feat: Step 6 - Write-through cache API

Implement the core write-through cache pattern for node creation. This is the architectural foundation of the application. Changes: - Add @google/generative-ai dependency for embeddings - Create lib/db.ts: SurrealDB connection helper with JWT auth - Create lib/ai.ts: AI embedding generation using text-embedding-004 - Create app/api/nodes/route.ts: POST endpoint implementing write-through cache Write-through cache flow: 1. Authenticate user via SurrealDB JWT 2. Publish node to ATproto PDS (source of truth) 3. Generate 768-dimensional embedding via Google AI 4. Cache node + embedding + links in SurrealDB Updated schema to use 768-dimensional embeddings (text-embedding-004) instead of 1536 dimensions. Security: - Row-level permissions enforced via SurrealDB JWT - All secrets server-side only - ATproto OAuth tokens from secure cookies 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-09 00:12:46 +00:00
parent b2c34852d0
commit a1a73d8453
8 changed files with 278 additions and 3 deletions
--- a/lib/db.ts
+++ b/lib/db.ts
@@ -0,0 +1,38 @@
+import Surreal from 'surrealdb';
+
+const db = new Surreal();
+
+/**
+ * Connects to the SurrealDB instance and authenticates with the user's JWT.
+ * This enforces row-level security defined in the schema.
+ *
+ * @param token - The user's app-specific (SurrealDB) JWT
+ * @returns The authenticated SurrealDB instance
+ */
+export async function connectToDB(token: string): Promise<Surreal> {
+  const SURREALDB_URL = process.env.SURREALDB_URL;
+  const SURREALDB_NAMESPACE = process.env.SURREALDB_NS;
+  const SURREALDB_DATABASE = process.env.SURREALDB_DB;
+
+  if (!SURREALDB_URL || !SURREALDB_NAMESPACE || !SURREALDB_DATABASE) {
+    throw new Error('SurrealDB configuration is missing');
+  }
+
+  // Connect if not already connected
+  if (!db.status) {
+    await db.connect(SURREALDB_URL);
+  }
+
+  // Authenticate as the user for this request.
+  // This enforces the row-level security (PERMISSIONS)
+  // defined in the schema for all subsequent queries.
+  await db.authenticate(token);
+
+  // Use the correct namespace and database
+  await db.use({
+    namespace: SURREALDB_NAMESPACE,
+    database: SURREALDB_DATABASE,
+  });
+
+  return db;
+}