bug fix

Author: matteocacciola

.env.example

@@ -14,7 +14,6 @@
 
 # Protect endpoints with an access token
 # CCAT_API_KEY=meow
-# CCAT_API_KEY_WS=meow2
 
 # self reload during development
 # CCAT_DEBUG=true
@@ -39,11 +38,18 @@
 # Turn on memory collections' snapshots on embedder change with SAVE_MEMORY_SNAPSHOTS=true
 # CCAT_SAVE_MEMORY_SNAPSHOTS=false
 
-# CONFIG_FILE
-# CCAT_METADATA_FILE="cat/data/metadata.json"
-
 # Set container timezone
 # CCAT_TIMEZONE=Europe/Rome
 
+# Set the expiration time for the history conversation in the Redis storage
+# CCAT_HISTORY_EXPIRATION=30
+
 # Set the ability of the Cheshire Cat to store the RabbitHole uploaded files into a remote storage
-# CCAT_RABBIT_HOLE_STORAGE_ENABLED=false
+# CCAT_RABBIT_HOLE_STORAGE_ENABLED=false
+
+# Enable CORS
+# CCAT_CORS_ENABLED=true
+
+# Set the number of workers and the limit of requests for the FastAPI server
+# CCAT_WORKERS=1
+# CCAT_LIMIT_MAX_REQUESTS=1000

README.md

@@ -80,7 +80,7 @@ New features will be added in the future. Please contact us if you want to contr
 To make Cheshire Cat run on your machine, you just need [`docker`](https://docs.docker.com/get-docker/) installed:
 
 ```bash
-docker run --rm -it -p 1865:80 ghcr.io/matteocacciola/cheshirecat-core:2.0.1
+docker run --rm -it -p 1865:80 ghcr.io/matteocacciola/cheshirecat-core:2.0.2
 ```
 - Chat with the Cheshire Cat on [localhost:1865/docs](http://localhost:1865/docs).
 
