticated;
+
+/**
+  Returns a specific account that the current user has access to
+ */
+create or replace function public.get_account(account_id uuid)
+    returns json
+    language plpgsql
+as
+$$
+BEGIN
+    -- check if the user is a member of the account or a service_role user
+    if current_user IN ('anon', 'authenticated') and
+       (select current_user_account_role(get_account.account_id) ->> 'account_role' IS NULL) then
+        raise exception 'You must be a member of an account to access it';
+    end if;
+
+
+    return (select json_build_object(
+                           'account_id', a.id,
+                           'account_role', wu.account_role,
+                           'is_primary_owner', a.primary_owner_user_id = auth.uid(),
+                           'name', a.name,
+                           'slug', a.slug,
+                           'personal_account', a.personal_account,
+                           'billing_enabled', case
+                                                  when a.personal_account = true then
+                                                      config.enable_personal_account_billing
+                                                  else
+                                                      config.enable_team_account_billing
+                               end,
+                           'billing_status', bs.status,
+                           'created_at', a.created_at,
+                           'updated_at', a.updated_at,
+                           'metadata', a.public_metadata
+                       )
+            from basejump.accounts a
+                     left join basejump.account_user wu on a.id = wu.account_id and wu.user_id = auth.uid()
+                     join basejump.config config on true
+                     left join (select bs.account_id, status
+                                from basejump.billing_subscriptions bs
+                                where bs.account_id = get_account.account_id
+                                order by created desc
+                                limit 1) bs on bs.account_id = a.id
+            where a.id = get_account.account_id);
+END;
+$$;
+
+grant execute on function public.get_account(uuid) to authenticated, service_role;
+
+/**
+  Returns a specific account that the current user has access to
+ */
+create or replace function public.get_account_by_slug(slug text)
+    returns json
+    language plpgsql
+as
+$$
+DECLARE
+    internal_account_id uuid;
+BEGIN
+    select a.id
+    into internal_account_id
+    from basejump.accounts a
+    where a.slug IS NOT NULL
+      and a.slug = get_account_by_slug.slug;
+
+    return public.get_account(internal_account_id);
+END;
+$$;
+
+grant execute on function public.get_account_by_slug(text) to authenticated;
+
+/**
+  Returns the personal account for the current user
+ */
+create or replace function public.get_personal_account()
+    returns json
+    language plpgsql
+as
+$$
+BEGIN
+    return public.get_account(auth.uid());
+END;
+$$;
+
+grant execute on function public.get_personal_account() to authenticated;
+
+/**
+  * Create an account
+ */
+create or replace function public.create_account(slug text default null, name text default null)
+    returns json
+    language plpgsql
+as
+$$
+DECLARE
+    new_account_id uuid;
+BEGIN
+    insert into basejump.accounts (slug, name)
+    values (create_account.slug, create_account.name)
+    returning id into new_account_id;
+
+    return public.get_account(new_account_id);
+EXCEPTION
+    WHEN unique_violation THEN
+        raise exception 'An account with that unique ID already exists';
+END;
+$$;
+
+grant execute on function public.create_account(slug text, name text) to authenticated;
+
+/**
+  Update an account with passed in info. None of the info is required except for account ID.
+  If you don't pass in a value for a field, it will not be updated.
+  If you set replace_meta to true, the metadata will be replaced with the passed in metadata.
+  If you set replace_meta to false, the metadata will be merged with the passed in metadata.
+ */
+create or replace function public.update_account(account_id uuid, slug text default null, name text default null,
+                                                 public_metadata jsonb default null,
+                                                 replace_metadata boolean default false)
+    returns json
+    language plpgsql
+as
+$$
+BEGIN
+
+    -- check if postgres role is service_role
+    if current_user IN ('anon', 'authenticated') and
+       not (select current_user_account_role(update_account.account_id) ->> 'account_role' = 'owner') then
+        raise exception 'Only account owners can update an account';
+    end if;
+
+    update basejump.accounts accounts
+    set slug            = coalesce(update_account.slug, accounts.slug),
+        name            = coalesce(update_account.name, accounts.name),
+        public_metadata = case
+                              when update_account.public_metadata is null then accounts.public_metadata -- do nothing
+                              when accounts.public_metadata IS NULL then update_account.public_metadata -- set metadata
+                              when update_account.replace_metadata
+                                  then update_account.public_metadata -- replace metadata
+                              else accounts.public_metadata || update_account.public_metadata end -- merge metadata
+    where accounts.id = update_account.account_id;
+
+    return public.get_account(account_id);
+END;
+$$;
+
+grant execute on function public.update_account(uuid, text, text, jsonb, boolean) to authenticated, service_role;
+
+/**
+  Returns a list of current account members. Only account owners can access this function.
+  It's a security definer because it requries us to lookup personal_accounts for existing members so we can
+  get their names.
+ */
+create or replace function public.get_account_members(account_id uuid, results_limit integer default 50,
+                                                      results_offset integer default 0)
+    returns json
+    language plpgsql
+    security definer
+    set search_path = basejump
+as
+$$
+BEGIN
+
+    -- only account owners can access this function
+    if (select public.current_user_account_role(get_account_members.account_id) ->> 'account_role' <> 'owner') then
+        raise exception 'Only account owners can access this function';
+    end if;
+
+    return (select json_agg(
+                           json_build_object(
+                                   'user_id', wu.user_id,
+                                   'account_role', wu.account_role,
+                                   'name', p.name,
+                                   'email', u.email,
+                                   'is_primary_owner', a.primary_owner_user_id = wu.user_id
+                               )
+                       )
+            from basejump.account_user wu
+                     join basejump.accounts a on a.id = wu.account_id
+                     join basejump.accounts p on p.primary_owner_user_id = wu.user_id and p.personal_account = true
+                     join auth.users u on u.id = wu.user_id
+            where wu.account_id = get_account_members.account_id
+            limit coalesce(get_account_members.results_limit, 50) offset coalesce(get_account_members.results_offset, 0));
+END;
+$$;
+
+grant execute on function public.get_account_members(uuid, integer, integer) to authenticated;
+
+/**
+  Allows an owner of the account to remove any member other than the primary owner
+ */
+
+create or replace function public.remove_account_member(account_id uuid, user_id uuid)
+    returns void
+    language plpgsql
+as
+$$
+BEGIN
+    -- only account owners can access this function
+    if basejump.has_role_on_account(remove_account_member.account_id, 'owner') <> true then
+        raise exception 'Only account owners can access this function';
+    end if;
+
+    delete
+    from basejump.account_user wu
+    where wu.account_id = remove_account_member.account_id
+      and wu.user_id = remove_account_member.user_id;
+END;
+$$;
+
+grant execute on function public.remove_account_member(uuid, uuid) to authenticated;

20240414162100_basejump-invitations.sql

@@ -0,0 +1,270 @@
+/**
+  * -------------------------------------------------------
+  * Section - Invitations
+  * -------------------------------------------------------
+ */
+
+/**
+  * Invitations are sent to users to join a account
+  * They pre-define the role the user should have once they join
+ */
+create table if not exists basejump.invitations
+(
+    -- the id of the invitation
+    id                 uuid unique                                              not null default extensions.uuid_generate_v4(),
+    -- what role should invitation accepters be given in this account
+    account_role       basejump.account_role                                    not null,
+    -- the account the invitation is for
+    account_id         uuid references basejump.accounts (id) on delete cascade not null,
+    -- unique token used to accept the invitation
+    token              text unique                                              not null default basejump.generate_token(30),
+    -- who created the invitation
+    invited_by_user_id uuid references auth.users                               not null,
+    -- account name. filled in by a trigger
+    account_name       text,
+    -- when the invitation was last updated
+    updated_at         timestamp with time zone,
+    -- when the invitation was created
+    created_at         timestamp with time zone,
+    -- what type of invitation is this
+    invitation_type    basejump.invitation_type                                 not null,
+    primary key (id)
+);
+
+-- Open up access to invitations
+GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE basejump.invitations TO authenticated, service_role;
+
+-- manage timestamps
+CREATE TRIGGER basejump_set_invitations_timestamp
+    BEFORE INSERT OR UPDATE
+    ON basejump.invitations
+    FOR EACH ROW
+EXECUTE FUNCTION basejump.trigger_set_timestamps();
+
+/**
+  * This funciton fills in account info and inviting user email
+  * so that the recipient can get more info about the invitation prior to
+  * accepting.  It allows us to avoid complex permissions on accounts
+ */
+CREATE OR REPLACE FUNCTION basejump.trigger_set_invitation_details()
+    RETURNS TRIGGER AS
+$$
+BEGIN
+    NEW.invited_by_user_id = auth.uid();
+    NEW.account_name = (select name from basejump.accounts where id = NEW.account_id);
+    RETURN NEW;
+END
+$$ LANGUAGE plpgsql;
+
+CREATE TRIGGER basejump_trigger_set_invitation_details
+    BEFORE INSERT
+    ON basejump.invitations
+    FOR EACH ROW
+EXECUTE FUNCTION basejump.trigger_set_invitation_details();
+
+-- enable RLS on invitations
+alter table basejump.invitations
+    enable row level security;
+
+/**
+  * -------------------------
+  * Section - RLS Policies
+  * -------------------------
+  * This is where we define access to tables in the basejump schema
+ */
+
+ create policy "Invitations viewable by account owners" on basejump.invitations
+    for select
+    to authenticated
+    using (
+            created_at > (now() - interval '24 hours')
+        and
+            basejump.has_role_on_account(account_id, 'owner') = true
+    );
+
+
+create policy "Invitations can be created by account owners" on basejump.invitations
+    for insert
+    to authenticated
+    with check (
+    -- team accounts should be enabled
+            basejump.is_set('enable_team_accounts') = true
+        -- this should not be a personal account
+        and (SELECT personal_account
+             FROM basejump.accounts
+             WHERE id = account_id) = false
+        -- the inserting user should be an owner of the account
+        and
+            (basejump.has_role_on_account(account_id, 'owner') = true)
+    );
+
+create policy "Invitations can be deleted by account owners" on basejump.invitations
+    for delete
+    to authenticated
+    using (
+    basejump.has_role_on_account(account_id, 'owner') = true
+    );
+
+
+
+/**
+  * -------------------------------------------------------
+  * Section - Public functions
+  * -------------------------------------------------------
+  * Each of these functions exists in the public name space because they are accessible
+  * via the API.  it is the primary way developers can interact with Basejump accounts
+ */
+
+
+/**
+  Returns a list of currently active invitations for a given account
+ */
+
+create or replace function public.get_account_invitations(account_id uuid, results_limit integer default 25,
+                                                          results_offset integer default 0)
+    returns json
+    language plpgsql
+as
+$$
+BEGIN
+    -- only account owners can access this function
+    if (select public.current_user_account_role(get_account_invitations.account_id) ->> 'account_role' <> 'owner') then
+        raise exception 'Only account owners can access this function';
+    end if;
+
+    return (select json_agg(
+                           json_build_object(
+                                   'account_role', i.account_role,
+                                   'created_at', i.created_at,
+                                   'invitation_type', i.invitation_type,
+                                   'invitation_id', i.id
+                               )
+                       )
+            from basejump.invitations i
+            where i.account_id = get_account_invitations.account_id
+              and i.created_at > now() - interval '24 hours'
+            limit coalesce(get_account_invitations.results_limit, 25) offset coalesce(get_account_invitations.results_offset, 0));
+END;
+$$;
+
+grant execute on function public.get_account_invitations(uuid, integer, integer) to authenticated;
+
+
+/**
+  * Allows a user to accept an existing invitation and join a account
+  * This one exists in the public schema because we want it to be called
+  * using the supabase rpc method
+ */
+create or replace function public.accept_invitation(lookup_invitation_token text)
+    returns jsonb
+    language plpgsql
+    security definer set search_path = public, basejump
+as
+$$
+declare
+    lookup_account_id       uuid;
+    declare new_member_role basejump.account_role;
+    lookup_account_slug     text;
+begin
+    select i.account_id, i.account_role, a.slug
+    into lookup_account_id, new_member_role, lookup_account_slug
+    from basejump.invitations i
+             join basejump.accounts a on a.id = i.account_id
+    where i.token = lookup_invitation_token
+      and i.created_at > now() - interval '24 hours';
+
+    if lookup_account_id IS NULL then
+        raise exception 'Invitation not found';
+    end if;
+
+    if lookup_account_id is not null then
+        -- we've validated the token is real, so grant the user access
+        insert into basejump.account_user (account_id, user_id, account_role)
+        values (lookup_account_id, auth.uid(), new_member_role);
+        -- email types of invitations are only good for one usage
+        delete from basejump.invitations where token = lookup_invitation_token and invitation_type = 'one_time';
+    end if;
+    return json_build_object('account_id', lookup_account_id, 'account_role', new_member_role, 'slug',
+                             lookup_account_slug);
+EXCEPTION
+    WHEN unique_violation THEN
+        raise exception 'You are already a member of this account';
+end;
+$$;
+
+grant execute on function public.accept_invitation(text) to authenticated;
+
+
+/**
+  * Allows a user to lookup an existing invitation and join a account
+  * This one exists in the public schema because we want it to be called
+  * using the supabase rpc method
+ */
+create or replace function public.lookup_invitation(lookup_invitation_token text)
+    returns json
+    language plpgsql
+    security definer set search_path = public, basejump
+as
+$$
+declare
+    name              text;
+    invitation_active boolean;
+begin
+    select account_name,
+           case when id IS NOT NULL then true else false end as active
+    into name, invitation_active
+    from basejump.invitations
+    where token = lookup_invitation_token
+      and created_at > now() - interval '24 hours'
+    limit 1;
+    return json_build_object('active', coalesce(invitation_active, false), 'account_name', name);
+end;
+$$;
+
+grant execute on function public.lookup_invitation(text) to authenticated;
+
+
+/**
+  Allows a user to create a new invitation if they are an owner of an account
+ */
+create or replace function public.create_invitation(account_id uuid, account_role basejump.account_role,
+                                                    invitation_type basejump.invitation_type)
+    returns json
+    language plpgsql
+as
+$$
+declare
+    new_invitation basejump.invitations;
+begin
+    insert into basejump.invitations (account_id, account_role, invitation_type, invited_by_user_id)
+    values (account_id, account_role, invitation_type, auth.uid())
+    returning * into new_invitation;
+
+    return json_build_object('token', new_invitation.token);
+end
+$$;
+
+grant execute on function public.create_invitation(uuid, basejump.account_role, basejump.invitation_type) to authenticated;
+
+/**
+  Allows an owner to delete an existing invitation
+ */
+
+create or replace function public.delete_invitation(invitation_id uuid)
+    returns void
+    language plpgsql
+as
+$$
+begin
+    -- verify account owner for the invitation
+    if basejump.has_role_on_account(
+               (select account_id from basejump.invitations where id = delete_invitation.invitation_id), 'owner') <>
+       true then
+        raise exception 'Only account owners can delete invitations';
+    end if;
+
+    delete from basejump.invitations where id = delete_invitation.invitation_id;
+end
+$$;
+
+grant execute on function public.delete_invitation(uuid) to authenticated;

20240414162131_basejump-billing.sql

@@ -0,0 +1,236 @@
+/**
+  * -------------------------------------------------------
+  * Section - Billing
+  * -------------------------------------------------------
+ */
+
+/**
+* Subscription Status
+* Tracks the current status of the account subscription
+*/
+DO
+$$
+    BEGIN
+        IF NOT EXISTS(SELECT 1
+                      FROM pg_type t
+                               JOIN pg_namespace n ON n.oid = t.typnamespace
+                      WHERE t.typname = 'subscription_status'
+                        AND n.nspname = 'basejump') THEN
+            create type basejump.subscription_status as enum (
+                'trialing',
+                'active',
+                'canceled',
+                'incomplete',
+                'incomplete_expired',
+                'past_due',
+                'unpaid'
+                );
+        end if;
+    end;
+$$;
+
+
+/**
+ * Billing customer
+ * This is a private table that contains a mapping of user IDs to your billing providers IDs
+ */
+create table if not exists basejump.billing_customers
+(
+    -- UUID from auth.users
+    account_id uuid references basejump.accounts (id) on delete cascade not null,
+    -- The user's customer ID in Stripe. User must not be able to update this.
+    id         text primary key,
+    -- The email address the customer wants to use for invoicing
+    email      text,
+    -- The active status of a customer
+    active     boolean,
+    -- The billing provider the customer is using
+    provider   text
+);
+
+-- Open up access to billing_customers
+GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE basejump.billing_customers TO service_role;
+GRANT SELECT ON TABLE basejump.billing_customers TO authenticated;
+
+
+-- enable RLS for billing_customers
+alter table
+    basejump.billing_customers
+    enable row level security;
+
+/**
+  * Billing subscriptions
+  * This is a private table that contains a mapping of account IDs to your billing providers subscription IDs
+ */
+create table if not exists basejump.billing_subscriptions
+(
+    -- Subscription ID from Stripe, e.g. sub_1234.
+    id                   text primary key,
+    account_id           uuid references basejump.accounts (id) on delete cascade          not null,
+    billing_customer_id  text references basejump.billing_customers (id) on delete cascade not null,
+    -- The status of the subscription object, one of subscription_status type above.
+    status               basejump.subscription_status,
+    -- Set of key-value pairs, used to store additional information about the object in a structured format.
+    metadata             jsonb,
+    -- ID of the price that created this subscription.
+    price_id             text,
+    plan_name            text,
+    -- Quantity multiplied by the unit amount of the price creates the amount of the subscription. Can be used to charge multiple seats.
+    quantity             integer,
+    -- If true the subscription has been canceled by the user and will be deleted at the end of the billing period.
+    cancel_at_period_end boolean,
+    -- Time at which the subscription was created.
+    created              timestamp with time zone default timezone('utc' :: text, now())   not null,
+    -- Start of the current period that the subscription has been invoiced for.
+    current_period_start timestamp with time zone default timezone('utc' :: text, now())   not null,
+    -- End of the current period that the subscription has been invoiced for. At the end of this period, a new invoice will be created.
+    current_period_end   timestamp with time zone default timezone('utc' :: text, now())   not null,
+    -- If the subscription has ended, the timestamp of the date the subscription ended.
+    ended_at             timestamp with time zone default timezone('utc' :: text, now()),
+    -- A date in the future at which the subscription will automatically get canceled.
+    cancel_at            timestamp with time zone default timezone('utc' :: text, now()),
+    -- If the subscription has been canceled, the date of that cancellation. If the subscription was canceled with `cancel_at_period_end`, `canceled_at` will still reflect the date of the initial cancellation request, not the end of the subscription period when the subscription is automatically moved to a canceled state.
+    canceled_at          timestamp with time zone default timezone('utc' :: text, now()),
+    -- If the subscription has a trial, the beginning of that trial.
+    trial_start          timestamp with time zone default timezone('utc' :: text, now()),
+    -- If the subscription has a trial, the end of that trial.
+    trial_end            timestamp with time zone default timezone('utc' :: text, now()),
+    provider             text
+);
+
+-- Open up access to billing_subscriptions
+GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE basejump.billing_subscriptions TO service_role;
+GRANT SELECT ON TABLE basejump.billing_subscriptions TO authenticated;
+
+-- enable RLS for billing_subscriptions
+alter table
+    basejump.billing_subscriptions
+    enable row level security;
+
+/**
+  * -------------------------
+  * Section - RLS Policies
+  * -------------------------
+  * This is where we define access to tables in the basejump schema
+ */
+
+create policy "Can only view own billing customer data." on basejump.billing_customers for
+    select
+    using (
+    basejump.has_role_on_account(account_id) = true
+    );
+
+
+create policy "Can only view own billing subscription data." on basejump.billing_subscriptions for
+    select
+    using (
+    basejump.has_role_on_account(account_id) = true
+    );
+
+/**
+  * -------------------------------------------------------
+  * Section - Public functions
+  * -------------------------------------------------------
+  * Each of these functions exists in the public name space because they are accessible
+  * via the API.  it is the primary way developers can interact with Basejump accounts
+ */
+
+
+/**
+  * Returns the current billing status for an account
+ */
+CREATE OR REPLACE FUNCTION public.get_account_billing_status(account_id uuid)
+    RETURNS jsonb
+    security definer
+    set search_path = public, basejump
+AS
+$$
+DECLARE
+    result      jsonb;
+    role_result jsonb;
+BEGIN
+    select public.current_user_account_role(get_account_billing_status.account_id) into role_result;
+
+    select jsonb_build_object(
+                   'account_id', get_account_billing_status.account_id,
+                   'billing_subscription_id', s.id,
+                   'billing_enabled', case
+                                          when a.personal_account = true then config.enable_personal_account_billing
+                                          else config.enable_team_account_billing end,
+                   'billing_status', s.status,
+                   'billing_customer_id', c.id,
+                   'billing_provider', config.billing_provider,
+                   'billing_email',
+                   coalesce(c.email, u.email) -- if we don't have a customer email, use the user's email as a fallback
+               )
+    into result
+    from basejump.accounts a
+             join auth.users u on u.id = a.primary_owner_user_id
+             left join basejump.billing_subscriptions s on s.account_id = a.id
+             left join basejump.billing_customers c on c.account_id = coalesce(s.account_id, a.id)
+             join basejump.config config on true
+    where a.id = get_account_billing_status.account_id
+    order by s.created desc
+    limit 1;
+
+    return result || role_result;
+END;
+$$ LANGUAGE plpgsql;
+
+grant execute on function public.get_account_billing_status(uuid) to authenticated;
+
+/**
+  * Allow service accounts to upsert the billing data for an account
+ */
+CREATE OR REPLACE FUNCTION public.service_role_upsert_customer_subscription(account_id uuid,
+                                                                            customer jsonb default null,
+                                                                            subscription jsonb default null)
+    RETURNS void AS
+$$
+BEGIN
+    -- if the customer is not null, upsert the data into billing_customers, only upsert fields that are present in the jsonb object
+    if customer is not null then
+        insert into basejump.billing_customers (id, account_id, email, provider)
+        values (customer ->> 'id', service_role_upsert_customer_subscription.account_id, customer ->> 'billing_email',
+                (customer ->> 'provider'))
+        on conflict (id) do update
+            set email = customer ->> 'billing_email';
+    end if;
+
+    -- if the subscription is not null, upsert the data into billing_subscriptions, only upsert fields that are present in the jsonb object
+    if subscription is not null then
+        insert into basejump.billing_subscriptions (id, account_id, billing_customer_id, status, metadata, price_id,
+                                                    quantity, cancel_at_period_end, created, current_period_start,
+                                                    current_period_end, ended_at, cancel_at, canceled_at, trial_start,
+                                                    trial_end, plan_name, provider)
+        values (subscription ->> 'id', service_role_upsert_customer_subscription.account_id,
+                subscription ->> 'billing_customer_id', (subscription ->> 'status')::basejump.subscription_status,
+                subscription -> 'metadata',
+                subscription ->> 'price_id', (subscription ->> 'quantity')::int,
+                (subscription ->> 'cancel_at_period_end')::boolean,
+                (subscription ->> 'created')::timestamptz, (subscription ->> 'current_period_start')::timestamptz,
+                (subscription ->> 'current_period_end')::timestamptz, (subscription ->> 'ended_at')::timestamptz,
+                (subscription ->> 'cancel_at')::timestamptz,
+                (subscription ->> 'canceled_at')::timestamptz, (subscription ->> 'trial_start')::timestamptz,
+                (subscription ->> 'trial_end')::timestamptz,
+                subscription ->> 'plan_name', (subscription ->> 'provider'))
+        on conflict (id) do update
+            set billing_customer_id  = subscription ->> 'billing_customer_id',
+                status               = (subscription ->> 'status')::basejump.subscription_status,
+                metadata             = subscription -> 'metadata',
+                price_id             = subscription ->> 'price_id',
+                quantity             = (subscription ->> 'quantity')::int,
+                cancel_at_period_end = (subscription ->> 'cancel_at_period_end')::boolean,
+                current_period_start = (subscription ->> 'current_period_start')::timestamptz,
+                current_period_end   = (subscription ->> 'current_period_end')::timestamptz,
+                ended_at             = (subscription ->> 'ended_at')::timestamptz,
+                cancel_at            = (subscription ->> 'cancel_at')::timestamptz,
+                canceled_at          = (subscription ->> 'canceled_at')::timestamptz,
+                trial_start          = (subscription ->> 'trial_start')::timestamptz,
+                trial_end            = (subscription ->> 'trial_end')::timestamptz,
+                plan_name            = subscription ->> 'plan_name';
+    end if;
+end;
+$$ LANGUAGE plpgsql;
+
+GRANT EXECUTE ON FUNCTION public.service_role_upsert_customer_subscription(uuid, jsonb, jsonb) TO service_role;

20250409211903_basejump-configure.sql

@@ -0,0 +1,3 @@
+UPDATE basejump.config SET enable_team_accounts = TRUE;
+UPDATE basejump.config SET enable_personal_account_billing = TRUE;
+UPDATE basejump.config SET enable_team_account_billing = TRUE;

20250409212058_initial.sql

@@ -0,0 +1,189 @@
+-- Enable UUID extension
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
+
+-- Create devices table first
+CREATE TABLE public.devices (
+    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
+    account_id UUID NOT NULL,
+    name TEXT,
+    last_seen TIMESTAMP WITH TIME ZONE,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT now(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT now(),
+    is_online BOOLEAN DEFAULT FALSE,
+    CONSTRAINT fk_account FOREIGN KEY (account_id) REFERENCES basejump.accounts(id) ON DELETE CASCADE
+);
+
+-- Create recordings table
+CREATE TABLE public.recordings (
+    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
+    account_id UUID NOT NULL,
+    device_id UUID NOT NULL,
+    preprocessed_file_path TEXT,
+    meta JSONB,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT now(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT now(),
+    name TEXT,
+    ui_annotated BOOLEAN DEFAULT FALSE,
+    a11y_file_path TEXT,
+    audio_file_path TEXT,
+    action_annotated BOOLEAN DEFAULT FALSE,
+    raw_data_file_path TEXT,
+    metadata_file_path TEXT,
+    action_training_file_path TEXT,
+    CONSTRAINT fk_account FOREIGN KEY (account_id) REFERENCES basejump.accounts(id) ON DELETE CASCADE,
+    CONSTRAINT fk_device FOREIGN KEY (device_id) REFERENCES public.devices(id) ON DELETE CASCADE
+);
+
+-- Create indexes for foreign keys
+CREATE INDEX idx_recordings_account_id ON public.recordings(account_id);
+CREATE INDEX idx_recordings_device_id ON public.recordings(device_id);
+CREATE INDEX idx_devices_account_id ON public.devices(account_id);
+
+-- Add RLS policies (optional, can be customized as needed)
+ALTER TABLE public.recordings ENABLE ROW LEVEL SECURITY;
+ALTER TABLE public.devices ENABLE ROW LEVEL SECURITY;
+
+-- Create RLS policies for devices
+CREATE POLICY "Account members can delete their own devices"
+    ON public.devices FOR DELETE
+    USING (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can insert their own devices"
+    ON public.devices FOR INSERT
+    WITH CHECK (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can only access their own devices"
+    ON public.devices FOR ALL
+    USING (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can update their own devices"
+    ON public.devices FOR UPDATE
+    USING (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can view their own devices"
+    ON public.devices FOR SELECT
+    USING (basejump.has_role_on_account(account_id));
+
+-- Create RLS policies for recordings
+CREATE POLICY "Account members can delete their own recordings"
+    ON public.recordings FOR DELETE
+    USING (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can insert their own recordings"
+    ON public.recordings FOR INSERT
+    WITH CHECK (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can only access their own recordings"
+    ON public.recordings FOR ALL
+    USING (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can update their own recordings"
+    ON public.recordings FOR UPDATE
+    USING (basejump.has_role_on_account(account_id));
+
+CREATE POLICY "Account members can view their own recordings"
+    ON public.recordings FOR SELECT
+    USING (basejump.has_role_on_account(account_id));
+
+-- Note: For threads and messages, you might want different RLS policies
+-- depending on your application's requirements
+
+
+-- Also drop the old function signature
+DROP FUNCTION IF EXISTS transfer_device(UUID, UUID, TEXT);
+
+
+CREATE OR REPLACE FUNCTION transfer_device(
+  device_id UUID,      -- Parameter remains UUID
+  new_account_id UUID, -- Changed parameter name and implies new ownership target
+  device_name TEXT DEFAULT NULL
+)
+RETURNS SETOF devices AS $$
+DECLARE
+  device_exists BOOLEAN;
+  updated_device devices;
+BEGIN
+  -- Check if a device with the specified UUID exists
+  SELECT EXISTS (
+    SELECT 1 FROM devices WHERE id = device_id
+  ) INTO device_exists;
+
+  IF device_exists THEN
+    -- Device exists: update its account ownership and last_seen timestamp
+    UPDATE devices
+    SET
+      account_id = new_account_id, -- Update account_id instead of user_id
+      name = COALESCE(device_name, name),
+      last_seen = NOW()
+    WHERE id = device_id
+    RETURNING * INTO updated_device;
+
+    RETURN NEXT updated_device;
+  ELSE
+    -- Device doesn't exist; return nothing so the caller can handle creation
+    RETURN;
+  END IF;
+END;
+$$ LANGUAGE plpgsql SECURITY DEFINER;
+
+-- Grant execute permission so that authenticated users can call this function
+-- Updated function signature
+GRANT EXECUTE ON FUNCTION transfer_device(UUID, UUID, TEXT) TO authenticated;
+
+
+
+
+-- Create the ui_grounding bucket
+INSERT INTO storage.buckets (id, name, public)
+VALUES ('ui_grounding', 'ui_grounding', false)
+ON CONFLICT (id) DO NOTHING; -- Avoid error if bucket already exists
+
+-- Create the ui_grounding_trajs bucket
+INSERT INTO storage.buckets (id, name, public)
+VALUES ('ui_grounding_trajs', 'ui_grounding_trajs', false)
+ON CONFLICT (id) DO NOTHING; -- Avoid error if bucket already exists
+
+-- Create the recordings bucket
+INSERT INTO storage.buckets (id, name, public, file_size_limit, allowed_mime_types)
+VALUES ('recordings', 'recordings', false, null, null) -- Set file size limit and mime types as needed
+ON CONFLICT (id) DO NOTHING; -- Avoid error if bucket already exists
+
+
+-- RLS policies for the 'recordings' bucket
+-- Allow members to view files in accounts they belong to
+CREATE POLICY "Account members can select recording files"
+    ON storage.objects FOR SELECT
+    TO authenticated
+    USING (
+        bucket_id = 'recordings' AND
+        (storage.foldername(name))[1]::uuid IN (SELECT basejump.get_accounts_with_role())
+    );
+
+-- Allow members to insert files into accounts they belong to
+CREATE POLICY "Account members can insert recording files"
+    ON storage.objects FOR INSERT
+    TO authenticated
+    WITH CHECK (
+        bucket_id = 'recordings' AND
+        (storage.foldername(name))[1]::uuid IN (SELECT basejump.get_accounts_with_role())
+    );
+
+-- Allow members to update files in accounts they belong to
+CREATE POLICY "Account members can update recording files"
+    ON storage.objects FOR UPDATE
+    TO authenticated
+    USING (
+        bucket_id = 'recordings' AND
+        (storage.foldername(name))[1]::uuid IN (SELECT basejump.get_accounts_with_role())
+    );
+
+-- Allow members to delete files from accounts they belong to
+-- Consider restricting this further, e.g., to 'owner' role if needed:
+-- (storage.foldername(name))[1]::uuid IN (SELECT basejump.get_accounts_with_role('owner'))
+CREATE POLICY "Account members can delete recording files"
+    ON storage.objects FOR DELETE
+    TO authenticated
+    USING (
+        bucket_id = 'recordings' AND
+        (storage.foldername(name))[1]::uuid IN (SELECT basejump.get_accounts_with_role())
+    );

