Hugging Face's logo

Spaces:
UcsTurkey
/
flare
Building

App Files Community
1
flare / admin_routes.py
ciyidogan's picture
ciyidogan
Update admin_routes.py
9105c66 verified
raw
history blame
29.3 kB
 """Admin API endpoints for Flare (Refactored)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Provides authentication, project, version, and API management endpoints with provider support.
"""
import os
import sys
import hashlib
import json
import jwt
import httpx
from datetime import datetime, timedelta, timezone
from typing import Optional, List, Dict, Any
from pathlib import Path
import threading
import time
import bcrypt
from fastapi import APIRouter, HTTPException, Depends, Body, Query
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from pydantic import BaseModel, Field
from utils import log
from config_provider import ConfigProvider, ProviderSettings
from encryption_utils import encrypt, decrypt
# ===================== JWT Config =====================
def get_jwt_config():
"""Get JWT configuration based on environment"""
# Check if we're in HuggingFace Space
if os.getenv("SPACE_ID"):
# Cloud mode - use secrets from environment
jwt_secret = os.getenv("JWT_SECRET")
if not jwt_secret:
log("⚠️ WARNING: JWT_SECRET not found in environment, using fallback")
jwt_secret = "flare-admin-secret-key-change-in-production" # Fallback
else:
# On-premise mode - use .env file
from dotenv import load_dotenv
load_dotenv()
jwt_secret = os.getenv("JWT_SECRET", "flare-admin-secret-key-change-in-production")
return {
"secret": jwt_secret,
"algorithm": os.getenv("JWT_ALGORITHM", "HS256"),
"expiration_hours": int(os.getenv("JWT_EXPIRATION_HOURS", "24"))
}
# ===================== Constants & Config =====================
router = APIRouter(prefix="/api")
security = HTTPBearer()
# ===================== Models =====================
class LoginRequest(BaseModel):
username: str
password: str
class LoginResponse(BaseModel):
token: str
username: str
class ChangePasswordRequest(BaseModel):
current_password: str
new_password: str
class ProviderSettingsUpdate(BaseModel):
name: str
api_key: Optional[str] = None
endpoint: Optional[str] = None
settings: Dict[str, Any] = Field(default_factory=dict)
class EnvironmentUpdate(BaseModel):
llm_provider: ProviderSettingsUpdate
tts_provider: ProviderSettingsUpdate
stt_provider: ProviderSettingsUpdate
parameter_collection_config: Optional[Dict[str, Any]] = None
class ProjectCreate(BaseModel):
name: str
caption: Optional[str] = ""
icon: Optional[str] = "folder"
description: Optional[str] = ""
default_locale: str = "tr"
supported_locales: List[str] = Field(default_factory=lambda: ["tr"])
timezone: str = "Europe/Istanbul"
region: str = "tr-TR"
class ProjectUpdate(BaseModel):
caption: str
icon: Optional[str] = "folder"
description: Optional[str] = ""
default_locale: str = "tr"
supported_locales: List[str] = Field(default_factory=lambda: ["tr"])
timezone: str = "Europe/Istanbul"
region: str = "tr-TR"
last_update_date: str
class VersionCreate(BaseModel):
caption: str
source_version_id: int | None = None
class IntentModel(BaseModel):
name: str
caption: Optional[str] = ""
detection_prompt: str
examples: List[Dict[str, str]] = [] # LocalizedExample format
parameters: List[Dict[str, Any]] = []
action: str
fallback_timeout_prompt: Optional[str] = None
fallback_error_prompt: Optional[str] = None
class VersionUpdate(BaseModel):
caption: str
general_prompt: str
llm: Dict[str, Any]
intents: List[IntentModel]
last_update_date: str
class APICreate(BaseModel):
name: str
url: str
method: str = "POST"
headers: Dict[str, str] = {}
body_template: Dict[str, Any] = {}
timeout_seconds: int = 10
retry: Dict[str, Any] = Field(default_factory=lambda: {"retry_count": 3, "backoff_seconds": 2, "strategy": "static"})
