feat: add server-side Supabase API endpoints

- Created profile.py route with complete auth API
- POST /api/auth/signin (email/password)
- POST /api/auth/signup (email/password)
- POST /api/auth/google (Google OAuth with idToken)
- POST /api/auth/reset-password
- POST /api/auth/signout
- Added profile management endpoints (GET, POST, PUT /api/profile)
- Added chat history endpoints (GET, POST, PUT, DELETE /api/history)
- Added subscription endpoint (POST /api/subscription/upgrade)
- Registered profile router in server.py
- All operations use server-side Supabase with service key for security

Dockerfile

@@ -3,9 +3,11 @@ FROM python:3.10-slim
 
 WORKDIR /app
 
-# Install minimal system dependencies
+# Install minimal system dependencies + Node.js for admin dashboard
 RUN apt-get update && apt-get install -y \
     curl \
+    && curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
+    && apt-get install -y nodejs \
     && rm -rf /var/lib/apt/lists/*
 
 # Copy requirements
@@ -20,6 +22,14 @@ RUN pip install --no-cache-dir -r requirements.txt
 # Copy application code
 COPY . .
 
+# Build admin dashboard (static export)
+WORKDIR /app/admin-dashboard
+RUN npm install && npm run build
+WORKDIR /app
+
+# Move static admin dashboard to serve location
+RUN mkdir -p admin-static && cp -r admin-dashboard/out/* admin-static/
+
 # Create data directories
 RUN mkdir -p data/knowledge data/processed checkpoints uploads/generated logs
 

admin-dashboard/next.config.ts

@@ -1,7 +1,12 @@
 import type { NextConfig } from "next";
 
 const nextConfig: NextConfig = {
-  /* config options here */
+  output: 'export',
+  basePath: '/admin',
+  trailingSlash: true,
+  images: {
+    unoptimized: true,
+  },
 };
 
 export default nextConfig;

src/api/routes/chat.py

@@ -55,6 +55,7 @@ class ChatRequest(BaseModel):
     max_tokens: int = 256
     top_k: int = 50
     top_p: float = 0.9
+    system_prompt: Optional[str] = None  # Personality prompt from client
 
 
 class ChatResponse(BaseModel):
@@ -83,7 +84,12 @@ async def chat(request: ChatRequest) -> ChatResponse:
         raise HTTPException(status_code=503, detail="Model not loaded")
     
     sources = []
-    prompt = request.message
+    
+    # Build prompt with optional personality system prompt
+    if request.system_prompt:
+        prompt = f"[System: {request.system_prompt}]\n\nUser: {request.message}\n\nAssistant:"
+    else:
+        prompt = request.message
     