@@ -103,7 +103,7 @@ Follow instructions on how to run it with [docker compose and volumes](https://c
 ```python
 from cat.mad_hatter.decorators import hook
 
-# hooks are an event system to get finegraned control over your assistant
+# hooks are an event system to get fine-grained control over your assistant
 @hook
 def agent_prompt_prefix(prefix, cat):
     prefix = """You are Marvin the socks seller, a poetic vendor of socks.

core/cat/auth/permissions.py

@@ -4,7 +4,6 @@
 
 from cat.utils import BaseModelDict, Enum
 
-from fastapi import Depends
 
 class AuthResource(Enum):
     CRUD = "CRUD"
@@ -143,31 +142,4 @@ class AuthUserInfo(BaseModelDict):
     # - profile data
     # - custom attributes
     # - roles
-    extra: BaseModelDict = Field(default_factory=dict)
-
-
-def check_permissions(resource: AuthResource, permission: AuthPermission):
-    """
-    Helper function to inject stray into endpoints after checking for required permissions.
-
-    Parameters
-    ----------
-    resource: AuthResource | str
-        The resource that the user must have permission for.
-    permission: AuthPermission | str
-        The permission that the user must have for the resource.
-
-    Returns
-    ----------
-    stray: StrayCat | None
-        User session object if auth is successfull, None otherwise.
-    """
-
-
-    # import here to avoid circular imports
-    from cat.auth.connection import HTTPAuth
-    return Depends(HTTPAuth(
-        # explicit convert to Enum
-        resource = AuthResource(resource),
-        permission = AuthPermission(permission),
-    ))
+    extra: Dict = Field(default_factory=dict)

core/cat/env.py

@@ -8,7 +8,6 @@ def get_supported_env_variables():
         "CCAT_CORE_USE_SECURE_PROTOCOLS": "",
         "CCAT_ADMIN_DEFAULT_PASSWORD": "AIBlackBirdWithCheshireCat",
         "CCAT_API_KEY": None,
-        "CCAT_API_KEY_WS": None,
         "CCAT_DEBUG": "true",
         "CCAT_LOG_LEVEL": "INFO",
         "CCAT_CORS_ALLOWED_ORIGINS": None,

core/cat/factory/custom_auth_handler.py

@@ -249,35 +249,30 @@ def authorize_user_from_key(
         request_user_id: str | None = None,
         **kwargs,
     ) -> AuthUserInfo | None:
-        http_key = get_env("CCAT_API_KEY")
-        ws_key = get_env("CCAT_API_KEY_WS")
-
-        if not http_key and not ws_key:
+        if not (current_api_key := get_env("CCAT_API_KEY")):
+            return None
+        if api_key != current_api_key:
             return None
 
         key_id = kwargs.get("key_id")
-        user_info = extract_user_info_on_api_key(key_id, request_user_id)
-        if not user_info:
+        if not (user_info := extract_user_info_on_api_key(key_id, request_user_id)):
             return None
 
-        if protocol == "websocket" and api_key == ws_key:
-            permissions: Dict[str, List[str]] = kwargs.get("websocket_permissions", user_info.permissions)
-            return AuthUserInfo(
-                id=user_info.user_id,
-                name=user_info.username,
-                permissions=permissions
-            )
-
-        if protocol == "http" and api_key == http_key:
-            permissions: Dict[str, List[str]] = kwargs.get("http_permissions", user_info.permissions)
-            return AuthUserInfo(
-                id=user_info.user_id,
-                name=user_info.username,
-                permissions=permissions
-            )
+        permissions: Dict[str, List[str]] | None = None
+        if protocol == "websocket":
+            permissions = kwargs.get("websocket_permissions", user_info.permissions)
+        elif protocol == "http":
+            permissions = kwargs.get("http_permissions", user_info.permissions)
 
         # No match -> deny access
-        return None
+        if not permissions:
+            return None
+
+        return AuthUserInfo(
+            id=user_info.user_id,
+            name=user_info.username,
+            permissions=permissions
+        )
 
 
 # Default Auth, always deny auth by default (only core auth decides).

core/cat/looking_glass/stray_cat.py

@@ -365,7 +365,7 @@ async def __call__(self, user_message: UserMessage) -> CatMessage:
         answer. This is formatted in a dictionary to be sent as a JSON via Websocket to the client.