proxy: Optional[str] = None
auth: Optional[Dict[str, Any]] = None
response_prompt: Optional[str] = None
response_mappings: List[Dict[str, Any]] = []
class APIUpdate(BaseModel):
url: str
method: str
headers: Dict[str, str]
body_template: Dict[str, Any]
timeout_seconds: int
retry: Dict[str, Any]
proxy: Optional[str]
auth: Optional[Dict[str, Any]]
response_prompt: Optional[str]
response_mappings: List[Dict[str, Any]] = []
last_update_date: str
class TestRequest(BaseModel):
test_type: str # "all", "ui", "backend", "integration", "spark"
# ===================== Auth Helpers =====================
def create_token(username: str) -> str:
"""Create JWT token for user"""
config = get_jwt_config()
expiry = datetime.now(timezone.utc) + timedelta(hours=config["expiration_hours"])
payload = {
"sub": username,
"exp": expiry,
"iat": datetime.now(timezone.utc)
}
return jwt.encode(payload, config["secret"], algorithm=config["algorithm"])
def verify_token(credentials: HTTPAuthorizationCredentials = Depends(security)) -> str:
"""Verify JWT token and return username"""
token = credentials.credentials
config = get_jwt_config()
try:
payload = jwt.decode(token, config["secret"], algorithms=[config["algorithm"]])
return payload["sub"]
except jwt.ExpiredSignatureError:
raise HTTPException(status_code=401, detail="Token expired")
except jwt.InvalidTokenError:
raise HTTPException(status_code=401, detail="Invalid token")
# ===================== Auth Endpoints =====================
@router.post("/login", response_model=LoginResponse)
async def login(request: LoginRequest):
"""User login endpoint"""
cfg = ConfigProvider.get()
# Find user
user = next((u for u in cfg.global_config.users if u.username == request.username), None)
if not user:
raise HTTPException(status_code=401, detail="Invalid credentials")
# Verify password - Try both bcrypt and SHA256 for backward compatibility
password_valid = False
# First try bcrypt (new format)
try:
if user.password_hash.startswith("$2b$") or user.password_hash.startswith("$2a$"):
password_valid = bcrypt.checkpw(request.password.encode('utf-8'), user.password_hash.encode('utf-8'))
except:
pass
# If not valid, try SHA256 (old format)
if not password_valid:
sha256_hash = hashlib.sha256(request.password.encode('utf-8')).hexdigest()
password_valid = (user.password_hash == sha256_hash)
if not password_valid:
raise HTTPException(status_code=401, detail="Invalid credentials")
# Create token
token = create_token(request.username)
log(f"✅ User '{request.username}' logged in successfully")
return LoginResponse(token=token, username=request.username)
@router.post("/change-password")
async def change_password(
request: ChangePasswordRequest,
username: str = Depends(verify_token)
):
"""Change user password"""
cfg = ConfigProvider.get()
# Find user
user = next((u for u in cfg.global_config.users if u.username == username), None)
if not user:
raise HTTPException(status_code=404, detail="User not found")
# Verify current password
if not bcrypt.checkpw(request.current_password.encode('utf-8'), user.password_hash.encode('utf-8')):
raise HTTPException(status_code=401, detail="Current password is incorrect")
# Generate new password hash
salt = bcrypt.gensalt()
new_hash = bcrypt.hashpw(request.new_password.encode('utf-8'), salt)
# Update user
user.password_hash = new_hash.decode('utf-8')
user.salt = salt.decode('utf-8')
# Save configuration
cfg.save()
log(f"✅ Password changed for user '{username}'")
return {"success": True}
# ===================== Locales Endpoints =====================
@router.get("/locales")
async def get_available_locales(username: str = Depends(verify_token)):
"""Get all system-supported locales"""
from locale_manager import LocaleManager
