Francy51/Neon-Desk
2
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
610fce8db3532cefc6b452346faf479a8a3776d1
Neon-Desk/lib/server/api/app.ts

959 lines
27 KiB
TypeScript
Raw Blame History

import { Elysia, t } from 'elysia';
import { getWorld } from 'workflow/runtime';
import type {
Filing,
FinancialHistoryWindow,
FinancialStatementKind,
FinancialStatementMode,
TaskStatus
} from '@/lib/types';
import { auth } from '@/lib/auth';
import { requireAuthenticatedSession } from '@/lib/server/auth-session';
import { asErrorMessage, jsonError } from '@/lib/server/http';
import { buildPortfolioSummary } from '@/lib/server/portfolio';
import {
defaultFinancialSyncLimit,
getCompanyFinancialStatements
} from '@/lib/server/financial-statements';
import { redactInternalFilingAnalysisFields } from '@/lib/server/api/filing-redaction';
import { getFilingByAccession, listFilingsRecords } from '@/lib/server/repos/filings';
import {
deleteHoldingByIdRecord,
listUserHoldings,
updateHoldingByIdRecord,
upsertHoldingRecord
} from '@/lib/server/repos/holdings';
import { getLatestPortfolioInsight } from '@/lib/server/repos/insights';
import {
deleteWatchlistItemRecord,
getWatchlistItemByTicker,
listWatchlistItems,
upsertWatchlistItemRecord
} from '@/lib/server/repos/watchlist';
import { getPriceHistory, getQuote } from '@/lib/server/prices';
import {
enqueueTask,
findInFlightTask,
getTaskById,
getTaskTimeline,
getTaskQueueSnapshot,
listRecentTasks,
updateTaskNotification
} from '@/lib/server/tasks';
const ALLOWED_STATUSES: TaskStatus[] = ['queued', 'running', 'completed', 'failed'];
const FINANCIAL_FORMS: ReadonlySet<Filing['filing_type']> = new Set(['10-K', '10-Q']);
const AUTO_FILING_SYNC_LIMIT = 20;
const FINANCIALS_V2_ENABLED = process.env.FINANCIALS_V2?.trim().toLowerCase() !== 'false';
const FINANCIAL_STATEMENT_MODES: FinancialStatementMode[] = ['standardized', 'filing_faithful'];
const FINANCIAL_STATEMENT_KINDS: FinancialStatementKind[] = [
'income',
'balance',
'cash_flow',
'equity',
'comprehensive_income'
];
const FINANCIAL_HISTORY_WINDOWS: FinancialHistoryWindow[] = ['10y', 'all'];
function asRecord(value: unknown): Record<string, unknown> {
if (!value || typeof value !== 'object' || Array.isArray(value)) {
return {};
}
return value as Record<string, unknown>;
}
function asPositiveNumber(value: unknown) {
const parsed = typeof value === 'number' ? value : Number(value);
return Number.isFinite(parsed) && parsed > 0 ? parsed : null;
}
function asBoolean(value: unknown, fallback = false) {
if (typeof value === 'boolean') {
return value;
}
if (typeof value === 'string') {
const normalized = value.trim().toLowerCase();
if (normalized === 'true' || normalized === '1' || normalized === 'yes') {
return true;
}
if (normalized === 'false' || normalized === '0' || normalized === 'no') {
return false;
}
}
return fallback;
}
function asOptionalString(value: unknown) {
if (typeof value !== 'string') {
return null;
}
const normalized = value.trim();
return normalized.length > 0 ? normalized : null;
}
function asTags(value: unknown) {
const source = Array.isArray(value)
? value
: typeof value === 'string'
? value.split(',')
: [];
const unique = new Set<string>();
for (const entry of source) {
if (typeof entry !== 'string') {
continue;
}
const tag = entry.trim();
if (!tag) {
continue;
}
unique.add(tag);
}
return [...unique];
}
function asStatementMode(value: unknown): FinancialStatementMode {
return FINANCIAL_STATEMENT_MODES.includes(value as FinancialStatementMode)
? value as FinancialStatementMode
: 'standardized';
}
function asStatementKind(value: unknown): FinancialStatementKind {
return FINANCIAL_STATEMENT_KINDS.includes(value as FinancialStatementKind)
