Justin/waitlist credits (#4648)

* put credits behind a waitlist

* clean up pr and fixed some edge cases

* credits empty state better

* lint

* fix build

* lint

* fix web build

* Remove unnecessary index creation in waitlist migration

Use direct unique constraint instead of index + constraint pattern.

Co-authored-by: Justin Torre <chitalian@users.noreply.github.com>

* docs: improve controllers README with clearer routing explanation

- Add comprehensive documentation of public vs private controller structure
- Clarify authentication rules based on route paths, not directory structure
- Explain that /v1/public routes bypass auth while others require API keys
- Include examples and documentation generation differences
- Address confusion about routing logic mentioned in PR review

Co-authored-by: Justin Torre <chitalian@users.noreply.github.com>

* Update README.md

Clarify README

* Update web/pages/settings/credits.tsx

Co-authored-by: Thomas Harmon <thomas.alan.harmon@gmail.com>

---------

Co-authored-by: Justin Torre <justin@helicone.ai>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: Justin Torre <chitalian@users.noreply.github.com>
Co-authored-by: Thomas Harmon <thomas.alan.harmon@gmail.com>

Author: 4 people

bifrost/lib/clients/jawnTypes/private.ts

@@ -9,6 +9,12 @@ interface JsonObject { [key: string]: JsonValue; }
 
 
 export interface paths {
+  "/v1/public/waitlist/feature": {
+    post: operations["AddToWaitlist"];
+  };
+  "/v1/public/waitlist/feature/status": {
+    get: operations["IsOnWaitlist"];
+  };
   "/v1/user-feedback": {
     post: operations["PostUserFeedback"];
   };
@@ -502,6 +508,28 @@ export type webhooks = Record<string, never>;
 
 export interface components {
   schemas: {
+    "ResultSuccess__success-boolean--message-string__": {
+      data: {
+        message: string;
+        success: boolean;
+      };
+      /** @enum {number|null} */
+      error: null;
+    };
+    ResultError_string_: {
+      /** @enum {number|null} */
+      data: null;
+      error: string;
+    };
+    "Result__success-boolean--message-string_.string_": components["schemas"]["ResultSuccess__success-boolean--message-string__"] | components["schemas"]["ResultError_string_"];
+    "ResultSuccess__isOnWaitlist-boolean__": {
+      data: {
+        isOnWaitlist: boolean;
+      };
+      /** @enum {number|null} */
+      error: null;
+    };
+    "Result__isOnWaitlist-boolean_.string_": components["schemas"]["ResultSuccess__isOnWaitlist-boolean__"] | components["schemas"]["ResultError_string_"];
     RateLimitRuleView: {
       id: string;
       name: string;
@@ -520,11 +548,6 @@ export interface components {
       /** @enum {number|null} */
       error: null;
     };
-    ResultError_string_: {
-      /** @enum {number|null} */
-      data: null;
-      error: string;
-    };
     "Result_RateLimitRuleView-Array.string_": components["schemas"]["ResultSuccess_RateLimitRuleView-Array_"] | components["schemas"]["ResultError_string_"];
     ResultSuccess_RateLimitRuleView_: {
       data: components["schemas"]["RateLimitRuleView"];
@@ -15730,6 +15753,42 @@ export type external = Record<string, never>;
 
 export interface operations {
 
+  AddToWaitlist: {
+    requestBody: {
+      content: {
+        "application/json": {
+          organizationId?: string;
+          feature: string;
+          email: string;
+        };
+      };
+    };
+    responses: {
+      /** @description Ok */
+      200: {
+        content: {
+          "application/json": components["schemas"]["Result__success-boolean--message-string_.string_"];
+        };
+      };
+    };
+  };
+  IsOnWaitlist: {
+    parameters: {
+      query: {
+        email: string;
+        feature: string;
+        organizationId: string;
+      };
+    };
+    responses: {
+      /** @description Ok */
+      200: {
+        content: {
+          "application/json": components["schemas"]["Result__isOnWaitlist-boolean_.string_"];
+        };
+      };
+    };
+  };
   PostUserFeedback: {
     requestBody: {
       content: {

bifrost/lib/clients/jawnTypes/public.ts

@@ -16,9 +16,6 @@ export interface paths {
   "/v1/webhooks/{webhookId}": {
     delete: operations["DeleteWebhook"];
   };
-  "/v1/public/waitlist/experiments": {
-    post: operations["AddToWaitlist"];
-  };
   "/v1/vault/add": {
     post: operations["AddKey"];
   };
@@ -697,11 +694,6 @@ export interface components {
       error: null;
     };
     "Result_null.string_": components["schemas"]["ResultSuccess_null_"] | components["schemas"]["ResultError_string_"];
-    ResultError_any_: {
-      /** @enum {number|null} */
-      data: null;
-      error: unknown;
-    };
     "ResultSuccess__id-string__": {
       data: {
         id: string;
@@ -4012,23 +4004,6 @@ export interface operations {
       };
     };
   };
-  AddToWaitlist: {
-    requestBody: {
-      content: {
-        "application/json": {
-          email: string;
-        };
-      };
-    };
-    responses: {
-      /** @description Ok */
-      200: {
-        content: {
-          "application/json": components["schemas"]["ResultSuccess_unknown_"] | components["schemas"]["ResultError_any_"];
-        };
-      };
-    };
-  };
   AddKey: {
     requestBody: {
       content: {