locales = LocaleManager.get_available_locales_with_names()
return {
"locales": locales,
"default": LocaleManager.get_default_locale()
}
@router.get("/locales/{locale_code}")
async def get_locale_details(
locale_code: str,
username: str = Depends(verify_token)
):
"""Get detailed information for a specific locale"""
from locale_manager import LocaleManager
locale_info = LocaleManager.get_locale_details(locale_code)
if not locale_info:
raise HTTPException(status_code=404, detail=f"Locale '{locale_code}' not found")
return locale_info
# ===================== Environment Endpoints =====================
@router.get("/environment")
async def get_environment(username: str = Depends(verify_token)):
"""Get environment configuration with provider info"""
cfg = ConfigProvider.get()
env_config = cfg.global_config
# Provider tabanlı yeni yapıyı destekle
response = {}
# LLM Provider - eski yapıdan dönüştür
if hasattr(env_config, 'llm_provider'):
response["llm_provider"] = env_config.llm_provider.model_dump()
else:
# Eski yapıdan provider bilgisini oluştur
response["llm_provider"] = {
"name": env_config.work_mode if env_config.work_mode in ["gpt4o", "gpt4o-mini"] else "spark_cloud",
"api_key": env_config.cloud_token or "",
"endpoint": str(env_config.spark_endpoint),
"settings": {
"internal_prompt": getattr(env_config, 'internal_prompt', None)
}
}
# TTS Provider - eski yapıdan dönüştür
if hasattr(env_config, 'tts_provider'):
response["tts_provider"] = env_config.tts_provider.model_dump()
else:
response["tts_provider"] = {
"name": getattr(env_config, 'tts_engine', 'no_tts'),
"api_key": getattr(env_config, 'tts_engine_api_key', None) or "",
"endpoint": None,
"settings": getattr(env_config, 'tts_settings', {})
}
# STT Provider - eski yapıdan dönüştür
if hasattr(env_config, 'stt_provider'):
response["stt_provider"] = env_config.stt_provider.model_dump()
else:
response["stt_provider"] = {
"name": getattr(env_config, 'stt_engine', 'no_stt'),
"api_key": getattr(env_config, 'stt_engine_api_key', None) or "",
"endpoint": None,
"settings": getattr(env_config, 'stt_settings', {})
}
# Provider listesi
if hasattr(env_config, 'providers'):
response["providers"] = [p.model_dump() for p in env_config.providers]
else:
# Varsayılan provider listesi
response["providers"] = [
{
"type": "llm",
"name": "spark_cloud",
"display_name": "Spark LLM (Cloud)",
"requires_endpoint": True,
"requires_api_key": True,
"requires_repo_info": False
},
{
"type": "llm",
"name": "gpt4o",
"display_name": "GPT-4o",
"requires_endpoint": True,
"requires_api_key": True,
"requires_repo_info": False
},
{
"type": "llm",
"name": "gpt4o-mini",
"display_name": "GPT-4o Mini",
"requires_endpoint": True,
"requires_api_key": True,
"requires_repo_info": False
},
{
"type": "tts",
"name": "no_tts",
"display_name": "No TTS",
"requires_endpoint": False,
"requires_api_key": False,
"requires_repo_info": False
},
{
"type": "tts",
"name": "elevenlabs",
"display_name": "ElevenLabs",
"requires_endpoint": False,
"requires_api_key": True,
"requires_repo_info": False
},
{
"type": "stt",
"name": "no_stt",
"display_name": "No STT",
"requires_endpoint": False,
"requires_api_key": False,
"requires_repo_info": False
},
{
"type": "stt",
"name": "google",
"display_name": "Google Cloud STT",
"requires_endpoint": False,
"requires_api_key": True,
"requires_repo_info": False
}
]
# Parameter collection config
if hasattr(env_config, 'parameter_collection_config'):
response["parameter_collection_config"] = env_config.parameter_collection_config.model_dump()
else:
# Varsayılan değerler
response["parameter_collection_config"] = {
"max_params_per_question": 2,
"retry_unanswered": True,
"smart_grouping": True,
"collection_prompt": "You are a helpful assistant collecting information from the user..."