20250416133920_agentpress_schema.sql

@@ -0,0 +1,382 @@
+-- AGENTPRESS SCHEMA:
+-- Create projects table
+CREATE TABLE projects (
+    project_id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    name TEXT NOT NULL,
+    description TEXT,
+    account_id UUID NOT NULL REFERENCES basejump.accounts(id) ON DELETE CASCADE,
+    sandbox JSONB DEFAULT '{}'::jsonb,
+    is_public BOOLEAN DEFAULT FALSE,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL
+);
+
+-- Create threads table
+CREATE TABLE threads (
+    thread_id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    account_id UUID REFERENCES basejump.accounts(id) ON DELETE CASCADE,
+    project_id UUID REFERENCES projects(project_id) ON DELETE CASCADE,
+    is_public BOOLEAN DEFAULT FALSE,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL
+);
+
+-- Create messages table
+CREATE TABLE messages (
+    message_id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    thread_id UUID NOT NULL REFERENCES threads(thread_id) ON DELETE CASCADE,
+    type TEXT NOT NULL,
+    is_llm_message BOOLEAN NOT NULL DEFAULT TRUE,
+    content JSONB NOT NULL,
+    metadata JSONB DEFAULT '{}'::jsonb,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL
+);
+
+-- Create agent_runs table
+CREATE TABLE agent_runs (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    thread_id UUID NOT NULL REFERENCES threads(thread_id),
+    status TEXT NOT NULL DEFAULT 'running',
+    started_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL,
+    completed_at TIMESTAMP WITH TIME ZONE,
+    responses JSONB NOT NULL DEFAULT '[]'::jsonb, -- TO BE REMOVED, NOT USED 
+    error TEXT,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT TIMEZONE('utc'::text, NOW()) NOT NULL
+);
+
+-- Create updated_at trigger function
+CREATE OR REPLACE FUNCTION update_updated_at_column()
+RETURNS TRIGGER AS $$
+BEGIN
+    NEW.updated_at = TIMEZONE('utc'::text, NOW());
+    RETURN NEW;
+END;
+$$ language 'plpgsql';
+
+-- Create triggers for updated_at
+CREATE TRIGGER update_threads_updated_at
+    BEFORE UPDATE ON threads
+    FOR EACH ROW
+    EXECUTE FUNCTION update_updated_at_column();
+
+CREATE TRIGGER update_messages_updated_at
+    BEFORE UPDATE ON messages
+    FOR EACH ROW
+    EXECUTE FUNCTION update_updated_at_column();
+
+CREATE TRIGGER update_agent_runs_updated_at
+    BEFORE UPDATE ON agent_runs
+    FOR EACH ROW
+    EXECUTE FUNCTION update_updated_at_column();
+
+CREATE TRIGGER update_projects_updated_at
+    BEFORE UPDATE ON projects
+    FOR EACH ROW
+    EXECUTE FUNCTION update_updated_at_column();
+
+-- Create indexes for better query performance
+CREATE INDEX idx_threads_created_at ON threads(created_at);
+CREATE INDEX idx_threads_account_id ON threads(account_id);
+CREATE INDEX idx_threads_project_id ON threads(project_id);
+CREATE INDEX idx_agent_runs_thread_id ON agent_runs(thread_id);
+CREATE INDEX idx_agent_runs_status ON agent_runs(status);
+CREATE INDEX idx_agent_runs_created_at ON agent_runs(created_at);
+CREATE INDEX idx_projects_account_id ON projects(account_id);
+CREATE INDEX idx_projects_created_at ON projects(created_at);
+CREATE INDEX idx_messages_thread_id ON messages(thread_id);
+CREATE INDEX idx_messages_created_at ON messages(created_at);
+
+-- Enable Row Level Security
+ALTER TABLE threads ENABLE ROW LEVEL SECURITY;
+ALTER TABLE messages ENABLE ROW LEVEL SECURITY;
+ALTER TABLE agent_runs ENABLE ROW LEVEL SECURITY;
+ALTER TABLE projects ENABLE ROW LEVEL SECURITY;
+
+-- Project policies
+CREATE POLICY project_select_policy ON projects
+    FOR SELECT
+    USING (
+        is_public = TRUE OR
+        basejump.has_role_on_account(account_id) = true
+    );
+
+CREATE POLICY project_insert_policy ON projects
+    FOR INSERT
+    WITH CHECK (basejump.has_role_on_account(account_id) = true);
+
+CREATE POLICY project_update_policy ON projects
+    FOR UPDATE
+    USING (basejump.has_role_on_account(account_id) = true);
+
+CREATE POLICY project_delete_policy ON projects
+    FOR DELETE
+    USING (basejump.has_role_on_account(account_id) = true);
+
+-- Thread policies based on project and account ownership
+CREATE POLICY thread_select_policy ON threads
+    FOR SELECT
+    USING (
+        basejump.has_role_on_account(account_id) = true OR 
+        EXISTS (
+            SELECT 1 FROM projects
+            WHERE projects.project_id = threads.project_id
+            AND (
+                projects.is_public = TRUE OR
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY thread_insert_policy ON threads
+    FOR INSERT
+    WITH CHECK (
+        basejump.has_role_on_account(account_id) = true OR 
+        EXISTS (
+            SELECT 1 FROM projects
+            WHERE projects.project_id = threads.project_id
+            AND basejump.has_role_on_account(projects.account_id) = true
+        )
+    );
+
+CREATE POLICY thread_update_policy ON threads
+    FOR UPDATE
+    USING (
+        basejump.has_role_on_account(account_id) = true OR 
+        EXISTS (
+            SELECT 1 FROM projects
+            WHERE projects.project_id = threads.project_id
+            AND basejump.has_role_on_account(projects.account_id) = true
+        )
+    );
+
+CREATE POLICY thread_delete_policy ON threads
+    FOR DELETE
+    USING (
+        basejump.has_role_on_account(account_id) = true OR 
+        EXISTS (
+            SELECT 1 FROM projects
+            WHERE projects.project_id = threads.project_id
+            AND basejump.has_role_on_account(projects.account_id) = true
+        )
+    );
+
+-- Create policies for agent_runs based on thread ownership
+CREATE POLICY agent_run_select_policy ON agent_runs
+    FOR SELECT
+    USING (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = agent_runs.thread_id
+            AND (
+                projects.is_public = TRUE OR
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY agent_run_insert_policy ON agent_runs
+    FOR INSERT
+    WITH CHECK (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = agent_runs.thread_id
+            AND (
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY agent_run_update_policy ON agent_runs
+    FOR UPDATE
+    USING (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = agent_runs.thread_id
+            AND (
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY agent_run_delete_policy ON agent_runs
+    FOR DELETE
+    USING (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = agent_runs.thread_id
+            AND (
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+-- Create message policies based on thread ownership
+CREATE POLICY message_select_policy ON messages
+    FOR SELECT
+    USING (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = messages.thread_id
+            AND (
+                projects.is_public = TRUE OR
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY message_insert_policy ON messages
+    FOR INSERT
+    WITH CHECK (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = messages.thread_id
+            AND (
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY message_update_policy ON messages
+    FOR UPDATE
+    USING (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = messages.thread_id
+            AND (
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+CREATE POLICY message_delete_policy ON messages
+    FOR DELETE
+    USING (
+        EXISTS (
+            SELECT 1 FROM threads
+            LEFT JOIN projects ON threads.project_id = projects.project_id
+            WHERE threads.thread_id = messages.thread_id
+            AND (
+                basejump.has_role_on_account(threads.account_id) = true OR 
+                basejump.has_role_on_account(projects.account_id) = true
+            )
+        )
+    );
+
+-- Grant permissions to roles
+GRANT ALL PRIVILEGES ON TABLE projects TO authenticated, service_role;
+GRANT SELECT ON TABLE projects TO anon;
+GRANT SELECT ON TABLE threads TO authenticated, anon, service_role;
+GRANT SELECT ON TABLE messages TO authenticated, anon, service_role;
+GRANT ALL PRIVILEGES ON TABLE agent_runs TO authenticated, service_role;
+
+-- Create a function that matches the Python get_messages behavior
+CREATE OR REPLACE FUNCTION get_llm_formatted_messages(p_thread_id UUID)
+RETURNS JSONB
+SECURITY DEFINER -- Changed to SECURITY DEFINER to allow service role access
+LANGUAGE plpgsql
+AS $$
+DECLARE
+    messages_array JSONB := '[]'::JSONB;
+    has_access BOOLEAN;
+    current_role TEXT;
+    latest_summary_id UUID;
+    latest_summary_time TIMESTAMP WITH TIME ZONE;
+    is_project_public BOOLEAN;
+BEGIN
+    -- Get current role
+    SELECT current_user INTO current_role;
+    
+    -- Check if associated project is public
+    SELECT p.is_public INTO is_project_public
+    FROM threads t
+    LEFT JOIN projects p ON t.project_id = p.project_id
+    WHERE t.thread_id = p_thread_id;
+    
+    -- Skip access check for service_role or public projects
+    IF current_role = 'authenticated' AND NOT is_project_public THEN
+        -- Check if thread exists and user has access
+        SELECT EXISTS (
+            SELECT 1 FROM threads t
+            LEFT JOIN projects p ON t.project_id = p.project_id
+            WHERE t.thread_id = p_thread_id
+            AND (
+                basejump.has_role_on_account(t.account_id) = true OR 
+                basejump.has_role_on_account(p.account_id) = true
+            )
+        ) INTO has_access;
+        
+        IF NOT has_access THEN
+            RAISE EXCEPTION 'Thread not found or access denied';
+        END IF;
+    END IF;
+
+    -- Find the latest summary message if it exists
+    SELECT message_id, created_at
+    INTO latest_summary_id, latest_summary_time
+    FROM messages
+    WHERE thread_id = p_thread_id
+    AND type = 'summary'
+    AND is_llm_message = TRUE
+    ORDER BY created_at DESC
+    LIMIT 1;
+    
+    -- Log whether a summary was found (helpful for debugging)
+    IF latest_summary_id IS NOT NULL THEN
+        RAISE NOTICE 'Found latest summary message: id=%, time=%', latest_summary_id, latest_summary_time;
+    ELSE
+        RAISE NOTICE 'No summary message found for thread %', p_thread_id;
+    END IF;
+
+    -- Parse content if it's stored as a string and return proper JSON objects
+    WITH parsed_messages AS (
+        SELECT 
+            message_id,
+            CASE 
+                WHEN jsonb_typeof(content) = 'string' THEN content::text::jsonb
+                ELSE content
+            END AS parsed_content,
+            created_at,
+            type
+        FROM messages
+        WHERE thread_id = p_thread_id
+        AND is_llm_message = TRUE
+        AND (
+            -- Include the latest summary and all messages after it,
+            -- or all messages if no summary exists
+            latest_summary_id IS NULL 
+            OR message_id = latest_summary_id 
+            OR created_at > latest_summary_time
+        )
+        ORDER BY created_at
+    )
+    SELECT JSONB_AGG(parsed_content)
+    INTO messages_array
+    FROM parsed_messages;
+    
+    -- Handle the case when no messages are found
+    IF messages_array IS NULL THEN
+        RETURN '[]'::JSONB;
+    END IF;
+    
+    RETURN messages_array;
+END;
+$$;
+
+-- Grant execute permissions
+GRANT EXECUTE ON FUNCTION get_llm_formatted_messages TO authenticated, anon, service_role;

ActiveJobsProvider.py

@@ -0,0 +1,57 @@
+from typing import Dict
+
+from agent.tools.data_providers.RapidDataProviderBase import RapidDataProviderBase, EndpointSchema
+
+
+class ActiveJobsProvider(RapidDataProviderBase):
+    def __init__(self):
+        endpoints: Dict[str, EndpointSchema] = {
+            "active_jobs": {
+                "route": "/active-ats-7d",
+                "method": "GET",
+                "name": "Active Jobs Search",
+                "description": "Get active job listings with various filter options.",
+                "payload": {
+                    "limit": "Optional. Number of jobs per API call (10-100). Default is 100.",
+                    "offset": "Optional. Offset for pagination. Default is 0.",
+                    "title_filter": "Optional. Search terms for job title.",
+                    "advanced_title_filter": "Optional. Advanced title filter with operators (can't be used with title_filter).",
+                    "location_filter": "Optional. Filter by location(s). Use full names like 'United States' not 'US'.",
+                    "description_filter": "Optional. Filter on job description content.",
+                    "organization_filter": "Optional. Filter by company name(s).",
+                    "description_type": "Optional. Return format for description: 'text' or 'html'. Leave empty to exclude descriptions.",
+                    "source": "Optional. Filter by ATS source.",
+                    "date_filter": "Optional. Filter by posting date (greater than).",
+                    "ai_employment_type_filter": "Optional. Filter by employment type (FULL_TIME, PART_TIME, etc).",
+                    "ai_work_arrangement_filter": "Optional. Filter by work arrangement (On-site, Hybrid, Remote OK, Remote Solely).",
+                    "ai_experience_level_filter": "Optional. Filter by experience level (0-2, 2-5, 5-10, 10+).",
+                    "li_organization_slug_filter": "Optional. Filter by LinkedIn company slug.",
+                    "li_organization_slug_exclusion_filter": "Optional. Exclude LinkedIn company slugs.",
+                    "li_industry_filter": "Optional. Filter by LinkedIn industry.",
+                    "li_organization_specialties_filter": "Optional. Filter by LinkedIn company specialties.",
+                    "li_organization_description_filter": "Optional. Filter by LinkedIn company description."
+                }
+            }
+        }
+           
+        base_url = "https://active-jobs-db.p.rapidapi.com"
+        super().__init__(base_url, endpoints)
+
+
+if __name__ == "__main__":
+    from dotenv import load_dotenv
+    load_dotenv()
+    tool = ActiveJobsProvider()
+
+    # Example for searching active jobs
+    jobs = tool.call_endpoint(
+        route="active_jobs",
+        payload={
+            "limit": "10",
+            "offset": "0",
+            "title_filter": "\"Data Engineer\"",
+            "location_filter": "\"United States\" OR \"United Kingdom\"",
+            "description_type": "text"
+        }
+    )
+    print("Active Jobs:", jobs)

AmazonProvider.py

@@ -0,0 +1,191 @@
+from typing import Dict, Optional
+
+from agent.tools.data_providers.RapidDataProviderBase import RapidDataProviderBase, EndpointSchema
+
+
+class AmazonProvider(RapidDataProviderBase):
+    def __init__(self):
+        endpoints: Dict[str, EndpointSchema] = {
+            "search": {
+                "route": "/search",
+                "method": "GET",
+                "name": "Amazon Product Search",
+                "description": "Search for products on Amazon with various filters and parameters.",
+                "payload": {
+                    "query": "Search query (supports both free-form text queries or a product asin)",
+                    "page": "Results page to return (default: 1)",
+                    "country": "Sets the Amazon domain, marketplace country, language and currency (default: US)",
+                    "sort_by": "Return the results in a specific sort order (RELEVANCE, LOWEST_PRICE, HIGHEST_PRICE, REVIEWS, NEWEST, BEST_SELLERS)",
+                    "product_condition": "Return products in a specific condition (ALL, NEW, USED, RENEWED, COLLECTIBLE)",
+                    "is_prime": "Only return prime products (boolean)",
+                    "deals_and_discounts": "Return deals and discounts in a specific condition (NONE, ALL_DISCOUNTS, TODAYS_DEALS)",
+                    "category_id": "Find products in a specific category / department (optional)",
+                    "category": "Filter by specific numeric Amazon category (optional)",
+                    "min_price": "Only return product offers with price greater than a certain value (optional)",
+                    "max_price": "Only return product offers with price lower than a certain value (optional)",
+                    "brand": "Find products with a specific brand (optional)",
+                    "seller_id": "Find products sold by specific seller (optional)",
+                    "four_stars_and_up": "Return product listings with ratings of 4 stars & up (optional)",
+                    "additional_filters": "Any filters available on the Amazon page but not part of this endpoint's parameters (optional)"
+                }
+            },
+            "product-details": {
+                "route": "/product-details",
+                "method": "GET",
+                "name": "Amazon Product Details",
+                "description": "Get detailed information about specific Amazon products by ASIN.",
+                "payload": {
+                    "asin": "Product ASIN for which to get details. Supports batching of up to 10 ASINs in a single request, separated by comma.",
+                    "country": "Sets the Amazon domain, marketplace country, language and currency (default: US)",
+                    "more_info_query": "A query to search and get more info about the product as part of Product Information, Customer Q&As, and Customer Reviews (optional)",
+                    "fields": "A comma separated list of product fields to include in the response (field projection). By default all fields are returned. (optional)"
+                }
+            },
+            "products-by-category": {
+                "route": "/products-by-category",
+                "method": "GET",
+                "name": "Amazon Products by Category",
+                "description": "Get products from a specific Amazon category.",
+                "payload": {
+                    "category_id": "The Amazon category for which to return results. Multiple category values can be separated by comma.",
+                    "page": "Page to return (default: 1)",
+                    "country": "Sets the Amazon domain, marketplace country, language and currency (default: US)",
+                    "sort_by": "Return the results in a specific sort order (RELEVANCE, LOWEST_PRICE, HIGHEST_PRICE, REVIEWS, NEWEST, BEST_SELLERS)",
+                    "min_price": "Only return product offers with price greater than a certain value (optional)",
+                    "max_price": "Only return product offers with price lower than a certain value (optional)",
+                    "product_condition": "Return products in a specific condition (ALL, NEW, USED, RENEWED, COLLECTIBLE)",
+                    "brand": "Only return products of a specific brand. Multiple brands can be specified as a comma separated list (optional)",
+                    "is_prime": "Only return prime products (boolean)",
+                    "deals_and_discounts": "Return deals and discounts in a specific condition (NONE, ALL_DISCOUNTS, TODAYS_DEALS)",
+                    "four_stars_and_up": "Return product listings with ratings of 4 stars & up (optional)",
+                    "additional_filters": "Any filters available on the Amazon page but not part of this endpoint's parameters (optional)"
+                }
+            },
+            "product-reviews": {
+                "route": "/product-reviews",
+                "method": "GET",
+                "name": "Amazon Product Reviews",
+                "description": "Get customer reviews for a specific Amazon product by ASIN.",
+                "payload": {
+                    "asin": "Product asin for which to get reviews.",
+                    "country": "Sets the Amazon domain, marketplace country, language and currency (default: US)",
+                    "page": "Results page to return (default: 1)",
+                    "sort_by": "Return reviews in a specific sort order (TOP_REVIEWS, MOST_RECENT)",
+                    "star_rating": "Only return reviews with a specific star rating (ALL, 5_STARS, 4_STARS, 3_STARS, 2_STARS, 1_STARS, POSITIVE, CRITICAL)",
+                    "verified_purchases_only": "Only return reviews by reviewers who made a verified purchase (boolean)",
+                    "images_or_videos_only": "Only return reviews containing images and / or videos (boolean)",
+                    "current_format_only": "Only return reviews of the current format (product variant - e.g. Color) (boolean)"
+                }
+            },
+            "seller-profile": {
+                "route": "/seller-profile",
+                "method": "GET",
+                "name": "Amazon Seller Profile",
+                "description": "Get detailed information about a specific Amazon seller by Seller ID.",
+                "payload": {
+                    "seller_id": "The Amazon Seller ID for which to get seller profile details",
+                    "country": "Sets the Amazon domain, marketplace country, language and currency (default: US)",
+                    "fields": "A comma separated list of seller profile fields to include in the response (field projection). By default all fields are returned. (optional)"
+                }
+            },
+            "seller-reviews": {
+                "route": "/seller-reviews",
+                "method": "GET",
+                "name": "Amazon Seller Reviews",
+                "description": "Get customer reviews for a specific Amazon seller by Seller ID.",
+                "payload": {
+                    "seller_id": "The Amazon Seller ID for which to get seller reviews",
+                    "country": "Sets the Amazon domain, marketplace country, language and currency (default: US)",
+                    "star_rating": "Only return reviews with a specific star rating or positive / negative sentiment (ALL, 5_STARS, 4_STARS, 3_STARS, 2_STARS, 1_STARS, POSITIVE, CRITICAL)",
+                    "page": "The page of seller feedback results to retrieve (default: 1)",
+                    "fields": "A comma separated list of seller review fields to include in the response (field projection). By default all fields are returned. (optional)"
+                }
+            }
+        }
+        base_url = "https://real-time-amazon-data.p.rapidapi.com"
+        super().__init__(base_url, endpoints)
+
+
+if __name__ == "__main__":
+    from dotenv import load_dotenv
+    load_dotenv()
+    tool = AmazonProvider()
+
+    # Example for product search
+    search_result = tool.call_endpoint(
+        route="search",
+        payload={
+            "query": "Phone",
+            "page": 1,
+            "country": "US",
+            "sort_by": "RELEVANCE",
+            "product_condition": "ALL",
+            "is_prime": False,
+            "deals_and_discounts": "NONE"
+        }
+    )
+    print("Search Result:", search_result)
+    
+    # Example for product details
+    details_result = tool.call_endpoint(
+        route="product-details",
+        payload={
+            "asin": "B07ZPKBL9V",
+            "country": "US"
+        }
+    )
+    print("Product Details:", details_result)
+    
+    # Example for products by category
+    category_result = tool.call_endpoint(
+        route="products-by-category",
+        payload={
+            "category_id": "2478868012",
+            "page": 1,
+            "country": "US",
+            "sort_by": "RELEVANCE",
+            "product_condition": "ALL",
+            "is_prime": False,
+            "deals_and_discounts": "NONE"
+        }
+    )
+    print("Category Products:", category_result)
+    
+    # Example for product reviews
+    reviews_result = tool.call_endpoint(
+        route="product-reviews",
+        payload={
+            "asin": "B07ZPKN6YR",
+            "country": "US",
+            "page": 1,
+            "sort_by": "TOP_REVIEWS",
+            "star_rating": "ALL",
+            "verified_purchases_only": False,
+            "images_or_videos_only": False,
+            "current_format_only": False
+        }
+    )
+    print("Product Reviews:", reviews_result)
+    
+    # Example for seller profile
+    seller_result = tool.call_endpoint(
+        route="seller-profile",
+        payload={
+            "seller_id": "A02211013Q5HP3OMSZC7W",
+            "country": "US"
+        }
+    )
+    print("Seller Profile:", seller_result)
+    
+    # Example for seller reviews
+    seller_reviews_result = tool.call_endpoint(
+        route="seller-reviews",
+        payload={
+            "seller_id": "A02211013Q5HP3OMSZC7W",
+            "country": "US",
+            "star_rating": "ALL",
+            "page": 1
+        }
+    )
+    print("Seller Reviews:", seller_reviews_result)
+

AuthProvider.tsx

@@ -0,0 +1,75 @@
+"use client";
+
+import React, { createContext, useContext, useState, useEffect, ReactNode } from 'react';
+import { createClient } from '@/lib/supabase/client';
+import { User, Session } from '@supabase/supabase-js';
+import { SupabaseClient } from '@supabase/supabase-js';
+
+type AuthContextType = {
+  supabase: SupabaseClient;
+  session: Session | null;
+  user: User | null;
+  isLoading: boolean;
+  signOut: () => Promise<void>;
+};
+
+const AuthContext = createContext<AuthContextType | undefined>(undefined);
+
+export const AuthProvider = ({ children }: { children: ReactNode }) => {
+  const supabase = createClient();
+  const [session, setSession] = useState<Session | null>(null);
+  const [user, setUser] = useState<User | null>(null);
+  const [isLoading, setIsLoading] = useState(true);
+
+  useEffect(() => {
+    const getInitialSession = async () => {
+      const { data: { session: currentSession } } = await supabase.auth.getSession();
+      setSession(currentSession);
+      setUser(currentSession?.user ?? null);
+      setIsLoading(false);
+    };
+
+    getInitialSession();
+
+    const { data: authListener } = supabase.auth.onAuthStateChange(
+      (_event, newSession) => {
+        setSession(newSession);
+        setUser(newSession?.user ?? null);
+        // No need to set loading state here as initial load is done
+        // and subsequent changes shouldn't show a loading state for the whole app
+        if (isLoading) setIsLoading(false);
+      }
+    );
+
+    return () => {
+      authListener?.subscription.unsubscribe();
+    };
+  }, [supabase, isLoading]); // Added isLoading to dependencies to ensure it runs once after initial load completes
+
+  const signOut = async () => {
+    await supabase.auth.signOut();
+    // State updates will be handled by onAuthStateChange
+  };
+
+  const value = {
+    supabase,
+    session,
+    user,
+    isLoading,
+    signOut,
+  };
+
+  return (
+    <AuthContext.Provider value={value}>
+      {children}
+    </AuthContext.Provider>
+  );
+};
+
+export const useAuth = (): AuthContextType => {
+  const context = useContext(AuthContext);
+  if (context === undefined) {
+    throw new Error('useAuth must be used within an AuthProvider');
+  }
+  return context;
+}; 

BrowserToolView.tsx

@@ -0,0 +1,195 @@
+import React, { useMemo } from "react";
+import { Globe, MonitorPlay, ExternalLink, CheckCircle, AlertTriangle, CircleDashed } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractBrowserUrl, extractBrowserOperation, formatTimestamp, getToolTitle } from "./utils";
+import { ApiMessageType } from '@/components/thread/types';
+import { safeJsonParse } from '@/components/thread/utils';
+import { cn } from "@/lib/utils";
+
+export function BrowserToolView({ 
+  name = "browser-operation",
+  assistantContent, 
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false,
+  project,
+  agentStatus = 'idle',
+  messages = [],
+  currentIndex = 0,
+  totalCalls = 1
+}: ToolViewProps) {
+  const url = extractBrowserUrl(assistantContent);
+  const operation = extractBrowserOperation(name);
+  const toolTitle = getToolTitle(name);
+  
+  // --- message_id Extraction Logic --- 
+  let browserStateMessageId: string | undefined;
+  
+  try {
+    // 1. Parse the top-level JSON
+    const topLevelParsed = safeJsonParse<{ content?: string }>(toolContent, {});
+    const innerContentString = topLevelParsed?.content;
+
+    if (innerContentString && typeof innerContentString === 'string') {
+      // 2. Extract the output='...' string using regex
+      const outputMatch = innerContentString.match(/\boutput='(.*?)'(?=\s*\))/);
+      const outputString = outputMatch ? outputMatch[1] : null;
+
+      if (outputString) {
+        // 3. Unescape the JSON string (basic unescaping for \n and \")
+        const unescapedOutput = outputString.replace(/\\n/g, '\n').replace(/\\"/g, '"');
+        
+        // 4. Parse the unescaped JSON to get message_id
+        const finalParsedOutput = safeJsonParse<{ message_id?: string }>(unescapedOutput, {});
+        browserStateMessageId = finalParsedOutput?.message_id;
+      }
+    }
+  } catch (error) {
+    console.error("[BrowserToolView] Error parsing tool content for message_id:", error);
+  }
+
+  // Find the browser_state message and extract the screenshot
+  let screenshotBase64: string | null = null;
+  if (browserStateMessageId && messages.length > 0) {
+    const browserStateMessage = messages.find(msg => 
+        (msg.type as string) === 'browser_state' && 
+        msg.message_id === browserStateMessageId
+    );
+    
+    if (browserStateMessage) {
+        const browserStateContent = safeJsonParse<{ screenshot_base64?: string }>(browserStateMessage.content, {});
+        screenshotBase64 = browserStateContent?.screenshot_base64 || null;
+    }
+  }
+  
+  // Check if we have a VNC preview URL from the project
+  const vncPreviewUrl = project?.sandbox?.vnc_preview ? 
+    `${project.sandbox.vnc_preview}/vnc_lite.html?password=${project?.sandbox?.pass}&autoconnect=true&scale=local&width=1024&height=768` : 
+    undefined;
+  
+  const isRunning = isStreaming || agentStatus === 'running';
+  const isLastToolCall = currentIndex === (totalCalls - 1);
+  
+  // Memoize the VNC iframe to prevent reconnections on re-renders
+  const vncIframe = useMemo(() => {
+    if (!vncPreviewUrl) return null;
+    
+    console.log("[BrowserToolView] Creating memoized VNC iframe with URL:", vncPreviewUrl);
+    
+    return (
+      <iframe
+        src={vncPreviewUrl}
+        title="Browser preview"
+        className="w-full h-full border-0 flex-1"
+      />
+    );
+  }, [vncPreviewUrl]); // Only recreate if the URL changes
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          <div className="bg-zinc-100 dark:bg-zinc-900 p-2 flex items-center justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <MonitorPlay className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">Browser Window</span>
+            </div>
+            {url && (
+              <div className="text-xs font-mono text-zinc-500 dark:text-zinc-400 truncate max-w-[340px]">
+                {url}
+              </div>
+            )}
+          </div>
+          
+          {/* Preview Logic */}
+          <div className="flex-1 flex items-stretch bg-black">
+            {isLastToolCall ? (
+              // Only show live sandbox or fallback to sandbox for the last tool call
+              isRunning && vncIframe ? (
+                // Use the memoized iframe for live preview
+                vncIframe
+              ) : screenshotBase64 ? (
+                <div className="flex items-center justify-center w-full h-full max-h-[650px] overflow-auto">
+                  <img 
+                    src={`data:image/jpeg;base64,${screenshotBase64}`} 
+                    alt="Browser Screenshot"
+                    className="max-w-full max-h-full object-contain"
+                  />
+                </div>
+              ) : vncIframe ? (
+                // Use the memoized iframe
+                vncIframe
+              ) : (
+                <div className="p-8 flex flex-col items-center justify-center w-full bg-zinc-50 dark:bg-zinc-900 text-zinc-700 dark:text-zinc-400">
+                  <MonitorPlay className="h-12 w-12 mb-3 opacity-40" />
+                  <p className="text-sm font-medium">Browser preview not available</p>
+                  {url && (
+                    <a 
+                      href={url} 
+                      target="_blank" 
+                      rel="noopener noreferrer"
+                      className="mt-3 flex items-center text-blue-600 dark:text-blue-500 hover:text-blue-500 dark:hover:text-blue-400 hover:underline"
+                    >
+                      Visit URL <ExternalLink className="h-3 w-3 ml-1" />
+                    </a>
+                  )}
+                </div>
+              )
+            ) : (
+              // For non-last tool calls, only show screenshot if available, otherwise show "No Browser State image found"
+              screenshotBase64 ? (
+                <div className="flex items-center justify-center w-full h-full max-h-[650px] overflow-auto">
+                  <img 
+                    src={`data:image/jpeg;base64,${screenshotBase64}`} 
+                    alt="Browser Screenshot"
+                    className="max-w-full max-h-full object-contain"
+                  />
+                </div>
+              ) : (
+                <div className="p-8 flex flex-col items-center justify-center w-full bg-zinc-50 dark:bg-zinc-900 text-zinc-700 dark:text-zinc-400">
+                  <MonitorPlay className="h-12 w-12 mb-3 opacity-40" />
+                  <p className="text-sm font-medium">No Browser State image found</p>
+                </div>
+              )
+            )}
+          </div>
+        </div>
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isRunning && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? `${operation} completed successfully` : `${operation} failed`}
+              </span>
+            </div>
+          )}
+          
+          {isRunning && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Executing browser action...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isRunning 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