? value as FinancialStatementKind
: 'income';
}
function asHistoryWindow(value: unknown): FinancialHistoryWindow {
return FINANCIAL_HISTORY_WINDOWS.includes(value as FinancialHistoryWindow)
? value as FinancialHistoryWindow
: '10y';
}
function withFinancialMetricsPolicy(filing: Filing): Filing {
if (FINANCIAL_FORMS.has(filing.filing_type)) {
return filing;
}
return {
...filing,
metrics: null
};
}
function buildSyncFilingsPayload(input: {
ticker: string;
limit: number;
category?: unknown;
tags?: unknown;
}) {
const category = asOptionalString(input.category);
const tags = asTags(input.tags);
return {
ticker: input.ticker,
limit: input.limit,
...(category ? { category } : {}),
...(tags.length > 0 ? { tags } : {})
};
}
async function queueAutoFilingSync(
userId: string,
ticker: string,
metadata?: { category?: unknown; tags?: unknown }
) {
try {
await enqueueTask({
userId,
taskType: 'sync_filings',
payload: buildSyncFilingsPayload({
ticker,
limit: AUTO_FILING_SYNC_LIMIT,
category: metadata?.category,
tags: metadata?.tags
}),
priority: 90,
resourceKey: `sync_filings:${ticker}`
});
return true;
} catch (error) {
console.error(`[auto-filing-sync] failed for ${ticker}:`, error);
return false;
}
}
const authHandler = ({ request }: { request: Request }) => auth.handler(request);
async function checkWorkflowBackend() {
try {
const world = getWorld();
await world.runs.list({
pagination: { limit: 1 },
resolveData: 'none'
});
return { ok: true } as const;
} catch (error) {
return {
ok: false,
reason: asErrorMessage(error, 'Workflow backend unavailable')
} as const;
}
}
export const app = new Elysia({ prefix: '/api' })
.all('/auth', authHandler)
.all('/auth/*', authHandler)
.get('/health', async () => {
try {
const [queue, workflowBackend] = await Promise.all([
getTaskQueueSnapshot(),
checkWorkflowBackend()
]);
if (!workflowBackend.ok) {
return Response.json({
status: 'degraded',
version: '4.0.0',
timestamp: new Date().toISOString(),
queue,
workflow: {
ok: false,
reason: workflowBackend.reason
}
}, { status: 503 });
}
return Response.json({
status: 'ok',
version: '4.0.0',
timestamp: new Date().toISOString(),
queue,
workflow: {
ok: true
}
});
} catch (error) {
return Response.json({
status: 'degraded',
version: '4.0.0',
timestamp: new Date().toISOString(),
error: asErrorMessage(error, 'Health check failed')
}, { status: 503 });
}
})
.get('/me', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
return Response.json({
user: {
id: session.user.id,
email: session.user.email,
name: session.user.name,
image: session.user.image
}
});
})
.get('/watchlist', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const items = await listWatchlistItems(session.user.id);
return Response.json({ items });
})
.post('/watchlist', async ({ body }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const payload = asRecord(body);
const ticker = typeof payload.ticker === 'string' ? payload.ticker.trim().toUpperCase() : '';
const companyName = typeof payload.companyName === 'string' ? payload.companyName.trim() : '';
const sector = asOptionalString(payload.sector) ?? '';
const category = asOptionalString(payload.category) ?? '';
const tags = asTags(payload.tags);
if (!ticker) {
return jsonError('ticker is required');
}
if (!companyName) {
return jsonError('companyName is required');
}
try {
const { item, created } = await upsertWatchlistItemRecord({
userId: session.user.id,
ticker,
companyName,
sector,
category,
tags
});
const autoFilingSyncQueued = created
? await queueAutoFilingSync(session.user.id, ticker, {
category: item.category,
tags: item.tags
})
: false;
return Response.json({ item, autoFilingSyncQueued });
} catch (error) {
return jsonError(asErrorMessage(error, 'Failed to create watchlist item'));