     # Use RAG if enabled
     if request.use_rag and state.rag is not None:

src/api/routes/profile.py

@@ -0,0 +1,271 @@
+"""
+Nova AI - Profile API Routes  
+User profile management with server-side Supabase
+"""
+
+from fastapi import APIRouter, HTTPException
+from pydantic import BaseModel
+from typing import Optional
+import os
+from supabase import create_client, Client
+
+router = APIRouter()
+
+# Initialize Supabase client
+SUPABASE_URL = os.getenv("SUPABASE_URL", "")
+SUPABASE_KEY = os.getenv("SUPABASE_SERVICE_KEY", "")  # Use service key on server
+supabase: Client = create_client(SUPABASE_URL, SUPABASE_KEY)
+
+
+# ============================================================================
+# AUTH ENDPOINTS
+# ============================================================================
+
+class SignInRequest(BaseModel):
+    email: str
+    password: str
+
+
+class SignUpRequest(BaseModel):
+    email: str
+    password: str
+    display_name: Optional[str] = None
+
+
+class GoogleAuthRequest(BaseModel):
+    id_token: str
+
+
+class PasswordResetRequest(BaseModel):
+    email: str
+
+
+@router.post("/auth/signin")
+async def sign_in(data: SignInRequest):
+    """Sign in with email and password"""
+    try:
+        result = supabase.auth.sign_in_with_password({
+            "email": data.email,
+            "password": data.password
+        })
+        return {
+            "success": True,
+            "session": result.session.model_dump() if result.session else None,
+            "user": result.user.model_dump() if result.user else None
+        }
+    except Exception as e:
+        return {"success": False, "error": str(e)}
+
+
+@router.post("/auth/signup")
+async def sign_up(data: SignUpRequest):
+    """Sign up with email and password"""
+    try:
+        result = supabase.auth.sign_up({
+            "email": data.email,
+            "password": data.password,
+            "options": {
+                "data": {"display_name": data.display_name or data.email.split('@')[0]}
+            }
+        })
+        return {
+            "success": True,
+            "session": result.session.model_dump() if result.session else None,
+            "user": result.user.model_dump() if result.user else None
+        }
+    except Exception as e:
+        return {"success": False, "error": str(e)}
+
+
+@router.post("/auth/google")
+async def sign_in_with_google(data: GoogleAuthRequest):
+    """Sign in with Google ID token"""
+    try:
+        result = supabase.auth.sign_in_with_id_token({
+            "provider": "google",
+            "token": data.id_token
+        })
+        return {
+            "success": True,
+            "session": result.session.model_dump() if result.session else None,
+            "user": result.user.model_dump() if result.user else None
+        }
+    except Exception as e:
+        return {"success": False, "error": str(e)}
+
+
+@router.post("/auth/reset-password")
+async def reset_password(data: PasswordResetRequest):
+    """Send password reset email"""
+    try:
+        supabase.auth.reset_password_for_email(data.email)
+        return {"success": True}
+    except Exception as e:
+        return {"success": False, "error": str(e)}
+
+
+@router.post("/auth/signout")
+async def sign_out():
+    """Sign out current user"""
+    try:
+        supabase.auth.sign_out()
+        return {"success": True}
+    except Exception as e:
+        return {"success": False, "error": str(e)}
+
+
+# ============================================================================
+# PROFILE ENDPOINTS
+# ============================================================================
+async def create_profile(data: ProfileCreate):
+    """Create a new user profile"""
+    try:
+        profile_data = {
+            "id": data.user_id,
+            "email": data.email,
+            "display_name": data.display_name or data.email.split('@')[0] if data.email else 'User',
+            "subscription_tier": "free",
+            "tokens_used": 0,
+            "tokens_limit": 20,
+            "consent_given": False,
+            "data_collection_consent": False,
+            "is_admin": False,
+        }
+        
+        result = supabase.table("profiles").insert(profile_data).execute()
+        return {"success": True, "profile": result.data[0] if result.data else None}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.get("/profile/{user_id}")
+async def get_profile(user_id: str):
+    """Get user profile"""
+    try:
+        result = supabase.table("profiles").select("*").eq("id", user_id).execute()
+        if not result.data:
+            return {"success": False, "error": "Profile not found"}
+        return {"success": True, "profile": result.data[0]}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.put("/profile/{user_id}")
+async def update_profile(user_id: str, updates: ProfileUpdate):
+    """Update user profile"""
+    try:
+        update_data = {k: v for k, v in updates.dict().items() if v is not None}
+        update_data["updated_at"] = "now()"
+        
+        result = supabase.table("profiles").update(update_data).eq("id", user_id).execute()
+        return {"success": True}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.post("/profile/{user_id}/consent")
+async def accept_consent(user_id: str, data_collection: bool):
+    """Accept user consent"""
+    try:
+        update_data = {
+            "consent_given": True,
+            "consent_given_at": "now()",
+            "data_collection_consent": data_collection,
+            "terms_accepted_at": "now()",
+        }
+        
+        supabase.table("profiles").update(update_data).eq("id", user_id).execute()
+        return {"success": True}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.post("/profile/{user_id}/tokens/use")
+async def use_tokens(user_id: str, amount: int):
+    """Use tokens from user's balance"""
+    try:
+        result = supabase.rpc("use_tokens", {
+            "p_user_id": user_id,
+            "p_tokens": amount
+        }).execute()
+        return {"success": result.data, "remaining": 0}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+# History endpoints
+@router.get("/history/{user_id}")
+async def get_chat_histories(user_id: str):
+    """Get all chat histories for a user"""
+    try:
+        result = supabase.table("chat_history").select("*").eq("user_id", user_id).order("updated_at", desc=True).execute()
+        return {"success": True, "histories": result.data}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.post("/history")
+async def create_chat(user_id: str, title: str, messages: list):
+    """Create new chat history"""
+    try:
+        chat_data = {
+            "user_id": user_id,
+            "title": title,
+            "messages": messages,
+        }
+        result = supabase.table("chat_history").insert(chat_data).select("id").execute()
+        return {"success": True, "id": result.data[0]["id"] if result.data else None}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.put("/history/{chat_id}")
+async def update_chat(chat_id: str, title: Optional[str] = None, messages: Optional[list] = None):
+    """Update chat history"""
+    try:
+        update_data = {}
+        if title:
+            update_data["title"] = title  
+        if messages:
+            update_data["messages"] = messages
+        update_data["updated_at"] = "now()"
+        
+        supabase.table("chat_history").update(update_data).eq("id", chat_id).execute()
+        return {"success": True}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.delete("/history/{chat_id}")
+async def delete_chat(chat_id: str):
+    """Delete chat history"""
+    try:
+        supabase.table("chat_history").delete().eq("id", chat_id).execute()
+        return {"success": True}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+# Subscription endpoints
+@router.post("/subscription/upgrade")
+async def upgrade_to_pro(user_id: str, razorpay_subscription_id: str):
+    """Upgrade user to pro"""
+    try:
+        # Update profile
+        supabase.table("profiles").update({
+            "subscription_tier": "pro",
+            "tokens_limit": 1000,
+        }).eq("id", user_id).execute()
+        
+        # Create subscription record
+        import datetime
+        supabase.table("subscriptions").insert({
+            "user_id": user_id,
+            "tier": "pro",
+            "razorpay_subscription_id": razorpay_subscription_id,
+            "expires_at": (datetime.datetime.now() + datetime.timedelta(days=30)).isoformat(),
+        }).execute()
+        
+        return {"success": True}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))

