fix(copilot): fix origin (#1015)

Sg312 · web-flow · commit 091343a13238 · 2025-08-18T13:57:31.000-07:00
* Fix v1

* Use env var

* Lint
diff --git a/README.md b/README.md
@@ -158,6 +158,13 @@ cd apps/sim
 bun run dev:sockets
 ```
 
+## Copilot API Keys
+
+Copilot is a Sim-managed service. To use Copilot on a self-hosted instance:
+
+- Go to https://sim.ai → Settings → Copilot and generate a Copilot API key
+- Set `COPILOT_API_KEY` in your self-hosted environment to that value
+
 ## Tech Stack
 
 - **Framework**: [Next.js](https://nextjs.org/) (App Router)
diff --git a/apps/docs/content/docs/copilot/index.mdx b/apps/docs/content/docs/copilot/index.mdx
@@ -0,0 +1,94 @@
+---
+title: Copilot
+description: Build and edit workflows with Sim Copilot
+---
+
+import { Callout } from 'fumadocs-ui/components/callout'
+import { Card, Cards } from 'fumadocs-ui/components/card'
+import { MessageCircle, Package, Zap, Infinity as InfinityIcon, Brain, BrainCircuit } from 'lucide-react'
+
+## What is Copilot
+
+Copilot is your in-editor assistant that helps you build, understand, and improve workflows. It can:
+
+- **Explain**: Answer questions about Sim and your current workflow
+- **Guide**: Suggest edits and best practices
+- **Edit**: Make changes to blocks, connections, and settings when you approve
+
+<Callout type="info">
+  Copilot is a Sim-managed service. For self-hosted deployments, generate a Copilot API key in the hosted app (sim.ai → Settings → Copilot) and set `COPILOT_API_KEY` in your environment.
+</Callout>
+
+## Modes
+
+<Cards>
+  <Card title="Ask">
+    <div className="flex items-start gap-3">
+      <span className="mt-0.5 inline-flex h-8 w-8 items-center justify-center rounded-md border border-border/50 bg-muted/60">
+        <MessageCircle className="h-4 w-4 text-muted-foreground" />
+      </span>
+      <div>
+        <p className="m-0 text-sm">
+          Q&A mode for explanations, guidance, and suggestions without making changes to your workflow.
+        </p>
+      </div>
+    </div>
+  </Card>
+  <Card title="Agent">
+    <div className="flex items-start gap-3">
+      <span className="mt-0.5 inline-flex h-8 w-8 items-center justify-center rounded-md border border-border/50 bg-muted/60">
+        <Package className="h-4 w-4 text-muted-foreground" />
+      </span>
+      <div>
+        <p className="m-0 text-sm">
+          Build-and-edit mode. Copilot proposes specific edits (add blocks, wire variables, tweak settings) and applies them when you approve.
+        </p>
+      </div>
+    </div>
+  </Card>
+</Cards>
+
+## Depth Levels
+
+<Cards>
+  <Card title="Fast">
+    <div className="flex items-start gap-3">
+      <span className="mt-0.5 inline-flex h-8 w-8 items-center justify-center rounded-md border border-border/50 bg-muted/60">
+        <Zap className="h-4 w-4 text-muted-foreground" />
+      </span>
+      <div>
+        <p className="m-0 text-sm">Quickest and cheapest. Best for small edits, simple workflows, and minor tweaks.</p>
+      </div>
+    </div>
+  </Card>
+  <Card title="Auto">
+    <div className="flex items-start gap-3">
+      <span className="mt-0.5 inline-flex h-8 w-8 items-center justify-center rounded-md border border-border/50 bg-muted/60">
+        <InfinityIcon className="h-4 w-4 text-muted-foreground" />
+      </span>
+      <div>
+        <p className="m-0 text-sm">Balanced speed and reasoning. Recommended default for most tasks.</p>
+      </div>
+    </div>
+  </Card>
+  <Card title="Pro">
+    <div className="flex items-start gap-3">
+      <span className="mt-0.5 inline-flex h-8 w-8 items-center justify-center rounded-md border border-border/50 bg-muted/60">
+        <Brain className="h-4 w-4 text-muted-foreground" />
+      </span>
+      <div>
+        <p className="m-0 text-sm">More reasoning for larger workflows and complex edits while staying performant.</p>
+      </div>
+    </div>
+  </Card>
+  <Card title="Max">
+    <div className="flex items-start gap-3">
+      <span className="mt-0.5 inline-flex h-8 w-8 items-center justify-center rounded-md border border-border/50 bg-muted/60">
+        <BrainCircuit className="h-4 w-4 text-muted-foreground" />
+      </span>
+      <div>
+        <p className="m-0 text-sm">Maximum reasoning for deep planning, debugging, and complex architectural changes.</p>
+      </div>
+    </div>
+  </Card>
+</Cards> 
diff --git a/apps/docs/content/docs/copilot/meta.json b/apps/docs/content/docs/copilot/meta.json
@@ -0,0 +1,4 @@
+{
+  "title": "Copilot",
+  "pages": ["index"]
+}
diff --git a/apps/docs/content/docs/meta.json b/apps/docs/content/docs/meta.json
@@ -12,6 +12,8 @@
     "connections",
     "---Execution---",
     "execution",
+    "---Copilot---",
+    "copilot",
     "---Advanced---",
     "./variables/index",
     "yaml",
diff --git a/apps/sim/app/api/copilot/chat/route.test.ts b/apps/sim/app/api/copilot/chat/route.test.ts
@@ -105,6 +105,7 @@ describe('Copilot Chat API Route', () => {
       env: {
         SIM_AGENT_API_URL: 'http://localhost:8000',