CommandToolView.tsx

@@ -0,0 +1,208 @@
+import React from "react";
+import { Terminal, CheckCircle, AlertTriangle, CircleDashed } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractCommand, extractCommandOutput, extractExitCode, formatTimestamp, getToolTitle } from "./utils";
+import { cn } from "@/lib/utils";
+
+export function CommandToolView({ 
+  name = "execute-command",
+  assistantContent, 
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false
+}: ToolViewProps) {
+  // Extract command with improved XML parsing
+  const rawCommand = React.useMemo(() => {
+    if (!assistantContent) return null;
+    
+    try {
+      // Try to parse JSON content first
+      const parsed = JSON.parse(assistantContent);
+      if (parsed.content) {
+        // Look for execute-command tag
+        const commandMatch = parsed.content.match(/<execute-command[^>]*>([\s\S]*?)<\/execute-command>/);
+        if (commandMatch) {
+          return commandMatch[1].trim();
+        }
+      }
+    } catch (e) {
+      // If JSON parsing fails, try direct XML extraction
+      const commandMatch = assistantContent.match(/<execute-command[^>]*>([\s\S]*?)<\/execute-command>/);
+      if (commandMatch) {
+        return commandMatch[1].trim();
+      }
+    }
+    
+    return null;
+  }, [assistantContent]);
+
+  // Clean the command by removing any leading/trailing whitespace and newlines
+  const command = rawCommand
+    ?.replace(/^suna@computer:~\$\s*/g, '') // Remove prompt prefix
+    ?.replace(/\\n/g, '') // Remove escaped newlines
+    ?.replace(/\n/g, '') // Remove actual newlines
+    ?.trim(); // Clean up any remaining whitespace
+  
+  // Extract and clean the output with improved parsing
+  const output = React.useMemo(() => {
+    if (!toolContent) return null;
+    
+    try {
+      // Try to parse JSON content first
+      const parsed = JSON.parse(toolContent);
+      if (parsed.content) {
+        // Look for tool_result tag
+        const toolResultMatch = parsed.content.match(/<tool_result>\s*<execute-command>([\s\S]*?)<\/execute-command>\s*<\/tool_result>/);
+        if (toolResultMatch) {
+          return toolResultMatch[1].trim();
+        }
+        
+        // Look for output field in a ToolResult pattern
+        const outputMatch = parsed.content.match(/ToolResult\(.*?output='([\s\S]*?)'.*?\)/);
+        if (outputMatch) {
+          return outputMatch[1].replace(/\\n/g, '\n').replace(/\\"/g, '"');
+        }
+        
+        // Try to parse as direct JSON
+        try {
+          const outputJson = JSON.parse(parsed.content);
+          if (outputJson.output) {
+            return outputJson.output;
+          }
+        } catch (e) {
+          // If JSON parsing fails, use the content as-is
+          return parsed.content;
+        }
+      }
+    } catch (e) {
+      // If JSON parsing fails, try direct XML extraction
+      const toolResultMatch = toolContent.match(/<tool_result>\s*<execute-command>([\s\S]*?)<\/execute-command>\s*<\/tool_result>/);
+      if (toolResultMatch) {
+        return toolResultMatch[1].trim();
+      }
+      
+      const outputMatch = toolContent.match(/ToolResult\(.*?output='([\s\S]*?)'.*?\)/);
+      if (outputMatch) {
+        return outputMatch[1].replace(/\\n/g, '\n').replace(/\\"/g, '"');
+      }
+    }
+    
+    return toolContent;
+  }, [toolContent]);
+  
+  const exitCode = extractExitCode(toolContent);
+  const toolTitle = getToolTitle(name);
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <Terminal className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">Terminal</span>
+            </div>
+            {exitCode !== null && !isStreaming && (
+              <span className={cn(
+                "text-xs flex items-center",
+                isSuccess ? "text-emerald-600 dark:text-emerald-400" : "text-red-600 dark:text-red-400"
+              )}>
+                <span className="h-1.5 w-1.5 rounded-full mr-1.5 bg-current"></span>
+                Exit: {exitCode}
+              </span>
+            )}
+          </div>
+          
+          <div className="terminal-container flex-1 overflow-auto bg-black text-zinc-300 font-mono">
+            <div className="p-3 text-xs">
+              {command && output && !isStreaming && (
+                <div className="space-y-2">
+                  <div className="flex items-start">
+                    <span className="text-emerald-400 shrink-0 mr-2">suna@computer:~$</span>
+                    <span className="text-zinc-300">{command}</span>
+                  </div>
+                  
+                  <div className="whitespace-pre-wrap break-words text-zinc-400 pl-0">
+                    {output}
+                  </div>
+                  
+                  {isSuccess && <div className="text-emerald-400 mt-1">suna@computer:~$ _</div>}
+                </div>
+              )}
+              
+              {command && !output && !isStreaming && (
+                <div className="space-y-2">
+                  <div className="flex items-start">
+                    <span className="text-emerald-400 shrink-0 mr-2">suna@computer:~$</span>
+                    <span className="text-zinc-300">{command}</span>
+                  </div>
+                  <div className="flex items-center h-4">
+                    <div className="w-2 h-4 bg-zinc-500 animate-pulse"></div>
+                  </div>
+                </div>
+              )}
+              
+              {!command && !output && !isStreaming && (
+                <div className="flex items-start">
+                  <span className="text-emerald-400 shrink-0 mr-2">suna@computer:~$</span>
+                  <span className="w-2 h-4 bg-zinc-500 animate-pulse"></span>
+                </div>
+              )}
+              
+              {isStreaming && (
+                <div className="space-y-2">
+                  <div className="flex items-start">
+                    <span className="text-emerald-400 shrink-0 mr-2">suna@computer:~$</span>
+                    <span className="text-zinc-300">{command || 'running command...'}</span>
+                  </div>
+                  <div className="flex items-center gap-2 text-zinc-400">
+                    <CircleDashed className="h-3 w-3 animate-spin text-blue-400" />
+                    <span>Command execution in progress...</span>
+                  </div>
+                </div>
+              )}
+            </div>
+          </div>
+        </div>
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess 
+                  ? `Command completed successfully${exitCode !== null ? ` (exit code: ${exitCode})` : ''}` 
+                  : `Command failed${exitCode !== null ? ` with exit code ${exitCode}` : ''}`}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Executing command...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 
+

DataProviderToolView.tsx

@@ -0,0 +1,229 @@
+import React from "react";
+import { ToolViewProps } from "./types";
+import { formatTimestamp, getToolTitle } from "./utils";
+import { getToolIcon } from "../utils";
+import { CircleDashed, CheckCircle, AlertTriangle, Network, Database } from "lucide-react";
+import { cn } from "@/lib/utils";
+
+export function DataProviderToolView({ 
+  name = 'unknown', 
+  assistantContent, 
+  toolContent, 
+  isSuccess = true, 
+  isStreaming = false,
+  assistantTimestamp, 
+  toolTimestamp 
+}: ToolViewProps) {
+  const toolTitle = getToolTitle(name);
+  const Icon = getToolIcon(name) || Network;
+  
+  // Extract data from the assistant content (request)
+  const extractRequest = React.useMemo(() => {
+    if (!assistantContent) return null;
+    
+    try {
+      // Parse assistant content as JSON
+      const parsed = JSON.parse(assistantContent);
+      
+      if (parsed.content) {
+        // Try to extract content from service name and route
+        const serviceMatch = parsed.content.match(/service_name=\\?"([^"\\]+)\\?"/);
+        const routeMatch = parsed.content.match(/route=\\?"([^"\\]+)\\?"/);
+        
+        // For execute-data-provider-call, also extract the payload
+        let payload = null;
+        if (name === 'execute-data-provider-call') {
+          const payloadMatch = parsed.content.match(/{([^}]+)}/);
+          if (payloadMatch) {
+            try {
+              // Try to parse the payload JSON
+              payload = JSON.parse(`{${payloadMatch[1]}}`);
+            } catch (e) {
+              payload = payloadMatch[1];
+            }
+          }
+        }
+        
+        return {
+          service: serviceMatch ? serviceMatch[1] : undefined,
+          route: routeMatch ? routeMatch[1] : undefined,
+          payload
+        };
+      }
+    } catch (e) {
+      console.error("Error parsing assistant content:", e);
+    }
+    
+    return null;
+  }, [assistantContent, name]);
+  
+  // Parse the tool response
+  const parsedResponse = React.useMemo(() => {
+    if (!toolContent || isStreaming) return null;
+    
+    try {
+      // Extract content from tool_result tags if present
+      const toolResultMatch = toolContent.match(/<tool_result>\s*<[^>]+>([\s\S]*?)<\/[^>]+>\s*<\/tool_result>/);
+      let contentToFormat = toolResultMatch ? toolResultMatch[1] : toolContent;
+      
+      // Look for a ToolResult pattern
+      const toolResultOutputMatch = contentToFormat.match(/ToolResult\(success=.+?, output='([\s\S]*?)'\)/);
+      if (toolResultOutputMatch) {
+        contentToFormat = toolResultOutputMatch[1];
+      }
+      
+      // Try to parse as JSON for pretty formatting
+      try {
+        // Replace escaped quotes and newlines
+        contentToFormat = contentToFormat.replace(/\\"/g, '"').replace(/\\n/g, '\n');
+        const parsedJson = JSON.parse(contentToFormat);
+        return JSON.stringify(parsedJson, null, 2);
+      } catch (e) {
+        // If not valid JSON, return as is
+        return contentToFormat;
+      }
+    } catch (e) {
+      return toolContent;
+    }
+  }, [toolContent, isStreaming]);
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          {/* Header - exactly like other tool views */}
+          <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <Database className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">{toolTitle}</span>
+            </div>
+            
+            {!isStreaming && (
+              <span className={cn(
+                "text-xs flex items-center",
+                isSuccess ? "text-emerald-600 dark:text-emerald-400" : "text-red-600 dark:text-red-400"
+              )}>
+                <span className="h-1.5 w-1.5 rounded-full mr-1.5 bg-current"></span>
+                {isSuccess ? 'Success' : 'Failed'}
+              </span>
+            )}
+          </div>
+          
+          {/* Request Info Bar - match style with file paths in other tools */}
+          {extractRequest && (
+            <div className="px-3 py-2 border-b border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900">
+              <code className="text-xs font-mono text-zinc-700 dark:text-zinc-300">
+                {extractRequest.service}{extractRequest.route && `/${extractRequest.route}`}
+              </code>
+            </div>
+          )}
+
+          {/* Content Container */}
+          {!isStreaming ? (
+            <div className="flex-1 bg-white dark:bg-zinc-950 font-mono text-sm">
+              <div className="p-3">
+                {/* Request section - show payload if available */}
+                {extractRequest?.payload && (
+                  <div className="mb-4">
+                    <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-2">Request Payload</div>
+                    <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                      <pre className="p-3 text-xs overflow-auto whitespace-pre-wrap text-zinc-800 dark:text-zinc-300 font-mono">
+                        {typeof extractRequest.payload === 'object' 
+                          ? JSON.stringify(extractRequest.payload, null, 2) 
+                          : extractRequest.payload}
+                      </pre>
+                    </div>
+                  </div>
+                )}
+                
+                {/* Response section */}
+                {parsedResponse && (
+                  <div>
+                    <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-2">Response Data</div>
+                    <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                      <pre className="p-3 text-xs overflow-auto whitespace-pre-wrap text-zinc-800 dark:text-zinc-300 font-mono">
+                        {parsedResponse}
+                      </pre>
+                    </div>
+                  </div>
+                )}
+                
+                {/* Show raw data if parsed content isn't available */}
+                {!extractRequest?.payload && !parsedResponse && assistantContent && (
+                  <div className="mb-4">
+                    <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-2">Raw Request</div>
+                    <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                      <pre className="p-3 text-xs overflow-auto whitespace-pre-wrap text-zinc-800 dark:text-zinc-300 font-mono">
+                        {assistantContent}
+                      </pre>
+                    </div>
+                  </div>
+                )}
+                
+                {!parsedResponse && toolContent && (
+                  <div>
+                    <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-2">Raw Response</div>
+                    <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                      <pre className="p-3 text-xs overflow-auto whitespace-pre-wrap text-zinc-800 dark:text-zinc-300 font-mono">
+                        {toolContent}
+                      </pre>
+                    </div>
+                  </div>
+                )}
+              </div>
+            </div>
+          ) : (
+            <div className="flex-1 bg-white dark:bg-zinc-950 flex items-center justify-center">
+              <div className="text-center p-6">
+                <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">
+                  Processing {name.toLowerCase()} operation...
+                </p>
+                {extractRequest?.service && extractRequest?.route && (
+                  <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400 font-mono">
+                    {extractRequest.service}/{extractRequest.route}
+                  </p>
+                )}
+              </div>
+            </div>
+          )}
+        </div>
+      </div>
+      
+      {/* Footer - exactly like other tool views */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess 
+                  ? `${toolTitle} completed successfully` 
+                  : `${toolTitle} operation failed`}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Executing {toolTitle.toLowerCase()}...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

Dockerfile

@@ -0,0 +1,32 @@
+FROM node:20-slim
+
+WORKDIR /app
+
+# Copy package files first for better layer caching
+COPY package*.json ./
+
+# Install build dependencies for node-gyp
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    python3 \
+    make \
+    g++ \
+    build-essential \
+    pkg-config \
+    libcairo2-dev \
+    libpango1.0-dev \
+    libjpeg-dev \
+    libgif-dev \
+    librsvg2-dev \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN npm install
+
+# Copy the frontend code
+COPY . .
+
+RUN npm run build
+
+EXPOSE 3000
+
+# Default command is dev, but can be overridden in docker-compose
+CMD ["npm", "start"]

ExposePortToolView.tsx

@@ -0,0 +1,194 @@
+import React from "react";
+import { ToolViewProps } from "./types";
+import { formatTimestamp } from "./utils";
+import { ExternalLink, CheckCircle, AlertTriangle } from "lucide-react";
+import { Markdown } from "@/components/ui/markdown";
+import { cn } from "@/lib/utils";
+
+export function ExposePortToolView({ 
+  name = 'expose-port', 
+  assistantContent, 
+  toolContent, 
+  isSuccess = true, 
+  isStreaming = false,
+  assistantTimestamp, 
+  toolTimestamp 
+}: ToolViewProps) {
+  console.log('ExposePortToolView:', { 
+    name, 
+    assistantContent, 
+    toolContent, 
+    isSuccess, 
+    isStreaming, 
+    assistantTimestamp, 
+    toolTimestamp 
+  });
+
+  // Parse the assistant content
+  const parsedAssistantContent = React.useMemo(() => {
+    if (!assistantContent) return null;
+    try {
+      const parsed = JSON.parse(assistantContent);
+      return parsed.content;
+    } catch (e) {
+      console.error('Failed to parse assistant content:', e);
+      return null;
+    }
+  }, [assistantContent]);
+
+  // Parse the tool result
+  const toolResult = React.useMemo(() => {
+    if (!toolContent) return null;
+    try {
+      // First parse the outer JSON
+      const parsed = JSON.parse(toolContent);
+      // Then extract the tool result content
+      const match = parsed.content.match(/output='(.*?)'/);
+      if (match) {
+        const jsonStr = match[1]
+          .replace(/\\n/g, '')
+          .replace(/\\"/g, '"');
+        return JSON.parse(jsonStr);
+      }
+      return null;
+    } catch (e) {
+      console.error('Failed to parse tool content:', e);
+      return null;
+    }
+  }, [toolContent]);
+
+  // Extract port number from assistant content
+  const portNumber = React.useMemo(() => {
+    if (!parsedAssistantContent) return null;
+    try {
+      const match = parsedAssistantContent.match(/<expose-port>\s*(\d+)\s*<\/expose-port>/);
+      return match ? match[1] : null;
+    } catch (e) {
+      console.error('Failed to extract port number:', e);
+      return null;
+    }
+  }, [parsedAssistantContent]);
+
+  // If we have no content to show, render a placeholder
+  if (!portNumber && !toolResult && !isStreaming) {
+    return (
+      <div className="flex flex-col h-full p-4">
+        <div className="text-xs text-zinc-500 dark:text-zinc-400">
+          No port exposure information available
+        </div>
+      </div>
+    );
+  }
+
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        {/* Assistant Content */}
+        {portNumber && !isStreaming && (
+          <div className="space-y-1.5">
+            <div className="flex justify-between items-center">
+              <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400">Port to Expose</div>
+              {assistantTimestamp && (
+                <div className="text-xs text-zinc-500 dark:text-zinc-400">{formatTimestamp(assistantTimestamp)}</div>
+              )}
+            </div>
+            <div className="rounded-md border border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900 p-3">
+              <div className="flex items-center gap-2">
+                <div className="text-xs font-medium text-zinc-800 dark:text-zinc-300">Port</div>
+                <div className="px-2 py-1 rounded-md bg-zinc-100 dark:bg-zinc-800 text-xs font-mono text-zinc-800 dark:text-zinc-300">
+                  {portNumber}
+                </div>
+              </div>
+            </div>
+          </div>
+        )}
+        
+        {/* Tool Result */}
+        {toolResult && (
+          <div className="space-y-1.5 mt-4">
+            <div className="flex justify-between items-center">
+              <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400">
+                {isStreaming ? "Processing" : "Exposed URL"}
+              </div>
+              {toolTimestamp && !isStreaming && (
+                <div className="text-xs text-zinc-500 dark:text-zinc-400">{formatTimestamp(toolTimestamp)}</div>
+              )}
+            </div>
+            <div className={cn(
+              "rounded-md border p-3",
+              isStreaming 
+                ? 'border-blue-200 bg-blue-50 dark:border-blue-800 dark:bg-blue-900/10' 
+                : isSuccess 
+                  ? 'border-zinc-200 bg-zinc-50 dark:border-zinc-800 dark:bg-zinc-900' 
+                  : 'border-red-200 bg-red-50 dark:border-red-800 dark:bg-red-900/10'
+            )}>
+              {isStreaming ? (
+                <div className="flex items-center gap-2 text-xs font-medium text-blue-700 dark:text-blue-400">
+                  <span>Exposing port {portNumber}...</span>
+                </div>
+              ) : (
+                <div className="space-y-3">
+                  <div className="flex items-center gap-2">
+                    <ExternalLink className="h-4 w-4 text-zinc-500 dark:text-zinc-400" />
+                    <a 
+                      href={toolResult.url} 
+                      target="_blank" 
+                      rel="noopener noreferrer"
+                      className="text-xs font-medium text-blue-600 dark:text-blue-400 hover:underline break-all"
+                    >
+                      {toolResult.url}
+                    </a>
+                  </div>
+                  <div className="flex items-center gap-2">
+                    <div className="text-xs text-zinc-600 dark:text-zinc-400">Port</div>
+                    <div className="px-2 py-1 rounded-md bg-zinc-100 dark:bg-zinc-800 text-xs font-mono text-zinc-800 dark:text-zinc-300">
+                      {toolResult.port}
+                    </div>
+                  </div>
+                  <div className="text-xs text-zinc-600 dark:text-zinc-400">
+                    {toolResult.message}
+                  </div>
+                  <div className="text-xs text-amber-600 dark:text-amber-400 italic">
+                    Note: This URL might only be temporarily available and could expire after some time.
+                  </div>
+                </div>
+              )}
+            </div>
+          </div>
+        )}
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? 'Port exposed successfully' : 'Failed to expose port'}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <span>Exposing port...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

FileOperationToolView.tsx

@@ -0,0 +1,494 @@
+import React, { useState } from "react";
+import { FileCode, FileSymlink, FolderPlus, FileX, Replace, CheckCircle, AlertTriangle, ExternalLink, CircleDashed, Code, Eye, FileSpreadsheet } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractFilePath, extractFileContent, getFileType, formatTimestamp, getToolTitle } from "./utils";
+import { GenericToolView } from "./GenericToolView";
+import { MarkdownRenderer, processUnicodeContent } from "@/components/file-renderers/markdown-renderer";
+import { CsvRenderer } from "@/components/file-renderers/csv-renderer";
+import { cn } from "@/lib/utils";
+import { useTheme } from "next-themes";
+import { CodeBlockCode } from "@/components/ui/code-block";
+import { constructHtmlPreviewUrl } from "@/lib/utils/url";
+
+
+// Type for operation type
+type FileOperation = "create" | "rewrite" | "delete";
+
+// Map file extensions to language names for syntax highlighting
+const getLanguageFromFileName = (fileName: string): string => {
+  const extension = fileName.split('.').pop()?.toLowerCase() || '';
+
+  // Map of file extensions to language names for syntax highlighting
+  const extensionMap: Record<string, string> = {
+    // Web languages
+    'html': 'html',
+    'htm': 'html',
+    'css': 'css',
+    'scss': 'scss',
+    'sass': 'scss',
+    'less': 'less',
+    'js': 'javascript',
+    'jsx': 'jsx',
+    'ts': 'typescript',
+    'tsx': 'tsx',
+    'json': 'json',
+    'jsonc': 'json',
+
+    // Build and config files
+    'xml': 'xml',
+    'yml': 'yaml',
+    'yaml': 'yaml',
+    'toml': 'toml',
+    'ini': 'ini',
+    'env': 'bash',
+    'gitignore': 'bash',
+    'dockerignore': 'bash',
+
+    // Scripting languages
+    'py': 'python',
+    'rb': 'ruby',
+    'php': 'php',
+    'go': 'go',
+    'java': 'java',
+    'kt': 'kotlin',
+    'c': 'c',
+    'cpp': 'cpp',
+    'h': 'c',
+    'hpp': 'cpp',
+    'cs': 'csharp',
+    'swift': 'swift',
+    'rs': 'rust',
+
+    // Shell scripts
+    'sh': 'bash',
+    'bash': 'bash',
+    'zsh': 'bash',
+    'ps1': 'powershell',
+    'bat': 'batch',
+    'cmd': 'batch',
+
+    // Markup languages (excluding markdown which has its own renderer)
+    'svg': 'svg',
+    'tex': 'latex',
+
+    // Data formats
+    'graphql': 'graphql',
+    'gql': 'graphql',
+  };
+
+  return extensionMap[extension] || 'text';
+};
+
+export function FileOperationToolView({
+  assistantContent,
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false,
+  name,
+  project
+}: ToolViewProps) {
+  const { resolvedTheme } = useTheme();
+  const isDarkTheme = resolvedTheme === 'dark';
+
+  // Determine operation type from content or name
+  const getOperationType = (): FileOperation => {
+    // First check tool name if available
+    if (name) {
+      if (name.includes("create")) return "create";
+      if (name.includes("rewrite")) return "rewrite";
+      if (name.includes("delete")) return "delete";
+    }
+
+    if (!assistantContent) return "create"; // default fallback
+
+    if (assistantContent.includes("<create-file>")) return "create";
+    if (assistantContent.includes("<full-file-rewrite>")) return "rewrite";
+    if (assistantContent.includes("delete-file") || assistantContent.includes("<delete>")) return "delete";
+
+    // Check for tool names as a fallback
+    if (assistantContent.toLowerCase().includes("create file")) return "create";
+    if (assistantContent.toLowerCase().includes("rewrite file")) return "rewrite";
+    if (assistantContent.toLowerCase().includes("delete file")) return "delete";
+
+    // Default to create if we can't determine
+    return "create";
+  };
+
+  const operation = getOperationType();
+  const filePath = extractFilePath(assistantContent);
+  const toolTitle = getToolTitle(name || `file-${operation}`);
+
+  // Only extract content for create and rewrite operations
+  const fileContent = operation !== "delete"
+    ? extractFileContent(assistantContent, operation === "create" ? 'create-file' : 'full-file-rewrite')
+    : null;
+
+  // For debugging - show raw content if file path can't be extracted for delete operations
+  const showDebugInfo = !filePath && operation === "delete";
+
+  // Process file path - handle potential newlines and clean up
+  const processedFilePath = filePath ? filePath.trim().replace(/\\n/g, '\n').split('\n')[0] : null;
+
+  // For create and rewrite, prepare content for display
+  const contentLines = fileContent ? fileContent.replace(/\\n/g, '\n').split('\n') : [];
+  const fileName = processedFilePath ? processedFilePath.split('/').pop() || processedFilePath : '';
+  const fileType = processedFilePath ? getFileType(processedFilePath) : '';
+  const isMarkdown = fileName.endsWith('.md');
+  const isHtml = fileName.endsWith('.html');
+  const isCsv = fileName.endsWith('.csv');
+  const language = getLanguageFromFileName(fileName);
+  const hasHighlighting = language !== 'text';
+  // Construct HTML file preview URL if we have a sandbox and the file is HTML
+  const htmlPreviewUrl = (isHtml && project?.sandbox?.sandbox_url && processedFilePath) 
+    ? constructHtmlPreviewUrl(project.sandbox.sandbox_url, processedFilePath)
+    : undefined;
+
+  console.log('HTML Preview URL:', htmlPreviewUrl);
+  // Add state for view mode toggle (code or preview)
+  const [viewMode, setViewMode] = useState<'code' | 'preview'>(isHtml || isMarkdown || isCsv ? 'preview' : 'code');
+
+  // Fall back to generic view if file path is missing or if content is missing for non-delete operations
+  if ((!filePath && !showDebugInfo) || (operation !== "delete" && !fileContent)) {
+    return (
+      <GenericToolView
+        name={name || `file-${operation}`}
+        assistantContent={assistantContent}
+        toolContent={toolContent}
+        assistantTimestamp={assistantTimestamp}
+        toolTimestamp={toolTimestamp}
+        isSuccess={isSuccess}
+        isStreaming={isStreaming}
+      />
+    );
+  }
+
+  // Operation-specific configs
+  const configs = {
+    create: {
+      icon: FolderPlus,
+      successMessage: "File created successfully"
+    },
+    rewrite: {
+      icon: Replace,
+      successMessage: "File rewritten successfully"
+    },
+    delete: {
+      icon: FileX,
+      successMessage: "File deleted successfully"
+    }
+  };
+
+  const config = configs[operation];
+  const Icon = config.icon;
+
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        {/* File Content for create and rewrite operations */}
+        {operation !== "delete" && fileContent && !isStreaming && (
+          <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden shadow-sm bg-white dark:bg-zinc-950 h-full flex flex-col">
+            {/* IDE Header */}
+            <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 text-zinc-900 dark:text-zinc-100 justify-between border-b border-zinc-200 dark:border-zinc-800">
+              <div className="flex items-center">
+                {isMarkdown ?
+                  <FileCode className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" /> :
+                  isCsv ?
+                  <FileSpreadsheet className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" /> :
+                  <FileSymlink className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+                }
+                <span className="text-xs font-medium">{fileName}</span>
+              </div>
+
+              <div className="flex items-center gap-2">
+                {/* View switcher for HTML files */}
+                {isHtml && htmlPreviewUrl && isSuccess && (
+                  <div className="flex rounded-md overflow-hidden border border-zinc-200 dark:border-zinc-700">
+                    <button
+                      onClick={() => setViewMode('code')}
+                      className={cn(
+                        "flex items-center gap-1 text-xs px-2 py-1 transition-colors",
+                        viewMode === 'code'
+                          ? "bg-zinc-800 text-zinc-100 dark:bg-zinc-700 dark:text-zinc-100"
+                          : "bg-zinc-200 text-zinc-700 dark:bg-zinc-800 dark:text-zinc-400 hover:bg-zinc-300 dark:hover:bg-zinc-700"
+                      )}
+                    >
+                      <Code className="h-3 w-3" />
+                      <span>Code</span>
+                    </button>
+                    <button
+                      onClick={() => setViewMode('preview')}
+                      className={cn(
+                        "flex items-center gap-1 text-xs px-2 py-1 transition-colors",
+                        viewMode === 'preview'
+                          ? "bg-zinc-800 text-zinc-100 dark:bg-zinc-700 dark:text-zinc-100"
+                          : "bg-zinc-200 text-zinc-700 dark:bg-zinc-800 dark:text-zinc-400 hover:bg-zinc-300 dark:hover:bg-zinc-700"
+                      )}
+                    >
+                      <Eye className="h-3 w-3" />
+                      <span>Preview</span>
+                    </button>
+                  </div>
+                )}
+                {/* View switcher for Markdown files */}
+                {isMarkdown && isSuccess && (
+                  <div className="flex rounded-md overflow-hidden border border-zinc-200 dark:border-zinc-700">
+                    <button
+                      onClick={() => setViewMode('code')}
+                      className={cn(
+                        "flex items-center gap-1 text-xs px-2 py-1 transition-colors",
+                        viewMode === 'code'
+                          ? "bg-zinc-800 text-zinc-100 dark:bg-zinc-700 dark:text-zinc-100"
+                          : "bg-zinc-200 text-zinc-700 dark:bg-zinc-800 dark:text-zinc-400 hover:bg-zinc-300 dark:hover:bg-zinc-700"
+                      )}
+                    >
+                      <Code className="h-3 w-3" />
+                      <span>Code</span>
+                    </button>
+                    <button
+                      onClick={() => setViewMode('preview')}
+                      className={cn(
+                        "flex items-center gap-1 text-xs px-2 py-1 transition-colors",
+                        viewMode === 'preview'
+                          ? "bg-zinc-800 text-zinc-100 dark:bg-zinc-700 dark:text-zinc-100"
+                          : "bg-zinc-200 text-zinc-700 dark:bg-zinc-800 dark:text-zinc-400 hover:bg-zinc-300 dark:hover:bg-zinc-700"
+                      )}
+                    >
+                      <Eye className="h-3 w-3" />
+                      <span>Preview</span>
+                    </button>
+                  </div>
+                )}
+                {/* View switcher for CSV files */}
+                {isCsv && isSuccess && (
+                  <div className="flex rounded-md overflow-hidden border border-zinc-200 dark:border-zinc-700">
+                    <button
+                      onClick={() => setViewMode('code')}
+                      className={cn(
+                        "flex items-center gap-1 text-xs px-2 py-1 transition-colors",
+                        viewMode === 'code'
+                          ? "bg-zinc-800 text-zinc-100 dark:bg-zinc-700 dark:text-zinc-100"
+                          : "bg-zinc-200 text-zinc-700 dark:bg-zinc-800 dark:text-zinc-400 hover:bg-zinc-300 dark:hover:bg-zinc-700"
+                      )}
+                    >
+                      <Code className="h-3 w-3" />
+                      <span>Code</span>
+                    </button>
+                    <button
+                      onClick={() => setViewMode('preview')}
+                      className={cn(
+                        "flex items-center gap-1 text-xs px-2 py-1 transition-colors",
+                        viewMode === 'preview'
+                          ? "bg-zinc-800 text-zinc-100 dark:bg-zinc-700 dark:text-zinc-100"
+                          : "bg-zinc-200 text-zinc-700 dark:bg-zinc-800 dark:text-zinc-400 hover:bg-zinc-300 dark:hover:bg-zinc-700"
+                      )}
+                    >
+                      <Eye className="h-3 w-3" />
+                      <span>Preview</span>
+                    </button>
+                  </div>
+                )}
+                <span className="text-xs text-zinc-500 dark:text-zinc-400 bg-zinc-200 dark:bg-zinc-800 px-2 py-0.5 rounded">
+                  {hasHighlighting ? language.toUpperCase() : fileType}
+                </span>
+              </div>
+            </div>
+
+            {/* File Content (Code View with Syntax Highlighting) */}
+            {viewMode === 'code' || (!isHtml && !isMarkdown && !isCsv) || !isSuccess ? (
+              <div className="flex-1 overflow-auto bg-white dark:bg-zinc-950 text-zinc-900 dark:text-zinc-100">
+                {hasHighlighting ? (
+                  <div className="relative">
+                    <div className="absolute left-0 top-0 bottom-0 w-12 border-r border-zinc-200 dark:border-zinc-800 z-10 flex flex-col">
+                      {contentLines.map((_, idx) => (
+                        <div key={idx}
+                          className="h-6 text-right pr-3 text-xs font-mono text-zinc-500 dark:text-zinc-500 select-none">
+                          {idx + 1}
+                        </div>
+                      ))}
+                    </div>
+                    <div className="pl-12">
+                      <CodeBlockCode
+                        code={processUnicodeContent(fileContent)}
+                        language={language}
+                        className="text-xs p-2"
+                      />
+                    </div>
+                  </div>
+                ) : (
+                  <div className="min-w-full table">
+                    {contentLines.map((line, idx) => (
+                      <div key={idx} className="table-row hover:bg-zinc-50 dark:hover:bg-zinc-900 transition-colors">
+                        <div className="table-cell text-right pr-3 py-0.5 text-xs font-mono text-zinc-500 dark:text-zinc-500 select-none w-12 border-r border-zinc-200 dark:border-zinc-800">
+                          {idx + 1}
+                        </div>
+                        <div className="table-cell pl-3 py-0.5 text-xs font-mono whitespace-pre text-zinc-800 dark:text-zinc-300">
+                          {processUnicodeContent(line) || ' '}
+                        </div>
+                      </div>
+                    ))}
+                    <div className="table-row h-4"></div>
+                  </div>
+                )}
+              </div>
+            ) : null}
+
+            {/* HTML Preview with iframe */}
+            {isHtml && viewMode === 'preview' && htmlPreviewUrl && isSuccess && (
+              <div className="flex-1 bg-white overflow-hidden">
+                <iframe
+                  src={htmlPreviewUrl}
+                  title={`HTML Preview of ${fileName}`}
+                  className="w-full h-full border-0"
+                  style={{ minHeight: "300px" }}
+                  sandbox="allow-same-origin allow-scripts"
+                />
+              </div>
+            )}
+
+            {/* Markdown Preview */}
+            {isMarkdown && viewMode === 'preview' && isSuccess && (
+              <div className="flex-1 overflow-auto bg-white dark:bg-zinc-950 text-zinc-900 dark:text-zinc-100">
+                <MarkdownRenderer content={processUnicodeContent(fileContent)} />
+              </div>
+            )}
+
+            {/* CSV Preview */}
+            {isCsv && viewMode === 'preview' && isSuccess && (
+              <div className="flex-1 overflow-hidden bg-white dark:bg-zinc-950">
+                <CsvRenderer content={processUnicodeContent(fileContent)} />
+              </div>
+            )}
+
+            {/* External link button for HTML files */}
+            {isHtml && viewMode === 'preview' && htmlPreviewUrl && isSuccess && (
+              <div className="bg-zinc-100 dark:bg-zinc-900 p-2 border-t border-zinc-200 dark:border-zinc-800 flex justify-end">
+                <a
+                  href={htmlPreviewUrl}
+                  target="_blank"
+                  rel="noopener noreferrer"
+                  className="flex items-center gap-1.5 py-1 px-2 text-xs text-zinc-700 dark:text-zinc-300 bg-zinc-200 dark:bg-zinc-800 hover:bg-zinc-300 dark:hover:bg-zinc-700 rounded transition-colors"
+                >
+                  <ExternalLink className="h-3.5 w-3.5 text-zinc-500 flex-shrink-0" />
+                  <span>Open in Browser</span>
+                </a>
+              </div>
+            )}
+          </div>
+        )}
+
+        {/* File Content for streaming state */}
+        {operation !== "delete" && isStreaming && (
+          <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden shadow-sm bg-white dark:bg-zinc-950 h-full flex flex-col">
+            {/* IDE Header */}
+            <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 text-zinc-900 dark:text-zinc-100 justify-between border-b border-zinc-200 dark:border-zinc-800">
+              <div className="flex items-center">
+                <FileSymlink className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+                <span className="text-xs font-medium">{fileName || 'file.txt'}</span>
+              </div>
+              <span className="text-xs text-zinc-500 dark:text-zinc-400 bg-zinc-200 dark:bg-zinc-800 px-2 py-0.5 rounded">
+                {fileType || 'Text'}
+              </span>
+            </div>
+
+            {/* Streaming state */}
+            <div className="flex-1 flex items-center justify-center p-8 bg-white dark:bg-zinc-950">
+              <div className="text-center">
+                <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">
+                  {operation === "create" ? "Creating file..." : "Rewriting file..."}
+                </p>
+                <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">
+                  {processedFilePath || "Processing file operation"}
+                </p>
+              </div>
+            </div>
+          </div>
+        )}
+
+        {/* Delete view with file path */}
+        {operation === "delete" && processedFilePath && !isStreaming && (
+          <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+            <div className="p-6 flex-1 flex flex-col items-center justify-center bg-white dark:bg-zinc-950 text-zinc-900 dark:text-zinc-100">
+              <div className="w-14 h-14 rounded-full bg-red-50 dark:bg-red-900/20 flex items-center justify-center mb-4">
+                <FileX className="h-7 w-7 text-red-600 dark:text-red-400" />
+              </div>
+              <h3 className="text-lg font-medium mb-4 text-red-600 dark:text-red-400">File Deleted</h3>
+              <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md p-4 w-full max-w-md text-center mb-2">
+                <code className="text-sm font-mono text-zinc-700 dark:text-zinc-300 break-all">{processedFilePath}</code>
+              </div>
+              <p className="text-sm text-zinc-500 dark:text-zinc-400 mt-2">This file has been permanently removed</p>
+            </div>
+          </div>
+        )}
+
+        {/* Delete view streaming state */}
+        {operation === "delete" && isStreaming && (
+          <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+            <div className="p-6 flex-1 flex flex-col items-center justify-center bg-white dark:bg-zinc-950">
+              <div className="text-center">
+                <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Deleting file...</p>
+                {processedFilePath && (
+                  <p className="text-xs mt-2 font-mono text-zinc-500 dark:text-zinc-400 break-all">
+                    {processedFilePath}
+                  </p>
+                )}
+              </div>
+            </div>
+          </div>
+        )}
+
+        {/* Delete view with unknown path */}
+        {operation === "delete" && !processedFilePath && !showDebugInfo && !isStreaming && (
+          <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+            <div className="p-6 flex-1 flex flex-col items-center justify-center bg-white dark:bg-zinc-950 text-zinc-900 dark:text-zinc-100">
+              <div className="w-14 h-14 rounded-full bg-red-50 dark:bg-red-900/20 flex items-center justify-center mb-4">
+                <FileX className="h-7 w-7 text-red-600 dark:text-red-400" />
+              </div>
+              <h3 className="text-lg font-medium mb-4 text-red-600 dark:text-red-400">File Deleted</h3>
+              <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md p-4 w-full max-w-md text-center mb-2">
+                <p className="text-sm text-zinc-700 dark:text-zinc-300">Unknown file path</p>
+              </div>
+              <p className="text-sm text-zinc-500 dark:text-zinc-400 mt-2">A file has been deleted but the path could not be determined</p>
+            </div>
+          </div>
+        )}
+      </div>
+
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? config.successMessage : `Failed to ${operation} file`}
+              </span>
+            </div>
+          )}
+
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Processing file operation...</span>
+            </div>
+          )}
+
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming
+              ? formatTimestamp(toolTimestamp)
+              : assistantTimestamp
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+}

