Add knowledge base management feature and update configurations

- Introduced a new knowledge base management system that allows users to create, edit, and delete knowledge bases via a web interface.
- Implemented vector similarity search for intelligent Q&A matching, enhancing the response capabilities of the system.
- Added new configuration options for embedding API integration, including API base URL, key, model name, and similarity thresholds.
- Updated the CHANGELOG to reflect the new version 2.2.0 and document major updates and added features.
- Enhanced the README files to include detailed descriptions of the knowledge base functionality and its use cases.
- Incremented version numbers in both backend and frontend to 2.2.0 to signify the introduction of these features.

Author: ThomasLWang

CHANGELOG.md

@@ -10,6 +10,47 @@ All notable changes to Xiangxin AI Guardrails platform are documented in this fi
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.2.0] - 2025-01-15
+
+### 🚀 重大更新 Major Updates
+- 🧠 **代答知识库功能** 
+  - 全新的智能代答系统，基于向量相似度搜索
+  - 支持上传问答对文件，自动构建知识库向量索引
+  - 风险检测时优先匹配知识库中的相似问题，返回对应答案
+  - 支持全局知识库和用户级知识库，管理员可配置全局生效的知识库
+  
+### 新增 Added
+- 📚 **代答知识库管理**
+  - Web界面支持知识库创建、编辑、删除
+  - JSONL格式问答对文件上传和验证
+  - 向量索引自动生成和管理
+  - 知识库搜索测试功能
+  - 支持文件替换和重新索引
+
+- 🎯 **智能代答策略**
+  - 风险检测触发时，优先搜索知识库相似问题
+  - 基于余弦相似度的问题匹配算法
+  - 可配置相似度阈值和返回结果数量
+  - 未找到相似问题时，回退到传统拒答模板
+
+### 新增配置 New Configuration
+- `EMBEDDING_API_BASE_URL` - Embedding API服务地址
+- `EMBEDDING_API_KEY` - Embedding API密钥
+- `EMBEDDING_MODEL_NAME` - Embedding模型名称
+- `EMBEDDING_MODEL_DIMENSION` - 向量维度配置
+- `EMBEDDING_SIMILARITY_THRESHOLD` - 相似度阈值
+- `EMBEDDING_MAX_RESULTS` - 最大返回结果数
+
+
+#### 知识库文件格式
+```jsonl
+{"questionid": "q1", "question": "什么是人工智能？", "answer": "人工智能是模拟人类智能的技术。"}
+{"questionid": "q2", "question": "如何使用机器学习？", "answer": "机器学习是AI的一个重要分支..."}
+```
+
+## [2.1.0] - 2025-09-29
+增加敏感度阈值配置功能，应对特殊场景和全自动流水线。
+
 ## [2.0.0] - 2025-01-01
 
 ### 🚀 重大更新 Major Updates

README.md

@@ -28,6 +28,7 @@ English | [中文](./README_ZH.md)
 - 🧠 **Context Awareness** - Intelligent safety detection based on conversation context
 - 📋 **Compliance Standards** - Compliant with "GB/T45654—2025 Basic Security Requirements for Generative AI Services"
 - 🔧 **Flexible Configuration** - Blacklist/whitelist, response templates, rate limiting and other personalized configurations
+- 🧠 **Knowledge Base Responses** - Vector similarity-based intelligent Q&A matching with custom knowledge bases 🆕
 - 🏢 **Private Deployment** - Support for complete local deployment, controllable data security
 - 🔌 **Customer System Integration** - Deep integration with existing customer user systems, API-level configuration management
 - 📊 **Visual Management** - Intuitive web management interface and real-time monitoring
@@ -393,6 +394,57 @@ User Request → Security Gateway(5002) → Input Safety Detection
 - **Smart Recognition**: Automatic detection of reasoning_content, thinking and other reasoning fields
 - **Transparent Proxy**: Full OpenAI API compatibility, supports all reasoning models
 