}
return response
@router.put("/environment")
async def update_environment(
update: EnvironmentUpdate,
username: str = Depends(verify_token)
):
"""Update environment configuration with provider validation"""
log(f"📝 Updating environment config by {username}")
cfg = ConfigProvider.get()
# Validate LLM provider
llm_provider_def = cfg.global_config.get_provider_config("llm", update.llm_provider.name)
if not llm_provider_def:
raise HTTPException(status_code=400, detail=f"Unknown LLM provider: {update.llm_provider.name}")
if llm_provider_def.requires_api_key and not update.llm_provider.api_key:
raise HTTPException(status_code=400, detail=f"{llm_provider_def.display_name} requires API key")
if llm_provider_def.requires_endpoint and not update.llm_provider.endpoint:
raise HTTPException(status_code=400, detail=f"{llm_provider_def.display_name} requires endpoint")
# Validate TTS provider
tts_provider_def = cfg.global_config.get_provider_config("tts", update.tts_provider.name)
if not tts_provider_def:
raise HTTPException(status_code=400, detail=f"Unknown TTS provider: {update.tts_provider.name}")
if tts_provider_def.requires_api_key and not update.tts_provider.api_key:
raise HTTPException(status_code=400, detail=f"{tts_provider_def.display_name} requires API key")
# Validate STT provider
stt_provider_def = cfg.global_config.get_provider_config("stt", update.stt_provider.name)
if not stt_provider_def:
raise HTTPException(status_code=400, detail=f"Unknown STT provider: {update.stt_provider.name}")
if stt_provider_def.requires_api_key and not update.stt_provider.api_key:
raise HTTPException(status_code=400, detail=f"{stt_provider_def.display_name} requires API key")
# Update via ConfigProvider
ConfigProvider.update_environment(update.model_dump(), username)
log(f"✅ Environment updated to LLM: {update.llm_provider.name}, TTS: {update.tts_provider.name}, STT: {update.stt_provider.name} by {username}")
return {"success": True}
# ===================== Project Endpoints =====================
@router.get("/projects/names")
def list_enabled_projects():
"""Get list of enabled project names for chat"""
cfg = ConfigProvider.get()
return [p.name for p in cfg.projects if p.enabled and not getattr(p, 'deleted', False)]
@router.get("/projects")
async def list_projects(
include_deleted: bool = False,
username: str = Depends(verify_token)
):
"""List all projects"""
cfg = ConfigProvider.get()
projects = cfg.projects
# Filter deleted if needed
if not include_deleted:
projects = [p for p in projects if not getattr(p, 'deleted', False)]
return [p.model_dump() for p in projects]
@router.get("/projects/{project_id}")
async def get_project(
project_id: int,
username: str = Depends(verify_token)
):
"""Get single project by ID"""
project = ConfigProvider.get_project(project_id)
if not project or getattr(project, 'deleted', False):
raise HTTPException(status_code=404, detail="Project not found")
return project.model_dump()
@router.post("/projects")
async def create_project(
project: ProjectCreate,
username: str = Depends(verify_token)
):
"""Create new project with initial version"""
# Validate supported locales
from locale_manager import LocaleManager
invalid_locales = LocaleManager.validate_project_languages(project.supported_locales)
if invalid_locales:
available_locales = LocaleManager.get_available_locales_with_names()
available_codes = [locale['code'] for locale in available_locales]
raise HTTPException(
status_code=400,
detail=f"Unsupported locales: {', '.join(invalid_locales)}. Available locales: {', '.join(available_codes)}"
)
# Check if default locale is in supported locales
if project.default_locale not in project.supported_locales:
raise HTTPException(
status_code=400,
detail="Default locale must be one of the supported locales"
)
# Create project via ConfigProvider
new_project = ConfigProvider.create_project(project.model_dump(), username)
log(f"✅ Project '{project.name}' created by {username}")
return new_project.model_dump()
@router.put("/projects/{project_id}")
async def update_project(
project_id: int,
update: ProjectUpdate,
username: str = Depends(verify_token)
):
"""Update project"""
# Validate supported locales
from locale_manager import LocaleManager
invalid_locales = LocaleManager.validate_project_languages(update.supported_locales)
if invalid_locales:
available_locales = LocaleManager.get_available_locales_with_names()
available_codes = [locale['code'] for locale in available_locales]
raise HTTPException(
status_code=400,
