Implementation Zato-link

frontend/backend/OCR/client.ts

@@ -0,0 +1,5 @@
+import * as genai from '@google/generative-ai'
+
+export function createGeminiClient(apiKey: string) {
+  return new genai.GoogleGenerativeAI(apiKey)
+}

frontend/backend/OCR/handlers.ts

@@ -0,0 +1,113 @@
+import { createGeminiClient } from './client';
+
+const RATE_LIMIT_SECONDS = 300;
+const userLastRequest: Map<string, number> = new Map();
+
+export type OCRResponse = {
+  text: string;
+  confidence?: number;
+  language?: string;
+  products?: Array<Record<string, unknown>>;
+};
+
+export function parseAuthHeader(authHeader: string | null | undefined) {
+  if (!authHeader) return 'anonymous';
+  return authHeader.startsWith('Bearer ')
+    ? authHeader.replace('Bearer ', '')
+    : authHeader;
+}
+
+export const ALLOWED_TYPES = [
+  'image/png',
+  'image/jpg',
+  'image/jpeg',
+  'image/webp',
+  'application/pdf',
+];
+
+export async function processImageFile(params: {
+  file: File;
+  authHeader: string | null | undefined;
+  env: any;
+}): Promise<OCRResponse> {
+  const { file, authHeader, env } = params;
+  const userId = parseAuthHeader(authHeader);
+  const now = Date.now() / 1000;
+  const last = userLastRequest.get(userId) ?? 0;
+  if (now - last < RATE_LIMIT_SECONDS)
+    throw { status: 429, message: 'rate_limited' };
+  userLastRequest.set(userId, now);
+
+  if (!ALLOWED_TYPES.includes(file.type))
+    throw { status: 400, message: 'invalid_type' };
+
+  const apiKey = env.GEMINI_API_KEY;
+  if (!apiKey) throw { status: 500, message: 'GEMINI_API_KEY not configured' };
+
+  const client = createGeminiClient(apiKey);
+
+  const arrayBuffer = await file.arrayBuffer();
+  const uint8 = new Uint8Array(arrayBuffer);
+  const base64Data = Buffer.from(uint8).toString('base64');
+
+  const prompt = env.OCR_PROMPT || '';
+
+  const parts = [
+    { text: prompt },
+    { inlineData: { mimeType: file.type, data: base64Data } },
+  ];
+
+  const model = client.getGenerativeModel({ model: 'gemini-1.5-flash' });
+  const result = await model.generateContent(parts);
+  const response = result.response;
+
+  let extractedText = response.text();
+
+  extractedText = extractedText.trim();
+  if (extractedText.startsWith('```json'))
+    extractedText = extractedText.slice(7);
+  if (extractedText.endsWith('```')) extractedText = extractedText.slice(0, -3);
+  extractedText = extractedText.trim();
+
+  try {
+    const parsed = JSON.parse(extractedText);
+    let products = null;
+    if (Array.isArray(parsed)) products = parsed;
+    else if (parsed && typeof parsed === 'object') {
+      if ('productos' in parsed) products = (parsed as any).productos;
+      else products = [parsed];
+    }
+
+    return { text: extractedText, confidence: 0.95, language: 'es', products };
+  } catch (e) {
+    return { text: extractedText, confidence: 0.95, language: 'es' };
+  }
+}
+
+export async function sendBulk(params: {
+  data: any;
+  authHeader: string | null | undefined;
+  env: any;
+}) {
+  const { data, authHeader, env } = params;
+  const headers: Record<string, string> = {
+    'Content-Type': 'application/json',
+  };
+  if (authHeader) {
+    const token = authHeader.startsWith('Bearer ')
+      ? authHeader.replace('Bearer ', '')
+      : authHeader;
+    headers['Authorization'] = `Bearer ${token}`;
+  }
+  const res = await fetch(`/api/products/bulk`, {
+    method: 'POST',
+    headers,
+    body: JSON.stringify(data),
+  });
+  const text = await res.text();
+  try {
+    return { status: res.status, ok: res.ok, body: JSON.parse(text) };
+  } catch {
+    return { status: res.status, ok: res.ok, body: text };
+  }
+}

