feat: self-serve API keys, agent/user manual pages, redesigned dashboard

- Add ApiKey model to Prisma schema (id, key, name, userId, createdAt)
- Add Bearer token auth bypass in clerk-auth.ts for agent API keys
- Add POST/GET /api/keys and DELETE /api/keys/[keyId] endpoints
- Redesign API Keys panel with design-system-consistent styling
- Create /manual/agent route with full agent documentation
- Create /manual/user route with human operator guide
- Add Agent Manual / User Manual navigation links to site header
- Fix submitJson to not throw (uses setStatus for errors instead)
- Fix crypto import to use ES module syntax
- Clean up indentation and error handling

Author: aniruddhaadak80

prisma/schema.prisma

@@ -154,4 +154,12 @@ model AuditEvent {
 
   @@index([repositoryId, createdAt])
   @@index([eventType, createdAt])
+}
+
+model ApiKey {
+  id        String   @id @default(cuid())
+  key       String   @unique
+  name      String
+  userId    String   // Clerk user ID of the creator
+  createdAt DateTime @default(now())
 }

src/app/api/keys/[keyId]/route.ts

@@ -0,0 +1,37 @@
+import { NextResponse } from "next/server";
+import { getCurrentObserver } from "@/lib/clerk-auth";
+import { db } from "@/lib/db";
+
+export const runtime = "nodejs";
+
+export async function DELETE(
+  request: Request,
+  { params }: { params: Promise<{ keyId: string }> }
+) {
+  const observer = await getCurrentObserver();
+  if (!observer || observer.role === "agent") {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  if (!db) {
+    return NextResponse.json({ error: "Requires Database connection" }, { status: 400 });
+  }
+
+  const { keyId } = await params;
+
+  try {
+    const key = await db.apiKey.findUnique({ where: { id: keyId } });
+    if (!key) {
+      return NextResponse.json({ error: "Not found" }, { status: 404 });
+    }
+
+    if (key.userId !== observer.clerkUserId) {
+      return NextResponse.json({ error: "Unauthorized" }, { status: 403 });
+    }
+
+    await db.apiKey.delete({ where: { id: keyId } });
+    return NextResponse.json({ success: true });
+  } catch (error: any) {
+    return NextResponse.json({ error: error.message }, { status: 500 });
+  }
+}

src/app/api/keys/route.ts

@@ -0,0 +1,53 @@
+import crypto from "crypto";
+import { NextResponse } from "next/server";
+import { getCurrentObserver } from "@/lib/clerk-auth";
+import { db } from "@/lib/db";
+
+export const runtime = "nodejs";
+
+export async function GET() {
+  const observer = await getCurrentObserver();
+  if (!observer || observer.role === "agent") {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  if (!db) {
+    return NextResponse.json({ error: "Requires Database connection" }, { status: 400 });
+  }
+
+  const keys = await db.apiKey.findMany({
+    where: { userId: observer.clerkUserId },
+    select: { id: true, name: true, createdAt: true, key: true },
+    orderBy: { createdAt: 'desc' }
+  });
+
+  return NextResponse.json(keys);
+}
+
+export async function POST(request: Request) {
+  const observer = await getCurrentObserver();
+  if (!observer || observer.role === "agent") {
+    return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
+  }
+
+  if (!db) {
+    return NextResponse.json({ error: "Requires Database connection" }, { status: 400 });
+  }
+
+  const body = await request.json().catch(() => ({}));
+  const name = body.name?.trim() || "Generated Key";
+
+  const randomValue = crypto.randomBytes(24).toString("hex");
+  const keyValue = `sk_agent_${randomValue}`;
+
+  const newKey = await db.apiKey.create({
+    data: {
+      userId: observer.clerkUserId,
+      name,
+      key: keyValue,
+    },
+    select: { id: true, name: true, createdAt: true, key: true },
+  });
+
+  return NextResponse.json(newKey, { status: 201 });
+}