}
}, {
body: t.Object({
ticker: t.String({ minLength: 1 }),
companyName: t.String({ minLength: 1 }),
sector: t.Optional(t.String()),
category: t.Optional(t.String()),
tags: t.Optional(t.Union([t.Array(t.String()), t.String()]))
})
})
.delete('/watchlist/:id', async ({ params }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const numericId = Number(params.id);
if (!Number.isInteger(numericId) || numericId <= 0) {
return jsonError('Invalid watchlist id', 400);
}
const removed = await deleteWatchlistItemRecord(session.user.id, numericId);
if (!removed) {
return jsonError('Watchlist item not found', 404);
}
return Response.json({ success: true });
}, {
params: t.Object({
id: t.String({ minLength: 1 })
})
})
.get('/portfolio/holdings', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const holdings = await listUserHoldings(session.user.id);
return Response.json({ holdings });
})
.post('/portfolio/holdings', async ({ body }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const payload = asRecord(body);
const ticker = typeof payload.ticker === 'string' ? payload.ticker.trim().toUpperCase() : '';
const shares = asPositiveNumber(payload.shares);
const avgCost = asPositiveNumber(payload.avgCost);
if (!ticker) {
return jsonError('ticker is required');
}
if (shares === null) {
return jsonError('shares must be a positive number');
}
if (avgCost === null) {
return jsonError('avgCost must be a positive number');
}
try {
const currentPrice = asPositiveNumber(payload.currentPrice) ?? avgCost;
const { holding, created } = await upsertHoldingRecord({
userId: session.user.id,
ticker,
shares,
avgCost,
currentPrice
});
const autoFilingSyncQueued = created
? await queueAutoFilingSync(session.user.id, ticker)
: false;
return Response.json({ holding, autoFilingSyncQueued });
} catch (error) {
return jsonError(asErrorMessage(error, 'Failed to save holding'));
}
}, {
body: t.Object({
ticker: t.String({ minLength: 1 }),
shares: t.Number({ exclusiveMinimum: 0 }),
avgCost: t.Number({ exclusiveMinimum: 0 }),
currentPrice: t.Optional(t.Number({ exclusiveMinimum: 0 }))
})
})
.patch('/portfolio/holdings/:id', async ({ params, body }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const numericId = Number(params.id);
if (!Number.isInteger(numericId) || numericId <= 0) {
return jsonError('Invalid holding id');
}
const payload = asRecord(body);
const updated = await updateHoldingByIdRecord({
userId: session.user.id,
id: numericId,
shares: asPositiveNumber(payload.shares) ?? undefined,
avgCost: asPositiveNumber(payload.avgCost) ?? undefined,
currentPrice: asPositiveNumber(payload.currentPrice) ?? undefined
});
if (!updated) {
return jsonError('Holding not found', 404);
}
return Response.json({ holding: updated });
}, {
params: t.Object({
id: t.String({ minLength: 1 })
}),
body: t.Object({
shares: t.Optional(t.Number({ exclusiveMinimum: 0 })),
avgCost: t.Optional(t.Number({ exclusiveMinimum: 0 })),
currentPrice: t.Optional(t.Number({ exclusiveMinimum: 0 }))
})
})
.delete('/portfolio/holdings/:id', async ({ params }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const numericId = Number(params.id);
if (!Number.isInteger(numericId) || numericId <= 0) {
return jsonError('Invalid holding id');
}
const removed = await deleteHoldingByIdRecord(session.user.id, numericId);
if (!removed) {
return jsonError('Holding not found', 404);
}
return Response.json({ success: true });
}, {
params: t.Object({
id: t.String({ minLength: 1 })
})
})
.get('/portfolio/summary', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const holdings = await listUserHoldings(session.user.id);
const summary = buildPortfolioSummary(holdings);
return Response.json({ summary });