frontend/backend/auth/models.ts

@@ -0,0 +1,36 @@
+export type RoleUser = 'admin' | 'manager' | 'user';
+
+export interface UserItem {
+  id: string;
+  full_name: string;
+  email: string;
+  password?: string | null;
+  role?: RoleUser;
+  phone?: string | null;
+  profile_image?: string | null;
+  polar_api_key?: string | null;
+  polar_organization_id?: string | null;
+}
+
+export interface LoginRequest {
+  email: string;
+  password: string;
+}
+
+export interface RegisterRequest {
+  full_name: string;
+  email: string;
+  password: string;
+  phone?: string | null;
+}
+
+export interface UserInfo {
+  id: string;
+  email: string;
+  full_name: string;
+  phone?: string | null;
+  address?: string | null;
+  role: RoleUser;
+  created_at: string;
+  last_updated: string;
+}

frontend/backend/auth/repository.ts

@@ -0,0 +1,109 @@
+import { createClient } from '@/utils/supabase/server';
+import type { UserItem } from './models';
+import { encryptString, decryptString } from '@/utils/crypto';
+import { getCurrentTimeWithTimezone } from '@/utils/timezone';
+
+export class UserRepository {
+  table = 'users';
+
+  async findAllUsers(): Promise<UserItem[]> {
+    const supabase = await createClient();
+    const { data } = await supabase.from(this.table).select('*');
+    return (data || []) as UserItem[];
+  }
+
+  async findByEmail(email: string): Promise<UserItem | null> {
+    if (!email) return null;
+    const supabase = await createClient();
+    const { data } = await supabase
+      .from(this.table)
+      .select('*')
+      .eq('email', email)
+      .limit(1);
+    if (!data || data.length === 0) return null;
+    return data[0] as UserItem;
+  }
+
+  async findByUserId(user_id: string): Promise<UserItem | null> {
+    if (!user_id) return null;
+    const supabase = await createClient();
+    const { data } = await supabase
+      .from(this.table)
+      .select('*')
+      .eq('id', user_id)
+      .limit(1);
+    if (!data || data.length === 0) return null;
+    return data[0] as UserItem;
+  }
+
+  async createUser(payload: Record<string, any>): Promise<string> {
+    const supabase = await createClient();
+    const now = getCurrentTimeWithTimezone('UTC');
+    const insertPayload = {
+      full_name: payload.full_name,
+      email: payload.email,
+      password: payload.password,
+      phone: payload.phone || null,
+      role: payload.role || 'user',
+      profile_image: payload.profile_image || null,
+      polar_api_key: payload.polar_api_key || null,
+      polar_organization_id: payload.polar_organization_id || null,
+      created_at: now,
+      last_updated: now,
+    };
+    const { data, error } = await supabase
+      .from(this.table)
+      .insert(insertPayload)
+      .select()
+      .single();
+    if (error) throw error;
+    return (data && data.id) || '';
+  }
+
+  async updateProfile(
+    user_id: string,
+    updates: Record<string, any>
+  ): Promise<UserItem> {
+    const supabase = await createClient();
+    const now = getCurrentTimeWithTimezone('UTC');
+    updates.last_updated = now;
+    if (typeof updates.polar_api_key !== 'undefined') {
+      updates.polar_api_key = updates.polar_api_key || null;
+    }
+    if (typeof updates.polar_organization_id !== 'undefined') {
+      updates.polar_organization_id = updates.polar_organization_id || null;
+    }
+    const { data, error } = await supabase
+      .from(this.table)
+      .update(updates)
+      .eq('id', user_id)
+      .select()
+      .single();
+    if (error) throw error;
+    return data as UserItem;
+  }
+
+  async getDecryptedPolarKey(user_id: string): Promise<string | null> {
+    const supabase = await createClient();
+    const { data } = await supabase
+      .from(this.table)
+      .select('polar_api_key')
+      .eq('id', user_id)
+      .limit(1)
+      .single();
+    if (!data || !data.polar_api_key) return null;
+    return data.polar_api_key as string;
+  }
+
+  async deleteUser(user_id: string): Promise<UserItem | null> {
+    const supabase = await createClient();
+    const { data, error } = await supabase
+      .from(this.table)
+      .delete()
+      .eq('id', user_id)
+      .select()
+      .single();
+    if (error) throw error;
+    return (data as UserItem) || null;
+  }
+}