@tiledesk/tiledesk-server 2.13.26 → 2.13.28

package/CHANGELOG.md

@@ -5,6 +5,17 @@
 🚀        IN PRODUCTION                        🚀
 (https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.77) 
 
+# 2.13.31
+- Added default context for general LLM
+- Updated tybot-connector to 2.0.35
+
+# 2.13.29
+- Minor improvements
+
+# 2.13.27
+- Added rate manager for webhook call
+- Increased json body limit for /webhook endpoint
+
 # 2.13.26
 - Fixed bug: LLM preview not working
 

package/app.js

@@ -217,10 +217,14 @@ var BanUserNotifier = require('./services/banUserNotifier');
 BanUserNotifier.listen();
 const { ChatbotService } = require('./services/chatbotService');
 const { QuoteManager } = require('./services/QuoteManager');
+const RateManager = require('./services/RateManager');
 
 let qm = new QuoteManager({ tdCache: tdCache });
 qm.start();
 
+let rm = new RateManager({ tdCache: tdCache });
+
+
 var modulesManager = undefined;
 try {
   modulesManager = require('./services/modulesManager');
@@ -255,7 +259,7 @@ app.set('view engine', 'jade');
 app.set('chatbot_service', new ChatbotService())
 app.set('redis_client', tdCache);
 app.set('quote_manager', qm);
-
+app.set('rate_manager', rm);
 
 // TODO DELETE IT IN THE NEXT RELEASE
 if (process.env.ENABLE_ALTERNATIVE_CORS_MIDDLEWARE === "true") {  
@@ -287,6 +291,13 @@ if (process.env.ENABLE_ALTERNATIVE_CORS_MIDDLEWARE === "true") {
 const JSON_BODY_LIMIT = process.env.JSON_BODY_LIMIT || '500KB';
 winston.debug("JSON_BODY_LIMIT : " + JSON_BODY_LIMIT);
 
+const WEBHOOK_BODY_LIMIT = process.env.WEBHOOK_BODY_LIMIT || '5mb';
+winston.debug("WEBHOOK_BODY_LIMIT : " + WEBHOOK_BODY_LIMIT);
+
+const webhookParser = bodyParser.json({ limit: WEBHOOK_BODY_LIMIT });
+
+app.use('/webhook', webhookParser, webhook);
+
 app.use(bodyParser.json({limit: JSON_BODY_LIMIT,
   verify: function (req, res, buf) {
     // var url = req.originalUrl;
@@ -388,7 +399,7 @@ app.options('*', cors());
 
 
 // });
-
+console.log("MAX_UPLOAD_FILE_SIZE: ", process.env.MAX_UPLOAD_FILE_SIZE);
 
 
 if (process.env.ROUTELOGGER_ENABLED==="true") {
@@ -517,7 +528,7 @@ app.use('/users_util', usersUtil);
 app.use('/logs', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken], logs);
 app.use('/requests_util', [passport.authenticate(['basic', 'jwt'], { session: false }), validtoken], requestUtilRoot);
 
-app.use('/webhook', webhook);
+//app.use('/webhook', webhook); // moved on top before body parser middleware
 
 // TODO security issues
 if (process.env.DISABLE_TRANSCRIPT_VIEW_PAGE ) {
@@ -674,13 +685,26 @@ app.use((err, req, res, next) => {
     return res.status(401).json({ err: "error ip filter" });
   }
 
+  const realIp = req.headers['x-forwarded-for']?.split(',')[0] || req.headers['x-real-ip'] || req.ip;
+
   //emitted by multer when the file is too big
   if (err.code === "LIMIT_FILE_SIZE") {
     winston.debug("LIMIT_FILE_SIZE");
+    winston.warn(`LIMIT_FILE_SIZE on ${req.originalUrl}`, {
+      limit: process.env.MAX_UPLOAD_FILE_SIZE,
+      ip: req.ip,
+      realIp: realIp
+    });
     return res.status(413).json({ err: "Content Too Large", limit_file_size: process.env.MAX_UPLOAD_FILE_SIZE });
-  } 
+  }
+  
+  if (err.type === "entity.too.large" || err.name === "PayloadTooLargeError") {
+    winston.warn("Payload too large", { expected: err.expected, limit: err.limit, length: err.length });
+    return res.status(413).json({ err: "Request entity too large", limit: err.limit});
+  }
+
 
-  winston.error("General error:: ", err);
+  winston.error("General error: ", err);
   return res.status(500).json({ err: "error" });
 });
 

