Merge pull request #719 from transitive-bullshit/feature/rework-api-keys

apps/api/src/api-v1/consumers/admin-get-consumer-by-api-key.ts

@@ -10,18 +10,20 @@ import {
   openapiErrorResponses
 } from '@/lib/openapi-utils'
 
-import { consumerTokenParamsSchema, populateConsumerSchema } from './schemas'
+import { consumerApiKeyParamsSchema, populateConsumerSchema } from './schemas'
 import { setAdminCacheControlForConsumer } from './utils'
 
 const route = createRoute({
-  description: 'Gets a consumer by API token. This route is admin-only.',
+  description: 'Gets a consumer by API key. This route is admin-only.',
   tags: ['admin', 'consumers'],
-  operationId: 'adminGetConsumerByToken',
+  operationId: 'adminGetConsumerByApiKey',
   method: 'get',
-  path: 'admin/consumers/tokens/{token}',
+  // TODO: is it wise to use a path param for the API key? especially wehn it'll
+  // be cached in cloudflare's shared cache?
+  path: 'admin/consumers/api-keys/{apiKey}',
   security: openapiAuthenticatedSecuritySchemas,
   request: {
-    params: consumerTokenParamsSchema,
+    params: consumerApiKeyParamsSchema,
     query: populateConsumerSchema
   },
   responses: {
@@ -38,21 +40,21 @@ const route = createRoute({
   }
 })
 
-export function registerV1AdminGetConsumerByToken(
+export function registerV1AdminGetConsumerByApiKey(
   app: OpenAPIHono<AuthenticatedHonoEnv>
 ) {
   return app.openapi(route, async (c) => {
-    const { token } = c.req.valid('param')
+    const { apiKey } = c.req.valid('param')
     const { populate = [] } = c.req.valid('query')
     await aclAdmin(c)
 
     const consumer = await db.query.consumers.findFirst({
-      where: eq(schema.consumers.token, token),
+      where: eq(schema.consumers.token, apiKey),
       with: {
         ...Object.fromEntries(populate.map((field) => [field, true]))
       }
     })
-    assert(consumer, 404, `API token not found "${token}"`)
+    assert(consumer, 404, `API key not found "${apiKey}"`)
 
     setAdminCacheControlForConsumer(c, consumer)
     return c.json(parseZodSchema(schema.consumerAdminSelectSchema, consumer))

apps/api/src/api-v1/consumers/refresh-consumer-api-key.ts

@@ -4,7 +4,7 @@ import { createRoute, type OpenAPIHono } from '@hono/zod-openapi'
 import type { AuthenticatedHonoEnv } from '@/lib/types'
 import { db, eq, schema } from '@/db'
 import { acl } from '@/lib/acl'
-import { createConsumerToken } from '@/lib/create-consumer-token'
+import { createConsumerApiKey } from '@/lib/create-consumer-api-key'
 import {
   openapiAuthenticatedSecuritySchemas,
   openapiErrorResponse404,
@@ -14,11 +14,11 @@ import {
 import { consumerIdParamsSchema } from './schemas'
 
 const route = createRoute({
-  description: "Refreshes a consumer's API token.",
+  description: "Refreshes a consumer's API key.",
   tags: ['consumers'],
-  operationId: 'refreshConsumerToken',
+  operationId: 'refreshConsumerApiKey',
   method: 'post',
-  path: 'consumers/{consumerId}/refresh-token',
+  path: 'consumers/{consumerId}/refresh-api-key',
   security: openapiAuthenticatedSecuritySchemas,
   request: {
     params: consumerIdParamsSchema
@@ -37,7 +37,7 @@ const route = createRoute({
   }
 })
 
-export function registerV1RefreshConsumerToken(
+export function registerV1RefreshConsumerApiKey(
   app: OpenAPIHono<AuthenticatedHonoEnv>
 ) {
   return app.openapi(route, async (c) => {
@@ -53,7 +53,7 @@ export function registerV1RefreshConsumerToken(
     ;[consumer] = await db
       .update(schema.consumers)
       .set({
-        token: await createConsumerToken()
+        token: await createConsumerApiKey()
       })
       .where(eq(schema.consumers.id, consumer.id))
       .returning()

apps/api/src/api-v1/consumers/schemas.ts

@@ -17,14 +17,14 @@ export const consumerIdParamsSchema = z.object({
   })
 })
 