})
.post('/portfolio/refresh-prices', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const task = await enqueueTask({
userId: session.user.id,
taskType: 'refresh_prices',
payload: {},
priority: 80,
resourceKey: 'refresh_prices:portfolio'
});
return Response.json({ task });
} catch (error) {
return jsonError(asErrorMessage(error, 'Failed to queue refresh task'));
}
})
.post('/portfolio/insights/generate', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
try {
const task = await enqueueTask({
userId: session.user.id,
taskType: 'portfolio_insights',
payload: {},
priority: 70,
resourceKey: 'portfolio_insights:portfolio'
});
return Response.json({ task });
} catch (error) {
return jsonError(asErrorMessage(error, 'Failed to queue insights task'));
}
})
.get('/portfolio/insights/latest', async () => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const insight = await getLatestPortfolioInsight(session.user.id);
return Response.json({ insight });
})
.get('/analysis/company', async ({ query }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const ticker = typeof query.ticker === 'string' ? query.ticker.trim().toUpperCase() : '';
if (!ticker) {
return jsonError('ticker is required');
}
const [filings, holdings, watchlist, liveQuote, priceHistory] = await Promise.all([
listFilingsRecords({ ticker, limit: 40 }),
listUserHoldings(session.user.id),
listWatchlistItems(session.user.id),
getQuote(ticker),
getPriceHistory(ticker)
]);
const redactedFilings = filings
.map(redactInternalFilingAnalysisFields)
.map(withFinancialMetricsPolicy);
const latestFiling = redactedFilings[0] ?? null;
const holding = holdings.find((entry) => entry.ticker === ticker) ?? null;
const watchlistItem = watchlist.find((entry) => entry.ticker === ticker) ?? null;
const companyName = latestFiling?.company_name
?? watchlistItem?.company_name
?? ticker;
const financials = redactedFilings
.filter((entry) => entry.metrics && FINANCIAL_FORMS.has(entry.filing_type))
.map((entry) => ({
filingDate: entry.filing_date,
filingType: entry.filing_type,
revenue: entry.metrics?.revenue ?? null,
netIncome: entry.metrics?.netIncome ?? null,
totalAssets: entry.metrics?.totalAssets ?? null,
cash: entry.metrics?.cash ?? null,
debt: entry.metrics?.debt ?? null
}));
const aiReports = redactedFilings
.filter((entry) => entry.analysis?.text || entry.analysis?.legacyInsights)
.slice(0, 8)
.map((entry) => ({
accessionNumber: entry.accession_number,
filingDate: entry.filing_date,
filingType: entry.filing_type,
provider: entry.analysis?.provider ?? 'unknown',
model: entry.analysis?.model ?? 'unknown',
summary: entry.analysis?.text ?? entry.analysis?.legacyInsights ?? ''
}));
return Response.json({
analysis: {
company: {
ticker,
companyName,
sector: watchlistItem?.sector ?? null,
category: watchlistItem?.category ?? null,
tags: watchlistItem?.tags ?? [],
cik: latestFiling?.cik ?? null
},
quote: liveQuote,
position: holding,
priceHistory,
financials,
filings: redactedFilings.slice(0, 20),
aiReports
}
});
}, {
query: t.Object({
ticker: t.String({ minLength: 1 })
})
})
.get('/financials/company', async ({ query }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
if (!FINANCIALS_V2_ENABLED) {
return jsonError('Financial statements v2 is disabled', 404);
}
const ticker = typeof query.ticker === 'string'
? query.ticker.trim().toUpperCase()
: '';
if (!ticker) {
return jsonError('ticker is required');
}
const mode = asStatementMode(query.mode);
const statement = asStatementKind(query.statement);
const window = asHistoryWindow(query.window);
const includeDimensions = asBoolean(query.includeDimensions, false);
const cursor = typeof query.cursor === 'string' && query.cursor.trim().length > 0
? query.cursor.trim()