GenericToolView.tsx

@@ -0,0 +1,133 @@
+import React from "react";
+import { ToolViewProps } from "./types";
+import { formatTimestamp, getToolTitle } from "./utils";
+import { getToolIcon } from "../utils";
+import { CircleDashed, CheckCircle, AlertTriangle } from "lucide-react";
+import { Markdown } from "@/components/ui/markdown";
+import { cn } from "@/lib/utils";
+
+export function GenericToolView({ 
+  name = 'unknown', 
+  assistantContent, 
+  toolContent, 
+  isSuccess = true, 
+  isStreaming = false,
+  assistantTimestamp, 
+  toolTimestamp 
+}: ToolViewProps) {
+  console.log('GenericToolView:', { 
+    name, 
+    assistantContent, 
+    toolContent, 
+    isSuccess, 
+    isStreaming, 
+    assistantTimestamp, 
+    toolTimestamp 
+  });
+  
+  const toolTitle = getToolTitle(name);
+  const Icon = getToolIcon(name);
+  
+  // Format content for display
+  const formatContent = (content: string | null) => {
+    if (!content) return null;
+    
+    try {
+      // Try to parse as JSON for pretty formatting
+      const parsedJson = JSON.parse(content);
+      return JSON.stringify(parsedJson, null, 2);
+    } catch (e) {
+      // If not valid JSON, return as is
+      return content;
+    }
+  };
+  
+  // Format the contents
+  const formattedAssistantContent = React.useMemo(() => formatContent(assistantContent), [assistantContent]);
+  const formattedToolContent = React.useMemo(() => formatContent(toolContent), [toolContent]);
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        {/* Assistant Content */}
+        {assistantContent && !isStreaming && (
+          <div className="space-y-1.5">
+            <div className="flex justify-between items-center">
+              <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400">Input</div>
+              {assistantTimestamp && (
+                <div className="text-xs text-zinc-500 dark:text-zinc-400">{formatTimestamp(assistantTimestamp)}</div>
+              )}
+            </div>
+            <div className="rounded-md border border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900 p-3">
+              <Markdown className="text-xs text-zinc-800 dark:text-zinc-300">{formattedAssistantContent}</Markdown>
+            </div>
+          </div>
+        )}
+        
+        {/* Tool Result */}
+        {toolContent && (
+          <div className="space-y-1.5 mt-4">
+            <div className="flex justify-between items-center">
+              <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400">
+                {isStreaming ? "Processing" : "Output"}
+              </div>
+              {toolTimestamp && !isStreaming && (
+                <div className="text-xs text-zinc-500 dark:text-zinc-400">{formatTimestamp(toolTimestamp)}</div>
+              )}
+            </div>
+            <div className={cn(
+              "rounded-md border p-3",
+              isStreaming 
+                ? 'border-blue-200 bg-blue-50 dark:border-blue-800 dark:bg-blue-900/10' 
+                : isSuccess 
+                  ? 'border-zinc-200 bg-zinc-50 dark:border-zinc-800 dark:bg-zinc-900' 
+                  : 'border-red-200 bg-red-50 dark:border-red-800 dark:bg-red-900/10'
+            )}>
+              {isStreaming ? (
+                <div className="flex items-center gap-2 text-xs font-medium text-blue-700 dark:text-blue-400">
+                  <CircleDashed className="h-3 w-3 animate-spin" />
+                  <span>Executing {toolTitle.toLowerCase()}...</span>
+                </div>
+              ) : (
+                <Markdown className="text-xs text-zinc-800 dark:text-zinc-300">{formattedToolContent}</Markdown>
+              )}
+            </div>
+          </div>
+        )}
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? 'Completed successfully' : 'Execution failed'}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Processing...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

GoogleSignIn.tsx

@@ -0,0 +1,182 @@
+'use client';
+
+import { useEffect, useCallback, useRef, useState } from 'react';
+import Script from 'next/script';
+import { createClient } from '@/lib/supabase/client';
+
+// Add type declarations for Google One Tap
+declare global {
+  interface Window {
+    handleGoogleSignIn?: (response: GoogleSignInResponse) => void;
+    google: {
+      accounts: {
+        id: {
+          initialize: (config: GoogleInitializeConfig) => void;
+          renderButton: (element: HTMLElement, options: GoogleButtonOptions) => void;
+          prompt: (callback?: (notification: GoogleNotification) => void) => void;
+          cancel: () => void;
+        };
+      };
+    };
+  }
+}
+
+// Define types for Google Sign-In
+interface GoogleSignInResponse {
+  credential: string;
+  clientId?: string;
+  select_by?: string;
+}
+
+interface GoogleInitializeConfig {
+  client_id: string | undefined;
+  callback: ((response: GoogleSignInResponse) => void) | undefined;
+  nonce?: string;
+  use_fedcm?: boolean;
+  context?: string;
+  itp_support?: boolean;
+}
+
+interface GoogleButtonOptions {
+  type?: string;
+  theme?: string;
+  size?: string;
+  text?: string;
+  shape?: string;
+  logoAlignment?: string;
+  width?: number;
+}
+
+interface GoogleNotification {
+  isNotDisplayed: () => boolean;
+  getNotDisplayedReason: () => string;
+  isSkippedMoment: () => boolean;
+  getSkippedReason: () => string;
+  isDismissedMoment: () => boolean;
+  getDismissedReason: () => string;
+}
+
+interface GoogleSignInProps {
+  returnUrl?: string;
+}
+
+export default function GoogleSignIn({ returnUrl }: GoogleSignInProps) {
+  const googleClientId = process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID;
+  const [isLoading, setIsLoading] = useState(false);
+
+  const handleGoogleSignIn = useCallback(async (response: GoogleSignInResponse) => {
+    try {
+      setIsLoading(true);
+      const supabase = createClient();
+      const { error } = await supabase.auth.signInWithIdToken({
+        provider: 'google',
+        token: response.credential,
+      });
+
+      if (error) throw error;
+      
+      // Add a small delay before redirecting to ensure localStorage is properly saved
+      setTimeout(() => {
+        window.location.href = returnUrl || "/dashboard";
+      }, 100);
+    } catch (error) {
+      console.error('Error signing in with Google:', error);
+      setIsLoading(false);
+    }
+  }, [returnUrl]);
+
+  useEffect(() => {
+    // Assign the callback to window object so it can be called from the Google button
+    window.handleGoogleSignIn = handleGoogleSignIn;
+
+    if (window.google && googleClientId) {
+      window.google.accounts.id.initialize({
+        client_id: googleClientId,
+        callback: handleGoogleSignIn,
+        use_fedcm: true,
+        context: 'signin',
+        itp_support: true
+      });
+    }
+
+    return () => {
+      // Cleanup
+      delete window.handleGoogleSignIn;
+      if (window.google) {
+        window.google.accounts.id.cancel();
+      }
+    };
+  }, [googleClientId, handleGoogleSignIn]);
+
+  if (!googleClientId) {
+    return (
+      <button 
+        disabled 
+        className="w-full h-12 flex items-center justify-center gap-2 text-sm font-medium tracking-wide rounded-full bg-background border border-border opacity-60 cursor-not-allowed"
+      >
+        <svg className="w-5 h-5" viewBox="0 0 24 24">
+          <path d="M22.56 12.25c0-.78-.07-1.53-.2-2.25H12v4.26h5.92c-.26 1.37-1.04 2.53-2.21 3.31v2.77h3.57c2.08-1.92 3.28-4.74 3.28-8.09z" fill="#4285F4"/>
+          <path d="M12 23c2.97 0 5.46-.98 7.28-2.66l-3.57-2.77c-.98.66-2.23 1.06-3.71 1.06-2.86 0-5.29-1.93-6.16-4.53H2.18v2.84C3.99 20.53 7.7 23 12 23z" fill="#34A853"/>
+          <path d="M5.84 14.09c-.22-.66-.35-1.36-.35-2.09s.13-1.43.35-2.09V7.07H2.18C1.43 8.55 1 10.22 1 12s.43 3.45 1.18 4.93l2.85-2.22.81-.62z" fill="#FBBC05"/>
+          <path d="M12 5.38c1.62 0 3.06.56 4.21 1.64l3.15-3.15C17.45 2.09 14.97 1 12 1 7.7 1 3.99 3.47 2.18 7.07l3.66 2.84c.87-2.6 3.3-4.53 6.16-4.53z" fill="#EA4335"/>
+        </svg>
+        Google Sign-In Not Configured
+      </button>
+    );
+  }
+
+  return (
+    <>
+      {/* Google One Tap container */}
+      <div 
+        id="g_id_onload"
+        data-client_id={googleClientId}
+        data-context="signin"
+        data-ux_mode="popup"
+        data-auto_prompt="false"
+        data-itp_support="true"
+        data-callback="handleGoogleSignIn"
+      />
+      
+      {/* Google Sign-In button container styled to match site design */}
+      <div id="google-signin-button" className="w-full h-12">
+        {/* The Google button will be rendered here */}
+      </div>
+      
+      <Script
+        src="https://accounts.google.com/gsi/client"
+        strategy="afterInteractive"
+        onLoad={() => {
+          if (window.google && googleClientId) {
+            // Style the button after Google script loads
+            const buttonContainer = document.getElementById('google-signin-button');
+            if (buttonContainer) {
+              window.google.accounts.id.renderButton(buttonContainer, {
+                type: 'standard',
+                theme: 'outline',
+                size: 'large',
+                text: 'continue_with',
+                shape: 'pill',
+                logoAlignment: 'left',
+                width: buttonContainer.offsetWidth
+              });
+              
+              // Apply custom styles to match site design
+              setTimeout(() => {
+                const googleButton = buttonContainer.querySelector('div[role="button"]');
+                if (googleButton instanceof HTMLElement) {
+                  googleButton.style.borderRadius = '9999px';
+                  googleButton.style.width = '100%';
+                  googleButton.style.height = '56px';
+                  googleButton.style.border = '1px solid var(--border)';
+                  googleButton.style.background = 'var(--background)';
+                  googleButton.style.transition = 'all 0.2s';
+                }
+              }, 100);
+            }
+          }
+        }}
+      />
+    </>
+  );
+} 

LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

LinkedinProvider.py

@@ -0,0 +1,250 @@
+from typing import Dict
+
+from agent.tools.data_providers.RapidDataProviderBase import RapidDataProviderBase, EndpointSchema
+
+
+class LinkedinProvider(RapidDataProviderBase):
+    def __init__(self):
+        endpoints: Dict[str, EndpointSchema] = {
+            "person": {
+                "route": "/person",
+                "method": "POST",
+                "name": "Person Data",
+                "description": "Fetches any Linkedin profiles data including skills, certificates, experiences, qualifications and much more.",
+                "payload": {
+                    "link": "LinkedIn Profile URL"
+                }
+            },
+            "person_urn": {
+                "route": "/person_urn",
+                "method": "POST",
+                "name": "Person Data (Using Urn)",
+                "description": "It takes profile urn instead of profile public identifier in input",
+                "payload": {
+                    "link": "LinkedIn Profile URL or URN"
+                }
+            },
+            "person_deep": {
+                "route": "/person_deep",
+                "method": "POST",
+                "name": "Person Data (Deep)",
+                "description": "Fetches all experiences, educations, skills, languages, publications... related to a profile.",
+                "payload": {
+                    "link": "LinkedIn Profile URL"
+                }
+            },
+            "profile_updates": {
+                "route": "/profile_updates",
+                "method": "GET",
+                "name": "Person Posts (WITH PAGINATION)",
+                "description": "Fetches posts of a linkedin profile alongwith reactions, comments, postLink and reposts data.",
+                "payload": {
+                    "profile_url": "LinkedIn Profile URL",
+                    "page": "Page number",
+                    "reposts": "Include reposts (1 or 0)",
+                    "comments": "Include comments (1 or 0)"
+                }
+            },
+            "profile_recent_comments": {
+                "route": "/profile_recent_comments",
+                "method": "POST",
+                "name": "Person Recent Activity (Comments on Posts)",
+                "description": "Fetches 20 most recent comments posted by a linkedin user (per page).",
+                "payload": {
+                    "profile_url": "LinkedIn Profile URL",
+                    "page": "Page number",
+                    "paginationToken": "Token for pagination"
+                }
+            },
+            "comments_from_recent_activity": {
+                "route": "/comments_from_recent_activity",
+                "method": "GET",
+                "name": "Comments from recent activity",
+                "description": "Fetches recent comments posted by a person as per his recent activity tab.",
+                "payload": {
+                    "profile_url": "LinkedIn Profile URL",
+                    "page": "Page number"
+                }
+            },
+            "person_skills": {
+                "route": "/person_skills",
+                "method": "POST",
+                "name": "Person Skills",
+                "description": "Scraper all skills of a linkedin user",
+                "payload": {
+                    "link": "LinkedIn Profile URL"
+                }
+            },
+            "email_to_linkedin_profile": {
+                "route": "/email_to_linkedin_profile",
+                "method": "POST",
+                "name": "Email to LinkedIn Profile",
+                "description": "Finds LinkedIn profile associated with an email address",
+                "payload": {
+                    "email": "Email address to search"
+                }
+            },
+            "company": {
+                "route": "/company",
+                "method": "POST",
+                "name": "Company Data",
+                "description": "Fetches LinkedIn company profile data",
+                "payload": {
+                    "link": "LinkedIn Company URL"
+                }
+            },
+            "web_domain": {
+                "route": "/web-domain",
+                "method": "POST",
+                "name": "Web Domain to Company",
+                "description": "Fetches LinkedIn company profile data from a web domain",
+                "payload": {
+                    "link": "Website domain (e.g., huzzle.app)"
+                }
+            },
+            "similar_profiles": {
+                "route": "/similar_profiles",
+                "method": "GET",
+                "name": "Similar Profiles",
+                "description": "Fetches profiles similar to a given LinkedIn profile",
+                "payload": {
+                    "profileUrl": "LinkedIn Profile URL"
+                }
+            },
+            "company_jobs": {
+                "route": "/company_jobs",
+                "method": "POST",
+                "name": "Company Jobs",
+                "description": "Fetches job listings from a LinkedIn company page",
+                "payload": {
+                    "company_url": "LinkedIn Company URL",
+                    "count": "Number of job listings to fetch"
+                }
+            },
+            "company_updates": {
+                "route": "/company_updates",
+                "method": "GET",
+                "name": "Company Posts",
+                "description": "Fetches posts from a LinkedIn company page",
+                "payload": {
+                    "company_url": "LinkedIn Company URL",
+                    "page": "Page number",
+                    "reposts": "Include reposts (0, 1, or 2)",
+                    "comments": "Include comments (0, 1, or 2)"
+                }
+            },
+            "company_employee": {
+                "route": "/company_employee",
+                "method": "GET",
+                "name": "Company Employees",
+                "description": "Fetches employees of a LinkedIn company using company ID",
+                "payload": {
+                    "companyId": "LinkedIn Company ID",
+                    "page": "Page number"
+                }
+            },
+            "company_updates_post": {
+                "route": "/company_updates",
+                "method": "POST",
+                "name": "Company Posts (POST)",
+                "description": "Fetches posts from a LinkedIn company page with specific count parameters",
+                "payload": {
+                    "company_url": "LinkedIn Company URL",
+                    "posts": "Number of posts to fetch",
+                    "comments": "Number of comments to fetch per post",
+                    "reposts": "Number of reposts to fetch"
+                }
+            },
+            "search_posts_with_filters": {
+                "route": "/search_posts_with_filters",
+                "method": "GET",
+                "name": "Search Posts With Filters",
+                "description": "Searches LinkedIn posts with various filtering options",
+                "payload": {
+                    "query": "Keywords/Search terms (text you put in LinkedIn search bar)",
+                    "page": "Page number (1-100, each page contains 20 results)",
+                    "sort_by": "Sort method: 'relevance' (Top match) or 'date_posted' (Latest)",
+                    "author_job_title": "Filter by job title of author (e.g., CEO)",
+                    "content_type": "Type of content post contains (photos, videos, liveVideos, collaborativeArticles, documents)",
+                    "from_member": "URN of person who posted (comma-separated for multiple)",
+                    "from_organization": "ID of organization who posted (comma-separated for multiple)",
+                    "author_company": "ID of company author works for (comma-separated for multiple)",
+                    "author_industry": "URN of industry author is connected with (comma-separated for multiple)",
+                    "mentions_member": "URN of person mentioned in post (comma-separated for multiple)",
+                    "mentions_organization": "ID of organization mentioned in post (comma-separated for multiple)"
+                }
+            },
+            "search_jobs": {
+                "route": "/search_jobs",
+                "method": "GET",
+                "name": "Search Jobs",
+                "description": "Searches LinkedIn jobs with various filtering options",
+                "payload": {
+                    "query": "Job search keywords (e.g., Software developer)",
+                    "page": "Page number",
+                    "searchLocationId": "Location ID for job search (get from Suggestion location endpoint)",
+                    "easyApply": "Filter for easy apply jobs (true or false)",
+                    "experience": "Experience level required (1=Internship, 2=Entry level, 3=Associate, 4=Mid senior, 5=Director, 6=Executive, comma-separated)",
+                    "jobType": "Job type (F=Full time, P=Part time, C=Contract, T=Temporary, V=Volunteer, I=Internship, O=Other, comma-separated)",
+                    "postedAgo": "Time jobs were posted in seconds (e.g., 3600 for past hour)",
+                    "workplaceType": "Workplace type (1=On-Site, 2=Remote, 3=Hybrid, comma-separated)",
+                    "sortBy": "Sort method (DD=most recent, R=most relevant)",
+                    "companyIdsList": "List of company IDs, comma-separated",
+                    "industryIdsList": "List of industry IDs, comma-separated",
+                    "functionIdsList": "List of function IDs, comma-separated",
+                    "titleIdsList": "List of job title IDs, comma-separated",
+                    "locationIdsList": "List of location IDs within specified searchLocationId country, comma-separated"
+                }
+            },
+            "search_people_with_filters": {
+                "route": "/search_people_with_filters",
+                "method": "POST",
+                "name": "Search People With Filters",
+                "description": "Searches LinkedIn profiles with detailed filtering options",
+                "payload": {
+                    "keyword": "General search keyword",
+                    "page": "Page number",
+                    "title_free_text": "Job title to filter by (e.g., CEO)",
+                    "company_free_text": "Company name to filter by",
+                    "first_name": "First name of person",
+                    "last_name": "Last name of person",
+                    "current_company_list": "List of current companies (comma-separated IDs)",
+                    "past_company_list": "List of past companies (comma-separated IDs)",
+                    "location_list": "List of locations (comma-separated IDs)",
+                    "language_list": "List of languages (comma-separated)",
+                    "service_catagory_list": "List of service categories (comma-separated)",
+                    "school_free_text": "School name to filter by",
+                    "industry_list": "List of industries (comma-separated IDs)",
+                    "school_list": "List of schools (comma-separated IDs)"
+                }
+            },
+            "search_company_with_filters": {
+                "route": "/search_company_with_filters",
+                "method": "POST",
+                "name": "Search Company With Filters",
+                "description": "Searches LinkedIn companies with detailed filtering options",
+                "payload": {
+                    "keyword": "General search keyword",
+                    "page": "Page number",
+                    "company_size_list": "List of company sizes (comma-separated, e.g., A,D)",
+                    "hasJobs": "Filter companies with jobs (true or false)",
+                    "location_list": "List of location IDs (comma-separated)",
+                    "industry_list": "List of industry IDs (comma-separated)"
+                }
+            }
+        }
+        base_url = "https://linkedin-data-scraper.p.rapidapi.com"
+        super().__init__(base_url, endpoints)
+
+
+if __name__ == "__main__":
+    from dotenv import load_dotenv
+    load_dotenv()
+    tool = LinkedinProvider()
+
+    result = tool.call_endpoint(
+        route="comments_from_recent_activity",
+        payload={"profile_url": "https://www.linkedin.com/in/adamcohenhillel/", "page": 1}
+    )
+    print(result)
+

MANIFEST.in

@@ -0,0 +1,17 @@
+# Include all Python files in agentpress directory
+recursive-include agentpress *.py
+
+# Include example files
+recursive-include agentpress/examples *
+
+# Include any other necessary files
+include LICENSE
+include README.md
+include pyproject.toml
+
+# Exclude unnecessary files
+global-exclude *.pyc
+global-exclude __pycache__
+global-exclude .DS_Store
+global-exclude *.pyo
+global-exclude *.pyd 

README.md

@@ -1,12 +1,36 @@
----
-title: Data.ai
-emoji: 🏢
-colorFrom: pink
-colorTo: red
-sdk: static
-pinned: false
-license: mit
-short_description: ai
----
-
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+This is a [Next.js](https://nextjs.org) project bootstrapped with [`create-next-app`](https://nextjs.org/docs/app/api-reference/cli/create-next-app).
+
+## Getting Started
+
+First, run the development server:
+
+```bash
+npm run dev
+# or
+yarn dev
+# or
+pnpm dev
+# or
+bun dev
+```
+
+Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+
+You can start editing the page by modifying `app/page.tsx`. The page auto-updates as you edit the file.
+
+This project uses [`next/font`](https://nextjs.org/docs/app/building-your-application/optimizing/fonts) to automatically optimize and load [Geist](https://vercel.com/font), a new font family for Vercel.
+
+## Learn More
+
+To learn more about Next.js, take a look at the following resources:
+
+- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
+- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
+
+You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js) - your feedback and contributions are welcome!
+
+## Deploy on Vercel
+
+The easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.
+
+Check out our [Next.js deployment documentation](https://nextjs.org/docs/app/building-your-application/deploying) for more details.