detail=f"Unsupported locales: {', '.join(invalid_locales)}. Available locales: {', '.join(available_codes)}"
)
# Update via ConfigProvider
updated_project = ConfigProvider.update_project(project_id, update.model_dump(), username)
log(f"✅ Project '{updated_project.name}' updated by {username}")
return updated_project.model_dump()
@router.delete("/projects/{project_id}")
async def delete_project(project_id: int, username: str = Depends(verify_token)):
"""Delete project (soft delete)"""
ConfigProvider.delete_project(project_id, username)
log(f"✅ Project deleted by {username}")
return {"success": True}
@router.patch("/projects/{project_id}/toggle")
async def toggle_project(project_id: int, username: str = Depends(verify_token)):
"""Toggle project enabled status"""
enabled = ConfigProvider.toggle_project(project_id, username)
log(f"✅ Project {'enabled' if enabled else 'disabled'} by {username}")
return {"enabled": enabled}
# ===================== Version Endpoints =====================
@router.get("/projects/{project_id}/versions")
async def list_versions(
project_id: int,
include_deleted: bool = False,
username: str = Depends(verify_token)
):
"""List project versions"""
project = ConfigProvider.get_project(project_id)
if not project:
raise HTTPException(status_code=404, detail="Project not found")
versions = project.versions
# Filter deleted if needed
if not include_deleted:
versions = [v for v in versions if not getattr(v, 'deleted', False)]
return [v.model_dump() for v in versions]
@router.post("/projects/{project_id}/versions")
async def create_version(
project_id: int,
version_data: VersionCreate,
username: str = Depends(verify_token)
):
"""Create new version"""
new_version = ConfigProvider.create_version(project_id, version_data.model_dump(), username)
log(f"✅ Version created for project {project_id} by {username}")
return new_version.model_dump()
@router.put("/projects/{project_id}/versions/{version_id}")
async def update_version(
project_id: int,
version_id: int,
update: VersionUpdate,
username: str = Depends(verify_token)
):
"""Update version"""
updated_version = ConfigProvider.update_version(project_id, version_id, update.model_dump(), username)
log(f"✅ Version {version_id} updated for project {project_id} by {username}")
return updated_version.model_dump()
@router.post("/projects/{project_id}/versions/{version_id}/publish")
async def publish_version(
project_id: int,
version_id: int,
username: str = Depends(verify_token)
):
"""Publish version"""
project, version = ConfigProvider.publish_version(project_id, version_id, username)
log(f"✅ Version {version_id} published for project '{project.name}' by {username}")
# Notify LLM provider if project is enabled and provider requires repo info
cfg = ConfigProvider.get()
llm_provider_def = cfg.global_config.get_provider_config("llm", cfg.global_config.llm_provider.name)
if project.enabled and llm_provider_def and llm_provider_def.requires_repo_info:
try:
await notify_llm_startup(project, version)
except Exception as e:
log(f"⚠️ Failed to notify LLM provider: {e}")
# Don't fail the publish
return {"success": True}
@router.delete("/projects/{project_id}/versions/{version_id}")
async def delete_version(
project_id: int,
version_id: int,
username: str = Depends(verify_token)
):
"""Delete version (soft delete)"""
ConfigProvider.delete_version(project_id, version_id, username)
log(f"✅ Version {version_id} deleted for project {project_id} by {username}")
return {"success": True}
@router.get("/projects/{project_name}/versions")
async def get_project_versions(
project_name: str,
username: str = Depends(verify_token)
):
"""Get all versions of a project for testing"""
cfg = ConfigProvider.get()
# Find project
project = next((p for p in cfg.projects if p.name == project_name), None)
if not project:
raise HTTPException(status_code=404, detail=f"Project '{project_name}' not found")
# Return versions with their status
versions = []
for v in project.versions:
if not getattr(v, 'deleted', False):
versions.append({
"version_number": v.id,
"caption": v.caption,
"published": v.published,
"description": getattr(v, 'description', ''),
"intent_count": len(v.intents),
"created_date": getattr(v, 'created_date', None),
"is_current": v.published # Published version is current
})
return {
"project_name": project_name,
"project_caption": project.caption,
"versions": versions
}
# ===================== API Endpoints =====================
@router.get("/apis")
async def list_apis(
include_deleted: bool = False,
username: str = Depends(verify_token)
):
"""List all APIs"""
cfg = ConfigProvider.get()
