8 Sep 2023 - Optional user checks for AI Chatbot

Author: code-boxx

ai chatbot/chatbot/0-setup.bat

@@ -1,7 +1,7 @@
 php 0-setup.php
 virtualenv venv
 call venv\Scripts\activate
-pip install langchain transformers optimum auto-gptq chromadb sentence_transformers Flask
+pip install langchain transformers optimum auto-gptq chromadb sentence_transformers Flask pyjwt
 if "%1"=="GPU" (
   pip install torch torchvision torchaudio --force-reinstall --index-url https://download.pytorch.org/whl/cu117
 ) else (

ai chatbot/chatbot/0-setup.php

@@ -13,7 +13,9 @@
 // (D) COPY HOST SETTINGS FROM CORE-CONFIG.PHP TO SETTINGS.PY
 $replace = [
   "http_allow" => "[\"http://".HOST_NAME."\", \"https://".HOST_NAME."\"]",
-  "http_host" => "\"".HOST_NAME."\""
+  "http_host" => "\"".HOST_NAME."\"",
+  "jwt_algo" => "\"".JWT_ALGO."\"",
+  "jwt_secret" => "\"".JWT_SECRET."\""
 ];
 $cfg = file(PATH_CHATBOT . "settings.py") or exit("Cannot read". PATH_CHATBOT ."settings.py");
 foreach ($cfg as $j=>$line) { foreach ($replace as $k=>$v) { if (strpos($line, $k) !== false) {

ai chatbot/chatbot/0-setup.sh

@@ -1,7 +1,7 @@
 php 0-setup.php
 virtualenv venv
 source "venv/bin/activate"
-pip install langchain transformers optimum auto-gptq chromadb sentence_transformers Flask
+pip install langchain transformers optimum auto-gptq chromadb sentence_transformers Flask pyjwt
 if [[ $1 == "GPU" ]]
 then
   pip3 install torch torchvision torchaudio --force-reinstall

ai chatbot/chatbot/bot.py

@@ -1,7 +1,7 @@
 # (A) LOAD SETTINGS & MODULES
 import settings as set
 from flask import Flask, Response, request
-import torch
+import torch, jwt
 from transformers import AutoTokenizer, AutoModelForCausalLM, pipeline
 from langchain import PromptTemplate, HuggingFacePipeline
 from langchain.vectorstores import Chroma
@@ -19,8 +19,6 @@
   persist_directory = set.path_db,
   embedding_function = HuggingFaceEmbeddings()
 )
-pipe = ""
-chain = ""
 
 # (C) PIPE + CHAIN
 pipe = pipeline(
@@ -50,24 +48,53 @@
   verbose = set.chain_verbose
 )
 
-# (D) FLASK
+""" @TODO - ENABLE THIS TO OPEN FOR REGISTERED USERS ONLY
+# (D) VERIFY USER
+def jwtVerify(cookies):
+  try:
+    token = jwt.decode(
+      jwt = cookies.get("cbsess"),
+      key = set.jwt_secret,
+      audience = set.http_host,
+      algorithms = [set.jwt_algo]
+    )
+    # DO WHATEVER YOU WANT WITH THE DECODED USER TOKEN
+    # print(token)
+    return True
+  except Exception as error:
+    # print(error)
+    return False
+"""
+
+# (E) FLASK
 app = Flask(__name__)
-@app.route("/", methods=["POST"])
+@app.route("/", methods = ["POST"])
 def bot():
+  # (E1) CORS
   if "HTTP_ORIGIN" in request.environ and request.environ["HTTP_ORIGIN"] in set.http_allow:
+    # (E2-1) ALLOW ONLY REGISTERED USERS
+    """ @TODO - ENABLE THIS TO OPEN FOR REGISTERED USERS ONLY
+    if jwtVerify(request.cookies) is False:
+      return Response("Not Allowed", status = 405)
+    """
+
+    # (E2-2) ANSWER THE QUESTION
     data = dict(request.form)
     if "query" in data:
       ans = chain(data["query"])
       ans = ans["result"]
     else:
       ans = "Where's the question, yo?"
-    response = Response(ans, status=200)
+    response = Response(ans, status = 200)
     response.headers.add("Access-Control-Allow-Origin", request.environ["HTTP_ORIGIN"] )
     response.headers.add("Access-Control-Allow-Credentials", "true")
+
+  # (E2) ORIGIN NOT ALLOWED
   else:
-    response = Response("Not Allowed", status=405)
+    response = Response("Not Allowed", status = 405)
   return response
 
+# (F) GO!
 if __name__ == "__main__":
   app.run(
     host = set.http_host,

ai chatbot/chatbot/settings.py

@@ -35,4 +35,8 @@
 # (F) HTTP ENDPOINT
 http_allow = ["http://localhost"]
 http_host = "localhost"
-http_port = 8008
+http_port = 8008
+
+# (G) JWT
+jwt_algo = ""
+jwt_secret = ""

ai chatbot/pages/PAGE-ai.php

@@ -1,18 +1,22 @@
 <?php
-// (A) PAGE META
+// (A) FOR REGISTERED USERS ONLY
+// @TODO - ENABLE THIS TO OPEN FOR REGISTERED USERS ONLY
+// $_CORE->ucheck();
+
+// (B) PAGE META
 $_PMETA = ["load" => [
   ["l", HOST_ASSETS."PAGE-ai.css"],
   ["s", HOST_ASSETS."PAGE-ai.js", "defer"]
 ]];
 
-// (B) HTML PAGE
+// (C) HTML PAGE
 require PATH_PAGES . "TEMPLATE-top.php"; ?>
 <script>const AIEP = "<?=HOST_CHATBOT?>";</script>
 <div id="ai-wrap">
-  <!-- (B1) CHAT HISTORY -->
+  <!-- (C1) CHAT HISTORY -->
   <div id="ai-chat"></div>
 
-  <!-- (B2) QUERY -->
+  <!-- (C2) QUERY -->
   <form id="ai-query" class="d-flex align-items-stretch head border p-2 w-100" onsubmit="return chat.send()">
     <input type="text" id="ai-txt" placeholder="Question" 
            class="form-control form-control-sm" autocomplete="off" required disabled>

core/lib/LIB-Session.php

@@ -5,9 +5,9 @@ class Session extends Core {
     "domain" => HOST_NAME,
     "path" => "/",
     "httponly" => true,
-    "expires" => 0
-    // "secure" => true,
-    // "samesite" => "None"
+    "expires" => 0,
+    "samesite" => "Lax",
+    // "secure" => true
   ];
 
   // (B) CONSTRUCTOR - AUTO VALIDATE JWT COOKIE & RESTORE SESSION DATA