RapidDataProviderBase.py

@@ -0,0 +1,61 @@
+import os
+import requests
+from typing import Dict, Any, Optional, TypedDict, Literal
+
+
+class EndpointSchema(TypedDict):
+    route: str
+    method: Literal['GET', 'POST']
+    name: str
+    description: str
+    payload: Dict[str, Any]
+
+
+class RapidDataProviderBase:
+    def __init__(self, base_url: str, endpoints: Dict[str, EndpointSchema]):
+        self.base_url = base_url
+        self.endpoints = endpoints
+    
+    def get_endpoints(self):
+        return self.endpoints
+    
+    def call_endpoint(
+            self,
+            route: str,
+            payload: Optional[Dict[str, Any]] = None
+    ):
+        """
+        Call an API endpoint with the given parameters and data.
+        
+        Args:
+            endpoint (EndpointSchema): The endpoint configuration dictionary
+            params (dict, optional): Query parameters for GET requests
+            payload (dict, optional): JSON payload for POST requests
+            
+        Returns:
+            dict: The JSON response from the API
+        """
+        if route.startswith("/"):
+            route = route[1:]
+
+        endpoint = self.endpoints.get(route)
+        if not endpoint:
+            raise ValueError(f"Endpoint {route} not found")
+        
+        url = f"{self.base_url}{endpoint['route']}"
+        
+        headers = {
+            "x-rapidapi-key": os.getenv("RAPID_API_KEY"),
+            "x-rapidapi-host": url.split("//")[1].split("/")[0],
+            "Content-Type": "application/json"
+        }
+
+        method = endpoint.get('method', 'GET').upper()
+        
+        if method == 'GET':
+            response = requests.get(url, params=payload, headers=headers)
+        elif method == 'POST':
+            response = requests.post(url, json=payload, headers=headers)
+        else:
+            raise ValueError(f"Unsupported HTTP method: {method}")
+        return response.json()

StrReplaceToolView.tsx

@@ -0,0 +1,160 @@
+import React from "react";
+import { FileSearch, FileDiff, CheckCircle, AlertTriangle, CircleDashed } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractFilePath, extractStrReplaceContent, formatTimestamp, getToolTitle } from "./utils";
+import { GenericToolView } from "./GenericToolView";
+import { cn } from "@/lib/utils";
+
+export function StrReplaceToolView({ 
+  name = "str-replace",
+  assistantContent, 
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false
+}: ToolViewProps) {
+  const filePath = extractFilePath(assistantContent);
+  const { oldStr, newStr } = extractStrReplaceContent(assistantContent);
+  const toolTitle = getToolTitle(name);
+  
+  if (!oldStr || !newStr) {
+    return (
+      <GenericToolView
+        name={name}
+        assistantContent={assistantContent}
+        toolContent={toolContent}
+        assistantTimestamp={assistantTimestamp}
+        toolTimestamp={toolTimestamp}
+        isSuccess={isSuccess}
+        isStreaming={isStreaming}
+      />
+    );
+  }
+  
+  // Perform a character-level diff to identify changes
+  const generateDiff = (oldText: string, newText: string) => {
+    const i = 0;
+    const j = 0;
+    
+    // Find common prefix length
+    let prefixLength = 0;
+    while (prefixLength < oldText.length && prefixLength < newText.length && 
+          oldText[prefixLength] === newText[prefixLength]) {
+      prefixLength++;
+    }
+    
+    // Find common suffix length
+    let oldSuffixStart = oldText.length;
+    let newSuffixStart = newText.length;
+    while (oldSuffixStart > prefixLength && newSuffixStart > prefixLength &&
+          oldText[oldSuffixStart - 1] === newText[newSuffixStart - 1]) {
+      oldSuffixStart--;
+      newSuffixStart--;
+    }
+    
+    // Generate unified diff parts
+    const parts = [];
+    
+    // Add common prefix
+    if (prefixLength > 0) {
+      parts.push({ text: oldText.substring(0, prefixLength), type: 'unchanged' });
+    }
+    
+    // Add the changed middle parts
+    if (oldSuffixStart > prefixLength) {
+      parts.push({ text: oldText.substring(prefixLength, oldSuffixStart), type: 'removed' });
+    }
+    if (newSuffixStart > prefixLength) {
+      parts.push({ text: newText.substring(prefixLength, newSuffixStart), type: 'added' });
+    }
+    
+    // Add common suffix
+    if (oldSuffixStart < oldText.length) {
+      parts.push({ text: oldText.substring(oldSuffixStart), type: 'unchanged' });
+    }
+    
+    return parts;
+  };
+  
+  const diffParts = generateDiff(oldStr, newStr);
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <FileDiff className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">String Replacement</span>
+            </div>
+          </div>
+          
+          <div className="px-3 py-2 border-b border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900 flex items-center">
+            <code className="text-xs font-mono text-zinc-700 dark:text-zinc-300">{filePath || 'Unknown file'}</code>
+          </div>
+          
+          {isStreaming ? (
+            <div className="flex-1 bg-white dark:bg-zinc-950 flex items-center justify-center">
+              <div className="text-center p-6">
+                <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Processing string replacement...</p>
+                {filePath && (
+                  <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400 font-mono">{filePath}</p>
+                )}
+              </div>
+            </div>
+          ) : (
+            <div className="p-3 bg-white dark:bg-zinc-950 font-mono text-sm flex-1">
+              {diffParts.map((part, i) => (
+                <span 
+                  key={i} 
+                  className={cn(
+                    part.type === 'removed' ? 'bg-red-50 text-red-700 dark:bg-red-900/20 dark:text-red-400 line-through mx-0.5' : 
+                    part.type === 'added' ? 'bg-emerald-50 text-emerald-700 dark:bg-emerald-900/20 dark:text-emerald-400 mx-0.5' : 
+                    'text-zinc-700 dark:text-zinc-300'
+                  )}
+                >
+                  {part.text}
+                </span>
+              ))}
+            </div>
+          )}
+        </div>
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? 'Replacement applied successfully' : 'Replacement failed'}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Processing string replacement...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

TwitterProvider.py

@@ -0,0 +1,240 @@
+from typing import Dict
+
+from agent.tools.data_providers.RapidDataProviderBase import RapidDataProviderBase, EndpointSchema
+
+
+class TwitterProvider(RapidDataProviderBase):
+    def __init__(self):
+        endpoints: Dict[str, EndpointSchema] = {
+            "user_info": {
+                "route": "/screenname.php",
+                "method": "GET",
+                "name": "Twitter User Info",
+                "description": "Get information about a Twitter user by screenname or user ID.",
+                "payload": {
+                    "screenname": "Twitter username without the @ symbol",
+                    "rest_id": "Optional Twitter user's ID. If provided, overwrites screenname parameter."
+                }
+            },
+            "timeline": {
+                "route": "/timeline.php",
+                "method": "GET",
+                "name": "User Timeline",
+                "description": "Get tweets from a user's timeline.",
+                "payload": {
+                    "screenname": "Twitter username without the @ symbol",
+                    "rest_id": "Optional parameter that overwrites the screenname",
+                    "cursor": "Optional pagination cursor"
+                }
+            },
+            "following": {
+                "route": "/following.php",
+                "method": "GET",
+                "name": "User Following",
+                "description": "Get users that a specific user follows.",
+                "payload": {
+                    "screenname": "Twitter username without the @ symbol",
+                    "rest_id": "Optional parameter that overwrites the screenname",
+                    "cursor": "Optional pagination cursor"
+                }
+            },
+            "followers": {
+                "route": "/followers.php",
+                "method": "GET",
+                "name": "User Followers",
+                "description": "Get followers of a specific user.",
+                "payload": {
+                    "screenname": "Twitter username without the @ symbol",
+                    "cursor": "Optional pagination cursor"
+                }
+            },
+            "search": {
+                "route": "/search.php",
+                "method": "GET",
+                "name": "Twitter Search",
+                "description": "Search for tweets with a specific query.",
+                "payload": {
+                    "query": "Search query string",
+                    "cursor": "Optional pagination cursor",
+                    "search_type": "Optional search type (e.g. 'Top')"
+                }
+            },
+            "replies": {
+                "route": "/replies.php",
+                "method": "GET",
+                "name": "User Replies",
+                "description": "Get replies made by a user.",
+                "payload": {
+                    "screenname": "Twitter username without the @ symbol",
+                    "cursor": "Optional pagination cursor"
+                }
+            },
+            "check_retweet": {
+                "route": "/checkretweet.php",
+                "method": "GET",
+                "name": "Check Retweet",
+                "description": "Check if a user has retweeted a specific tweet.",
+                "payload": {
+                    "screenname": "Twitter username without the @ symbol",
+                    "tweet_id": "ID of the tweet to check"
+                }
+            },
+            "tweet": {
+                "route": "/tweet.php",
+                "method": "GET",
+                "name": "Get Tweet",
+                "description": "Get details of a specific tweet by ID.",
+                "payload": {
+                    "id": "ID of the tweet"
+                }
+            },
+            "tweet_thread": {
+                "route": "/tweet_thread.php",
+                "method": "GET",
+                "name": "Get Tweet Thread",
+                "description": "Get a thread of tweets starting from a specific tweet ID.",
+                "payload": {
+                    "id": "ID of the tweet",
+                    "cursor": "Optional pagination cursor"
+                }
+            },
+            "retweets": {
+                "route": "/retweets.php",
+                "method": "GET",
+                "name": "Get Retweets",
+                "description": "Get users who retweeted a specific tweet.",
+                "payload": {
+                    "id": "ID of the tweet",
+                    "cursor": "Optional pagination cursor"
+                }
+            },
+            "latest_replies": {
+                "route": "/latest_replies.php",
+                "method": "GET",
+                "name": "Get Latest Replies",
+                "description": "Get the latest replies to a specific tweet.",
+                "payload": {
+                    "id": "ID of the tweet",
+                    "cursor": "Optional pagination cursor"
+                }
+            }
+        }
+        base_url = "https://twitter-api45.p.rapidapi.com"
+        super().__init__(base_url, endpoints)
+
+
+if __name__ == "__main__":
+    from dotenv import load_dotenv
+    load_dotenv()
+    tool = TwitterProvider()
+
+    # Example for getting user info
+    user_info = tool.call_endpoint(
+        route="user_info",
+        payload={
+            "screenname": "elonmusk",
+            # "rest_id": "44196397"  # Optional, uncomment to use user ID instead of screenname
+        }
+    )
+    print("User Info:", user_info)
+    
+    # Example for getting user timeline
+    timeline = tool.call_endpoint(
+        route="timeline",
+        payload={
+            "screenname": "elonmusk",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Timeline:", timeline)
+    
+    # Example for getting user following
+    following = tool.call_endpoint(
+        route="following",
+        payload={
+            "screenname": "elonmusk",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Following:", following)
+    
+    # Example for getting user followers
+    followers = tool.call_endpoint(
+        route="followers",
+        payload={
+            "screenname": "elonmusk",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Followers:", followers)
+    
+    # Example for searching tweets
+    search_results = tool.call_endpoint(
+        route="search",
+        payload={
+            "query": "cybertruck",
+            "search_type": "Top"  # Optional, defaults to Top
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Search Results:", search_results)
+    
+    # Example for getting user replies
+    replies = tool.call_endpoint(
+        route="replies",
+        payload={
+            "screenname": "elonmusk",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Replies:", replies)
+    
+    # Example for checking if user retweeted a tweet
+    check_retweet = tool.call_endpoint(
+        route="check_retweet",
+        payload={
+            "screenname": "elonmusk",
+            "tweet_id": "1671370010743263233"
+        }
+    )
+    print("Check Retweet:", check_retweet)
+    
+    # Example for getting tweet details
+    tweet = tool.call_endpoint(
+        route="tweet",
+        payload={
+            "id": "1671370010743263233"
+        }
+    )
+    print("Tweet:", tweet)
+    
+    # Example for getting a tweet thread
+    tweet_thread = tool.call_endpoint(
+        route="tweet_thread",
+        payload={
+            "id": "1738106896777699464",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Tweet Thread:", tweet_thread)
+    
+    # Example for getting retweets of a tweet
+    retweets = tool.call_endpoint(
+        route="retweets",
+        payload={
+            "id": "1700199139470942473",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Retweets:", retweets)
+    
+    # Example for getting latest replies to a tweet
+    latest_replies = tool.call_endpoint(
+        route="latest_replies",
+        payload={
+            "id": "1738106896777699464",
+            # "cursor": "optional-cursor-value"  # Optional for pagination
+        }
+    )
+    print("Latest Replies:", latest_replies)
+  

WebCrawlToolView.tsx

@@ -0,0 +1,156 @@
+import React from "react";
+import { Globe, CheckCircle, AlertTriangle, CircleDashed, ExternalLink } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractCrawlUrl, extractWebpageContent, formatTimestamp, getToolTitle } from "./utils";
+import { GenericToolView } from "./GenericToolView";
+import { cn } from "@/lib/utils";
+
+export function WebCrawlToolView({ 
+  name = "crawl-webpage",
+  assistantContent, 
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false
+}: ToolViewProps) {
+  const url = extractCrawlUrl(assistantContent);
+  const webpageContent = extractWebpageContent(toolContent);
+  const toolTitle = getToolTitle(name);
+  
+  if (!url) {
+    return (
+      <GenericToolView
+        name={name}
+        assistantContent={assistantContent}
+        toolContent={toolContent}
+        assistantTimestamp={assistantTimestamp}
+        toolTimestamp={toolTimestamp}
+        isSuccess={isSuccess}
+        isStreaming={isStreaming}
+      />
+    );
+  }
+  
+  // Format domain for display
+  const formatDomain = (url: string): string => {
+    try {
+      const urlObj = new URL(url);
+      return urlObj.hostname.replace('www.', '');
+    } catch (e) {
+      return url;
+    }
+  };
+  
+  const domain = url ? formatDomain(url) : 'Unknown';
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          {/* Webpage Header */}
+          <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <Globe className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">
+                {toolTitle}
+              </span>
+            </div>
+            
+            {!isStreaming && (
+              <div className="flex items-center gap-2">
+                <span className={cn(
+                  "text-xs flex items-center",
+                  isSuccess ? "text-emerald-600 dark:text-emerald-400" : "text-red-600 dark:text-red-400"
+                )}>
+                  <span className="h-1.5 w-1.5 rounded-full mr-1.5 bg-current"></span>
+                  {isSuccess ? 'Success' : 'Failed'}
+                </span>
+                
+                <a 
+                  href={url} 
+                  target="_blank" 
+                  rel="noopener noreferrer"
+                  className="flex items-center gap-1.5 py-1 px-2 text-xs text-zinc-700 dark:text-zinc-300 bg-zinc-200 dark:bg-zinc-800 hover:bg-zinc-300 dark:hover:bg-zinc-700 rounded transition-colors"
+                >
+                  <ExternalLink className="h-3.5 w-3.5 text-zinc-500 flex-shrink-0" />
+                  <span>Open URL</span>
+                </a>
+              </div>
+            )}
+          </div>
+          
+          {/* URL Bar */}
+          <div className="px-3 py-2 border-b border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900">
+            <code className="text-xs font-mono text-zinc-700 dark:text-zinc-300">{url}</code>
+          </div>
+          
+          {/* Content */}
+          {isStreaming ? (
+            <div className="flex-1 bg-white dark:bg-zinc-950 flex items-center justify-center">
+              <div className="text-center p-6">
+                <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Crawling webpage...</p>
+                <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">Fetching content from {domain}</p>
+              </div>
+            </div>
+          ) : (
+            <div className="flex-1 overflow-auto bg-white dark:bg-zinc-950 font-mono text-sm">
+              {webpageContent ? (
+                <div className="p-3">
+                  <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-2">Page Content</div>
+                  <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                    <pre className="p-3 text-xs overflow-auto whitespace-pre-wrap text-zinc-800 dark:text-zinc-300 font-mono">
+                      {webpageContent.text || "No content extracted"}
+                    </pre>
+                  </div>                  
+                </div>
+              ) : (
+                <div className="p-6 h-full flex items-center justify-center">
+                  <div className="text-center">
+                    <Globe className="h-6 w-6 mx-auto mb-2 text-zinc-400 dark:text-zinc-500" />
+                    <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">No content extracted</p>
+                    <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">The webpage might be restricted or empty</p>
+                  </div>
+                </div>
+              )}
+            </div>
+          )}
+        </div>
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? `${toolTitle} completed successfully` : `${toolTitle} operation failed`}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Executing {toolTitle.toLowerCase()}...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

WebScrapeToolView.tsx

@@ -0,0 +1,156 @@
+import React from "react";
+import { Globe, CheckCircle, AlertTriangle, CircleDashed, ExternalLink } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractCrawlUrl, extractWebpageContent, formatTimestamp, getToolTitle } from "./utils";
+import { GenericToolView } from "./GenericToolView";
+import { cn } from "@/lib/utils";
+
+export function WebScrapeToolView({ 
+  name = "scrape-webpage",
+  assistantContent, 
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false
+}: ToolViewProps) {
+  const url = extractCrawlUrl(assistantContent);
+  const webpageContent = extractWebpageContent(toolContent);
+  const toolTitle = getToolTitle(name);
+  
+  if (!url) {
+    return (
+      <GenericToolView
+        name={name}
+        assistantContent={assistantContent}
+        toolContent={toolContent}
+        assistantTimestamp={assistantTimestamp}
+        toolTimestamp={toolTimestamp}
+        isSuccess={isSuccess}
+        isStreaming={isStreaming}
+      />
+    );
+  }
+  
+  // Format domain for display
+  const formatDomain = (url: string): string => {
+    try {
+      const urlObj = new URL(url);
+      return urlObj.hostname.replace('www.', '');
+    } catch (e) {
+      return url;
+    }
+  };
+  
+  const domain = url ? formatDomain(url) : 'Unknown';
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          {/* Webpage Header */}
+          <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <Globe className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">
+                {toolTitle}
+              </span>
+            </div>
+            
+            {!isStreaming && (
+              <div className="flex items-center gap-2">
+                <span className={cn(
+                  "text-xs flex items-center",
+                  isSuccess ? "text-emerald-600 dark:text-emerald-400" : "text-red-600 dark:text-red-400"
+                )}>
+                  <span className="h-1.5 w-1.5 rounded-full mr-1.5 bg-current"></span>
+                  {isSuccess ? 'Success' : 'Failed'}
+                </span>
+                
+                <a 
+                  href={url} 
+                  target="_blank" 
+                  rel="noopener noreferrer"
+                  className="flex items-center gap-1.5 py-1 px-2 text-xs text-zinc-700 dark:text-zinc-300 bg-zinc-200 dark:bg-zinc-800 hover:bg-zinc-300 dark:hover:bg-zinc-700 rounded transition-colors"
+                >
+                  <ExternalLink className="h-3.5 w-3.5 text-zinc-500 flex-shrink-0" />
+                  <span>Open URL</span>
+                </a>
+              </div>
+            )}
+          </div>
+          
+          {/* URL Bar */}
+          <div className="px-3 py-2 border-b border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900">
+            <code className="text-xs font-mono text-zinc-700 dark:text-zinc-300">{url}</code>
+          </div>
+          
+          {/* Content */}
+          {isStreaming ? (
+            <div className="flex-1 bg-white dark:bg-zinc-950 flex items-center justify-center">
+              <div className="text-center p-6">
+                <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Scraping webpage...</p>
+                <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">Fetching content from {domain}</p>
+              </div>
+            </div>
+          ) : (
+            <div className="flex-1 overflow-auto bg-white dark:bg-zinc-950 font-mono text-sm">
+              {webpageContent ? (
+                <div className="p-3">
+                  <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-2">Page Content</div>
+                  <div className="bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                    <pre className="p-3 text-xs overflow-auto whitespace-pre-wrap text-zinc-800 dark:text-zinc-300 font-mono">
+                      {webpageContent.text || "No content extracted"}
+                    </pre>
+                  </div>                  
+                </div>
+              ) : (
+                <div className="p-6 h-full flex items-center justify-center">
+                  <div className="text-center">
+                    <Globe className="h-6 w-6 mx-auto mb-2 text-zinc-400 dark:text-zinc-500" />
+                    <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">No content extracted</p>
+                    <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">The webpage might be restricted or empty</p>
+                  </div>
+                </div>
+              )}
+            </div>
+          )}
+        </div>
+      </div>
+      
+      {/* Footer */}
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? `${toolTitle} completed successfully` : `${toolTitle} operation failed`}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Executing {toolTitle.toLowerCase()}...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

WebSearchToolView.tsx

@@ -0,0 +1,129 @@
+import React from "react";
+import { Search, CircleDashed, CheckCircle, AlertTriangle, ExternalLink } from "lucide-react";
+import { ToolViewProps } from "./types";
+import { extractSearchQuery, extractSearchResults, cleanUrl, formatTimestamp, getToolTitle } from "./utils";
+import { cn } from "@/lib/utils";
+
+export function WebSearchToolView({ 
+  name = "web-search",
+  assistantContent, 
+  toolContent,
+  assistantTimestamp,
+  toolTimestamp,
+  isSuccess = true,
+  isStreaming = false
+}: ToolViewProps) {
+  const query = extractSearchQuery(assistantContent);
+  const searchResults = extractSearchResults(toolContent);
+  const toolTitle = getToolTitle(name);
+  
+  return (
+    <div className="flex flex-col h-full">
+      <div className="flex-1 p-4 overflow-auto">
+        <div className="border border-zinc-200 dark:border-zinc-800 rounded-md overflow-hidden h-full flex flex-col">
+          <div className="flex items-center p-2 bg-zinc-100 dark:bg-zinc-900 justify-between border-b border-zinc-200 dark:border-zinc-800">
+            <div className="flex items-center">
+              <Search className="h-4 w-4 mr-2 text-zinc-600 dark:text-zinc-400" />
+              <span className="text-xs font-medium text-zinc-700 dark:text-zinc-300">{toolTitle}</span>
+            </div>
+            
+            {!isStreaming && (
+              <span className={cn(
+                "text-xs flex items-center",
+                isSuccess ? "text-emerald-600 dark:text-emerald-400" : "text-red-600 dark:text-red-400"
+              )}>
+                <span className="h-1.5 w-1.5 rounded-full mr-1.5 bg-current"></span>
+                {isSuccess ? 'Success' : 'Failed'}
+              </span>
+            )}
+          </div>
+          
+          <div className="px-3 py-2 border-b border-zinc-200 dark:border-zinc-800 bg-zinc-50 dark:bg-zinc-900">
+            <code className="text-xs font-mono text-zinc-700 dark:text-zinc-300">{query || 'Unknown query'}</code>
+          </div>
+          
+          <div className="flex-1 overflow-auto bg-white dark:bg-zinc-950 font-mono text-sm">
+            {isStreaming ? (
+              <div className="flex-1 flex items-center justify-center">
+                <div className="text-center p-6">
+                  <CircleDashed className="h-8 w-8 mx-auto mb-3 text-blue-500 animate-spin" />
+                  <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">Searching the web...</p>
+                  <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">This might take a moment</p>
+                </div>
+              </div>
+            ) : searchResults.length > 0 ? (
+              <div className="p-3">
+                <div className="text-xs font-medium text-zinc-500 dark:text-zinc-400 mb-3">
+                  Found {searchResults.length} results
+                </div>
+                <div className="divide-y divide-zinc-100 dark:divide-zinc-800 bg-zinc-50 dark:bg-zinc-900 border border-zinc-200 dark:border-zinc-800 rounded-md">
+                  {searchResults.map((result, idx) => (
+                    <div key={idx} className="p-3 space-y-1">
+                      <div className="flex flex-col">
+                        <div className="text-xs text-zinc-500 dark:text-zinc-400 truncate mb-0.5">
+                          {cleanUrl(result.url)}
+                        </div>
+                        <a 
+                          href={result.url} 
+                          target="_blank" 
+                          rel="noopener noreferrer"
+                          className="text-sm text-blue-600 dark:text-blue-400 hover:underline font-medium flex items-center gap-1"
+                        >
+                          {result.title}
+                          <ExternalLink className="h-3 w-3 opacity-60" />
+                        </a>
+                      </div>
+                      {result.snippet && (
+                        <p className="text-xs text-zinc-600 dark:text-zinc-400 line-clamp-2">
+                          {result.snippet}
+                        </p>
+                      )}
+                    </div>
+                  ))}
+                </div>
+              </div>
+            ) : (
+              <div className="p-6 text-center flex-1 flex flex-col items-center justify-center h-full">
+                <Search className="h-6 w-6 mx-auto mb-2 text-zinc-400 dark:text-zinc-500" />
+                <p className="text-sm font-medium text-zinc-700 dark:text-zinc-300">No results found</p>
+                <p className="text-xs mt-1 text-zinc-500 dark:text-zinc-400">Try refining your search query</p>
+              </div>
+            )}
+          </div>
+        </div>
+      </div>
+      
+      <div className="p-4 border-t border-zinc-200 dark:border-zinc-800">
+        <div className="flex items-center justify-between text-xs text-zinc-500 dark:text-zinc-400">
+          {!isStreaming && (
+            <div className="flex items-center gap-2">
+              {isSuccess ? (
+                <CheckCircle className="h-3.5 w-3.5 text-emerald-500" />
+              ) : (
+                <AlertTriangle className="h-3.5 w-3.5 text-red-500" />
+              )}
+              <span>
+                {isSuccess ? `${toolTitle} completed successfully` : `${toolTitle} operation failed`}
+              </span>
+            </div>
+          )}
+          
+          {isStreaming && (
+            <div className="flex items-center gap-2">
+              <CircleDashed className="h-3.5 w-3.5 text-blue-500 animate-spin" />
+              <span>Executing {toolTitle.toLowerCase()}...</span>
+            </div>
+          )}
+          
+          <div className="text-xs">
+            {toolTimestamp && !isStreaming 
+              ? formatTimestamp(toolTimestamp) 
+              : assistantTimestamp 
+                ? formatTimestamp(assistantTimestamp)
+                : ''}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+} 

YahooFinanceProvider.py

@@ -0,0 +1,190 @@
+from typing import Dict
+
+from agent.tools.data_providers.RapidDataProviderBase import RapidDataProviderBase, EndpointSchema
+
+
+class YahooFinanceProvider(RapidDataProviderBase):
+    def __init__(self):
+        endpoints: Dict[str, EndpointSchema] = {
+            "get_tickers": {
+                "route": "/v2/markets/tickers",
+                "method": "GET",
+                "name": "Yahoo Finance Tickers",
+                "description": "Get financial tickers from Yahoo Finance with various filters and parameters.",
+                "payload": {
+                    "page": "Page number for pagination (optional, default: 1)",
+                    "type": "Asset class type (required): STOCKS, ETF, MUTUALFUNDS, or FUTURES",
+                }
+            },
+            "search": {
+                "route": "/v1/markets/search",
+                "method": "GET",
+                "name": "Yahoo Finance Search",
+                "description": "Search for financial instruments on Yahoo Finance",
+                "payload": {
+                    "search": "Search term (required)",
+                }
+            },
+            "get_news": {
+                "route": "/v2/markets/news",
+                "method": "GET",
+                "name": "Yahoo Finance News",
+                "description": "Get news related to specific tickers from Yahoo Finance",
+                "payload": {
+                    "tickers": "Stock symbol (optional, e.g., AAPL)",
+                    "type": "News type (optional): ALL, VIDEO, or PRESS_RELEASE",
+                }
+            },
+            "get_stock_module": {
+                "route": "/v1/markets/stock/modules",
+                "method": "GET",
+                "name": "Yahoo Finance Stock Module",
+                "description": "Get detailed information about a specific stock module",
+                "payload": {
+                    "ticker": "Company ticker symbol (required, e.g., AAPL)",
+                    "module": "Module to retrieve (required): asset-profile, financial-data, earnings, etc.",
+                }
+            },
+            "get_sma": {
+                "route": "/v1/markets/indicators/sma",
+                "method": "GET",
+                "name": "Yahoo Finance SMA Indicator",
+                "description": "Get Simple Moving Average (SMA) indicator data for a stock",
+                "payload": {
+                    "symbol": "Stock symbol (required, e.g., AAPL)",
+                    "interval": "Time interval (required): 5m, 15m, 30m, 1h, 1d, 1wk, 1mo, 3mo",
+                    "series_type": "Series type (required): open, close, high, low",
+                    "time_period": "Number of data points used for calculation (required)",
+                    "limit": "Limit the number of results (optional, default: 50)",
+                }
+            },
+            "get_rsi": {
+                "route": "/v1/markets/indicators/rsi",
+                "method": "GET",
+                "name": "Yahoo Finance RSI Indicator",
+                "description": "Get Relative Strength Index (RSI) indicator data for a stock",
+                "payload": {
+                    "symbol": "Stock symbol (required, e.g., AAPL)",
+                    "interval": "Time interval (required): 5m, 15m, 30m, 1h, 1d, 1wk, 1mo, 3mo",
+                    "series_type": "Series type (required): open, close, high, low",
+                    "time_period": "Number of data points used for calculation (required)",
+                    "limit": "Limit the number of results (optional, default: 50)",
+                }
+            },
+            "get_earnings_calendar": {
+                "route": "/v1/markets/calendar/earnings",
+                "method": "GET",
+                "name": "Yahoo Finance Earnings Calendar",
+                "description": "Get earnings calendar data for a specific date",
+                "payload": {
+                    "date": "Calendar date in yyyy-mm-dd format (optional, e.g., 2023-11-30)",
+                }
+            },
+            "get_insider_trades": {
+                "route": "/v1/markets/insider-trades",
+                "method": "GET",
+                "name": "Yahoo Finance Insider Trades",
+                "description": "Get recent insider trading activity",
+                "payload": {}
+            },
+        }
+        base_url = "https://yahoo-finance15.p.rapidapi.com/api"
+        super().__init__(base_url, endpoints)
+
+
+if __name__ == "__main__":
+    from dotenv import load_dotenv
+    load_dotenv()
+    tool = YahooFinanceProvider()
+
+    # Example for getting stock tickers
+    tickers_result = tool.call_endpoint(
+        route="get_tickers",
+        payload={
+            "page": 1,
+            "type": "STOCKS"
+        }
+    )
+    print("Tickers Result:", tickers_result)
+    
+    # Example for searching financial instruments
+    search_result = tool.call_endpoint(
+        route="search",
+        payload={
+            "search": "AA"
+        }
+    )
+    print("Search Result:", search_result)
+    
+    # Example for getting financial news
+    news_result = tool.call_endpoint(
+        route="get_news",
+        payload={
+            "tickers": "AAPL",
+            "type": "ALL"
+        }
+    )
+    print("News Result:", news_result)
+    
+    # Example for getting stock asset profile module
+    stock_module_result = tool.call_endpoint(
+        route="get_stock_module",
+        payload={
+            "ticker": "AAPL",
+            "module": "asset-profile"
+        }
+    )
+    print("Asset Profile Result:", stock_module_result)
+    
+    # Example for getting financial data module
+    financial_data_result = tool.call_endpoint(
+        route="get_stock_module",
+        payload={
+            "ticker": "AAPL",
+            "module": "financial-data"
+        }
+    )
+    print("Financial Data Result:", financial_data_result)
+    
+    # Example for getting SMA indicator data
+    sma_result = tool.call_endpoint(
+        route="get_sma",
+        payload={
+            "symbol": "AAPL",
+            "interval": "5m",
+            "series_type": "close",
+            "time_period": "50",
+            "limit": "50"
+        }
+    )
+    print("SMA Result:", sma_result)
+    
+    # Example for getting RSI indicator data
+    rsi_result = tool.call_endpoint(
+        route="get_rsi",
+        payload={
+            "symbol": "AAPL",
+            "interval": "5m",
+            "series_type": "close",
+            "time_period": "50",
+            "limit": "50"
+        }
+    )
+    print("RSI Result:", rsi_result)
+    
+    # Example for getting earnings calendar data
+    earnings_calendar_result = tool.call_endpoint(
+        route="get_earnings_calendar",
+        payload={
+            "date": "2023-11-30"
+        }
+    )
+    print("Earnings Calendar Result:", earnings_calendar_result)
+    
+    # Example for getting insider trades
+    insider_trades_result = tool.call_endpoint(
+        route="get_insider_trades",
+        payload={}
+    )
+    print("Insider Trades Result:", insider_trades_result)
+

ZillowProvider.py

@@ -0,0 +1,187 @@
+from typing import Dict
+import logging
+
+from agent.tools.data_providers.RapidDataProviderBase import RapidDataProviderBase, EndpointSchema
+
+logger = logging.getLogger(__name__)
+
+
+class ZillowProvider(RapidDataProviderBase):
+    def __init__(self):
+        endpoints: Dict[str, EndpointSchema] = {
+            "search": {
+                "route": "/search",
+                "method": "GET",
+                "name": "Zillow Property Search",
+                "description": "Search for properties by neighborhood, city, or ZIP code with various filters.",
+                "payload": {
+                    "location": "Location can be an address, neighborhood, city, or ZIP code (required)",
+                    "page": "Page number for pagination (optional, default: 0)",
+                    "output": "Output format: json, csv, xlsx (optional, default: json)",
+                    "status": "Status of properties: forSale, forRent, recentlySold (optional, default: forSale)",
+                    "sortSelection": "Sorting criteria (optional, default: priorityscore)",
+                    "listing_type": "Listing type: by_agent, by_owner_other (optional, default: by_agent)",
+                    "doz": "Days on Zillow: any, 1, 7, 14, 30, 90, 6m, 12m, 24m, 36m (optional, default: any)",
+                    "price_min": "Minimum price (optional)",
+                    "price_max": "Maximum price (optional)",
+                    "sqft_min": "Minimum square footage (optional)",
+                    "sqft_max": "Maximum square footage (optional)",
+                    "beds_min": "Minimum number of bedrooms (optional)",
+                    "beds_max": "Maximum number of bedrooms (optional)",
+                    "baths_min": "Minimum number of bathrooms (optional)",
+                    "baths_max": "Maximum number of bathrooms (optional)",
+                    "built_min": "Minimum year built (optional)",
+                    "built_max": "Maximum year built (optional)",
+                    "lotSize_min": "Minimum lot size in sqft (optional)",
+                    "lotSize_max": "Maximum lot size in sqft (optional)",
+                    "keywords": "Keywords to search for (optional)"
+                }
+            },
+            "search_address": {
+                "route": "/search_address",
+                "method": "GET",
+                "name": "Zillow Address Search",
+                "description": "Search for a specific property by its full address.",
+                "payload": {
+                    "address": "Full property address (required)"
+                }
+            },
+            "propertyV2": {
+                "route": "/propertyV2",
+                "method": "GET",
+                "name": "Zillow Property Details",
+                "description": "Get detailed information about a specific property by zpid or URL.",
+                "payload": {
+                    "zpid": "Zillow property ID (optional if URL is provided)",
+                    "url": "Property details URL (optional if zpid is provided)"
+                }
+            },
+            "zestimate_history": {
+                "route": "/zestimate_history",
+                "method": "GET",
+                "name": "Zillow Zestimate History",
+                "description": "Get historical Zestimate values for a specific property.",
+                "payload": {
+                    "zpid": "Zillow property ID (optional if URL is provided)",
+                    "url": "Property details URL (optional if zpid is provided)"
+                }
+            },
+            "similar_properties": {
+                "route": "/similar_properties",
+                "method": "GET",
+                "name": "Zillow Similar Properties",
+                "description": "Find properties similar to a specific property.",
+                "payload": {
+                    "zpid": "Zillow property ID (optional if URL or address is provided)",
+                    "url": "Property details URL (optional if zpid or address is provided)",
+                    "address": "Property address (optional if zpid or URL is provided)"
+                }
+            },
+            "mortgage_rates": {
+                "route": "/mortgage/rates",
+                "method": "GET",
+                "name": "Zillow Mortgage Rates",
+                "description": "Get current mortgage rates for different loan programs and conditions.",
+                "payload": {
+                    "program": "Loan program (required): Fixed30Year, Fixed20Year, Fixed15Year, Fixed10Year, ARM3, ARM5, ARM7, etc.",
+                    "state": "State abbreviation (optional, default: US)",
+                    "refinance": "Whether this is for refinancing (optional, default: false)",
+                    "loanType": "Type of loan: Conventional, etc. (optional)",
+                    "loanAmount": "Loan amount category: Micro, SmallConforming, Conforming, SuperConforming, Jumbo (optional)",
+                    "loanToValue": "Loan to value ratio: Normal, High, VeryHigh (optional)",
+                    "creditScore": "Credit score category: Low, High, VeryHigh (optional)",
+                    "duration": "Duration in days (optional, default: 30)"
+                }
+            },
+        }
+        base_url = "https://zillow56.p.rapidapi.com"
+        super().__init__(base_url, endpoints)
+
+
+if __name__ == "__main__":
+    from dotenv import load_dotenv
+    from time import sleep
+    load_dotenv()
+    tool = ZillowProvider()
+
+    # Example for searching properties in Houston
+    search_result = tool.call_endpoint(
+        route="search",
+        payload={
+            "location": "houston, tx",
+            "status": "forSale",
+            "sortSelection": "priorityscore",
+            "listing_type": "by_agent",
+            "doz": "any"
+        }
+    )
+    logger.debug("Search Result: %s", search_result)
+    logger.debug("***")
+    logger.debug("***")
+    logger.debug("***")
+    sleep(1)
+    # Example for searching by address
+    address_result = tool.call_endpoint(
+        route="search_address",
+        payload={
+            "address": "1161 Natchez Dr College Station Texas 77845"
+        }
+    )
+    logger.debug("Address Search Result: %s", address_result)
+    logger.debug("***")
+    logger.debug("***")
+    logger.debug("***")
+    sleep(1)
+    # Example for getting property details
+    property_result = tool.call_endpoint(
+        route="propertyV2",
+        payload={
+            "zpid": "7594920"
+        }
+    )
+    logger.debug("Property Details Result: %s", property_result)
+    sleep(1)
+    logger.debug("***")
+    logger.debug("***")
+    logger.debug("***")
+
+    # Example for getting zestimate history
+    zestimate_result = tool.call_endpoint(
+        route="zestimate_history",
+        payload={
+            "zpid": "20476226"
+        }
+    )
+    logger.debug("Zestimate History Result: %s", zestimate_result)
+    sleep(1)
+    logger.debug("***")
+    logger.debug("***")
+    logger.debug("***")
+    # Example for getting similar properties
+    similar_result = tool.call_endpoint(
+        route="similar_properties",
+        payload={
+            "zpid": "28253016"
+        }
+    )
+    logger.debug("Similar Properties Result: %s", similar_result)
+    sleep(1)
+    logger.debug("***")
+    logger.debug("***")
+    logger.debug("***")
+    # Example for getting mortgage rates
+    mortgage_result = tool.call_endpoint(
+        route="mortgage_rates",
+        payload={
+            "program": "Fixed30Year",
+            "state": "US",
+            "refinance": "false",
+            "loanType": "Conventional",
+            "loanAmount": "Conforming",
+            "loanToValue": "Normal",
+            "creditScore": "Low",
+            "duration": "30"
+        }
+    )
+    logger.debug("Mortgage Rates Result: %s", mortgage_result)
+  