         """
 
-        ### setup working memory
+        ### setup working memory for this convo turn
         # keeping track of model interactions
         self.working_memory.model_interactions = []
         # latest user message

core/cat/memory/utils.py

@@ -43,7 +43,14 @@ def to_document_recall(m: Record | ScoredPoint) -> DocumentRecall:
         DocumentRecall: The converted DocumentRecall object
     """
 
-    document = DocumentRecall(document=Document(**m.payload), vector=m.vector, id=m.id)
+    document = DocumentRecall(
+        document=Document(
+            page_content=m.payload.get("page_content", "") if m.payload else "",
+            metadata=m.payload.get("metadata", {}) if m.payload else {},
+        ),
+        vector=m.vector,
+        id=m.id,
+    )
 
     if isinstance(m, ScoredPoint):
         document.score = m.score

core/cat/memory/vector_memory_collection.py

@@ -39,12 +39,12 @@ def _tenant_field_condition(self) -> FieldCondition:
     def _build_condition(self, key: str, value: Any) -> List[FieldCondition]:
         out = []
 
-        if isinstance(value, Dict):
-            out.extend(self._build_condition(f"{key}.{k}", v) for k, v in value.items())
-        elif isinstance(value, List):
-            out.extend(
-                self._build_condition(f"{key}[]" if isinstance(v, Dict) else f"{key}", v) for v in value
-            )
+        if isinstance(value, dict):
+            for k, v in value.items():
+                out.extend(self._build_condition(f"{key}.{k}", v))
+        elif isinstance(value, list):
+            for v in value:
+                out.extend(self._build_condition(f"{key}[]" if isinstance(v, dict) else f"{key}", v))
         else:
             out.append(FieldCondition(key=f"metadata.{key}", match=MatchValue(value=value)))
 

core/pyproject.toml

@@ -1,7 +1,7 @@
 [project]
 name = "Cheshire-Cat"
 description = "Production ready AI assistant framework"
-version = "2.0.1"
+version = "2.0.2"
 requires-python = ">=3.10"
 license = { file = "LICENSE" }
 authors = [

core/tests/conftest.py

@@ -1,4 +1,3 @@
-import asyncio
 import pytest
 import pytest_asyncio
 import os
@@ -29,7 +28,6 @@
 from tests.utils import (
     agent_id,
     api_key,
-    api_key_ws,
     jwt_secret,
     create_mock_plugin_zip,
     get_class_from_decorated_singleton,
@@ -180,17 +178,15 @@ async def client(cheshire_cat) -> Generator[TestClient, Any, None]:
         yield client
 
 
-# This fixture sets the CCAT_API_KEY and CCAT_API_KEY_WS environment variables,
-# making mandatory for clients to possess api keys or JWT
+# This fixture sets the CCAT_API_KEY environment variable,
+# making mandatory for clients to possess api key or JWT
 @pytest_asyncio.fixture(scope="function")
 async def secure_client(client):
     current_api_key = os.getenv("CCAT_API_KEY")
-    current_api_ws = os.getenv("CCAT_API_KEY_WS")
     current_jwt_secret = os.getenv("CCAT_JWT_SECRET")
 
     # set ENV variables
     os.environ["CCAT_API_KEY"] = api_key
-    os.environ["CCAT_API_KEY_WS"] = api_key_ws
     os.environ["CCAT_JWT_SECRET"] = jwt_secret
 
     yield client
@@ -200,10 +196,6 @@ async def secure_client(client):
         os.environ["CCAT_API_KEY"] = current_api_key
     else:
         del os.environ["CCAT_API_KEY"]
-    if current_api_ws:
-        os.environ["CCAT_API_KEY_WS"] = current_api_ws
-    else:
-        del os.environ["CCAT_API_KEY_WS"]
     if current_jwt_secret:
         os.environ["CCAT_JWT_SECRET"] = current_jwt_secret
     else:

core/tests/routes/admins/test_admins_permissions.py

@@ -4,7 +4,7 @@
 
 # test endpoints with different user permissions
 # NOTE: we are using here the secure_client:
-# - CCAT_API_KEY and CCAT_API_KEY_WS are active
+# - CCAT_API_KEY is active
 # - we will auth with JWT
 
 

core/tests/routes/auth/test_auth_setting.py

@@ -4,7 +4,7 @@
 
 from cat.factory.auth_handler import AuthHandlerFactory
 
-from tests.utils import api_key, api_key_ws
+from tests.utils import api_key
 
 
 def test_get_all_auth_handler_settings(secure_client, secure_client_headers, agent_plugin_manager):
@@ -54,10 +54,7 @@ def test_get_auth_handler_settings(secure_client, secure_client_headers):