-export const consumerTokenParamsSchema = z.object({
+export const consumerApiKeyParamsSchema = z.object({
-  token: z
+  apiKey: z
     .string()
     .nonempty()
     .openapi({
       param: {
-        description: 'Consumer token',
+        description: 'Consumer API key',
-        name: 'token',
+        name: 'apiKey',
         in: 'path'
       }
     })

apps/api/src/api-v1/index.ts

@@ -11,7 +11,7 @@ import { registerV1GitHubOAuthInitFlow } from './auth/github-init'
 import { registerV1SignInWithPassword } from './auth/sign-in-with-password'
 import { registerV1SignUpWithPassword } from './auth/sign-up-with-password'
 import { registerV1AdminActivateConsumer } from './consumers/admin-activate-consumer'
-import { registerV1AdminGetConsumerByToken } from './consumers/admin-get-consumer-by-token'
+import { registerV1AdminGetConsumerByApiKey } from './consumers/admin-get-consumer-by-api-key'
 import { registerV1CreateBillingPortalSession } from './consumers/create-billing-portal-session'
 import { registerV1CreateConsumer } from './consumers/create-consumer'
 import { registerV1CreateConsumerBillingPortalSession } from './consumers/create-consumer-billing-portal-session'
@@ -20,7 +20,7 @@ import { registerV1GetConsumer } from './consumers/get-consumer'
 import { registerV1GetConsumerByProjectIdentifier } from './consumers/get-consumer-by-project-identifier'
 import { registerV1ListConsumers } from './consumers/list-consumers'
 import { registerV1ListConsumersForProject } from './consumers/list-project-consumers'
-import { registerV1RefreshConsumerToken } from './consumers/refresh-consumer-token'
+import { registerV1RefreshConsumerApiKey } from './consumers/refresh-consumer-api-key'
 import { registerV1UpdateConsumer } from './consumers/update-consumer'
 import { registerV1AdminGetDeploymentByIdentifier } from './deployments/admin-get-deployment-by-identifier'
 import { registerV1CreateDeployment } from './deployments/create-deployment'
@@ -119,7 +119,7 @@ registerV1CreateConsumer(privateRouter)
 registerV1CreateConsumerCheckoutSession(privateRouter)
 registerV1CreateConsumerBillingPortalSession(privateRouter)
 registerV1UpdateConsumer(privateRouter)
-registerV1RefreshConsumerToken(privateRouter)
+registerV1RefreshConsumerApiKey(privateRouter)
 registerV1ListConsumers(privateRouter)
 registerV1ListConsumersForProject(privateRouter)
 
@@ -133,7 +133,7 @@ registerV1ListDeployments(privateRouter)
 registerV1PublishDeployment(privateRouter)
 
 // Internal admin routes
-registerV1AdminGetConsumerByToken(privateRouter)
+registerV1AdminGetConsumerByApiKey(privateRouter)
 registerV1AdminActivateConsumer(privateRouter)
 registerV1AdminGetDeploymentByIdentifier(privateRouter)
 

apps/api/src/db/schema/consumer.ts

@@ -54,7 +54,8 @@ export const consumers = pgTable(
     ...consumerPrimaryId,
     ...timestamps,
 
-    // API token for this consumer
+    // API key for this consumer
+    // (called "token" for backwards compatibility)
     token: text().notNull(),
 
     // The slug of the PricingPlan in the target deployment that this consumer

apps/api/src/lib/consumers/upsert-consumer-stripe-checkout.ts

@@ -14,7 +14,7 @@ import { acl } from '@/lib/acl'
 import { upsertStripeConnectCustomer } from '@/lib/billing/upsert-stripe-connect-customer'
 import { upsertStripeCustomer } from '@/lib/billing/upsert-stripe-customer'
 import { upsertStripePricingResources } from '@/lib/billing/upsert-stripe-pricing-resources'
-import { createConsumerToken } from '@/lib/create-consumer-token'
+import { createConsumerApiKey } from '@/lib/create-consumer-api-key'
 
 import { aclPublicProject } from '../acl-public-project'
 import { createStripeCheckoutSession } from '../billing/create-stripe-checkout-session'
@@ -174,7 +174,7 @@ export async function upsertConsumerStripeCheckout(
         userId,
         projectId,
         deploymentId,
-        token: await createConsumerToken(),
+        token: await createConsumerApiKey(),
         _stripeCustomerId: stripeCustomer.id
       })
       .returning()

apps/api/src/lib/consumers/upsert-consumer.ts

@@ -7,7 +7,7 @@ import { upsertStripeConnectCustomer } from '@/lib/billing/upsert-stripe-connect
 import { upsertStripeCustomer } from '@/lib/billing/upsert-stripe-customer'
 import { upsertStripePricingResources } from '@/lib/billing/upsert-stripe-pricing-resources'
 import { upsertStripeSubscription } from '@/lib/billing/upsert-stripe-subscription'
-import { createConsumerToken } from '@/lib/create-consumer-token'
+import { createConsumerApiKey } from '@/lib/create-consumer-api-key'
 
 import { aclPublicProject } from '../acl-public-project'
 