__init__.py

@@ -0,0 +1 @@
+# Utility functions and constants for agent tools 

accept-team-invitation.tsx

@@ -0,0 +1,36 @@
+import { acceptInvitation } from "@/lib/actions/invitations";
+import { createClient } from "@/lib/supabase/server";
+import { Alert } from "../ui/alert";
+import { Card, CardContent } from "../ui/card";
+import { SubmitButton } from "../ui/submit-button";
+
+type Props = {
+    token: string;
+}
+export default async function AcceptTeamInvitation({ token }: Props) {
+    const supabaseClient = await createClient();
+    const { data: invitation } = await supabaseClient.rpc('lookup_invitation', {
+        lookup_invitation_token: token
+    });
+
+    return (
+        <Card>
+            <CardContent className="p-8 text-center flex flex-col gap-y-8">
+                <div>
+                    <p>You've been invited to join</p>
+                    <h1 className="text-xl font-bold">{invitation.account_name}</h1>
+                </div>
+                {Boolean(invitation.active) ? (
+                    <form>
+                        <input type="hidden" name="token" value={token} />
+                        <SubmitButton formAction={acceptInvitation} pendingText="Accepting invitation...">Accept invitation</SubmitButton>
+                    </form>
+                ) : (
+                    <Alert variant="destructive">
+                        This invitation has been deactivated. Please contact the account owner for a new invitation.
+                    </Alert>
+                )}
+            </CardContent>
+        </Card>
+    )
+}

accordion.tsx

@@ -0,0 +1,66 @@
+"use client"
+
+import * as React from "react"
+import * as AccordionPrimitive from "@radix-ui/react-accordion"
+import { ChevronDownIcon } from "lucide-react"
+
+import { cn } from "@/lib/utils"
+
+function Accordion({
+  ...props
+}: React.ComponentProps<typeof AccordionPrimitive.Root>) {
+  return <AccordionPrimitive.Root data-slot="accordion" {...props} />
+}
+
+function AccordionItem({
+  className,
+  ...props
+}: React.ComponentProps<typeof AccordionPrimitive.Item>) {
+  return (
+    <AccordionPrimitive.Item
+      data-slot="accordion-item"
+      className={cn("border-b last:border-b-0", className)}
+      {...props}
+    />
+  )
+}
+
+function AccordionTrigger({
+  className,
+  children,
+  ...props
+}: React.ComponentProps<typeof AccordionPrimitive.Trigger>) {
+  return (
+    <AccordionPrimitive.Header className="flex">
+      <AccordionPrimitive.Trigger
+        data-slot="accordion-trigger"
+        className={cn(
+          "focus-visible:border-ring focus-visible:ring-ring/50 flex flex-1 items-start justify-between gap-4 rounded-md py-4 text-left text-sm font-medium transition-all outline-none hover:underline focus-visible:ring-[3px] disabled:pointer-events-none disabled:opacity-50 [&[data-state=open]>svg]:rotate-180",
+          className
+        )}
+        {...props}
+      >
+        {children}
+        <ChevronDownIcon className="text-muted-foreground pointer-events-none size-4 shrink-0 translate-y-0.5 transition-transform duration-200" />
+      </AccordionPrimitive.Trigger>
+    </AccordionPrimitive.Header>
+  )
+}
+
+function AccordionContent({
+  className,
+  children,
+  ...props
+}: React.ComponentProps<typeof AccordionPrimitive.Content>) {
+  return (
+    <AccordionPrimitive.Content
+      data-slot="accordion-content"
+      className="data-[state=closed]:animate-accordion-up data-[state=open]:animate-accordion-down overflow-hidden text-sm"
+      {...props}
+    >
+      <div className={cn("pt-0 pb-4", className)}>{children}</div>
+    </AccordionPrimitive.Content>
+  )
+}
+
+export { Accordion, AccordionItem, AccordionTrigger, AccordionContent }

account-billing-status.tsx

@@ -0,0 +1,178 @@
+import { createClient } from "@/lib/supabase/server";
+import { SubmitButton } from "../ui/submit-button";
+import { manageSubscription } from "@/lib/actions/billing";
+import { PlanComparison, SUBSCRIPTION_PLANS } from "../billing/plan-comparison";
+import { isLocalMode } from "@/lib/config";
+
+type Props = {
+    accountId: string;
+    returnUrl: string;
+}
+
+export default async function AccountBillingStatus({ accountId, returnUrl }: Props) {
+    // In local development mode, show a simplified component
+    if (isLocalMode()) {
+        return (
+            <div className="rounded-xl border shadow-sm bg-card p-6">
+                <h2 className="text-xl font-semibold mb-4">Billing Status</h2>
+                <div className="p-4 mb-4 bg-muted/30 border border-border rounded-lg text-center">
+                    <p className="text-sm text-muted-foreground">
+                        Running in local development mode - billing features are disabled
+                    </p>
+                    <p className="text-xs text-muted-foreground mt-2">
+                        Agent usage limits are not enforced in this environment
+                    </p>
+                </div>
+            </div>
+        );
+    }
+
+    const supabaseClient = await createClient();
+    
+    // Get account subscription and usage data
+    const { data: subscriptionData } = await supabaseClient
+        .schema('basejump')
+        .from('billing_subscriptions')
+        .select('*')
+        .eq('account_id', accountId)
+        .eq('status', 'active')
+        .limit(1)
+        .order('created_at', { ascending: false })
+        .single();
+    
+    // Get agent runs for this account
+    // Get the account's threads
+    const { data: threads } = await supabaseClient
+        .from('threads')
+        .select('thread_id')
+        .eq('account_id', accountId);
+    
+    const threadIds = threads?.map(t => t.thread_id) || [];
+    
+    // Get current month usage
+    const now = new Date();
+    const startOfMonth = new Date(now.getFullYear(), now.getMonth(), 1);
+    const isoStartOfMonth = startOfMonth.toISOString();
+    
+    let totalAgentTime = 0;
+    let usageDisplay = "No usage this month";
+    
+    if (threadIds.length > 0) {
+        const { data: agentRuns } = await supabaseClient
+            .from('agent_runs')
+            .select('started_at, completed_at')
+            .in('thread_id', threadIds)
+            .gte('started_at', isoStartOfMonth);
+        
+        if (agentRuns && agentRuns.length > 0) {
+            const nowTimestamp = now.getTime();
+            
+            totalAgentTime = agentRuns.reduce((total, run) => {
+                const startTime = new Date(run.started_at).getTime();
+                const endTime = run.completed_at 
+                    ? new Date(run.completed_at).getTime()
+                    : nowTimestamp;
+                
+                return total + (endTime - startTime) / 1000; // In seconds
+            }, 0);
+            
+            // Convert to minutes
+            const totalMinutes = Math.round(totalAgentTime / 60);
+            usageDisplay = `${totalMinutes} minutes`;
+        }
+    }
+    
+    const isPlan = (planId?: string) => {
+        return subscriptionData?.price_id === planId;
+    };
+    
+    const planName = isPlan(SUBSCRIPTION_PLANS.FREE) 
+        ? "Free" 
+        : isPlan(SUBSCRIPTION_PLANS.PRO)
+            ? "Pro"
+            : isPlan(SUBSCRIPTION_PLANS.ENTERPRISE)
+                ? "Enterprise"
+                : "Unknown";
+
+    return (
+        <div className="rounded-xl border shadow-sm bg-card p-6">
+            <h2 className="text-xl font-semibold mb-4">Billing Status</h2>
+            
+            {subscriptionData ? (
+                <>
+                    <div className="mb-6">
+                        <div className="rounded-lg border bg-background p-4 grid grid-cols-1 md:grid-cols-2 gap-4">
+                            <div>
+                                <div className="flex justify-between items-center">
+                                    <span className="text-sm font-medium text-foreground/90">Current Plan</span>
+                                    <span className="text-sm font-medium text-card-title">{planName}</span>
+                                </div>
+                            </div>
+                            
+                            <div className="flex justify-between items-center">
+                                <span className="text-sm font-medium text-foreground/90">Agent Usage This Month</span>
+                                <span className="text-sm font-medium text-card-title">{usageDisplay}</span>
+                            </div>
+                        </div>
+                    </div>
+
+                    {/* Plans Comparison */}
+                    <PlanComparison
+                        accountId={accountId}
+                        returnUrl={returnUrl}
+                        className="mb-6"
+                    />
+
+                    {/* Manage Subscription Button */}
+                    <form>
+                        <input type="hidden" name="accountId" value={accountId} />
+                        <input type="hidden" name="returnUrl" value={returnUrl} />
+                        <SubmitButton
+                            pendingText="Loading..."
+                            formAction={manageSubscription}
+                            className="w-full bg-primary text-white hover:bg-primary/90 shadow-md hover:shadow-lg transition-all"
+                        >
+                            Manage Subscription
+                        </SubmitButton>
+                    </form>
+                </>
+            ) : (
+                <>
+                    <div className="mb-6">
+                        <div className="rounded-lg border bg-background p-4 gap-4">
+                            <div className="flex justify-between items-center">
+                                <span className="text-sm font-medium text-foreground/90">Current Plan</span>
+                                <span className="text-sm font-medium text-card-title">Free</span>
+                            </div>
+                            
+                            <div className="flex justify-between items-center">
+                                <span className="text-sm font-medium text-foreground/90">Agent Usage This Month</span>
+                                <span className="text-sm font-medium text-card-title">{usageDisplay}</span>
+                            </div>
+                        </div>
+                    </div>
+
+                    {/* Plans Comparison */}
+                    <PlanComparison
+                        accountId={accountId}
+                        returnUrl={returnUrl}
+                        className="mb-6"
+                    />
+
+                    {/* Manage Subscription Button */}
+                    <form>
+                        <input type="hidden" name="accountId" value={accountId} />
+                        <input type="hidden" name="returnUrl" value={returnUrl} />
+                        <SubmitButton
+                            pendingText="Loading..."
+                            formAction={manageSubscription}
+                            className="w-full bg-primary text-white hover:bg-primary/90 shadow-md hover:shadow-lg transition-all"
+                        >
+                            Manage Subscription
+                        </SubmitButton>
+                    </form>
+                </>
+            )}
+        </div>
+    )
+}

account-selector.tsx

@@ -0,0 +1,165 @@
+"use client"
+
+import { ComponentPropsWithoutRef, useMemo, useState } from "react"
+import { Check, ChevronsUpDown, PlusCircle } from "lucide-react";
+
+import { cn } from "@/lib/utils"
+import { Button } from "@/components/ui/button"
+import {
+    Command,
+    CommandEmpty,
+    CommandGroup,
+    CommandInput,
+    CommandItem,
+    CommandList,
+    CommandSeparator,
+} from "@/components/ui/command"
+import {
+    Dialog,
+    DialogContent,
+    DialogDescription,
+    DialogHeader,
+    DialogTitle,
+    DialogTrigger,
+} from "@/components/ui/dialog"
+import { Popover, PopoverContent, PopoverTrigger, } from "@/components/ui/popover"
+import NewTeamForm from "@/components/basejump/new-team-form";
+import { useAccounts } from "@/hooks/use-accounts";
+
+type PopoverTriggerProps = ComponentPropsWithoutRef<typeof PopoverTrigger>;
+
+type SelectedAccount = NonNullable<ReturnType<typeof useAccounts>["data"]>[0];
+
+interface AccountSelectorProps extends PopoverTriggerProps {
+    accountId: string;
+    placeholder?: string;
+    onAccountSelected?: (account: SelectedAccount) => void;
+}
+
+export default function AccountSelector({ className, accountId, onAccountSelected, placeholder = "Select an account..." }: AccountSelectorProps) {
+
+    const [open, setOpen] = useState(false)
+    const [showNewTeamDialog, setShowNewTeamDialog] = useState(false)
+
+    const { data: accounts } = useAccounts();
+
+    const { teamAccounts, personalAccount, selectedAccount } = useMemo(() => {
+        const personalAccount = accounts?.find((account) => account.personal_account);
+        const teamAccounts = accounts?.filter((account) => !account.personal_account);
+        const selectedAccount = accounts?.find((account) => account.account_id === accountId);
+
+        return {
+            personalAccount,
+            teamAccounts,
+            selectedAccount,
+        }
+    }, [accounts, accountId]);
+
+    return (
+        <Dialog open={showNewTeamDialog} onOpenChange={setShowNewTeamDialog}>
+            <Popover open={open} onOpenChange={setOpen}>
+                <PopoverTrigger asChild>
+                    <Button
+                        variant="ghost"
+                        role="combobox"
+                        aria-expanded={open}
+                        aria-label="Select a team"
+                        className={cn(
+                            "w-full flex items-center gap-2 h-9 pl-3 pr-2 rounded-md justify-between border border-subtle dark:border-white/10 bg-transparent hover:bg-hover-bg text-foreground/90", 
+                            className
+                        )}
+                    >
+                        <span className="truncate max-w-[180px]">
+                            {selectedAccount?.name || placeholder}
+                        </span>
+                        <ChevronsUpDown className="h-4 w-4 shrink-0 text-foreground/50" />
+                    </Button>
+                </PopoverTrigger>
+                <PopoverContent className="w-[250px] p-0 border-subtle dark:border-white/10 bg-card-bg dark:bg-background-secondary rounded-xl shadow-custom">
+                    <Command className="rounded-xl overflow-hidden bg-card-bg dark:bg-background-secondary border-0">
+                        <CommandList className="border-0 bg-card-bg dark:bg-background-secondary">
+                            <CommandInput placeholder="Search account..." className="h-9 border-0 focus:ring-0 rounded-t-xl bg-card-bg dark:bg-background-secondary text-foreground/90" />
+                            <CommandEmpty className="text-foreground/70 text-sm py-2">No account found.</CommandEmpty>
+                            <CommandGroup heading="Personal Account" className="text-xs font-medium text-foreground/70 bg-card-bg dark:bg-background-secondary">
+                                <CommandItem
+                                    key={personalAccount?.account_id}
+                                    onSelect={() => {
+                                        if (onAccountSelected) {
+                                            onAccountSelected(personalAccount!)
+                                        }
+                                        setOpen(false)
+                                    }}
+                                    className="text-sm rounded-md bg-card-bg dark:bg-background-secondary hover:!bg-[#f1eee7] dark:hover:!bg-[#141413] aria-selected:!bg-[#f1eee7] dark:aria-selected:!bg-[#141413] text-foreground/90"
+                                >
+                                    {personalAccount?.name}
+                                    <Check
+                                        className={cn(
+                                            "ml-auto h-4 w-4 text-primary",
+                                            selectedAccount?.account_id === personalAccount?.account_id
+                                                ? "opacity-100"
+                                                : "opacity-0"
+                                        )}
+                                    />
+                                </CommandItem>
+                            </CommandGroup>
+                            {Boolean(teamAccounts?.length) && (
+                                <CommandGroup heading="Teams" className="text-xs font-medium text-foreground/70 bg-card-bg dark:bg-background-secondary">
+                                    {teamAccounts?.map((team) => (
+                                        <CommandItem
+                                            key={team.account_id}
+                                            onSelect={() => {
+                                                if (onAccountSelected) {
+                                                    onAccountSelected(team)
+                                                }
+
+                                                setOpen(false)
+                                            }}
+                                            className="text-sm rounded-md bg-card-bg dark:bg-background-secondary hover:!bg-[#f1eee7] dark:hover:!bg-[#141413] aria-selected:!bg-[#f1eee7] dark:aria-selected:!bg-[#141413] text-foreground/90"
+                                        >
+                                            {team.name}
+                                            <Check
+                                                className={cn(
+                                                    "ml-auto h-4 w-4 text-primary",
+                                                    selectedAccount?.account_id === team.account_id
+                                                        ? "opacity-100"
+                                                        : "opacity-0"
+                                                )}
+                                            />
+                                        </CommandItem>
+                                    ))}
+                                </CommandGroup>
+                            )}
+                        </CommandList>
+                        <CommandSeparator className="border-subtle dark:border-white/10" />
+                        <CommandList className="bg-card-bg dark:bg-background-secondary">
+                            <CommandGroup className="bg-card-bg dark:bg-background-secondary">
+                                <DialogTrigger asChild>
+                                    <CommandItem
+                                    value="new-team"
+                                        onSelect={() => {
+                                            setOpen(false)
+                                            setShowNewTeamDialog(true)
+                                        }}
+                                        className="text-sm rounded-md bg-card-bg dark:bg-background-secondary hover:!bg-[#f1eee7] dark:hover:!bg-[#141413] text-foreground/90"
+                                    >
+                                        <PlusCircle className="mr-2 h-4 w-4 text-primary" />
+                                        Create Team
+                                    </CommandItem>
+                                </DialogTrigger>
+                            </CommandGroup>
+                        </CommandList>
+                    </Command>
+                </PopoverContent>
+            </Popover>
+            <DialogContent className="sm:max-w-[425px] border-subtle dark:border-white/10 bg-card-bg dark:bg-background-secondary rounded-2xl shadow-custom">
+                <DialogHeader>
+                    <DialogTitle className="text-foreground">Create a new team</DialogTitle>
+                    <DialogDescription className="text-foreground/70">
+                        Create a team to collaborate with others.
+                    </DialogDescription>
+                </DialogHeader>
+                <NewTeamForm />
+            </DialogContent>
+        </Dialog>
+    )
+}

actions.ts

@@ -0,0 +1,140 @@
+"use server";
+
+import { createClient } from "@/lib/supabase/server";
+import { redirect } from "next/navigation";
+
+export async function signIn(prevState: any, formData: FormData) {
+  const email = formData.get("email") as string;
+  const password = formData.get("password") as string;
+  const returnUrl = formData.get("returnUrl") as string | undefined;
+  
+  if (!email || !email.includes('@')) {
+    return { message: "Please enter a valid email address" };
+  }
+  
+  if (!password || password.length < 6) {
+    return { message: "Password must be at least 6 characters" };
+  }
+
+  const supabase = await createClient();
+
+  const { error } = await supabase.auth.signInWithPassword({
+    email,
+    password
+  });
+
+  if (error) {
+    return { message: error.message || "Could not authenticate user" };
+  }
+
+  return redirect(returnUrl || "/dashboard");
+}
+
+export async function signUp(prevState: any, formData: FormData) {
+  const origin = formData.get("origin") as string;
+  const email = formData.get("email") as string;
+  const password = formData.get("password") as string;
+  const confirmPassword = formData.get("confirmPassword") as string;
+  const returnUrl = formData.get("returnUrl") as string | undefined;
+  
+  if (!email || !email.includes('@')) {
+    return { message: "Please enter a valid email address" };
+  }
+  
+  if (!password || password.length < 6) {
+    return { message: "Password must be at least 6 characters" };
+  }
+
+  if (password !== confirmPassword) {
+    return { message: "Passwords do not match" };
+  }
+
+  const supabase = await createClient();
+
+  const { error } = await supabase.auth.signUp({
+    email,
+    password,
+    options: {
+      emailRedirectTo: `${origin}/auth/callback?returnUrl=${returnUrl}`,
+    },
+  });
+
+  if (error) {
+    return { message: error.message || "Could not create account" };
+  }
+
+  // Try to sign in immediately
+  const { error: signInError } = await supabase.auth.signInWithPassword({
+    email,
+    password
+  });
+
+  if (signInError) {
+    return { message: "Account created! Check your email to confirm your registration." };
+  }
+
+  return redirect(returnUrl || "/dashboard");
+}
+
+export async function forgotPassword(prevState: any, formData: FormData) {
+  const email = formData.get("email") as string;
+  const origin = formData.get("origin") as string;
+  
+  if (!email || !email.includes('@')) {
+    return { message: "Please enter a valid email address" };
+  }
+
+  const supabase = await createClient();
+
+  const { error } = await supabase.auth.resetPasswordForEmail(email, {
+    redirectTo: `${origin}/auth/reset-password`,
+  });
+
+  if (error) {
+    return { message: error.message || "Could not send password reset email" };
+  }
+
+  return { 
+    success: true, 
+    message: "Check your email for a password reset link" 
+  };
+}
+
+export async function resetPassword(prevState: any, formData: FormData) {
+  const password = formData.get("password") as string;
+  const confirmPassword = formData.get("confirmPassword") as string;
+  
+  if (!password || password.length < 6) {
+    return { message: "Password must be at least 6 characters" };
+  }
+
+  if (password !== confirmPassword) {
+    return { message: "Passwords do not match" };
+  }
+
+  const supabase = await createClient();
+
+  const { error } = await supabase.auth.updateUser({
+    password
+  });
+
+  if (error) {
+    return { message: error.message || "Could not update password" };
+  }
+
+  return { 
+    success: true, 
+    message: "Password updated successfully" 
+  };
+}
+
+export async function signOut() {
+  const supabase = await createClient();
+  const { error } = await supabase.auth.signOut();
+  
+  if (error) {
+    return { message: error.message || "Could not sign out" };
+  }
+
+  return redirect("/");
+} 

alert-dialog.tsx

@@ -0,0 +1,157 @@
+"use client"
+
+import * as React from "react"
+import * as AlertDialogPrimitive from "@radix-ui/react-alert-dialog"
+
+import { cn } from "@/lib/utils"
+import { buttonVariants } from "@/components/ui/button"
+
+function AlertDialog({
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Root>) {
+  return <AlertDialogPrimitive.Root data-slot="alert-dialog" {...props} />
+}
+
+function AlertDialogTrigger({
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Trigger>) {
+  return (
+    <AlertDialogPrimitive.Trigger data-slot="alert-dialog-trigger" {...props} />
+  )
+}
+
+function AlertDialogPortal({
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Portal>) {
+  return (
+    <AlertDialogPrimitive.Portal data-slot="alert-dialog-portal" {...props} />
+  )
+}
+
+function AlertDialogOverlay({
+  className,
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Overlay>) {
+  return (
+    <AlertDialogPrimitive.Overlay
+      data-slot="alert-dialog-overlay"
+      className={cn(
+        "data-[state=open]:animate-in data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=open]:fade-in-0 fixed inset-0 z-50 bg-black/50",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+function AlertDialogContent({
+  className,
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Content>) {
+  return (
+    <AlertDialogPortal>
+      <AlertDialogOverlay />
+      <AlertDialogPrimitive.Content
+        data-slot="alert-dialog-content"
+        className={cn(
+          "bg-background data-[state=open]:animate-in data-[state=closed]:animate-out data-[state=closed]:fade-out-0 data-[state=open]:fade-in-0 data-[state=closed]:zoom-out-95 data-[state=open]:zoom-in-95 fixed top-[50%] left-[50%] z-50 grid w-full max-w-[calc(100%-2rem)] translate-x-[-50%] translate-y-[-50%] gap-4 rounded-lg border p-6 shadow-lg duration-200 sm:max-w-lg",
+          className
+        )}
+        {...props}
+      />
+    </AlertDialogPortal>
+  )
+}
+
+function AlertDialogHeader({
+  className,
+  ...props
+}: React.ComponentProps<"div">) {
+  return (
+    <div
+      data-slot="alert-dialog-header"
+      className={cn("flex flex-col gap-2 text-center sm:text-left", className)}
+      {...props}
+    />
+  )
+}
+
+function AlertDialogFooter({
+  className,
+  ...props
+}: React.ComponentProps<"div">) {
+  return (
+    <div
+      data-slot="alert-dialog-footer"
+      className={cn(
+        "flex flex-col-reverse gap-2 sm:flex-row sm:justify-end",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+function AlertDialogTitle({
+  className,
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Title>) {
+  return (
+    <AlertDialogPrimitive.Title
+      data-slot="alert-dialog-title"
+      className={cn("text-lg font-semibold", className)}
+      {...props}
+    />
+  )
+}
+
+function AlertDialogDescription({
+  className,
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Description>) {
+  return (
+    <AlertDialogPrimitive.Description
+      data-slot="alert-dialog-description"
+      className={cn("text-muted-foreground text-sm", className)}
+      {...props}
+    />
+  )
+}
+
+function AlertDialogAction({
+  className,
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Action>) {
+  return (
+    <AlertDialogPrimitive.Action
+      className={cn(buttonVariants(), className)}
+      {...props}
+    />
+  )
+}
+
+function AlertDialogCancel({
+  className,
+  ...props
+}: React.ComponentProps<typeof AlertDialogPrimitive.Cancel>) {
+  return (
+    <AlertDialogPrimitive.Cancel
+      className={cn(buttonVariants({ variant: "outline" }), className)}
+      {...props}
+    />
+  )
+}
+
+export {
+  AlertDialog,
+  AlertDialogPortal,
+  AlertDialogOverlay,
+  AlertDialogTrigger,
+  AlertDialogContent,
+  AlertDialogHeader,
+  AlertDialogFooter,
+  AlertDialogTitle,
+  AlertDialogDescription,
+  AlertDialogAction,
+  AlertDialogCancel,
+}

alert.tsx

@@ -0,0 +1,66 @@
+import * as React from "react"
+import { cva, type VariantProps } from "class-variance-authority"
+
+import { cn } from "@/lib/utils"
+
+const alertVariants = cva(
+  "relative w-full rounded-lg border px-4 py-3 text-sm grid has-[>svg]:grid-cols-[calc(var(--spacing)*4)_1fr] grid-cols-[0_1fr] has-[>svg]:gap-x-3 gap-y-0.5 items-start [&>svg]:size-4 [&>svg]:translate-y-0.5 [&>svg]:text-current",
+  {
+    variants: {
+      variant: {
+        default: "bg-card text-card-foreground",
+        destructive:
+          "text-destructive bg-card [&>svg]:text-current *:data-[slot=alert-description]:text-destructive/90",
+      },
+    },
+    defaultVariants: {
+      variant: "default",
+    },
+  }
+)
+
+function Alert({
+  className,
+  variant,
+  ...props
+}: React.ComponentProps<"div"> & VariantProps<typeof alertVariants>) {
+  return (
+    <div
+      data-slot="alert"
+      role="alert"
+      className={cn(alertVariants({ variant }), className)}
+      {...props}
+    />
+  )
+}
+
+function AlertTitle({ className, ...props }: React.ComponentProps<"div">) {
+  return (
+    <div
+      data-slot="alert-title"
+      className={cn(
+        "col-start-2 line-clamp-1 min-h-4 font-medium tracking-tight",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+function AlertDescription({
+  className,
+  ...props
+}: React.ComponentProps<"div">) {
+  return (
+    <div
+      data-slot="alert-description"
+      className={cn(
+        "text-muted-foreground col-start-2 grid justify-items-start gap-1 text-sm [&_p]:leading-relaxed",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+export { Alert, AlertTitle, AlertDescription }