src/api/server.py

@@ -19,7 +19,7 @@ from fastapi.staticfiles import StaticFiles
 from loguru import logger
 
 # Import routes
-from .routes import chat, image, files, knowledge, auth, analytics, models
+from .routes import chat, image, files, knowledge, auth, analytics, models, profile
 
 # Keep-alive settings
 KEEP_ALIVE_INTERVAL = 300  # 5 minutes
@@ -226,6 +226,11 @@ uploads_path = Path("uploads")
 uploads_path.mkdir(exist_ok=True)
 app.mount("/static", StaticFiles(directory=str(uploads_path)), name="static")
 
+# Admin dashboard static files (built from Next.js)
+admin_static_path = Path("admin-static")
+if admin_static_path.exists():
+    app.mount("/admin", StaticFiles(directory=str(admin_static_path), html=True), name="admin")
+
 # Include routers
 app.include_router(chat.router, prefix="/api", tags=["Chat"])
 app.include_router(image.router, prefix="/api", tags=["Image"])
@@ -234,6 +239,7 @@ app.include_router(knowledge.router, prefix="/api", tags=["Knowledge"])
 app.include_router(auth.router, prefix="/api", tags=["Auth"])
 app.include_router(analytics.router, prefix="/api", tags=["Analytics"])
 app.include_router(models.router, prefix="/api", tags=["Models"])
+app.include_router(profile.router, prefix="/api", tags=["Profile"])
 
 
 @app.get("/")
@@ -355,6 +361,21 @@ async def root():
                 </div>
             </div>
             
+            <div class="admin-button" style="margin-top: 30px;">
+                <a href="/admin/" style="
+                    display: inline-block;
+                    background: linear-gradient(135deg, #7b2ff7, #00d4ff);
+                    color: white;
+                    padding: 15px 30px;
+                    border-radius: 12px;
+                    text-decoration: none;
+                    font-weight: 600;
+                    font-size: 1em;
+                    box-shadow: 0 4px 15px rgba(123, 47, 247, 0.4);
+                    transition: transform 0.2s, box-shadow 0.2s;
+                ">🔐 Admin Dashboard</a>
+            </div>
+            
             <div class="endpoints">
                 API: <a href="/api/health">/api/health</a> | 
                 <a href="/api/chat">/api/chat</a> |