allow recovering the HF user ID from a slug

.nvmrc

@@ -1 +1 @@
-v20.9.0
+v20.10.0

package-lock.json

@@ -75,6 +75,7 @@
         "typescript": "5.1.6",
         "usehooks-ts": "^2.9.1",
         "uuid": "^9.0.1",
+        "yaml": "^2.3.4",
         "zustand": "^4.4.7"
       },
       "devDependencies": {

package.json

@@ -76,6 +76,7 @@
     "typescript": "5.1.6",
     "usehooks-ts": "^2.9.1",
     "uuid": "^9.0.1",
+    "yaml": "^2.3.4",
     "zustand": "^4.4.7"
   },
   "devDependencies": {

src/app/server/actions/ai-tube-hf/getPrivateChannels.ts

@@ -10,20 +10,26 @@ export async function getPrivateChannels(options: {
   channelId?: string
   apiKey?: string
   owner?: string
+  // ownerId?: string
   renewCache?: boolean
 } = {}): Promise<ChannelInfo[]> {
   // console.log("getChannels")
   let credentials: Credentials = adminCredentials
-  let owner = options?.owner
+  let owner = options?.owner || ""
+  // let ownerId = options?.ownerId || ""
 
   if (options?.apiKey) {
     try {
       credentials = { accessToken: options.apiKey }
-      const { name: username } = await whoAmI({ credentials })
+      const { id: userId, name: username } = await whoAmI({ credentials })
+      if (!userId) {
+        throw new Error(`couldn't get the id`)
+      }
       if (!username) {
         throw new Error(`couldn't get the username`)
       }
-      // everything is in order,
+      // everything is in order
+      // ownerId = userId
       owner = username
     } catch (err) {
       console.error(err)
@@ -73,7 +79,14 @@ export async function getPrivateChannels(options: {
 
     const channel = await parseChannel({
       ...options,
-      id, name, likes, updatedAt
+
+      id,
+      name,
+      likes,
+      updatedAt,
+
+      // nope that doesn't work, it's the wrong owner
+      // ownerId,
     })
 
     channels.push(channel)

src/app/server/actions/ai-tube-hf/parseChannel.ts

@@ -14,20 +14,26 @@ export async function parseChannel(options: {
   updatedAt: Date
   apiKey?: string
   owner?: string
+  // ownerId?: string
   renewCache?: boolean
 }): Promise<ChannelInfo> {
   // console.log("getChannels")
   let credentials: Credentials = adminCredentials
-  let owner = options.owner
+  let owner = options.owner || ""
+  // let ownerId = options.ownerId || ""
 
   if (options.apiKey) {
     try {
       credentials = { accessToken: options.apiKey }
-      const { name: username } = await whoAmI({ credentials })
+      const { id: userId, name: username } = await whoAmI({ credentials })
+      if (!userId) {
+        throw new Error(`couldn't get the userId`)
+      }
       if (!username) {
         throw new Error(`couldn't get the username`)
       }
-      // everything is in order,
+      // everything is in order
+      // ownerId = userId
       owner = username
     } catch (err) {
       console.error(err)
@@ -115,6 +121,7 @@ export async function parseChannel(options: {
 
   const channel: ChannelInfo = {
     id: options.id,
+    // datasetUserId: ownerId,
     datasetUser,
     datasetName,
     slug,

src/app/server/actions/users.ts

@@ -23,18 +23,70 @@ export async function getCurrentUser(apiKey: string): Promise<UserInfo> {
     fullName: huggingFaceUser.fullname,
     thumbnail: huggingFaceUser.avatarUrl,
     channels: [],
-    hfApiToken: apiKey,
+    hfApiToken: apiKey, // <- on purpose, and safe (only this user sees their token)
   }
   
   await redis.set(`users:${id}`, user)
-  
+
+  // the user id is not available in the channel info, only user name (slug)
+  // so we use this projection to recover the ID from a slug
+  // alternatively we could also use a Redis index, to avoid doing two calls
+  // (for get id and get user)
+  await redis.set(`userSlugToId:${user.userName}`, user.id)
+
   return user
 }
 
-export async function getUser(id: string): Promise<UserInfo | undefined> {
-  const maybeUser = await redis.get<UserInfo>(id)
+/**
+ * Attention this returns the *full* user, including the API key
+ * 
+ * We use the API on behalf of the user, but it is confidential nevertheless,
+ * so we should not share it with 3rd parties unbeknownst to the user
+ * 
+ * @param hfUserId 
+ * @returns 
+ */
+export async function getUserFromId(hfUserId: string): Promise<UserInfo | undefined> {
+
+  const maybeUser = await redis.get<UserInfo>(`users:${hfUserId}`)
 
   if (maybeUser?.id) {
+    return maybeUser
+  }
+
+  return undefined
+}
+
+export async function getUserIdFromSlug(hfUserSlugName: string): Promise<string> {
+
+  // the user id is not available in the channel info, only user name (slug)
+  // so we use a projection to recover the ID from a slug
+  const maybeUserId = await redis.get<string>(`userSlugToId:${hfUserSlugName}`)
+  return maybeUserId || ""
+}
+
+/**
+ * This function doesn NOT return the user apiKey, for security reasons
+ * 
+ * We use the API on behalf of the user, but it is confidential nevertheless,
+ * so we should not share it with 3rd parties unbeknownst to the user
+ * 
+ * @param userIdOrSlugName 
+ * @returns 
+ */
+export async function getUser(userIdOrSlugName: string): Promise<UserInfo | undefined> {
+  // the user id is not available in the channel info, only user name (slug)
+  // so we use a projection to recover the ID from a slug
+  // alternatively, we could also use a Redis index, to avoid doing two calls
+  // (for get id and get user)
+  let maybeUserId = await getUserIdFromSlug(userIdOrSlugName)
+  
+  maybeUserId ||= userIdOrSlugName
+
+  const maybeUser = await getUserFromId(maybeUserId)
+
+  // sanitize the output a bit
+  if (maybeUser) {
     const publicFacingUser: UserInfo = {
       ...maybeUser,
       hfApiToken: undefined, // <-- important!

src/types/general.ts

@@ -191,6 +191,14 @@ export type ChannelInfo = {
    */
   slug: string
 
+  /**
+   * username id of the Hugging Face dataset
+   * 
+   * ex: f9a38286ec3436a45edd2cca
+   */
+  // DISABLED FOR NOW
+  // datasetUserId: string
+
   /**
    * username slug of the Hugging Face dataset
    *