+## 🧠 Knowledge Base Responses Feature 🆕
+
+Xiangxin AI Guardrails v2.2.0 introduces powerful knowledge base response functionality with vector similarity-based intelligent Q&A matching.
+
+### 📚 Key Features
+
+- **Intelligent Matching**: Vector similarity search for most relevant questions using embeddings
+- **Automatic Responses**: Priority responses from knowledge base when risks are detected
+- **Flexible Management**: Web interface for uploading, editing, and deleting knowledge bases
+- **Tiered Permissions**: Support for user-level and global knowledge bases, admin-configurable global knowledge bases
+- **File Format**: Support for JSONL format Q&A pair file uploads
+
+### 🔄 Workflow
+
+```
+User Input → Security Detection → [Risk Detected] → Search Knowledge Base → Similar Question Found?
+                                        ↓
+                                      Yes → Return Knowledge Base Answer
+                                        ↓
+                                      No → Return Traditional Rejection Template
+```
+
+### 📝 Knowledge Base File Format
+
+```jsonl
+{"questionid": "q1", "question": "What is artificial intelligence?", "answer": "Artificial intelligence is technology that simulates human intelligence, including machine learning and deep learning branches."}
+{"questionid": "q2", "question": "How to protect data privacy?", "answer": "Data privacy protection requires multiple technical measures including encryption, access control, and data anonymization."}
+{"questionid": "q3", "question": "What are the uses of blockchain?", "answer": "Blockchain technology can be used in digital currency, supply chain management, identity authentication and many other fields."}
+```
+
+### 🔧 Embedding Service Configuration
+
+The knowledge base response feature requires embedding model service support. 
+
+```bash
+# Start embedding service using vLLM
+vllm serve --port your-port --host your-host-ip --task embed path/to/Qwen/Qwen3-Embedding-0.6B --served-model-name Xiangxin-Embedding-1024
+
+# Then configure in your settings
+EMBEDDING_API_BASE_URL=http://your-host-ip:your-port/v1
+EMBEDDING_API_KEY=EMPTY
+EMBEDDING_MODEL_NAME=Xiangxin-Embedding-1024
+```
+
+### 🎯 Use Cases
+
+- **Customer Service**: Upload FAQ answers for automatic standard responses
+- **Policy Interpretation**: Configure policy-related Q&A for authoritative explanations
+- **Technical Support**: Build technical issue knowledge base for quick user consultation responses
+- **Compliance Responses**: Provide compliant standard answers for sensitive topics
+
 ## 🚀 Quick Start
 