api.py

@@ -0,0 +1,311 @@
+import os
+from typing import List, Optional
+
+from fastapi import FastAPI, UploadFile, File, HTTPException, APIRouter, Form, Depends, Request
+from fastapi.responses import Response, JSONResponse
+from pydantic import BaseModel
+
+from utils.logger import logger
+from utils.auth_utils import get_current_user_id, get_user_id_from_stream_auth, get_optional_user_id
+from sandbox.sandbox import get_or_start_sandbox
+from services.supabase import DBConnection
+from agent.api import get_or_create_project_sandbox
+
+
+# Initialize shared resources
+router = APIRouter(tags=["sandbox"])
+db = None
+
+def initialize(_db: DBConnection):
+    """Initialize the sandbox API with resources from the main API."""
+    global db
+    db = _db
+    logger.info("Initialized sandbox API with database connection")
+
+class FileInfo(BaseModel):
+    """Model for file information"""
+    name: str
+    path: str
+    is_dir: bool
+    size: int
+    mod_time: str
+    permissions: Optional[str] = None
+
+async def verify_sandbox_access(client, sandbox_id: str, user_id: Optional[str] = None):
+    """
+    Verify that a user has access to a specific sandbox based on account membership.
+    
+    Args:
+        client: The Supabase client
+        sandbox_id: The sandbox ID to check access for
+        user_id: The user ID to check permissions for. Can be None for public resource access.
+        
+    Returns:
+        dict: Project data containing sandbox information
+        
+    Raises:
+        HTTPException: If the user doesn't have access to the sandbox or sandbox doesn't exist
+    """
+    # Find the project that owns this sandbox
+    project_result = await client.table('projects').select('*').filter('sandbox->>id', 'eq', sandbox_id).execute()
+    
+    if not project_result.data or len(project_result.data) == 0:
+        raise HTTPException(status_code=404, detail="Sandbox not found")
+    
+    project_data = project_result.data[0]
+
+    if project_data.get('is_public'):
+        return project_data
+    
+    # For private projects, we must have a user_id
+    if not user_id:
+        raise HTTPException(status_code=401, detail="Authentication required for this resource")
+    
+    account_id = project_data.get('account_id')
+    
+    # Verify account membership
+    if account_id:
+        account_user_result = await client.schema('basejump').from_('account_user').select('account_role').eq('user_id', user_id).eq('account_id', account_id).execute()
+        if account_user_result.data and len(account_user_result.data) > 0:
+            return project_data
+    
+    raise HTTPException(status_code=403, detail="Not authorized to access this sandbox")
+
+async def get_sandbox_by_id_safely(client, sandbox_id: str):
+    """
+    Safely retrieve a sandbox object by its ID, using the project that owns it.
+    
+    Args:
+        client: The Supabase client
+        sandbox_id: The sandbox ID to retrieve
+    
+    Returns:
+        Sandbox: The sandbox object
+        
+    Raises:
+        HTTPException: If the sandbox doesn't exist or can't be retrieved
+    """
+    # Find the project that owns this sandbox
+    project_result = await client.table('projects').select('project_id').filter('sandbox->>id', 'eq', sandbox_id).execute()
+    
+    if not project_result.data or len(project_result.data) == 0:
+        logger.error(f"No project found for sandbox ID: {sandbox_id}")
+        raise HTTPException(status_code=404, detail="Sandbox not found - no project owns this sandbox ID")
+    
+    project_id = project_result.data[0]['project_id']
+    logger.debug(f"Found project {project_id} for sandbox {sandbox_id}")
+    
+    try:
+        # Get the sandbox
+        sandbox, retrieved_sandbox_id, sandbox_pass = await get_or_create_project_sandbox(client, project_id)
+        
+        # Verify we got the right sandbox
+        if retrieved_sandbox_id != sandbox_id:
+            logger.warning(f"Retrieved sandbox ID {retrieved_sandbox_id} doesn't match requested ID {sandbox_id} for project {project_id}")
+            # Fall back to the direct method if IDs don't match (shouldn't happen but just in case)
+            sandbox = await get_or_start_sandbox(sandbox_id)
+        
+        return sandbox
+    except Exception as e:
+        logger.error(f"Error retrieving sandbox {sandbox_id}: {str(e)}")
+        raise HTTPException(status_code=500, detail=f"Failed to retrieve sandbox: {str(e)}")
+
+@router.post("/sandboxes/{sandbox_id}/files")
+async def create_file(
+    sandbox_id: str, 
+    path: str = Form(...),
+    file: UploadFile = File(...),
+    request: Request = None,
+    user_id: Optional[str] = Depends(get_optional_user_id)
+):
+    """Create a file in the sandbox using direct file upload"""
+    logger.info(f"Received file upload request for sandbox {sandbox_id}, path: {path}, user_id: {user_id}")
+    client = await db.client
+    
+    # Verify the user has access to this sandbox
+    await verify_sandbox_access(client, sandbox_id, user_id)
+    
+    try:
+        # Get sandbox using the safer method
+        sandbox = await get_sandbox_by_id_safely(client, sandbox_id)
+        
+        # Read file content directly from the uploaded file
+        content = await file.read()
+        
+        # Create file using raw binary content
+        sandbox.fs.upload_file(path, content)
+        logger.info(f"File created at {path} in sandbox {sandbox_id}")
+        
+        return {"status": "success", "created": True, "path": path}
+    except Exception as e:
+        logger.error(f"Error creating file in sandbox {sandbox_id}: {str(e)}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+# For backward compatibility, keep the JSON version too
+@router.post("/sandboxes/{sandbox_id}/files/json")
+async def create_file_json(
+    sandbox_id: str, 
+    file_request: dict,
+    request: Request = None,
+    user_id: Optional[str] = Depends(get_optional_user_id)
+):
+    """Create a file in the sandbox using JSON (legacy support)"""
+    logger.info(f"Received JSON file creation request for sandbox {sandbox_id}, user_id: {user_id}")
+    client = await db.client
+    
+    # Verify the user has access to this sandbox
+    await verify_sandbox_access(client, sandbox_id, user_id)
+    
+    try:
+        # Get sandbox using the safer method
+        sandbox = await get_sandbox_by_id_safely(client, sandbox_id)
+        
+        # Get file path and content
+        path = file_request.get("path")
+        content = file_request.get("content", "")
+        
+        if not path:
+            logger.error(f"Missing file path in request for sandbox {sandbox_id}")
+            raise HTTPException(status_code=400, detail="File path is required")
+        
+        # Convert string content to bytes
+        if isinstance(content, str):
+            content = content.encode('utf-8')
+        
+        # Create file
+        sandbox.fs.upload_file(path, content)
+        logger.info(f"File created at {path} in sandbox {sandbox_id}")
+        
+        return {"status": "success", "created": True, "path": path}
+    except Exception as e:
+        logger.error(f"Error creating file in sandbox {sandbox_id}: {str(e)}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+@router.get("/sandboxes/{sandbox_id}/files")
+async def list_files(
+    sandbox_id: str, 
+    path: str,
+    request: Request = None,
+    user_id: Optional[str] = Depends(get_optional_user_id)
+):
+    """List files and directories at the specified path"""
+    logger.info(f"Received list files request for sandbox {sandbox_id}, path: {path}, user_id: {user_id}")
+    client = await db.client
+    
+    # Verify the user has access to this sandbox
+    await verify_sandbox_access(client, sandbox_id, user_id)
+    
+    try:
+        # Get sandbox using the safer method
+        sandbox = await get_sandbox_by_id_safely(client, sandbox_id)
+        
+        # List files
+        files = sandbox.fs.list_files(path)
+        result = []
+        
+        for file in files:
+            # Convert file information to our model
+            # Ensure forward slashes are used for paths, regardless of OS
+            full_path = f"{path.rstrip('/')}/{file.name}" if path != '/' else f"/{file.name}"
+            file_info = FileInfo(
+                name=file.name,
+                path=full_path, # Use the constructed path
+                is_dir=file.is_dir,
+                size=file.size,
+                mod_time=str(file.mod_time),
+                permissions=getattr(file, 'permissions', None)
+            )
+            result.append(file_info)
+        
+        logger.info(f"Successfully listed {len(result)} files in sandbox {sandbox_id}")
+        return {"files": [file.dict() for file in result]}
+    except Exception as e:
+        logger.error(f"Error listing files in sandbox {sandbox_id}: {str(e)}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+@router.get("/sandboxes/{sandbox_id}/files/content")
+async def read_file(
+    sandbox_id: str, 
+    path: str,
+    request: Request = None,
+    user_id: Optional[str] = Depends(get_optional_user_id)
+):
+    """Read a file from the sandbox"""
+    logger.info(f"Received file read request for sandbox {sandbox_id}, path: {path}, user_id: {user_id}")
+    client = await db.client
+    
+    # Verify the user has access to this sandbox
+    await verify_sandbox_access(client, sandbox_id, user_id)
+    
+    try:
+        # Get sandbox using the safer method
+        sandbox = await get_sandbox_by_id_safely(client, sandbox_id)
+        
+        # Read file
+        content = sandbox.fs.download_file(path)
+        
+        # Return a Response object with the content directly
+        filename = os.path.basename(path)
+        logger.info(f"Successfully read file {filename} from sandbox {sandbox_id}")
+        return Response(
+            content=content,
+            media_type="application/octet-stream",
+            headers={"Content-Disposition": f"attachment; filename={filename}"}
+        )
+    except Exception as e:
+        logger.error(f"Error reading file in sandbox {sandbox_id}: {str(e)}")
+        raise HTTPException(status_code=500, detail=str(e))
+
+@router.post("/project/{project_id}/sandbox/ensure-active")
+async def ensure_project_sandbox_active(
+    project_id: str,
+    request: Request = None,
+    user_id: Optional[str] = Depends(get_optional_user_id)
+):
+    """
+    Ensure that a project's sandbox is active and running.
+    Checks the sandbox status and starts it if it's not running.
+    """
+    logger.info(f"Received ensure sandbox active request for project {project_id}, user_id: {user_id}")
+    client = await db.client
+    
+    # Find the project and sandbox information
+    project_result = await client.table('projects').select('*').eq('project_id', project_id).execute()
+    
+    if not project_result.data or len(project_result.data) == 0:
+        logger.error(f"Project not found: {project_id}")
+        raise HTTPException(status_code=404, detail="Project not found")
+    
+    project_data = project_result.data[0]
+    
+    # For public projects, no authentication is needed
+    if not project_data.get('is_public'):
+        # For private projects, we must have a user_id
+        if not user_id:
+            logger.error(f"Authentication required for private project {project_id}")
+            raise HTTPException(status_code=401, detail="Authentication required for this resource")
+            
+        account_id = project_data.get('account_id')
+        
+        # Verify account membership
+        if account_id:
+            account_user_result = await client.schema('basejump').from_('account_user').select('account_role').eq('user_id', user_id).eq('account_id', account_id).execute()
+            if not (account_user_result.data and len(account_user_result.data) > 0):
+                logger.error(f"User {user_id} not authorized to access project {project_id}")
+                raise HTTPException(status_code=403, detail="Not authorized to access this project")
+    
+    try:
+        # Get or create the sandbox
+        logger.info(f"Ensuring sandbox is active for project {project_id}")
+        sandbox, sandbox_id, sandbox_pass = await get_or_create_project_sandbox(client, project_id)
+        
+        logger.info(f"Successfully ensured sandbox {sandbox_id} is active for project {project_id}")
+        
+        return {
+            "status": "success", 
+            "sandbox_id": sandbox_id,
+            "message": "Sandbox is active"
+        }
+    except Exception as e:
+        logger.error(f"Error ensuring sandbox is active for project {project_id}: {str(e)}")
+        raise HTTPException(status_code=500, detail=str(e))

api.py.bak

@@ -0,0 +1,156 @@
+from fastapi import FastAPI, Request
+from fastapi.middleware.cors import CORSMiddleware
+from fastapi.responses import JSONResponse
+from contextlib import asynccontextmanager
+from agentpress.thread_manager import ThreadManager
+from services.supabase import DBConnection
+from datetime import datetime, timezone
+from dotenv import load_dotenv
+from utils.config import config, EnvMode
+import asyncio
+from utils.logger import logger
+import uuid
+import time
+from collections import OrderedDict
+
+# Import the agent API module
+from agent import api as agent_api
+from sandbox import api as sandbox_api
+
+# Load environment variables (these will be available through config)
+load_dotenv()
+
+# Initialize managers
+db = DBConnection()
+thread_manager = None
+instance_id = "single"
+
+# Rate limiter state
+ip_tracker = OrderedDict()
+MAX_CONCURRENT_IPS = 25
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    # Startup
+    global thread_manager
+    logger.info(f"Starting up FastAPI application with instance ID: {instance_id} in {config.ENV_MODE.value} mode")
+    
+    try:
+        # Initialize database
+        await db.initialize()
+        thread_manager = ThreadManager()
+        
+        # Initialize the agent API with shared resources
+        agent_api.initialize(
+            thread_manager,
+            db,
+            instance_id
+        )
+        
+        # Initialize the sandbox API with shared resources
+        sandbox_api.initialize(db)
+        
+        # Initialize Redis connection
+        from services import redis
+        try:
+            await redis.initialize_async()
+            logger.info("Redis connection initialized successfully")
+        except Exception as e:
+            logger.error(f"Failed to initialize Redis connection: {e}")
+            # Continue without Redis - the application will handle Redis failures gracefully
+        
+        # Start background tasks
+        asyncio.create_task(agent_api.restore_running_agent_runs())
+        
+        yield
+        
+        # Clean up agent resources
+        logger.info("Cleaning up agent resources")
+        await agent_api.cleanup()
+        
+        # Clean up Redis connection
+        try:
+            logger.info("Closing Redis connection")
+            await redis.close()
+            logger.info("Redis connection closed successfully")
+        except Exception as e:
+            logger.error(f"Error closing Redis connection: {e}")
+        
+        # Clean up database connection
+        logger.info("Disconnecting from database")
+        await db.disconnect()
+    except Exception as e:
+        logger.error(f"Error during application startup: {e}")
+        raise
+
+app = FastAPI(lifespan=lifespan)
+
+@app.middleware("http")
+async def log_requests_middleware(request: Request, call_next):
+    start_time = time.time()
+    client_ip = request.client.host
+    method = request.method
+    url = str(request.url)
+    path = request.url.path
+    query_params = str(request.query_params)
+    
+    # Log the incoming request
+    logger.info(f"Request started: {method} {path} from {client_ip} | Query: {query_params}")
+    
+    try:
+        response = await call_next(request)
+        process_time = time.time() - start_time
+        logger.debug(f"Request completed: {method} {path} | Status: {response.status_code} | Time: {process_time:.2f}s")
+        return response
+    except Exception as e:
+        process_time = time.time() - start_time
+        logger.error(f"Request failed: {method} {path} | Error: {str(e)} | Time: {process_time:.2f}s")
+        raise
+
+# Define allowed origins based on environment
+allowed_origins = ["https://www.suna.so", "https://suna.so", "https://staging.suna.so", "http://localhost:3000"]
+
+# Add staging-specific origins
+if config.ENV_MODE == EnvMode.STAGING:
+    allowed_origins.append("http://localhost:3000")
+    
+# Add local-specific origins
+if config.ENV_MODE == EnvMode.LOCAL:
+    allowed_origins.append("http://localhost:3000")
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=allowed_origins,
+    allow_credentials=True,
+    allow_methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    allow_headers=["Content-Type", "Authorization"],
+)
+
+# Include the agent router with a prefix
+app.include_router(agent_api.router, prefix="/api")
+
+# Include the sandbox router with a prefix
+app.include_router(sandbox_api.router, prefix="/api")
+
+@app.get("/api/health")
+async def health_check():
+    """Health check endpoint to verify API is working."""
+    logger.info("Health check endpoint called")
+    return {
+        "status": "ok", 
+        "timestamp": datetime.now(timezone.utc).isoformat(),
+        "instance_id": instance_id
+    }
+
+if __name__ == "__main__":
+    import uvicorn
+    
+    workers = 2
+    
+    logger.info(f"Starting server on 0.0.0.0:8000 with {workers} workers")
+    uvicorn.run(
+        "api:app", 
+        host="0.0.0.0", 
+        port=8000,
+        workers=workers
+    )

api.ts

@@ -0,0 +1,1179 @@
+import { createClient } from '@/lib/supabase/client';
+
+// Get backend URL from environment variables
+const API_URL = process.env.NEXT_PUBLIC_BACKEND_URL || '';
+
+// Set to keep track of agent runs that are known to be non-running
+const nonRunningAgentRuns = new Set<string>();
+// Map to keep track of active EventSource streams
+const activeStreams = new Map<string, EventSource>();
+
+// Custom error for billing issues
+export class BillingError extends Error {
+  status: number;
+  detail: { message: string; [key: string]: any }; // Allow other properties in detail
+
+  constructor(status: number, detail: { message: string; [key: string]: any }, message?: string) {
+    super(message || detail.message || `Billing Error: ${status}`);
+    this.name = 'BillingError';
+    this.status = status;
+    this.detail = detail;
+    
+    // Set the prototype explicitly.
+    Object.setPrototypeOf(this, BillingError.prototype);
+  }
+}
+
+// Type Definitions (moved from potential separate file for clarity)
+export type Project = {
+  id: string;
+  name: string;
+  description: string;
+  account_id: string;
+  created_at: string;
+  updated_at?: string;
+  sandbox: {
+    vnc_preview?: string;
+    sandbox_url?: string;
+    id?: string;
+    pass?: string;
+  };
+  is_public?: boolean; // Flag to indicate if the project is public
+  [key: string]: any; // Allow additional properties to handle database fields
+}
+
+export type Thread = {
+  thread_id: string;
+  account_id: string | null;
+  project_id?: string | null;
+  is_public?: boolean;
+  created_at: string;
+  updated_at: string;
+  [key: string]: any; // Allow additional properties to handle database fields
+}
+
+export type Message = {
+  role: string;
+  content: string;
+  type: string;
+}
+
+export type AgentRun = {
+  id: string;
+  thread_id: string;
+  status: 'running' | 'completed' | 'stopped' | 'error';
+  started_at: string;
+  completed_at: string | null;
+  responses: Message[];
+  error: string | null;
+}
+
+export type ToolCall = {
+  name: string;
+  arguments: Record<string, unknown>;
+}
+
+export interface InitiateAgentResponse {
+  thread_id: string;
+  agent_run_id: string;
+}
+
+export interface HealthCheckResponse {
+  status: string;
+  timestamp: string;
+  instance_id: string;
+}
+
+export interface FileInfo {
+  name: string;
+  path: string;
+  is_dir: boolean;
+  size: number;
+  mod_time: string;
+  permissions?: string;
+}
+
+// Project APIs
+export const getProjects = async (): Promise<Project[]> => {
+  try {
+    const supabase = createClient();
+    
+    // Get the current user's ID to filter projects
+    const { data: userData, error: userError } = await supabase.auth.getUser();
+    if (userError) {
+      console.error('Error getting current user:', userError);
+      return [];
+    }
+    
+    // If no user is logged in, return an empty array
+    if (!userData.user) {
+      console.log('[API] No user logged in, returning empty projects array');
+      return [];
+    }
+    
+    // Query only projects where account_id matches the current user's ID
+    const { data, error } = await supabase
+      .from('projects')
+      .select('*')
+      .eq('account_id', userData.user.id);
+    
+    if (error) {
+      // Handle permission errors specifically
+      if (error.code === '42501' && error.message.includes('has_role_on_account')) {
+        console.error('Permission error: User does not have proper account access');
+        return []; // Return empty array instead of throwing
+      }
+      throw error;
+    }
+    
+    console.log('[API] Raw projects from DB:', data?.length, data);
+    
+    // Map database fields to our Project type 
+    const mappedProjects: Project[] = (data || []).map(project => ({
+      id: project.project_id,
+      name: project.name || '',
+      description: project.description || '',
+      account_id: project.account_id,
+      created_at: project.created_at,
+      updated_at: project.updated_at,
+      sandbox: project.sandbox || { id: "", pass: "", vnc_preview: "", sandbox_url: "" }
+    }));
+    
+    console.log('[API] Mapped projects for frontend:', mappedProjects.length);
+    
+    return mappedProjects;
+  } catch (err) {
+    console.error('Error fetching projects:', err);
+    // Return empty array for permission errors to avoid crashing the UI
+    return [];
+  }
+};
+
+export const getProject = async (projectId: string): Promise<Project> => {
+  const supabase = createClient();
+  
+  try {
+    const { data, error } = await supabase
+      .from('projects')
+      .select('*')
+      .eq('project_id', projectId)
+      .single();
+    
+    if (error) {
+      // Handle the specific "no rows returned" error from Supabase
+      if (error.code === 'PGRST116') {
+        throw new Error(`Project not found or not accessible: ${projectId}`);
+      }
+      throw error;
+    }
+
+    console.log('Raw project data from database:', data);
+
+    // If project has a sandbox, ensure it's started
+    if (data.sandbox?.id) {
+      // Fire off sandbox activation without blocking
+      const ensureSandboxActive = async () => {
+        try {
+          const { data: { session } } = await supabase.auth.getSession();
+          
+          // For public projects, we don't need authentication
+          const headers: Record<string, string> = {
+            'Content-Type': 'application/json'
+          };
+          
+          if (session?.access_token) {
+            headers['Authorization'] = `Bearer ${session.access_token}`;
+          }
+          
+          console.log(`Ensuring sandbox is active for project ${projectId}...`);
+          const response = await fetch(`${API_URL}/project/${projectId}/sandbox/ensure-active`, {
+            method: 'POST',
+            headers,
+          });
+          
+          if (!response.ok) {
+            const errorText = await response.text().catch(() => 'No error details available');
+            console.warn(`Failed to ensure sandbox is active: ${response.status} ${response.statusText}`, errorText);
+          } else {
+            console.log('Sandbox activation successful');
+          }
+        } catch (sandboxError) {
+          console.warn('Failed to ensure sandbox is active:', sandboxError);
+        }
+      };
+
+      // Start the sandbox activation without awaiting
+      ensureSandboxActive();
+    }
+    
+    // Map database fields to our Project type
+    const mappedProject: Project = {
+      id: data.project_id,
+      name: data.name || '',
+      description: data.description || '',
+      account_id: data.account_id,
+      created_at: data.created_at,
+      sandbox: data.sandbox || { id: "", pass: "", vnc_preview: "", sandbox_url: "" }
+    };
+    
+    console.log('Mapped project data for frontend:', mappedProject);
+    
+    return mappedProject;
+  } catch (error) {
+    console.error(`Error fetching project ${projectId}:`, error);
+    throw error;
+  }
+};
+
+export const createProject = async (
+  projectData: { name: string; description: string }, 
+  accountId?: string
+): Promise<Project> => {
+  const supabase = createClient();
+  
+  // If accountId is not provided, we'll need to get the user's ID
+  if (!accountId) {
+    const { data: userData, error: userError } = await supabase.auth.getUser();
+    
+    if (userError) throw userError;
+    if (!userData.user) throw new Error('You must be logged in to create a project');
+    
+    // In Basejump, the personal account ID is the same as the user ID
+    accountId = userData.user.id;
+  }
+  
+  const { data, error } = await supabase
+    .from('projects')
+    .insert({ 
+      name: projectData.name, 
+      description: projectData.description || null,
+      account_id: accountId
+    })
+    .select()
+    .single();
+  
+  if (error) throw error;
+  
+  // Map the database response to our Project type
+  return {
+    id: data.project_id,
+    name: data.name,
+    description: data.description || '',
+    account_id: data.account_id,
+    created_at: data.created_at,
+    sandbox: { id: "", pass: "", vnc_preview: "" }
+  };
+};
+
+export const updateProject = async (projectId: string, data: Partial<Project>): Promise<Project> => {
+  const supabase = createClient();
+  
+  console.log('Updating project with ID:', projectId);
+  console.log('Update data:', data);
+  
+  // Sanity check to avoid update errors
+  if (!projectId || projectId === '') {
+    console.error('Attempted to update project with invalid ID:', projectId);
+    throw new Error('Cannot update project: Invalid project ID');
+  }
+  
+  const { data: updatedData, error } = await supabase
+    .from('projects')
+    .update(data)
+    .eq('project_id', projectId)
+    .select()
+    .single();
+  
+  if (error) {
+    console.error('Error updating project:', error);
+    throw error;
+  }
+  
+  if (!updatedData) {
+    throw new Error('No data returned from update');
+  }
+  
+  // Dispatch a custom event to notify components about the project change
+  if (typeof window !== 'undefined') {
+    window.dispatchEvent(new CustomEvent('project-updated', { 
+      detail: { 
+        projectId, 
+        updatedData: {
+          id: updatedData.project_id,
+          name: updatedData.name,
+          description: updatedData.description
+        }
+      } 
+    }));
+  }
+  
+  // Return formatted project data - use same mapping as getProject
+  return {
+    id: updatedData.project_id,
+    name: updatedData.name,
+    description: updatedData.description || '',
+    account_id: updatedData.account_id,
+    created_at: updatedData.created_at,
+    sandbox: updatedData.sandbox || { id: "", pass: "", vnc_preview: "", sandbox_url: "" }
+  };
+};
+
+export const deleteProject = async (projectId: string): Promise<void> => {
+  const supabase = createClient();
+  const { error } = await supabase
+    .from('projects')
+    .delete()
+    .eq('project_id', projectId);
+  
+  if (error) throw error;
+};
+
+// Thread APIs
+export const getThreads = async (projectId?: string): Promise<Thread[]> => {
+  const supabase = createClient();
+  
+  // Get the current user's ID to filter threads
+  const { data: userData, error: userError } = await supabase.auth.getUser();
+  if (userError) {
+    console.error('Error getting current user:', userError);
+    return [];
+  }
+  
+  // If no user is logged in, return an empty array
+  if (!userData.user) {
+    console.log('[API] No user logged in, returning empty threads array');
+    return [];
+  }
+  
+  let query = supabase.from('threads').select('*');
+  
+  // Always filter by the current user's account ID
+  query = query.eq('account_id', userData.user.id);
+  
+  if (projectId) {
+    console.log('[API] Filtering threads by project_id:', projectId);
+    query = query.eq('project_id', projectId);
+  }
+  
+  const { data, error } = await query;
+  
+  if (error) {
+    console.error('[API] Error fetching threads:', error);
+    throw error;
+  }
+  
+  console.log('[API] Raw threads from DB:', data?.length, data);
+  
+  // Map database fields to ensure consistency with our Thread type
+  const mappedThreads: Thread[] = (data || []).map(thread => ({
+    thread_id: thread.thread_id,
+    account_id: thread.account_id,
+    project_id: thread.project_id,
+    created_at: thread.created_at,
+    updated_at: thread.updated_at
+  }));
+  
+  return mappedThreads;
+};
+
+export const getThread = async (threadId: string): Promise<Thread> => {
+  const supabase = createClient();
+  const { data, error } = await supabase
+    .from('threads')
+    .select('*')
+    .eq('thread_id', threadId)
+    .single();
+  
+  if (error) throw error;
+  
+  return data;
+};
+
+export const createThread = async (projectId: string): Promise<Thread> => {
+  const supabase = createClient();
+  
+  // If user is not logged in, redirect to login
+  const { data: { user } } = await supabase.auth.getUser();
+  if (!user) {
+    throw new Error('You must be logged in to create a thread');
+  }
+  
+  const { data, error } = await supabase
+    .from('threads')
+    .insert({
+      project_id: projectId,
+      account_id: user.id, // Use the current user's ID as the account ID
+    })
+    .select()
+    .single();
+  
+  if (error) throw error;
+  
+  return data;
+};
+
+export const addUserMessage = async (threadId: string, content: string): Promise<void> => {
+  const supabase = createClient();
+  
+  // Format the message in the format the LLM expects - keep it simple with only required fields
+  const message = {
+    role: 'user',
+    content: content
+  };
+  
+  // Insert the message into the messages table
+  const { error } = await supabase
+    .from('messages')
+    .insert({
+      thread_id: threadId,
+      type: 'user',
+      is_llm_message: true,
+      content: JSON.stringify(message)
+    });
+  
+  if (error) {
+    console.error('Error adding user message:', error);
+    throw new Error(`Error adding message: ${error.message}`);
+  }
+};
+
+export const getMessages = async (threadId: string): Promise<Message[]> => {
+  const supabase = createClient();
+  
+  const { data, error } = await supabase
+    .from('messages')
+    .select('*')
+    .eq('thread_id', threadId)
+    .neq('type', 'cost')
+    .neq('type', 'summary')
+    .order('created_at', { ascending: true });
+  
+  if (error) {
+    console.error('Error fetching messages:', error);
+    throw new Error(`Error getting messages: ${error.message}`);
+  }
+
+  console.log('[API] Messages fetched:', data);
+  
+  return data || [];
+};
+
+// Agent APIs
+export const startAgent = async (
+  threadId: string, 
+  options?: {
+    model_name?: string;
+    enable_thinking?: boolean;
+    reasoning_effort?: string;
+    stream?: boolean;
+  }
+): Promise<{ agent_run_id: string }> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    if (!session?.access_token) {
+      throw new Error('No access token available');
+    }
+
+    // Check if backend URL is configured
+    if (!API_URL) {
+      throw new Error('Backend URL is not configured. Set NEXT_PUBLIC_BACKEND_URL in your environment.');
+    }
+
+    console.log(`[API] Starting agent for thread ${threadId} using ${API_URL}/thread/${threadId}/agent/start`);
+    
+    const response = await fetch(`${API_URL}/thread/${threadId}/agent/start`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${session.access_token}`,
+      },
+      // Add cache: 'no-store' to prevent caching
+      cache: 'no-store',
+      // Add the body, stringifying the options or an empty object
+      body: JSON.stringify(options || {}),
+    });
+    
+    if (!response.ok) {
+      // Check for 402 Payment Required first
+      if (response.status === 402) {
+        try {
+          const errorData = await response.json();
+          console.error(`[API] Billing error starting agent (402):`, errorData);
+          // Ensure detail exists and has a message property
+          const detail = errorData?.detail || { message: 'Payment Required' };
+          if (typeof detail.message !== 'string') {
+            detail.message = 'Payment Required'; // Default message if missing
+          }
+          throw new BillingError(response.status, detail);
+        } catch (parseError) {
+          // Handle cases where parsing fails or the structure isn't as expected
+          console.error('[API] Could not parse 402 error response body:', parseError);
+          throw new BillingError(response.status, { message: 'Payment Required' }, `Error starting agent: ${response.statusText} (402)`);
+        }
+      }
+      
+      // Handle other errors
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`[API] Error starting agent: ${response.status} ${response.statusText}`, errorText);
+      throw new Error(`Error starting agent: ${response.statusText} (${response.status})`);
+    }
+    
+    return response.json();
+  } catch (error) {
+    // Rethrow BillingError instances directly
+    if (error instanceof BillingError) {
+      throw error;
+    }
+    
+    console.error('[API] Failed to start agent:', error);
+    
+    // Provide clearer error message for network errors
+    if (error instanceof TypeError && error.message.includes('Failed to fetch')) {
+      throw new Error(`Cannot connect to backend server. Please check your internet connection and make sure the backend is running.`);
+    }
+    
+    // Rethrow other caught errors
+    throw error;
+  }
+};
+
+export const stopAgent = async (agentRunId: string): Promise<void> => {
+  // Add to non-running set immediately to prevent reconnection attempts
+  nonRunningAgentRuns.add(agentRunId);
+  
+  // Close any existing stream
+  const existingStream = activeStreams.get(agentRunId);
+  if (existingStream) {
+    console.log(`[API] Closing existing stream for ${agentRunId} before stopping agent`);
+    existingStream.close();
+    activeStreams.delete(agentRunId);
+  }
+  
+  const supabase = createClient();
+  const { data: { session } } = await supabase.auth.getSession();
+  
+  if (!session?.access_token) {
+    throw new Error('No access token available');
+  }
+
+  const response = await fetch(`${API_URL}/agent-run/${agentRunId}/stop`, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Authorization': `Bearer ${session.access_token}`,
+    },
+    // Add cache: 'no-store' to prevent caching
+    cache: 'no-store',
+  });
+  
+  if (!response.ok) {
+    throw new Error(`Error stopping agent: ${response.statusText}`);
+  }
+};
+
+export const getAgentStatus = async (agentRunId: string): Promise<AgentRun> => {
+  console.log(`[API] Requesting agent status for ${agentRunId}`);
+  
+  // If we already know this agent is not running, throw an error
+  if (nonRunningAgentRuns.has(agentRunId)) {
+    console.log(`[API] Agent run ${agentRunId} is known to be non-running, returning error`);
+    throw new Error(`Agent run ${agentRunId} is not running`);
+  }
+  
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    if (!session?.access_token) {
+      console.error('[API] No access token available for getAgentStatus');
+      throw new Error('No access token available');
+    }
+
+    const url = `${API_URL}/agent-run/${agentRunId}`;
+    console.log(`[API] Fetching from: ${url}`);
+    
+    const response = await fetch(url, {
+      headers: {
+        'Authorization': `Bearer ${session.access_token}`,
+      },
+      // Add cache: 'no-store' to prevent caching
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`[API] Error getting agent status: ${response.status} ${response.statusText}`, errorText);
+      
+      // If we get a 404, add to non-running set
+      if (response.status === 404) {
+        nonRunningAgentRuns.add(agentRunId);
+      }
+      
+      throw new Error(`Error getting agent status: ${response.statusText} (${response.status})`);
+    }
+    
+    const data = await response.json();
+    console.log(`[API] Successfully got agent status:`, data);
+    
+    // If agent is not running, add to non-running set
+    if (data.status !== 'running') {
+      nonRunningAgentRuns.add(agentRunId);
+    }
+    
+    return data;
+  } catch (error) {
+    console.error('[API] Failed to get agent status:', error);
+    throw error;
+  }
+};
+
+export const getAgentRuns = async (threadId: string): Promise<AgentRun[]> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    if (!session?.access_token) {
+      throw new Error('No access token available');
+    }
+
+    const response = await fetch(`${API_URL}/thread/${threadId}/agent-runs`, {
+      headers: {
+        'Authorization': `Bearer ${session.access_token}`,
+      },
+      // Add cache: 'no-store' to prevent caching
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      throw new Error(`Error getting agent runs: ${response.statusText}`);
+    }
+    
+    const data = await response.json();
+    return data.agent_runs || [];
+  } catch (error) {
+    console.error('Failed to get agent runs:', error);
+    throw error;
+  }
+};
+
+export const streamAgent = (agentRunId: string, callbacks: {
+  onMessage: (content: string) => void;
+  onError: (error: Error | string) => void;
+  onClose: () => void;
+}): () => void => {
+  console.log(`[STREAM] streamAgent called for ${agentRunId}`);
+  
+  // Check if this agent run is known to be non-running
+  if (nonRunningAgentRuns.has(agentRunId)) {
+    console.log(`[STREAM] Agent run ${agentRunId} is known to be non-running, not creating stream`);
+    // Notify the caller immediately
+    setTimeout(() => {
+      callbacks.onError(`Agent run ${agentRunId} is not running`);
+      callbacks.onClose();
+    }, 0);
+    
+    // Return a no-op cleanup function
+    return () => {};
+  }
+  
+  // Check if there's already an active stream for this agent run
+  const existingStream = activeStreams.get(agentRunId);
+  if (existingStream) {
+    console.log(`[STREAM] Stream already exists for ${agentRunId}, closing it first`);
+    existingStream.close();
+    activeStreams.delete(agentRunId);
+  }
+  
+  // Set up a new stream
+  try {
+    const setupStream = async () => {
+      // First verify the agent is actually running
+      try {
+        const status = await getAgentStatus(agentRunId);
+        if (status.status !== 'running') {
+          console.log(`[STREAM] Agent run ${agentRunId} is not running (status: ${status.status}), not creating stream`);
+          nonRunningAgentRuns.add(agentRunId);
+          callbacks.onError(`Agent run ${agentRunId} is not running (status: ${status.status})`);
+          callbacks.onClose();
+          return;
+        }
+      } catch (err) {
+        console.error(`[STREAM] Error verifying agent run ${agentRunId}:`, err);
+        
+        // Check if this is a "not found" error
+        const errorMessage = err instanceof Error ? err.message : String(err);
+        const isNotFoundError = errorMessage.includes('not found') || 
+                               errorMessage.includes('404') || 
+                               errorMessage.includes('does not exist');
+        
+        if (isNotFoundError) {
+          console.log(`[STREAM] Agent run ${agentRunId} not found, not creating stream`);
+          nonRunningAgentRuns.add(agentRunId);
+        }
+        
+        callbacks.onError(errorMessage);
+        callbacks.onClose();
+        return;
+      }
+      
+      const supabase = createClient();
+      const { data: { session } } = await supabase.auth.getSession();
+      
+      if (!session?.access_token) {
+        console.error('[STREAM] No auth token available');
+        callbacks.onError(new Error('Authentication required'));
+        callbacks.onClose();
+        return;
+      }
+      
+      const url = new URL(`${API_URL}/agent-run/${agentRunId}/stream`);
+      url.searchParams.append('token', session.access_token);
+      
+      console.log(`[STREAM] Creating EventSource for ${agentRunId}`);
+      const eventSource = new EventSource(url.toString());
+      
+      // Store the EventSource in the active streams map
+      activeStreams.set(agentRunId, eventSource);
+      
+      eventSource.onopen = () => {
+        console.log(`[STREAM] Connection opened for ${agentRunId}`);
+      };
+      
+      eventSource.onmessage = (event) => {
+        try {
+          const rawData = event.data;
+          if (rawData.includes('"type":"ping"')) return;
+          
+          // Log raw data for debugging (truncated for readability)
+          console.log(`[STREAM] Received data for ${agentRunId}: ${rawData.substring(0, 100)}${rawData.length > 100 ? '...' : ''}`);
+          
+          // Skip empty messages
+          if (!rawData || rawData.trim() === '') {
+            console.debug('[STREAM] Received empty message, skipping');
+            return;
+          }
+          
+          // Check for "Agent run not found" error
+          if (rawData.includes('Agent run') && rawData.includes('not found in active runs')) {
+            console.log(`[STREAM] Agent run ${agentRunId} not found in active runs, closing stream`);
+            
+            // Add to non-running set to prevent future reconnection attempts
+            nonRunningAgentRuns.add(agentRunId);
+            
+            // Notify about the error
+            callbacks.onError("Agent run not found in active runs");
+            
+            // Clean up
+            eventSource.close();
+            activeStreams.delete(agentRunId);
+            callbacks.onClose();
+            
+            return;
+          }
+          
+          // Check for completion messages
+          if (rawData.includes('"type":"status"') && rawData.includes('"status":"completed"')) {
+            console.log(`[STREAM] Detected completion status message for ${agentRunId}`);
+            
+            // Check for specific completion messages that indicate we should stop checking
+            if (rawData.includes('Run data not available for streaming') || 
+                rawData.includes('Stream ended with status: completed')) {
+              console.log(`[STREAM] Detected final completion message for ${agentRunId}, adding to non-running set`);
+              // Add to non-running set to prevent future reconnection attempts
+              nonRunningAgentRuns.add(agentRunId);
+            }
+            
+            // Notify about the message
+            callbacks.onMessage(rawData);
+            
+            // Clean up
+            eventSource.close();
+            activeStreams.delete(agentRunId);
+            callbacks.onClose();
+            
+            return;
+          }
+          
+          // Check for thread run end message
+          if (rawData.includes('"type":"status"') && rawData.includes('"status_type":"thread_run_end"')) {
+            console.log(`[STREAM] Detected thread run end message for ${agentRunId}`);
+            
+            // Add to non-running set
+            nonRunningAgentRuns.add(agentRunId);
+            
+            // Notify about the message
+            callbacks.onMessage(rawData);
+            
+            // Clean up
+            eventSource.close();
+            activeStreams.delete(agentRunId);
+            callbacks.onClose();
+            
+            return;
+          }
+          
+          // For all other messages, just pass them through
+          callbacks.onMessage(rawData);
+          
+        } catch (error) {
+          console.error(`[STREAM] Error handling message:`, error);
+          callbacks.onError(error instanceof Error ? error : String(error));
+        }
+      };
+      
+      eventSource.onerror = (event) => {
+        console.log(`[STREAM] EventSource error for ${agentRunId}:`, event);
+        
+        // Check if the agent is still running
+        getAgentStatus(agentRunId)
+          .then(status => {
+            if (status.status !== 'running') {
+              console.log(`[STREAM] Agent run ${agentRunId} is not running after error, closing stream`);
+              nonRunningAgentRuns.add(agentRunId);
+              eventSource.close();
+              activeStreams.delete(agentRunId);
+              callbacks.onClose();
+            } else {
+              console.log(`[STREAM] Agent run ${agentRunId} is still running after error, keeping stream open`);
+              // Let the browser handle reconnection for non-fatal errors
+            }
+          })
+          .catch(err => {
+            console.error(`[STREAM] Error checking agent status after stream error:`, err);
+            
+            // Check if this is a "not found" error
+            const errMsg = err instanceof Error ? err.message : String(err);
+            const isNotFoundErr = errMsg.includes('not found') || 
+                                 errMsg.includes('404') || 
+                                 errMsg.includes('does not exist');
+            
+            if (isNotFoundErr) {
+              console.log(`[STREAM] Agent run ${agentRunId} not found after error, closing stream`);
+              nonRunningAgentRuns.add(agentRunId);
+              eventSource.close();
+              activeStreams.delete(agentRunId);
+              callbacks.onClose();
+            }
+            
+            // For other errors, notify but don't close the stream
+            callbacks.onError(errMsg);
+          });
+      };
+    };
+    
+    // Start the stream setup
+    setupStream();
+    
+    // Return a cleanup function
+    return () => {
+      console.log(`[STREAM] Cleanup called for ${agentRunId}`);
+      const stream = activeStreams.get(agentRunId);
+      if (stream) {
+        console.log(`[STREAM] Closing stream for ${agentRunId}`);
+        stream.close();
+        activeStreams.delete(agentRunId);
+      }
+    };
+  } catch (error) {
+    console.error(`[STREAM] Error setting up stream for ${agentRunId}:`, error);
+    callbacks.onError(error instanceof Error ? error : String(error));
+    callbacks.onClose();
+    return () => {};
+  }
+};
+
+// Sandbox API Functions
+export const createSandboxFile = async (sandboxId: string, filePath: string, content: string): Promise<void> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    // Use FormData to handle both text and binary content more reliably
+    const formData = new FormData();
+    formData.append('path', filePath);
+    
+    // Create a Blob from the content string and append as a file
+    const blob = new Blob([content], { type: 'application/octet-stream' });
+    formData.append('file', blob, filePath.split('/').pop() || 'file');
+
+    const headers: Record<string, string> = {};
+    if (session?.access_token) {
+      headers['Authorization'] = `Bearer ${session.access_token}`;
+    }
+
+    const response = await fetch(`${API_URL}/sandboxes/${sandboxId}/files`, {
+      method: 'POST',
+      headers,
+      body: formData,
+    });
+    
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`Error creating sandbox file: ${response.status} ${response.statusText}`, errorText);
+      throw new Error(`Error creating sandbox file: ${response.statusText} (${response.status})`);
+    }
+    
+    return response.json();
+  } catch (error) {
+    console.error('Failed to create sandbox file:', error);
+    throw error;
+  }
+};
+
+// Fallback method for legacy support using JSON
+export const createSandboxFileJson = async (sandboxId: string, filePath: string, content: string): Promise<void> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    const headers: Record<string, string> = {
+      'Content-Type': 'application/json'
+    };
+    
+    if (session?.access_token) {
+      headers['Authorization'] = `Bearer ${session.access_token}`;
+    }
+
+    const response = await fetch(`${API_URL}/sandboxes/${sandboxId}/files/json`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({
+        path: filePath,
+        content: content
+      }),
+    });
+    
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`Error creating sandbox file (JSON): ${response.status} ${response.statusText}`, errorText);
+      throw new Error(`Error creating sandbox file: ${response.statusText} (${response.status})`);
+    }
+    
+    return response.json();
+  } catch (error) {
+    console.error('Failed to create sandbox file with JSON:', error);
+    throw error;
+  }
+};
+
+export const listSandboxFiles = async (sandboxId: string, path: string): Promise<FileInfo[]> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    const url = new URL(`${API_URL}/sandboxes/${sandboxId}/files`);
+    url.searchParams.append('path', path);
+
+    const headers: Record<string, string> = {};
+    if (session?.access_token) {
+      headers['Authorization'] = `Bearer ${session.access_token}`;
+    }
+
+    const response = await fetch(url.toString(), {
+      headers,
+    });
+    
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`Error listing sandbox files: ${response.status} ${response.statusText}`, errorText);
+      throw new Error(`Error listing sandbox files: ${response.statusText} (${response.status})`);
+    }
+    
+    const data = await response.json();
+    return data.files || [];
+  } catch (error) {
+    console.error('Failed to list sandbox files:', error);
+    throw error;
+  }
+};
+
+export const getSandboxFileContent = async (sandboxId: string, path: string): Promise<string | Blob> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    const url = new URL(`${API_URL}/sandboxes/${sandboxId}/files/content`);
+    url.searchParams.append('path', path);
+
+    const headers: Record<string, string> = {};
+    if (session?.access_token) {
+      headers['Authorization'] = `Bearer ${session.access_token}`;
+    }
+
+    const response = await fetch(url.toString(), {
+      headers,
+    });
+    
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`Error getting sandbox file content: ${response.status} ${response.statusText}`, errorText);
+      throw new Error(`Error getting sandbox file content: ${response.statusText} (${response.status})`);
+    }
+    
+    // Check if it's a text file or binary file based on content-type
+    const contentType = response.headers.get('content-type');
+    if (contentType && contentType.includes('text') || contentType?.includes('application/json')) {
+      return await response.text();
+    } else {
+      return await response.blob();
+    }
+  } catch (error) {
+    console.error('Failed to get sandbox file content:', error);
+    throw error;
+  }
+};
+
+export const updateThread = async (threadId: string, data: Partial<Thread>): Promise<Thread> => {
+  const supabase = createClient();
+  
+  // Format the data for update
+  const updateData = { ...data };
+  
+  // Update the thread
+  const { data: updatedThread, error } = await supabase
+    .from('threads')
+    .update(updateData)
+    .eq('thread_id', threadId)
+    .select()
+    .single();
+  
+  if (error) {
+    console.error('Error updating thread:', error);
+    throw new Error(`Error updating thread: ${error.message}`);
+  }
+  
+  return updatedThread;
+};
+
+export const toggleThreadPublicStatus = async (threadId: string, isPublic: boolean): Promise<Thread> => {
+  return updateThread(threadId, { is_public: isPublic });
+};
+
+// Function to get public projects
+export const getPublicProjects = async (): Promise<Project[]> => {
+  try {
+    const supabase = createClient();
+    
+    // Query for threads that are marked as public
+    const { data: publicThreads, error: threadsError } = await supabase
+      .from('threads')
+      .select('project_id')
+      .eq('is_public', true);
+    
+    if (threadsError) {
+      console.error('Error fetching public threads:', threadsError);
+      return [];
+    }
+    
+    // If no public threads found, return empty array
+    if (!publicThreads?.length) {
+      return [];
+    }
+    
+    // Extract unique project IDs from public threads
+    const publicProjectIds = [...new Set(publicThreads.map(thread => thread.project_id))].filter(Boolean);
+    
+    // If no valid project IDs, return empty array
+    if (!publicProjectIds.length) {
+      return [];
+    }
+    
+    // Get the projects that have public threads
+    const { data: projects, error: projectsError } = await supabase
+      .from('projects')
+      .select('*')
+      .in('project_id', publicProjectIds);
+    
+    if (projectsError) {
+      console.error('Error fetching public projects:', projectsError);
+      return [];
+    }
+    
+    console.log('[API] Raw public projects from DB:', projects?.length, projects);
+    
+    // Map database fields to our Project type
+    const mappedProjects: Project[] = (projects || []).map(project => ({
+      id: project.project_id,
+      name: project.name || '',
+      description: project.description || '',
+      account_id: project.account_id,
+      created_at: project.created_at,
+      updated_at: project.updated_at,
+      sandbox: project.sandbox || { id: "", pass: "", vnc_preview: "", sandbox_url: "" },
+      is_public: true // Mark these as public projects
+    }));
+    
+    console.log('[API] Mapped public projects for frontend:', mappedProjects.length);
+    
+    return mappedProjects;
+  } catch (err) {
+    console.error('Error fetching public projects:', err);
+    return [];
+  }
+};
+
+export const initiateAgent = async (formData: FormData): Promise<InitiateAgentResponse> => {
+  try {
+    const supabase = createClient();
+    const { data: { session } } = await supabase.auth.getSession();
+    
+    if (!session?.access_token) {
+      throw new Error('No access token available');
+    }
+
+    // Check if backend URL is configured
+    if (!API_URL) {
+      throw new Error('Backend URL is not configured. Set NEXT_PUBLIC_BACKEND_URL in your environment.');
+    }
+
+    console.log(`[API] Initiating agent with files using ${API_URL}/agent/initiate`);
+    
+    const response = await fetch(`${API_URL}/agent/initiate`, {
+      method: 'POST',
+      headers: {
+        // Note: Don't set Content-Type for FormData
+        'Authorization': `Bearer ${session.access_token}`,
+      },
+      body: formData,
+      // Add cache: 'no-store' to prevent caching
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      const errorText = await response.text().catch(() => 'No error details available');
+      console.error(`[API] Error initiating agent: ${response.status} ${response.statusText}`, errorText);
+      throw new Error(`Error initiating agent: ${response.statusText} (${response.status})`);
+    }
+    
+    return response.json();
+  } catch (error) {
+    console.error('[API] Failed to initiate agent:', error);
+    
+    // Provide clearer error message for network errors
+    if (error instanceof TypeError && error.message.includes('Failed to fetch')) {
+      throw new Error(`Cannot connect to backend server. Please check your internet connection and make sure the backend is running.`);
+    }
+    
+    throw error;
+  }
+};
+
+export const checkApiHealth = async (): Promise<HealthCheckResponse> => {
+  try {
+    const response = await fetch(`${API_URL}/health`, {
+      cache: 'no-store',
+    });
+    
+    if (!response.ok) {
+      throw new Error(`API health check failed: ${response.statusText}`);
+    }
+    
+    return response.json();
+  } catch (error) {
+    console.error('API health check failed:', error);
+    throw error;
+  }
+};
+