@@ -164,7 +164,7 @@ export async function upsertConsumer(
         userId,
         projectId,
         deploymentId,
-        token: await createConsumerToken(),
+        token: await createConsumerApiKey(),
         _stripeCustomerId: stripeCustomer.id
       })
       .returning()

apps/api/src/lib/create-consumer-api-key.ts

@@ -0,0 +1,5 @@
+import { sha256 } from '@agentic/platform-core'
+
+export async function createConsumerApiKey(): Promise<string> {
+  return `sk-${sha256()}`
+}

apps/api/src/lib/create-consumer-token.ts

@@ -1,5 +0,0 @@
-import { sha256 } from '@agentic/platform-core'
-
-export async function createConsumerToken(): Promise<string> {
-  return sha256()
-}

apps/gateway/src/lib/get-admin-consumer.ts

@@ -1,17 +1,32 @@
-import { assert } from '@agentic/platform-core'
+import { assert, HttpError } from '@agentic/platform-core'
 
 import type { AdminConsumer, GatewayHonoContext } from './types'
 
 export async function getAdminConsumer(
   ctx: GatewayHonoContext,
-  token: string
+  apiKey: string
 ): Promise<AdminConsumer> {
   const client = ctx.get('client')
-  const consumer = await client.adminGetConsumerByToken({
+  let consumer: AdminConsumer | undefined
-    token,
-    populate: ['user']
-  })
-  assert(consumer, 404, `API token not found "${token}"`)
 
+  try {
+    consumer = await client.adminGetConsumerByApiKey({
+      apiKey,
+      populate: ['user']
+    })
+  } catch (err: any) {
+    if (err.response?.status === 404) {
+      // Hide the underlying error message from the client
+      throw new HttpError({
+        statusCode: 404,
+        message: `API key not found "${apiKey}"`,
+        cause: err
+      })
+    }
+
+    throw err
+  }
+
+  assert(consumer, 404, `API key not found "${apiKey}"`)
   return consumer
 }

apps/web/src/components/example-usage.tsx

@@ -35,11 +35,13 @@ export function ExampleUsage({
   projectIdentifier,
   project: initialProject,
   tool,
+  apiKey,
   initialCodeBlock
 }: {
   projectIdentifier: string
   project?: Project
   tool?: string
+  apiKey?: string
   initialCodeBlock?: JSX.Element
 }) {
   const ctx = useAgentic()
@@ -105,6 +107,7 @@ export function ExampleUsage({
       <ExampleUsageContent
         projectIdentifier={projectIdentifier}
         tool={tool}
+        apiKey={apiKey}
         initialCodeBlock={initialCodeBlock}
         isLoading={isLoading}
         isError={isError}
@@ -119,6 +122,7 @@ export function ExampleUsage({
 function ExampleUsageContent({
   projectIdentifier,
   tool,
+  apiKey,
   initialCodeBlock,
   isLoading,
   isError,
@@ -128,6 +132,7 @@ function ExampleUsageContent({
 }: {
   projectIdentifier: string
   tool?: string
+  apiKey?: string
   initialCodeBlock?: JSX.Element
   isLoading: boolean
   isError: boolean
@@ -156,7 +161,8 @@ function ExampleUsageContent({
     project,
     deployment,
     identifier: projectIdentifier,
-    tool
+    tool,
+    apiKey
   })
 
   return (

apps/web/src/components/public-project.tsx

@@ -10,12 +10,12 @@ export function PublicProject({ project }: { project: Project }) {
   return (
     <Link
       key={project.id}
-      className='p-2 border rounded-lg hover:border-gray-400
+      className='p-3 border rounded-lg hover:border-gray-400
-      divide-y divide-gray-200 overflow-hidden bg-white shadow-sm max-w-md flex flex-col gap-2
+      divide-y divide-gray-200 overflow-hidden bg-white shadow-sm max-w-md flex flex-col gap-3
       '
       href={`/marketplace/projects/${project.identifier}`}
     >
-      <div className='p-2 flex gap-2.5 items-center'>
+      <div className='pb-3 flex gap-2.5 items-center'>
         <img
           src={
             deployment.iconUrl ||
@@ -35,13 +35,15 @@ export function PublicProject({ project }: { project: Project }) {
         </div>
       </div>
 