: null;
const limit = Number.isFinite(Number(query.limit))
? Number(query.limit)
: undefined;
let payload = await getCompanyFinancialStatements({
ticker,
mode,
statement,
window,
includeDimensions,
cursor,
limit,
v2Enabled: FINANCIALS_V2_ENABLED,
queuedSync: false
});
let queuedSync = false;
const shouldQueueSync = cursor === null && (
payload.dataSourceStatus.pendingFilings > 0
|| payload.coverage.filings === 0
|| (window === 'all' && payload.nextCursor !== null)
);
if (shouldQueueSync) {
try {
const watchlistItem = await getWatchlistItemByTicker(session.user.id, ticker);
await enqueueTask({
userId: session.user.id,
taskType: 'sync_filings',
payload: buildSyncFilingsPayload({
ticker,
limit: defaultFinancialSyncLimit(window),
category: watchlistItem?.category,
tags: watchlistItem?.tags
}),
priority: 88,
resourceKey: `sync_filings:${ticker}`
});
queuedSync = true;
} catch (error) {
console.error(`[financials-v2-sync] failed for ${ticker}:`, error);
}
}
if (queuedSync) {
payload = {
...payload,
dataSourceStatus: {
...payload.dataSourceStatus,
queuedSync: true
}
};
}
return Response.json({ financials: payload });
}, {
query: t.Object({
ticker: t.String({ minLength: 1 }),
mode: t.Optional(t.Union([t.Literal('standardized'), t.Literal('filing_faithful')])),
statement: t.Optional(t.Union([
t.Literal('income'),
t.Literal('balance'),
t.Literal('cash_flow'),
t.Literal('equity'),
t.Literal('comprehensive_income')
])),
window: t.Optional(t.Union([t.Literal('10y'), t.Literal('all')])),
includeDimensions: t.Optional(t.Union([t.String(), t.Boolean()])),
cursor: t.Optional(t.String()),
limit: t.Optional(t.Numeric())
})
})
.get('/analysis/reports/:accessionNumber', async ({ params }) => {
const { response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const accessionNumber = params.accessionNumber?.trim() ?? '';
if (accessionNumber.length < 4) {
return jsonError('Invalid accession number');
}
const filing = await getFilingByAccession(accessionNumber);
if (!filing) {
return jsonError('AI summary not found', 404);
}
const summary = filing.analysis?.text ?? filing.analysis?.legacyInsights ?? '';
if (!summary) {
return jsonError('AI summary not found', 404);
}
return Response.json({
report: {
accessionNumber: filing.accession_number,
ticker: filing.ticker,
companyName: filing.company_name,
filingDate: filing.filing_date,
filingType: filing.filing_type,
provider: filing.analysis?.provider ?? 'unknown',
model: filing.analysis?.model ?? 'unknown',
summary,
filingUrl: filing.filing_url,
submissionUrl: filing.submission_url ?? null,
primaryDocument: filing.primary_document ?? null
}
});
}, {
params: t.Object({
accessionNumber: t.String({ minLength: 4 })
})
})
.get('/filings', async ({ query }) => {
const { response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const tickerFilter = typeof query.ticker === 'string'
? query.ticker.trim().toUpperCase()
: undefined;
const limit = typeof query.limit === 'number'
? query.limit
: Number(query.limit);
const filings = await listFilingsRecords({
ticker: tickerFilter,
limit: Number.isFinite(limit) ? limit : 50
});
return Response.json({ filings: filings.map(redactInternalFilingAnalysisFields).map(withFinancialMetricsPolicy) });
}, {
query: t.Object({
ticker: t.Optional(t.String()),
limit: t.Optional(t.Numeric())
})
})
.post('/filings/sync', async ({ body }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const payload = asRecord(body);
const ticker = typeof payload.ticker === 'string' ? payload.ticker.trim().toUpperCase() : '';
const category = asOptionalString(payload.category);
const tags = asTags(payload.tags);
if (!ticker) {
return jsonError('ticker is required');
}
try {