auth_utils.py

@@ -0,0 +1,177 @@
+from fastapi import HTTPException, Request, Depends
+from typing import Optional, List, Dict, Any
+import jwt
+from jwt.exceptions import PyJWTError
+from utils.logger import logger
+
+# This function extracts the user ID from Supabase JWT
+async def get_current_user_id(request: Request) -> str:
+    """
+    Extract and verify the user ID from the JWT in the Authorization header.
+    
+    This function is used as a dependency in FastAPI routes to ensure the user
+    is authenticated and to provide the user ID for authorization checks.
+    
+    Args:
+        request: The FastAPI request object
+        
+    Returns:
+        str: The user ID extracted from the JWT
+        
+    Raises:
+        HTTPException: If no valid token is found or if the token is invalid
+    """
+    auth_header = request.headers.get('Authorization')
+    
+    if not auth_header or not auth_header.startswith('Bearer '):
+        raise HTTPException(
+            status_code=401,
+            detail="No valid authentication credentials found",
+            headers={"WWW-Authenticate": "Bearer"}
+        )
+    
+    token = auth_header.split(' ')[1]
+    
+    try:
+        # For Supabase JWT, we just need to decode and extract the user ID
+        # The actual validation is handled by Supabase's RLS
+        payload = jwt.decode(token, options={"verify_signature": False})
+        
+        # Supabase stores the user ID in the 'sub' claim
+        user_id = payload.get('sub')
+        
+        if not user_id:
+            raise HTTPException(
+                status_code=401,
+                detail="Invalid token payload",
+                headers={"WWW-Authenticate": "Bearer"}
+            )
+        
+        return user_id
+        
+    except PyJWTError:
+        raise HTTPException(
+            status_code=401,
+            detail="Invalid token",
+            headers={"WWW-Authenticate": "Bearer"}
+        )
+
+async def get_user_id_from_stream_auth(
+    request: Request,
+    token: Optional[str] = None
+) -> str:
+    """
+    Extract and verify the user ID from either the Authorization header or query parameter token.
+    This function is specifically designed for streaming endpoints that need to support both
+    header-based and query parameter-based authentication (for EventSource compatibility).
+    
+    Args:
+        request: The FastAPI request object
+        token: Optional token from query parameters
+        
+    Returns:
+        str: The user ID extracted from the JWT
+        
+    Raises:
+        HTTPException: If no valid token is found or if the token is invalid
+    """
+    # Try to get user_id from token in query param (for EventSource which can't set headers)
+    if token:
+        try:
+            # For Supabase JWT, we just need to decode and extract the user ID
+            payload = jwt.decode(token, options={"verify_signature": False})
+            user_id = payload.get('sub')
+            if user_id:
+                return user_id
+        except Exception:
+            pass
+    
+    # If no valid token in query param, try to get it from the Authorization header
+    auth_header = request.headers.get('Authorization')
+    if auth_header and auth_header.startswith('Bearer '):
+        try:
+            # Extract token from header
+            header_token = auth_header.split(' ')[1]
+            payload = jwt.decode(header_token, options={"verify_signature": False})
+            user_id = payload.get('sub')
+            if user_id:
+                return user_id
+        except Exception:
+            pass
+    
+    # If we still don't have a user_id, return authentication error
+    raise HTTPException(
+        status_code=401,
+        detail="No valid authentication credentials found",
+        headers={"WWW-Authenticate": "Bearer"}
+    )
+async def verify_thread_access(client, thread_id: str, user_id: str):
+    """
+    Verify that a user has access to a specific thread based on account membership.
+    
+    Args:
+        client: The Supabase client
+        thread_id: The thread ID to check access for
+        user_id: The user ID to check permissions for
+        
+    Returns:
+        bool: True if the user has access
+        
+    Raises:
+        HTTPException: If the user doesn't have access to the thread
+    """
+    # Query the thread to get account information
+    thread_result = await client.table('threads').select('*,project_id').eq('thread_id', thread_id).execute()
+
+    if not thread_result.data or len(thread_result.data) == 0:
+        raise HTTPException(status_code=404, detail="Thread not found")
+    
+    thread_data = thread_result.data[0]
+    
+    # Check if project is public
+    project_id = thread_data.get('project_id')
+    if project_id:
+        project_result = await client.table('projects').select('is_public').eq('project_id', project_id).execute()
+        if project_result.data and len(project_result.data) > 0:
+            if project_result.data[0].get('is_public'):
+                return True
+        
+    account_id = thread_data.get('account_id')
+    # When using service role, we need to manually check account membership instead of using current_user_account_role
+    if account_id:
+        account_user_result = await client.schema('basejump').from_('account_user').select('account_role').eq('user_id', user_id).eq('account_id', account_id).execute()
+        if account_user_result.data and len(account_user_result.data) > 0:
+            return True
+    raise HTTPException(status_code=403, detail="Not authorized to access this thread")
+
+async def get_optional_user_id(request: Request) -> Optional[str]:
+    """
+    Extract the user ID from the JWT in the Authorization header if present,
+    but don't require authentication. Returns None if no valid token is found.
+    
+    This function is used for endpoints that support both authenticated and 
+    unauthenticated access (like public projects).
+    
+    Args:
+        request: The FastAPI request object
+        
+    Returns:
+        Optional[str]: The user ID extracted from the JWT, or None if no valid token
+    """
+    auth_header = request.headers.get('Authorization')
+    
+    if not auth_header or not auth_header.startswith('Bearer '):
+        return None
+    
+    token = auth_header.split(' ')[1]
+    
+    try:
+        # For Supabase JWT, we just need to decode and extract the user ID
+        payload = jwt.decode(token, options={"verify_signature": False})
+        
+        # Supabase stores the user ID in the 'sub' claim
+        user_id = payload.get('sub')
+        
+        return user_id
+    except PyJWTError:
+        return None

avatar.tsx

@@ -0,0 +1,53 @@
+"use client"
+
+import * as React from "react"
+import * as AvatarPrimitive from "@radix-ui/react-avatar"
+
+import { cn } from "@/lib/utils"
+
+function Avatar({
+  className,
+  ...props
+}: React.ComponentProps<typeof AvatarPrimitive.Root>) {
+  return (
+    <AvatarPrimitive.Root
+      data-slot="avatar"
+      className={cn(
+        "relative flex size-8 shrink-0 overflow-hidden rounded-full",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+function AvatarImage({
+  className,
+  ...props
+}: React.ComponentProps<typeof AvatarPrimitive.Image>) {
+  return (
+    <AvatarPrimitive.Image
+      data-slot="avatar-image"
+      className={cn("aspect-square size-full", className)}
+      {...props}
+    />
+  )
+}
+
+function AvatarFallback({
+  className,
+  ...props
+}: React.ComponentProps<typeof AvatarPrimitive.Fallback>) {
+  return (
+    <AvatarPrimitive.Fallback
+      data-slot="avatar-fallback"
+      className={cn(
+        "bg-muted flex size-full items-center justify-center rounded-full",
+        className
+      )}
+      {...props}
+    />
+  )
+}
+
+export { Avatar, AvatarImage, AvatarFallback }

badge.tsx

@@ -0,0 +1,46 @@
+import * as React from "react"
+import { Slot } from "@radix-ui/react-slot"
+import { cva, type VariantProps } from "class-variance-authority"
+
+import { cn } from "@/lib/utils"
+
+const badgeVariants = cva(
+  "inline-flex items-center justify-center rounded-md border px-2 py-0.5 text-xs font-medium w-fit whitespace-nowrap shrink-0 [&>svg]:size-3 gap-1 [&>svg]:pointer-events-none focus-visible:border-ring focus-visible:ring-ring/50 focus-visible:ring-[3px] aria-invalid:ring-destructive/20 dark:aria-invalid:ring-destructive/40 aria-invalid:border-destructive transition-[color,box-shadow] overflow-hidden",
+  {
+    variants: {
+      variant: {
+        default:
+          "border-transparent bg-primary text-primary-foreground [a&]:hover:bg-primary/90",
+        secondary:
+          "border-transparent bg-secondary text-secondary-foreground [a&]:hover:bg-secondary/90",
+        destructive:
+          "border-transparent bg-destructive text-white [a&]:hover:bg-destructive/90 focus-visible:ring-destructive/20 dark:focus-visible:ring-destructive/40 dark:bg-destructive/60",
+        outline:
+          "text-foreground [a&]:hover:bg-accent [a&]:hover:text-accent-foreground",
+      },
+    },
+    defaultVariants: {
+      variant: "default",
+    },
+  }
+)
+
+function Badge({
+  className,
+  variant,
+  asChild = false,
+  ...props
+}: React.ComponentProps<"span"> &
+  VariantProps<typeof badgeVariants> & { asChild?: boolean }) {
+  const Comp = asChild ? Slot : "span"
+
+  return (
+    <Comp
+      data-slot="badge"
+      className={cn(badgeVariants({ variant }), className)}
+      {...props}
+    />
+  )
+}
+
+export { Badge, badgeVariants }

bento-section.tsx

@@ -0,0 +1,45 @@
+"use client";
+
+import { SectionHeader } from "@/components/home/section-header";
+import { siteConfig } from "@/lib/home";
+
+export function BentoSection() {
+  const { title, description, items } = siteConfig.bentoSection;
+
+  return (
+    <section
+      id="bento"
+      className="flex flex-col items-center justify-center w-full relative"
+    >
+      <div className="border-x mx-auto relative w-full max-w-6xl px-6">
+        <SectionHeader>
+          <h2 className="text-3xl md:text-4xl font-medium tracking-tighter text-center text-balance pb-1">
+            {title}
+          </h2>
+          <p className="text-muted-foreground text-center text-balance font-medium">
+            {description}
+          </p>
+        </SectionHeader>
+
+        <div className="grid grid-cols-1 md:grid-cols-2 overflow-hidden">
+          {items.map((item) => (
+            <div
+              key={item.id}
+              className="flex flex-col items-start justify-end min-h-[600px] md:min-h-[500px] p-0.5 relative before:absolute before:-left-0.5 before:top-0 before:z-10 before:h-screen before:w-px before:bg-border before:content-[''] after:absolute after:-top-0.5 after:left-0 after:z-10 after:h-px after:w-screen after:bg-border after:content-[''] group cursor-pointer max-h-[400px] group"
+            >
+              <div className="relative flex size-full items-center justify-center h-full overflow-hidden">
+                {item.content}
+              </div>
+              <div className="flex-1 flex-col gap-2 p-6">
+                <h3 className="text-lg tracking-tighter font-semibold">
+                  {item.title}
+                </h3>
+                <p className="text-muted-foreground">{item.description}</p>
+              </div>
+            </div>
+          ))}
+        </div>
+      </div>
+    </section>
+  );
+}

billing.py

@@ -0,0 +1,125 @@
+from datetime import datetime, timezone
+from typing import Dict, Optional, Tuple
+from utils.logger import logger
+from utils.config import config, EnvMode
+
+# Define subscription tiers and their monthly limits (in minutes)
+SUBSCRIPTION_TIERS = {
+    'price_1RGJ9GG6l1KZGqIroxSqgphC': {'name': 'free', 'minutes': 8},
+    'price_1RGJ9LG6l1KZGqIrd9pwzeNW': {'name': 'base', 'minutes': 300},
+    'price_1RGJ9JG6l1KZGqIrVUU4ZRv6': {'name': 'extra', 'minutes': 2400}
+}
+
+async def get_account_subscription(client, account_id: str) -> Optional[Dict]:
+    """Get the current subscription for an account."""
+    result = await client.schema('basejump').from_('billing_subscriptions') \
+        .select('*') \
+        .eq('account_id', account_id) \
+        .eq('status', 'active') \
+        .order('created', desc=True) \
+        .limit(1) \
+        .execute()
+    
+    if result.data and len(result.data) > 0:
+        return result.data[0]
+    return None
+
+async def calculate_monthly_usage(client, account_id: str) -> float:
+    """Calculate total agent run minutes for the current month for an account."""
+    # Get start of current month in UTC
+    now = datetime.now(timezone.utc)
+    start_of_month = datetime(now.year, now.month, 1, tzinfo=timezone.utc)
+    
+    # First get all threads for this account
+    threads_result = await client.table('threads') \
+        .select('thread_id') \
+        .eq('account_id', account_id) \
+        .execute()
+    
+    if not threads_result.data:
+        return 0.0
+    
+    thread_ids = [t['thread_id'] for t in threads_result.data]
+    
+    # Then get all agent runs for these threads in current month
+    runs_result = await client.table('agent_runs') \
+        .select('started_at, completed_at') \
+        .in_('thread_id', thread_ids) \
+        .gte('started_at', start_of_month.isoformat()) \
+        .execute()
+    
+    if not runs_result.data:
+        return 0.0
+    
+    # Calculate total minutes
+    total_seconds = 0
+    now_ts = now.timestamp()
+    
+    for run in runs_result.data:
+        start_time = datetime.fromisoformat(run['started_at'].replace('Z', '+00:00')).timestamp()
+        if run['completed_at']:
+            end_time = datetime.fromisoformat(run['completed_at'].replace('Z', '+00:00')).timestamp()
+        else:
+            # For running jobs, use current time
+            end_time = now_ts
+        
+        total_seconds += (end_time - start_time)
+    
+    return total_seconds / 60  # Convert to minutes
+
+async def check_billing_status(client, account_id: str) -> Tuple[bool, str, Optional[Dict]]:
+    """
+    Check if an account can run agents based on their subscription and usage.
+    
+    Returns:
+        Tuple[bool, str, Optional[Dict]]: (can_run, message, subscription_info)
+    """
+    if config.ENV_MODE == EnvMode.LOCAL:
+        logger.info("Running in local development mode - billing checks are disabled")
+        return True, "Local development mode - billing disabled", {
+            "price_id": "local_dev",
+            "plan_name": "Local Development",
+            "minutes_limit": "no limit"
+        }
+    
+    # For staging/production, check subscription status
+    
+    # Get current subscription
+    subscription = await get_account_subscription(client, account_id)
+    
+    # If no subscription, they can use free tier
+    if not subscription:
+        subscription = {
+            'price_id': 'price_1RGJ9GG6l1KZGqIroxSqgphC',  # Free tier
+            'plan_name': 'free'
+        }
+
+    # if not subscription or subscription.get('price_id') is None or subscription.get('price_id') == 'price_1RGJ9GG6l1KZGqIroxSqgphC':
+    #     return False, "You are not subscribed to any plan. Please upgrade your plan to continue.", subscription
+    
+    # Get tier info
+    tier_info = SUBSCRIPTION_TIERS.get(subscription['price_id'])
+    if not tier_info:
+        return False, "Invalid subscription tier", subscription
+    
+    # Calculate current month's usage
+    current_usage = await calculate_monthly_usage(client, account_id)
+    
+    # Check if within limits
+    if current_usage >= tier_info['minutes']:
+        return False, f"Monthly limit of {tier_info['minutes']} minutes reached. Please upgrade your plan or wait until next month.", subscription
+    
+    return True, "OK", subscription
+
+# Helper function to get account ID from thread
+async def get_account_id_from_thread(client, thread_id: str) -> Optional[str]:
+    """Get the account ID associated with a thread."""
+    result = await client.table('threads') \
+        .select('account_id') \
+        .eq('thread_id', thread_id) \
+        .limit(1) \
+        .execute()
+    
+    if result.data and len(result.data) > 0:
+        return result.data[0]['account_id']
+    return None