-      <div className='flex-1 flex flex-col gap-2 justify-between'>
+      <div className='flex-1 flex flex-col gap-3 justify-between'>
         {deployment.description && (
-          <p className='text-sm text-gray-700'>{deployment.description}</p>
+          <p className='text-sm text-gray-700 line-clamp-4'>
+            {deployment.description}
+          </p>
         )}
 
         {project.lastPublishedDeployment && (
-          <div className='text-xs text-gray-500 flex items-center justify-between'>
+          <div className='text-xs text-gray-500 flex gap-3 items-center justify-between'>
             <div>{deployment.version}</div>
 
             <div>

apps/web/src/lib/developer-config.ts

@@ -97,6 +97,7 @@ export type GetCodeForDeveloperConfigOpts = {
   deployment: Deployment
   identifier: string
   tool?: string
+  apiKey?: string
 }
 
 type GetCodeForDeveloperConfigInnerOpts = Simplify<
@@ -169,7 +170,8 @@ export function getCodeForTSFrameworkConfig({
   config,
   identifier,
   prompt,
-  systemPrompt
+  systemPrompt,
+  apiKey
 }: GetCodeForDeveloperConfigInnerOpts): CodeSnippet {
   switch (config.tsFrameworkTarget) {
     case 'ai':
@@ -180,7 +182,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { openai } from '@ai-sdk/openai'
 import { generateText } from 'ai'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const result = await generateText({
   model: openai('gpt-4o-mini'),
@@ -201,7 +209,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import OpenAI from 'openai'
 
 const openai = new OpenAI()
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 // This example uses OpenAI's Chat Completions API
 const res = await openai.chat.completions.create({
@@ -232,7 +246,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import OpenAI from 'openai'
 
 const openai = new OpenAI()
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 // This example uses OpenAI's newer Responses API
 const res = await openai.responses.create({
@@ -265,7 +285,13 @@ import { ChatPromptTemplate } from '@langchain/core/prompts'
 import { ChatOpenAI } from '@langchain/openai'
 import { AgentExecutor, createToolCallingAgent } from 'langchain/agents'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const agent = createToolCallingAgent({
   llm: new ChatOpenAI({ model: 'gpt-4o-mini' }),
@@ -296,7 +322,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { openai } from '@llamaindex/openai'
 import { agent } from '@llamaindex/workflow'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const exampleAgent = agent({
   llm: openai({ model: 'gpt-4o-mini', temperature: 0 }),
@@ -320,7 +352,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { openai } from '@ai-sdk/openai'
 import { Agent } from '@mastra/core/agent'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const exampleAgent = new Agent({
   name: 'Example Agent',
@@ -345,7 +383,13 @@ import { AgenticToolClient } from '@agentic/platform-tool-client'
 import { genkit } from 'genkit'
 import { gpt4oMini, openAI } from 'genkitx-openai'
 
-const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
+const searchTool = await AgenticToolClient.fromIdentifier('${identifier}'${
+          apiKey
+            ? `, {
+  apiKey: '${apiKey}'
+}`
+            : ''
+        })
 
 const ai = genkit({
   plugins: [openAI()]
@@ -360,42 +404,18 @@ const result = await ai.generate({
 console.log(result)`.trim(),
         lang: 'ts'
       }
-
-    //     case 'xsai':
-    //       return {
-    //         code: `
-    // import { AgenticToolClient } from '@agentic/platform-tool-client'
-    // import { createXSAITools } from '@agentic/xsai'
-    // import { generateText } from 'xsai'
-
-    // const searchTool = await AgenticToolClient.fromIdentifier('${identifier}')
-
-    // const result = await generateText({
-    //   apiKey: process.env.OPENAI_API_KEY!,
-    //   baseURL: 'https://api.openai.com/v1/',
-    //   model: 'gpt-4o-mini',
-    //   tools: await createXSAITools(searchTool),
-    //   toolChoice: 'required',
-    //   messages: [
-    //     {
-    //       role: 'user',
-    //       content: '${prompt}'
-    //     }
-    //   ]
-    // })
-
-    // console.log(JSON.stringify(result, null, 2))`.trim(),
-    //         lang: 'ts'
-    //       }
   }
 }
 