apis = cfg.apis
# Filter deleted if needed
if not include_deleted:
apis = [a for a in apis if not getattr(a, 'deleted', False)]
return [a.model_dump() for a in apis]
@router.post("/apis")
async def create_api(api: APICreate, username: str = Depends(verify_token)):
"""Create new API"""
new_api = ConfigProvider.create_api(api.model_dump(), username)
log(f"✅ API '{api.name}' created by {username}")
return new_api.model_dump()
@router.put("/apis/{api_name}")
async def update_api(
api_name: str,
update: APIUpdate,
username: str = Depends(verify_token)
):
"""Update API"""
updated_api = ConfigProvider.update_api(api_name, update.model_dump(), username)
log(f"✅ API '{api_name}' updated by {username}")
return updated_api.model_dump()
@router.delete("/apis/{api_name}")
async def delete_api(api_name: str, username: str = Depends(verify_token)):
"""Delete API (soft delete)"""
ConfigProvider.delete_api(api_name, username)
log(f"✅ API '{api_name}' deleted by {username}")
return {"success": True}
@router.post("/validate/regex")
async def validate_regex(
request: dict = Body(...),
username: str = Depends(verify_token)
):
"""Validate regex pattern"""
pattern = request.get("pattern", "")
test_value = request.get("test_value", "")
try:
import re
compiled_regex = re.compile(pattern)
matches = bool(compiled_regex.match(test_value))
return {
"valid": True,
"matches": matches,
"pattern": pattern,
"test_value": test_value
}
except Exception as e:
return {
"valid": False,
"matches": False,
"error": str(e),
"pattern": pattern,
"test_value": test_value
}
# ===================== Test Endpoints =====================
@router.post("/test/run-all")
async def run_all_tests(
request: TestRequest,
username: str = Depends(verify_token)
):
"""Run all tests"""
log(f"🧪 Running {request.test_type} tests requested by {username}")
# TODO: Implement test runner
# For now, return mock results
return {
"test_run_id": "test_" + datetime.now().isoformat(),
"status": "running",
"total_tests": 60,
"completed": 0,
"passed": 0,
"failed": 0,
"message": "Test run started"
}
@router.get("/test/status/{test_run_id}")
async def get_test_status(
test_run_id: str,
username: str = Depends(verify_token)
):
"""Get test run status"""
# TODO: Implement test status tracking
return {
"test_run_id": test_run_id,
"status": "completed",
"total_tests": 60,
"completed": 60,
"passed": 57,
"failed": 3,
"duration": 340.5,
"details": []
}
# ===================== Activity Log =====================
@router.get("/activity-log")
async def get_activity_log(
limit: int = Query(100, ge=1, le=1000),
entity_type: Optional[str] = None,
username: str = Depends(verify_token)
):
"""Get activity log"""
cfg = ConfigProvider.get()
logs = cfg.activity_log
# Filter by entity type if specified
if entity_type:
logs = [l for l in logs if l.entity_type == entity_type]
# Return most recent entries
return logs[-limit:]
# ===================== Helper Functions =====================
async def notify_llm_startup(project, version):
"""Notify LLM provider about project startup"""
from llm_factory import LLMFactory
try:
llm_provider = LLMFactory.create_provider()
# Build project config for startup
project_config = {
"name": project.name,
"version_id": version.id,
"repo_id": version.llm.repo_id,
"generation_config": version.llm.generation_config,
"use_fine_tune": version.llm.use_fine_tune,
"fine_tune_zip": version.llm.fine_tune_zip
}
success = await llm_provider.startup(project_config)
if success:
log(f"✅ LLM provider notified for project '{project.name}'")
else:
log(f"⚠️ LLM provider notification failed for project '{project.name}'")
except Exception as e:
log(f"❌ Error notifying LLM provider: {e}")
raise
# ===================== Cleanup Task =====================
def cleanup_activity_log():
"""Cleanup old activity log entries"""
while True:
try:
cfg = ConfigProvider.get()
# Keep only last 30 days
cutoff = datetime.now() - timedelta(days=30)
cutoff_str = cutoff.isoformat() + "Z"
original_count = len(cfg.activity_log)
cfg.activity_log = [
log for log in cfg.activity_log
if log.timestamp >= cutoff_str
]
if len(cfg.activity_log) < original_count:
removed = original_count - len(cfg.activity_log)
log(f"🧹 Cleaned up {removed} old activity log entries")
cfg.save()
except Exception as e:
log(f"❌ Activity log cleanup error: {e}")
# Run every hour
time.sleep(3600)
def start_cleanup_task():
"""Start the cleanup task in background"""
thread = threading.Thread(target=cleanup_activity_log, daemon=True)
thread.start()
log("🧹 Activity log cleanup task started")