docs/swagger.json

@@ -183,24 +183,6 @@
 					}
 				]
 			},
-			"ResultError_any_": {
-				"properties": {
-					"data": {
-						"type": "number",
-						"enum": [
-							null
-						],
-						"nullable": true
-					},
-					"error": {}
-				},
-				"required": [
-					"data",
-					"error"
-				],
-				"type": "object",
-				"additionalProperties": false
-			},
 			"ResultSuccess__id-string__": {
 				"properties": {
 					"data": {
@@ -12176,53 +12158,6 @@
 				]
 			}
 		},
-		"/v1/public/waitlist/experiments": {
-			"post": {
-				"operationId": "AddToWaitlist",
-				"responses": {
-					"200": {
-						"description": "Ok",
-						"content": {
-							"application/json": {
-								"schema": {
-									"anyOf": [
-										{
-											"$ref": "#/components/schemas/ResultSuccess_unknown_"
-										},
-										{
-											"$ref": "#/components/schemas/ResultError_any_"
-										}
-									]
-								}
-							}
-						}
-					}
-				},
-				"tags": [
-					"Waitlist"
-				],
-				"security": [],
-				"parameters": [],
-				"requestBody": {
-					"required": true,
-					"content": {
-						"application/json": {
-							"schema": {
-								"properties": {
-									"email": {
-										"type": "string"
-									}
-								},
-								"required": [
-									"email"
-								],
-								"type": "object"
-							}
-						}
-					}
-				}
-			}
-		},
 		"/v1/vault/add": {
 			"post": {
 				"operationId": "AddKey",

supabase/migrations/20250903170658_waitlist.sql

@@ -0,0 +1,21 @@
+-- Create feature_waitlist table for tracking users waiting for specific features
+CREATE TABLE IF NOT EXISTS public.feature_waitlist (
+    id BIGINT GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(),
+    email VARCHAR(255) NOT NULL,
+    feature VARCHAR(100) NOT NULL,
+    organization_id UUID NULL -- Optional organization ID
+);
+-- Create primary key
+CREATE UNIQUE INDEX feature_waitlist_pkey ON public.feature_waitlist USING btree (id);
+ALTER TABLE public.feature_waitlist
+ADD CONSTRAINT feature_waitlist_pkey PRIMARY KEY USING INDEX feature_waitlist_pkey;
+-- Create unique constraint on email + feature + organization_id to prevent duplicates
+ALTER TABLE public.feature_waitlist
+ADD CONSTRAINT feature_waitlist_email_feature_key UNIQUE (email, feature, organization_id);
+REVOKE ALL ON TABLE public.feature_waitlist
+FROM PUBLIC;
+REVOKE ALL ON TABLE public.feature_waitlist
+FROM authenticated;
+REVOKE ALL ON TABLE public.feature_waitlist
+FROM service_role;

valhalla/jawn/package.json

@@ -56,6 +56,7 @@
     "llama-api-client": "^0.1.2",
     "lodash": "^4.17.21",
     "lodash.merge": "^4.6.2",
+    "loops": "^6.0.0",
     "moment": "^2.30.1",
     "morgan": "^1.10.0",
     "node-sql-parser": "^5.3.10",

valhalla/jawn/src/controllers/README.md

@@ -0,0 +1,29 @@
+# Controllers Structure
+
+## Directory Structure
+The private/public folders only represent was is generated for docs
+
+- **`/private`** - Will not be in the public docs
+- **`/public`** - Will be in the docs
+
+## Authentication & Routing
+
+### Route Authentication Rules (in `middleware/auth.ts`):
+1. **Routes starting with `/v1/public`** - Bypass authentication entirely (no API key required)
+2. **All other routes** - Require API key authentication by default (see middleware.ts). The `@Security("api_key")` was never implemented properly. We willimplement this properly in the future
+
+### Documentation Generation:
+- **`/private`** controllers - No auto-generated docs (internal/admin use)
+- **`/public`** controllers - Full auto-generated documentation
+
+### Examples:
+
+**Public Controllers:**
+- Can use routes like `@Route("v1/experiment")` - Requires authentication
+- Can use routes like `@Route("/v1/public/model-registry")` - No authentication required
+
+**Private Controllers:**  
+- Use routes like `@Route("v1/admin")` - Requires authentication + admin privileges
+- Generally for internal/admin functionality
+
+The key distinction is the **route path**, not the directory. Routes containing `/v1/public` skip authentication, while all others require it.