 export function getCodeForPythonFrameworkConfig({
   config,
   identifier,
-  prompt
+  prompt,
+  apiKey
 }: GetCodeForDeveloperConfigInnerOpts): CodeSnippet {
-  const mcpUrl = `${gatewayBaseUrl}/${identifier}/mcp`
+  const mcpUrl = `${gatewayBaseUrl}/${identifier}/mcp${
+    apiKey ? `?apiKey=${apiKey}` : ''
+  }`
 
   switch (config.pyFrameworkTarget) {
     case 'openai':
@@ -479,7 +499,8 @@ export function getCodeForHTTPConfig({
   identifier,
   deployment,
   tool,
-  args
+  args,
+  apiKey
 }: GetCodeForDeveloperConfigInnerOpts): CodeSnippet {
   tool ??= deployment.tools[0]?.name
   assert(tool, 'tool is required')
@@ -493,7 +514,9 @@ export function getCodeForHTTPConfig({
 
       // TODO: better formatting for the curl command
       return {
-        code: `curl -X POST -H "Content-Type: application/json" -d '${formattedArgs}' ${url}`,
+        code: `curl -X POST -H "Content-Type: application/json"${
+          apiKey ? ` -H "Authorization: Bearer ${apiKey}"` : ''
+        } -d '${formattedArgs}' ${url}`,
         lang: 'bash'
       }
     }
@@ -504,7 +527,9 @@ export function getCodeForHTTPConfig({
         .join(' ')
 
       return {
-        code: `http ${url} ${formattedArgs}`,
+        code: `http ${url}${apiKey ? ` Authorization:"Bearer ${apiKey}"` : ''}${
+          formattedArgs ? ` ${formattedArgs}` : ''
+        }`,
         lang: 'bash'
       }
     }

legacy/packages/arxiv/src/arxiv-client.ts

@@ -122,10 +122,9 @@ export class ArXivClient extends AIFunctionsProvider {
     apiBaseUrl = arxiv.API_BASE_URL,
     ky = defaultKy
   }: {
-    apiKey?: string
     apiBaseUrl?: string
     ky?: KyInstance
-  }) {
+  } = {}) {
     super()
 
     this.apiBaseUrl = apiBaseUrl

legacy/packages/open-meteo/src/open-meteo-client.ts

@@ -55,7 +55,8 @@ export class OpenMeteoClient extends AIFunctionsProvider {
   }
 
   /**
-   * Gets the 7-day weather variables in hourly and daily resolution for given WGS84 latitude and longitude coordinates. Available worldwide.
+   * Gets the 7-day weather variables in hourly and daily resolution for given
+   * WGS84 latitude and longitude coordinates. Available worldwide.
    */
   @aiFunction({
     name: 'open_meteo_get_forecast',

legacy/packages/reddit/src/reddit-client.ts

@@ -347,7 +347,7 @@ export class RedditClient extends AIFunctionsProvider {
    * @see https://old.reddit.com/dev/api/#GET_hot
    */
   @aiFunction({
-    name: 'reddit_get_subreddit_posts',
+    name: 'get_subreddit_posts',
     description: 'Fetches posts from a subreddit.',
     inputSchema: z.object({
       subreddit: z.string().describe('The subreddit to fetch posts from.'),

legacy/packages/tavily/src/tavily-client.ts

@@ -146,7 +146,7 @@ export class TavilyClient extends AIFunctionsProvider {
    * Searches the web for pages relevant to the given query and summarizes the results.
    */
   @aiFunction({
-    name: 'tavily_web_search',
+    name: 'search',
     description:
       'Searches the web to find the most relevant pages for a given query and summarizes the results. Very useful for finding up-to-date news and information about any topic.',
     inputSchema: z.object({

packages/api-client/src/agentic-api-client.ts

@@ -695,13 +695,13 @@ export class AgenticApiClient {
       .json()
   }
 
-  /** Refreshes a consumer's API token. */
+  /** Refreshes a consumer's API key. */
-  async refreshConsumerToken({
+  async refreshConsumerApiKey({
     consumerId,
     ...searchParams
-  }: OperationParameters<'refreshConsumerToken'>): Promise<Consumer> {
+  }: OperationParameters<'refreshConsumerApiKey'>): Promise<Consumer> {
     return this.ky
-      .post(`v1/consumers/${consumerId}/refresh-token`, { searchParams })
+      .post(`v1/consumers/${consumerId}/refresh-api-key`, { searchParams })
       .json()
   }
 