const limit = typeof payload.limit === 'number' ? payload.limit : Number(payload.limit);
const task = await enqueueTask({
userId: session.user.id,
taskType: 'sync_filings',
payload: buildSyncFilingsPayload({
ticker,
limit: Number.isFinite(limit) ? limit : 20,
category,
tags
}),
priority: 90,
resourceKey: `sync_filings:${ticker}`
});
return Response.json({ task });
} catch (error) {
return jsonError(asErrorMessage(error, 'Failed to queue filings sync task'));
}
}, {
body: t.Object({
ticker: t.String({ minLength: 1 }),
limit: t.Optional(t.Numeric()),
category: t.Optional(t.String()),
tags: t.Optional(t.Union([t.Array(t.String()), t.String()]))
})
})
.post('/filings/:accessionNumber/analyze', async ({ params }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const accessionNumber = params.accessionNumber?.trim() ?? '';
if (accessionNumber.length < 4) {
return jsonError('Invalid accession number');
}
try {
const resourceKey = `analyze_filing:${accessionNumber}`;
const existing = await findInFlightTask(
session.user.id,
'analyze_filing',
resourceKey
);
if (existing) {
return Response.json({ task: existing });
}
const task = await enqueueTask({
userId: session.user.id,
taskType: 'analyze_filing',
payload: { accessionNumber },
priority: 65,
resourceKey
});
return Response.json({ task });
} catch (error) {
return jsonError(asErrorMessage(error, 'Failed to queue filing analysis task'));
}
}, {
params: t.Object({
accessionNumber: t.String({ minLength: 4 })
})
})
.get('/tasks', async ({ query }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const limit = typeof query.limit === 'number'
? query.limit
: Number(query.limit ?? 20);
const statusInput = query.status;
const rawStatuses = Array.isArray(statusInput)
? statusInput
: statusInput
? [statusInput]
: [];
const statuses = rawStatuses.filter((status): status is TaskStatus => {
return ALLOWED_STATUSES.includes(status as TaskStatus);
});
const tasks = await listRecentTasks(
session.user.id,
Number.isFinite(limit) ? limit : 20,
statuses.length > 0 ? statuses : undefined
);
return Response.json({ tasks });
}, {
query: t.Object({
limit: t.Optional(t.Numeric()),
status: t.Optional(t.Union([t.String(), t.Array(t.String())]))
})
})
.get('/tasks/:taskId', async ({ params }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const task = await getTaskById(params.taskId, session.user.id);
if (!task) {
return jsonError('Task not found', 404);
}
return Response.json({ task });
}, {
params: t.Object({
taskId: t.String({ minLength: 1 })
})
})
.get('/tasks/:taskId/timeline', async ({ params }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const timeline = await getTaskTimeline(params.taskId, session.user.id);
if (!timeline) {
return jsonError('Task not found', 404);
}
return Response.json(timeline);
}, {
params: t.Object({
taskId: t.String({ minLength: 1 })
})
})
.patch('/tasks/:taskId/notification', async ({ params, body }) => {
const { session, response } = await requireAuthenticatedSession();
if (response) {
return response;
}
const payload = asRecord(body);
const read = typeof payload.read === 'boolean' ? payload.read : undefined;
const silenced = typeof payload.silenced === 'boolean' ? payload.silenced : undefined;
if (read === undefined && silenced === undefined) {
return jsonError('read or silenced must be provided');
}
const task = await updateTaskNotification(session.user.id, params.taskId, {
read,
silenced
});
if (!task) {
return jsonError('Task not found', 404);
}
return Response.json({ task });
}, {
params: t.Object({
taskId: t.String({ minLength: 1 })
}),
body: t.Object({
read: t.Optional(t.Boolean()),
silenced: t.Optional(t.Boolean())
})
});
export type App = typeof app;
Reference in New Issue View Git Blame Copy Permalink