 ### 🐳 One-Click Docker Deployment (Recommended)

README_ZH.md

@@ -28,6 +28,7 @@
 - 🧠 **上下文感知** - 基于对话上下文的智能安全检测
 - 📋 **合规标准** - 符合《GB/T45654—2025 生成式人工智能服务安全基本要求》
 - 🔧 **灵活配置** - 黑白名单、代答库、限速等个性化配置
+- 🧠 **代答知识库** - 基于向量相似度的智能问答匹配，支持自定义问答对知识库 🆕
 - 🎯 **敏感度阈值配置** - 三档敏感度阈值配置，适应自动化流水线等不同使用场景 🆕
 - 🏢 **私有化部署** - 支持完全本地化部署，数据安全可控
 - 🔌 **客户系统集成** - 支持与客户现有用户系统深度集成，API级别的配置管理
@@ -391,6 +392,55 @@ response = client.chat.completions.create(model="local-reasoning-llm", messages=
                [通过检测] → 返回给用户
 ```
 
+## 🧠 代答知识库功能 🆕
+
+象信AI安全护栏v2.2.0新增了强大的代答知识库功能，基于向量相似度搜索提供智能问答匹配。
+
+### 📚 功能特性
+
+- **智能匹配**：基于embedding向量相似度搜索最相关的问题
+- **自动代答**：检测到风险时，优先返回知识库中的标准答案
+- **灵活管理**：支持Web界面上传、编辑、删除知识库
+- **分级权限**：支持用户级和全局级知识库，管理员可配置全局生效的知识库
+- **文件格式**：支持JSONL格式的问答对文件上传
+
+### 🔄 工作流程
+
+```
+用户输入 → 安全检测 → [检测到风险] → 搜索知识库 → 找到相似问题？
+                                        ↓
+                                      是 → 返回知识库答案
+                                        ↓
+                                      否 → 返回传统拒答模板
+```
+
+### 📝 知识库文件格式
+
+```jsonl
+{"questionid": "q1", "question": "什么是人工智能？", "answer": "人工智能是模拟人类智能的技术，包括机器学习、深度学习等分支。"}
+{"questionid": "q2", "question": "如何保护数据隐私？", "answer": "数据隐私保护需要采用加密、访问控制、数据脱敏等多种技术手段。"}
+{"questionid": "q3", "question": "区块链有什么用途？", "answer": "区块链技术可用于数字货币、供应链管理、身份认证等多个领域。"}
+```
+
+### 🔧 Embedding服务配置
+
+代答知识库功能需要embedding模型服务支持
+```bash
+# 使用vLLM启动embedding服务
+vllm serve --port your-port --host your-host-ip --task embed path/to/Qwen/Qwen3-Embedding-0.6B --served-model-name Xiangxin-Embedding-1024
+
+# 然后在配置文件中设置
+EMBEDDING_API_BASE_URL=http://your-host-ip:your-port/v1
+EMBEDDING_API_KEY=EMPTY
+EMBEDDING_MODEL_NAME=Xiangxin-Embedding-1024
+```
+
+### 🎯 使用场景
+
+- **客服问答**：上传常见问题答案，自动回复标准答案
+- **政策解读**：配置政策相关问答，提供权威解释
+- **技术支持**：建立技术问题知识库，快速响应用户咨询
+- **合规回复**：针对敏感话题提供合规的标准回答
 
 ## 🚀 快速开始
 

VERSION

@@ -1 +1 @@
-2.1.0
+2.2.0

backend/.env.example

@@ -16,8 +16,8 @@ DATABASE_URL=postgresql://xiangxin:your_password@localhost:54321/xiangxin_guardr
 
 # 模型配置
 # 设置模型API地址（本地或云端）
-GUARDRAILS_MODEL_API_URL=http://localhost:58002/v1
-GUARDRAILS_MODEL_API_KEY=your-model-api-key
+GUARDRAILS_MODEL_API_URL=http://your-host-ip:your-port/v1
+GUARDRAILS_MODEL_API_KEY=your-guardrails-model-api-key
 GUARDRAILS_MODEL_NAME=Xiangxin-Guardrails-Text
 
 # 检测最大上下文长度配置 (应该等于模型max-model-len - 1000)
@@ -35,6 +35,15 @@ SUPPORT_EMAIL=wanglei@xiangxinai.cn
 # HuggingFace模型
 HUGGINGFACE_MODEL=xiangxinai/Xiangxin-Guardrails-Text
 
+# 嵌入模型API配置
+# 用于知识库向量化的嵌入模型API
+EMBEDDING_API_BASE_URL=http://your-host-ip:your-port/v1
+EMBEDDING_API_KEY=your-embedding-api-key
+EMBEDDING_MODEL_NAME=Xiangxin-Embedding-1024
+EMBEDDING_MODEL_DIMENSION=1024
+EMBEDDING_SIMILARITY_THRESHOLD=0.7
+EMBEDDING_MAX_RESULTS=5
+
 # JWT配置
 # 警告：请生成一个安全的随机密钥！可以使用: openssl rand -base64 64
 JWT_SECRET_KEY=PLEASE-GENERATE-A-SECURE-RANDOM-KEY-USING-openssl-rand-base64-64

backend/.env.local.example

@@ -18,8 +18,8 @@ JWT_SECRET_KEY=GENERATE-A-SECURE-RANDOM-JWT-KEY-IN-PRODUCTION
 DATA_DIR=/mnt/data/xiangxin-guardrails-data
 
 # 模型API配置
-GUARDRAILS_MODEL_API_URL=http://localhost:58002/v1
-GUARDRAILS_MODEL_API_KEY=your-model-api-key
+GUARDRAILS_MODEL_API_URL=http://your-host-ip:your-port/v1
+GUARDRAILS_MODEL_API_KEY=your-guardrails-model-api-key
 
 # SMTP配置（可选）
 SMTP_SERVER=

backend/config.py

@@ -44,8 +44,8 @@ class Settings(BaseSettings):
     database_url: str = "postgresql://xiangxin:your_password@localhost:54321/xiangxin_guardrails"
 
     # 模型配置
-    guardrails_model_api_url: str = "http://localhost:58002/v1"