@@ -849,22 +849,22 @@ export class AgenticApiClient {
   }
 
   /**
-   * Gets a consumer by API token. This method is admin-only.
+   * Gets a consumer by API key. This method is admin-only.
    *
    * @internal
    */
-  async adminGetConsumerByToken<
+  async adminGetConsumerByApiKey<
     TPopulate extends NonNullable<
-      OperationParameters<'adminGetConsumerByToken'>['populate']
+      OperationParameters<'adminGetConsumerByApiKey'>['populate']
     >[number]
   >({
-    token,
+    apiKey,
     ...searchParams
-  }: OperationParameters<'adminGetConsumerByToken'> & {
+  }: OperationParameters<'adminGetConsumerByApiKey'> & {
     populate?: TPopulate[]
   }): Promise<PopulateConsumer<TPopulate, AdminConsumer>> {
     return this.ky
-      .get(`v1/admin/consumers/tokens/${token}`, {
+      .get(`v1/admin/consumers/api-keys/${apiKey}`, {
         searchParams: sanitizeSearchParams(searchParams)
       })
       .json()
@@ -872,7 +872,7 @@ export class AgenticApiClient {
 
   /**
    * Activates a consumer signifying that at least one API call has been made
-   * using the consumer's API token. This method is idempotent and admin-only.
+   * using the consumer's API key. This method is idempotent and admin-only.
    *
    * @internal
    */

packages/types/src/openapi.d.ts

@@ -421,7 +421,7 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-    "/v1/consumers/{consumerId}/refresh-token": {
+    "/v1/consumers/{consumerId}/refresh-api-key": {
         parameters: {
             query?: never;
             header?: never;
@@ -430,8 +430,8 @@ export interface paths {
         };
         get?: never;
         put?: never;
-        /** @description Refreshes a consumer's API token. */
+        /** @description Refreshes a consumer's API key. */
-        post: operations["refreshConsumerToken"];
+        post: operations["refreshConsumerApiKey"];
         delete?: never;
         options?: never;
         head?: never;
@@ -525,15 +525,15 @@ export interface paths {
         patch?: never;
         trace?: never;
     };
-    "/v1/admin/consumers/tokens/{token}": {
+    "/v1/admin/consumers/api-keys/{apiKey}": {
         parameters: {
             query?: never;
             header?: never;
             path?: never;
             cookie?: never;
         };
-        /** @description Gets a consumer by API token. This route is admin-only. */
+        /** @description Gets a consumer by API key. This route is admin-only. */
-        get: operations["adminGetConsumerByToken"];
+        get: operations["adminGetConsumerByApiKey"];
         put?: never;
         post?: never;
         delete?: never;
@@ -2275,7 +2275,7 @@ export interface operations {
             410: components["responses"]["410"];
         };
     };
-    refreshConsumerToken: {
+    refreshConsumerApiKey: {
         parameters: {
             query?: never;
             header?: never;
@@ -2584,15 +2584,15 @@ export interface operations {
             404: components["responses"]["404"];
         };
     };
-    adminGetConsumerByToken: {
+    adminGetConsumerByApiKey: {
         parameters: {
             query?: {
                 populate?: ("user" | "project" | "deployment") | ("user" | "project" | "deployment")[];
             };
             header?: never;
             path: {
-                /** @description Consumer token */
+                /** @description Consumer API key */
-                token: string;
+                apiKey: string;
             };
             cookie?: never;
         };

todo.md

@@ -38,7 +38,8 @@
   - add disclaimer about public beta
   - add search / sorting
   - add admin-based tags for main page layout (featured, etc)
-- replace render for api and/or add turbo for caching
+- replace render for api and/or add turbo for caching (too slow to deploy)
+- public-project limit `description` to max 5 lines and show ellipsis
 
 ## TODO: Post-MVP
 
@@ -135,3 +136,5 @@
 - basic account page on website
   - edit name, profile photo, etc
 - **public project detail page metadata**
+- fix readme css <img height="..."> not taking effect because of tailwind css preflight which sets `img, video { height: auto }`
+  - we still want this for every other scenario; just want to sandbox the github-style readme markdown css...