         COPILOT_API_KEY: 'test-sim-agent-key',
+        BETTER_AUTH_URL: 'http://localhost:3000',
       },
     }))
 
@@ -225,6 +226,7 @@ describe('Copilot Chat API Route', () => {
             mode: 'agent',
             provider: 'openai',
             depth: 0,
+            origin: 'http://localhost:3000',
           }),
         })
       )
@@ -288,6 +290,7 @@ describe('Copilot Chat API Route', () => {
             mode: 'agent',
             provider: 'openai',
             depth: 0,
+            origin: 'http://localhost:3000',
           }),
         })
       )
@@ -343,6 +346,7 @@ describe('Copilot Chat API Route', () => {
             mode: 'agent',
             provider: 'openai',
             depth: 0,
+            origin: 'http://localhost:3000',
           }),
         })
       )
@@ -438,6 +442,7 @@ describe('Copilot Chat API Route', () => {
             mode: 'ask',
             provider: 'openai',
             depth: 0,
+            origin: 'http://localhost:3000',
           }),
         })
       )
diff --git a/apps/sim/app/api/copilot/chat/route.ts b/apps/sim/app/api/copilot/chat/route.ts
@@ -28,6 +28,15 @@ const logger = createLogger('CopilotChatAPI')
 // Sim Agent API configuration
 const SIM_AGENT_API_URL = env.SIM_AGENT_API_URL || SIM_AGENT_API_URL_DEFAULT
 
+function getRequestOrigin(_req: NextRequest): string {
+  try {
+    // Strictly use configured Better Auth URL
+    return env.BETTER_AUTH_URL || ''
+  } catch (_) {
+    return ''
+  }
+}
+
 function deriveKey(keyString: string): Buffer {
   return createHash('sha256').update(keyString, 'utf8').digest()
 }
@@ -197,6 +206,14 @@ export async function POST(req: NextRequest) {
       conversationId,
     } = ChatMessageSchema.parse(body)
 
+    // Derive request origin for downstream service
+    const requestOrigin = getRequestOrigin(req)
+
+    if (!requestOrigin) {
+      logger.error(`[${tracker.requestId}] Missing required configuration: BETTER_AUTH_URL`)
+      return createInternalServerErrorResponse('Missing required configuration: BETTER_AUTH_URL')
+    }
+
     logger.info(`[${tracker.requestId}] Processing copilot chat request`, {
       userId: authenticatedUserId,
       workflowId,
@@ -209,6 +226,7 @@ export async function POST(req: NextRequest) {
       provider: provider || 'openai',
       hasConversationId: !!conversationId,
       depth,
+      origin: requestOrigin,
     })
 
     // Handle chat context
@@ -386,6 +404,7 @@ export async function POST(req: NextRequest) {
       ...(effectiveConversationId ? { conversationId: effectiveConversationId } : {}),
       ...(typeof depth === 'number' ? { depth } : {}),
       ...(session?.user?.name && { userName: session.user.name }),
+      ...(requestOrigin ? { origin: requestOrigin } : {}),
     }
 
     // Log the payload being sent to the streaming endpoint
@@ -399,6 +418,7 @@ export async function POST(req: NextRequest) {
         hasConversationId: !!effectiveConversationId,
         depth: typeof depth === 'number' ? depth : undefined,
         messagesCount: requestPayload.messages.length,
+        ...(requestOrigin ? { origin: requestOrigin } : {}),
       })
       // Full payload as JSON string
       logger.info(
diff --git a/apps/sim/app/api/copilot/methods/route.ts b/apps/sim/app/api/copilot/methods/route.ts
@@ -2,7 +2,7 @@ import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { copilotToolRegistry } from '@/lib/copilot/tools/server-tools/registry'
 import type { NotificationStatus } from '@/lib/copilot/types'
-import { checkInternalApiKey } from '@/lib/copilot/utils'
+import { checkCopilotApiKey, checkInternalApiKey } from '@/lib/copilot/utils'
 import { createLogger } from '@/lib/logs/console/logger'
 import { getRedisClient } from '@/lib/redis'
 import { createErrorResponse } from '@/app/api/copilot/methods/utils'
@@ -233,7 +233,7 @@ export async function POST(req: NextRequest) {
 
   try {
     // Check authentication (internal API key)
-    const authResult = checkInternalApiKey(req)
+    const authResult = checkInternalApiKey(req) || checkCopilotApiKey(req)
     if (!authResult.success) {
       return NextResponse.json(createErrorResponse(authResult.error || 'Authentication failed'), {
         status: 401,
diff --git a/apps/sim/lib/copilot/utils.ts b/apps/sim/lib/copilot/utils.ts
@@ -19,3 +19,22 @@ export function checkInternalApiKey(req: NextRequest) {
 
   return { success: true }
 }
+
+export function checkCopilotApiKey(req: NextRequest) {
+  const apiKey = req.headers.get('x-api-key')
+  const expectedApiKey = env.COPILOT_API_KEY
+
+  if (!expectedApiKey) {
+    return { success: false, error: 'Copilot API key not configured' }
+  }
+
+  if (!apiKey) {
+    return { success: false, error: 'API key required' }
+  }
+
+  if (apiKey !== expectedApiKey) {
+    return { success: false, error: 'Invalid API key' }
+  }
+
+  return { success: true }
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +  "title": "Copilot",
 +  "pages": ["index"]
 +}