 def test_upsert_auth_handler_settings(secure_client, secure_client_headers):
     # set a different auth_handler from default one (same class different size)
     new_auth_handler = "AuthApiKeyConfig"
-    auth_handler_config = {
-        "api_key_http": api_key,
-        "api_key_ws": api_key_ws,
-    }
+    auth_handler_config = {"api_key": api_key}
     response = secure_client.put(
         f"/auth_handler/settings/{new_auth_handler}", json=auth_handler_config, headers=secure_client_headers
     )

core/tests/routes/auth/test_env_api_key.py

@@ -4,7 +4,7 @@
 
 from cat.env import get_env
 
-from tests.conftest import api_key, api_key_ws
+from tests.conftest import api_key
 from tests.utils import send_websocket_message
 
 
@@ -42,7 +42,7 @@ def test_api_key_http(secure_client, header_name):
     wrong_headers = [
         {}, # no key
         {header_name: f"{key_prefix}wrong"}, # wrong key
-        {header_name: f"{key_prefix}{api_key_ws}"}, # websocket key
+        {header_name: f"{key_prefix}{api_key}"}, # websocket key
     ]
 
     # all the previous headers result in a 403
@@ -61,8 +61,8 @@ def test_api_key_http(secure_client, header_name):
 
 
 def test_api_key_ws(secure_client, secure_client_headers):
-    # set CCAT_API_KEY_WS
-    old_api_key = set_api_key("CCAT_API_KEY_WS", api_key_ws)
+    # set CCAT_API_KEY
+    old_api_key = set_api_key("CCAT_API_KEY", api_key)
 
     mex = {"text": "Where do I go?"}
 
@@ -76,9 +76,9 @@ def test_api_key_ws(secure_client, secure_client_headers):
         with pytest.raises(WebSocketDisconnect):
             send_websocket_message(mex, secure_client, query_params=params)
 
-    # allow access if CCAT_API_KEY_WS is right
-    query_params = {"apikey": api_key_ws}
+    # allow access if CCAT_API_KEY is right
+    query_params = {"apikey": api_key}
     res = send_websocket_message(mex, secure_client, query_params=query_params)
     assert "You did not configure" in res["content"]
 
-    reset_api_key("CCAT_API_KEY_WS", old_api_key)
+    reset_api_key("CCAT_API_KEY", old_api_key)

core/tests/routes/memory/test_memory_collection.py

@@ -1,4 +1,4 @@
-from tests.utils import send_websocket_message, get_collections_names_and_point_count, api_key_ws
+from tests.utils import send_websocket_message, get_collections_names_and_point_count, api_key
 
 
 def test_memory_collections_created(secure_client, secure_client_headers):
@@ -29,7 +29,7 @@ def test_memory_collection_episodic_stores_messages(
 
     # send message via websocket
     message = {"text": "Meow"}
-    res = send_websocket_message(message, secure_client, {"apikey": api_key_ws})
+    res = send_websocket_message(message, secure_client, {"apikey": api_key})
     assert isinstance(res["content"], str)
 
     # episodic memory should now contain one point
@@ -50,7 +50,7 @@ def test_memory_collection_episodic_cleared(
 ):
     # send message via websocket
     message = {"text": "Meow"}
-    res = send_websocket_message(message, secure_client, {"apikey": api_key_ws})
+    res = send_websocket_message(message, secure_client, {"apikey": api_key})
     assert isinstance(res["content"], str)
 
     # episodic memory should now contain one point
@@ -85,7 +85,7 @@ def test_memory_collections_wipe(
 ):
     # create episodic memory
     message = {"text": "Meow"}
-    send_websocket_message(message, secure_client, {"apikey": api_key_ws})
+    send_websocket_message(message, secure_client, {"apikey": api_key})
 
     # create declarative memories
     file_name = "sample.txt"

core/tests/routes/memory/test_memory_points.py

@@ -7,7 +7,7 @@
     get_declarative_memory_contents,
     agent_id,
     fake_timestamp,
-    api_key_ws,
+    api_key,
 )
 
 
@@ -61,7 +61,7 @@ def test_create_memory_point(secure_client, secure_client_headers, cheshire_cat,
 
 def test_point_deleted(secure_client, secure_client_headers, mocked_default_llm_answer_prompt):
     # send websocket message
-    send_websocket_message({"text": "Hello Mad Hatter"}, secure_client, {"apikey": api_key_ws})
+    send_websocket_message({"text": "Hello Mad Hatter"}, secure_client, {"apikey": api_key})
 
     user = crud_users.get_user_by_username(agent_id, "user")