lainedfles
9763d885be
Merge Updates & Dockerfile improvements
2024-04-02 11:25:20 +02:00
Timothy J. Baek
366679ff7c
fix: 'dict' object issue
2024-02-24 22:10:43 -08:00
Timothy J. Baek
b5bd07a06a
feat: secure litellm api
2024-02-23 22:44:56 -08:00
Timothy J. Baek
275523e32e
feat: jwt utils
2024-02-19 20:44:00 -08:00
Timothy J. Baek
e07001e5f6
feat: rag folder scan support
2024-02-17 21:06:08 -08:00
Timothy J. Baek
3af8d16e6a
fix: admin issue
2024-02-10 17:54:33 -08:00
Tim Farrell
08e8e922fd
Endpoint role-checking was redundantly applied but FastAPI provides a nice abstraction mechanic...so I applied it. There should be no logical changes in this code; only simpler, cleaner ways for doing the same thing.
2024-02-08 18:05:01 -06:00
Tim Farrell
4fceb404bd
Call jwt.decode
with the expected algorithms
2024-02-02 09:01:57 -06:00
Tim Farrell
e15dbdc46a
Pass the instance we're using.
2024-02-02 09:01:34 -06:00
Tim Farrell
8c37edd027
Even though "User.email" is enforced as unique at signup, it is not a unique field in the database. Let's use "User.id" instead. This also makes it more difficult to do a session stealing attack.
2024-02-02 09:01:06 -06:00
Tim Farrell
2c1dacb9b6
We should verify signatures to make the whole session secret meaningful.
2024-02-02 09:00:31 -06:00
Tim Farrell
d67f3d982b
Start by renaming variables to something more generic. This will give us a bit more flexibility as we look to other session management mechanisms.
2024-02-02 08:58:13 -06:00
Timothy J. Baek
28226a6f97
feat: web rag support
2024-01-26 22:17:28 -08:00
Timothy J. Baek
5e6d946f83
chore: disable passlib log
2024-01-05 12:22:27 -08:00
ThatOneCalculator
07cc7f15d5
chore: 🚨 lint and format
2024-01-03 14:33:57 -08:00
Timothy J. Baek
d8754b4486
feat/fix: email format validation
2024-01-02 16:22:48 -08:00
Anuraag Jain
77323d9b25
refac: remove the verify_token and use get-current user for auth+user
2024-01-01 10:55:50 +02:00
Anuraag Jain
bdd153d8f5
refac: use dependencies to verify token
...
- feat: added new util to get the current user when needed. Middleware was adding authentication logic to all the routes. let's revisit if we can move the non-auth endpoints to a separate route.
- refac: update the routes to use new helpers for verification and retrieving user
- chore: added black for local formatting of py code
2023-12-30 12:53:33 +02:00
Anuraag Jain
a01b112f7f
feat(auth): add auth middleware
...
- refactored chat routes to use request.user instead of doing authentication in every route
2023-12-28 22:15:54 +02:00
Timothy J. Baek
e539cf5c28
feat: gguf upload
2023-12-23 15:38:52 -08:00
Timothy J. Baek
dedb42582b
feat: gravatar default image updated
2023-11-19 00:46:27 -08:00
Timothy J. Baek
83ff1d77ea
feat: set first user to admin by default
2023-11-19 00:41:29 -08:00
Timothy J. Baek
8547b7807d
feat: basic RBAC support
2023-11-18 21:41:43 -08:00