-    guardrails_model_api_key: str = "your-model-api-key"
+    guardrails_model_api_url: str = "http://your-host-ip:your-port/v1"
+    guardrails_model_api_key: str = "your-guardrails-model-api-key"
     guardrails_model_name: str = "Xiangxin-Guardrails-Text"
 
     # 检测最大上下文长度配置 (应该等于模型max-model-len - 1000)
@@ -72,6 +72,15 @@ def detection_log_dir(self) -> str:
 
     # HuggingFace模型
     huggingface_model: str = "xiangxinai/Xiangxin-Guardrails-Text"
+
+    # 嵌入模型API配置
+    # 用于知识库向量化的嵌入模型API
+    embedding_api_base_url: str = "http://your-host-ip:your-port/v1"
+    embedding_api_key: str = "your-embedding-api-key"
+    embedding_model_name: str = "Xiangxin-Embedding-1024"
+    embedding_model_dimension: int = 1024  # 嵌入向量维度
+    embedding_similarity_threshold: float = 0.7  # 相似度阈值
+    embedding_max_results: int = 5  # 最大返回结果数
 
     # JWT配置
     # 警告：请生成安全的随机密钥！使用: openssl rand -base64 64

backend/database/connection.py

@@ -146,7 +146,7 @@ async def init_db(minimal=False):
                         ]
 
                         default_responses = [
-                            ResponseTemplate(category="S1", risk_level="高风险", template_content="很抱歉，我不能讨论涉及政治敏感的话题。", is_default=True),
+                            ResponseTemplate(category="S1", risk_level="高风险", template_content="很抱歉，我不能讨论涉政话题。", is_default=True),
                             ResponseTemplate(category="S2", risk_level="高风险", template_content="很抱歉，我不能回答涉及敏感政治话题的问题。", is_default=True), 
                             ResponseTemplate(category="S3", risk_level="高风险", template_content="很抱歉，我不能回答损害国家形象的问题。", is_default=True),
                             ResponseTemplate(category="S4", risk_level="高风险", template_content="很抱歉，我不能提供可能对未成年人造成伤害的内容。", is_default=True),

backend/database/migrations/add_is_global_to_knowledge_bases.sql

@@ -0,0 +1,15 @@
+-- 添加is_global列到knowledge_bases表
+-- 用于支持全局知识库功能（所有用户生效的知识库）
+
+-- 添加is_global列
+ALTER TABLE knowledge_bases 
+ADD COLUMN is_global BOOLEAN DEFAULT false NOT NULL;
+
+-- 添加索引以提高查询性能
+CREATE INDEX idx_knowledge_bases_is_global ON knowledge_bases(is_global);
+
+-- 更新现有记录，默认都不是全局知识库
+UPDATE knowledge_bases SET is_global = false WHERE is_global IS NULL;
+
+-- 添加注释
+COMMENT ON COLUMN knowledge_bases.is_global IS '是否为全局知识库（所有用户生效），仅管理员可设置';

backend/database/models.py

@@ -287,6 +287,26 @@ class ProxyRequestLog(Base):
     user = relationship("User")
     proxy_config = relationship("ProxyModelConfig")
 
+class KnowledgeBase(Base):
+    """代答知识库表"""
+    __tablename__ = "knowledge_bases"
+
+    id = Column(Integer, primary_key=True, index=True)
+    user_id = Column(UUID(as_uuid=True), ForeignKey("users.id"), nullable=False, index=True)
+    category = Column(String(50), nullable=False, index=True)  # 风险类别 (S1-S12)
+    name = Column(String(255), nullable=False)  # 知识库名称
+    description = Column(Text)  # 描述
+    file_path = Column(String(512), nullable=False)  # 原始JSONL文件路径
+    vector_file_path = Column(String(512))  # 向量化文件路径
+    total_qa_pairs = Column(Integer, default=0)  # 问答对总数
+    is_active = Column(Boolean, default=True, index=True)  # 是否启用
+    is_global = Column(Boolean, default=False, index=True)  # 是否为全局知识库（所有用户生效），仅管理员可设置
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+    updated_at = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
+
+    # 关联关系
+    user = relationship("User")
+
 class OnlineTestModelSelection(Base):
     """在线测试模型选择表 - 记录用户在在线测试中选择的代理模型"""
     __tablename__ = "online_test_model_selections"