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiledesk/tiledesk-server",
   "description": "The Tiledesk server module",
-  "version": "2.13.26",
+  "version": "2.13.28",
   "scripts": {
     "start": "node ./bin/www",
     "pretest": "mongodb-runner start",
@@ -49,10 +49,10 @@
     "@tiledesk/tiledesk-rasa-connector": "^1.0.10",
     "@tiledesk/tiledesk-sms-connector": "^0.1.11",
     "@tiledesk/tiledesk-telegram-connector": "^0.1.14",
-    "@tiledesk/tiledesk-tybot-connector": "^2.0.31",
+    "@tiledesk/tiledesk-tybot-connector": "^2.0.35",
     "@tiledesk/tiledesk-voice-twilio-connector": "^0.1.22",
-    "@tiledesk/tiledesk-vxml-connector": "^0.1.78",
-    "@tiledesk/tiledesk-whatsapp-connector": "1.0.10",
+    "@tiledesk/tiledesk-vxml-connector": "^0.1.87",
+    "@tiledesk/tiledesk-whatsapp-connector": "1.0.11",
     "@tiledesk/tiledesk-whatsapp-jobworker": "^0.0.13",
     "amqplib": "^0.5.5",
     "app-root-path": "^3.0.0",

package/routes/kb.js

@@ -103,7 +103,8 @@ let contexts = {
   "gpt-4o-mini":          "You are an helpful assistant for question-answering tasks. Follow these steps carefully:\n1. Answer in the same language of the user question, regardless of the retrieved context language\n2. Use ONLY the pieces of the retrieved context to answer the question.\n3. If the retrieved context does not contain sufficient information to generate an accurate and informative answer, return <NOANS>\n\n==Retrieved context start==\n{context}\n==Retrieved context end==",
   "gpt-4.1":              "You are an helpful assistant for question-answering tasks. Follow these steps carefully:\n1. Answer in the same language of the user question, regardless of the retrieved context language\n2. Use ONLY the pieces of the retrieved context to answer the question.\n3. If the retrieved context does not contain sufficient information to generate an accurate and informative answer, append <NOANS> at the end of the answer\n\n==Retrieved context start==\n{context}\n==Retrieved context end==",
   "gpt-4.1-mini":         "You are an helpful assistant for question-answering tasks. Follow these steps carefully:\n1. Answer in the same language of the user question, regardless of the retrieved context language\n2. Use ONLY the pieces of the retrieved context to answer the question.\n3. If the retrieved context does not contain sufficient information to generate an accurate and informative answer, append <NOANS> at the end of the answer\n\n==Retrieved context start==\n{context}\n==Retrieved context end==",
-  "gpt-4.1-nano":         "You are an helpful assistant for question-answering tasks. Follow these steps carefully:\n1. Answer in the same language of the user question, regardless of the retrieved context language\n2. Use ONLY the pieces of the retrieved context to answer the question.\n3. If the retrieved context does not contain sufficient information to generate an accurate and informative answer, append <NOANS> at the end of the answer\n\n==Retrieved context start==\n{context}\n==Retrieved context end=="
+  "gpt-4.1-nano":         "You are an helpful assistant for question-answering tasks. Follow these steps carefully:\n1. Answer in the same language of the user question, regardless of the retrieved context language\n2. Use ONLY the pieces of the retrieved context to answer the question.\n3. If the retrieved context does not contain sufficient information to generate an accurate and informative answer, append <NOANS> at the end of the answer\n\n==Retrieved context start==\n{context}\n==Retrieved context end==",
+  "general":              "You are an helpful assistant for question-answering tasks. Follow these steps carefully:\n1. Answer in the same language of the user question, regardless of the retrieved context language\n2. Use ONLY the pieces of the retrieved context to answer the question.\n3. If the retrieved context does not contain sufficient information to generate an accurate and informative answer, append <NOANS> at the end of the answer\n\n==Retrieved context start==\n{context}\n==Retrieved context end=="
 }
 
 /**
@@ -348,10 +349,11 @@ router.post('/qa', async (req, res) => {
 
   // Check if "Advanced Mode" is active. In such case the default_context must be not appended
   if (!data.advancedPrompt) {
+    const contextTemplate = contexts[data.model] || contexts["general"];
     if (data.system_context) {
-      data.system_context = data.system_context + " \n" + contexts[data.model];
+      data.system_context = data.system_context + " \n" + contextTemplate;
     } else {
-      data.system_context = contexts[data.model];
+      data.system_context = contextTemplate;
     }
   }
 
@@ -376,12 +378,12 @@ router.post('/qa', async (req, res) => {
 
   if (data.llm === 'vllm') {
     if (!vllm_integration.value.url) {
-      return res.status(422).send({ success: false, error: "Server url for ollama is empty or invalid"})
+      return res.status(422).send({ success: false, error: "Server url for vllm is empty or invalid"})
     }
     data.model = {
       name: data.model,
       url: vllm_integration.value.url,
-      provider: 'ollama'
+      provider: 'vllm'
     }
     data.stream = false;
   }

package/routes/webhook.js

@@ -209,6 +209,13 @@ router.all('/:webhook_id', async (req, res) => {
     return res.status(422).send({ success: false, error: "Webhook " + webhook_id + " is currently turned off"})
   }
 
+  const rate_manager = req.app.get("rate_manager");
+  const allowed = await rate_manager.canExecute(webhook.id_project, null, 'webhook');
+  if (!allowed) {
+    winston.warn("Webhook rate limit exceeded for project " + webhook.id_project)
+    return res.status(429).send({ message: "Rate limit exceeded"});
+  }
+
   payload.request_id = "automation-request-" + webhook.id_project + "-" + new ObjectId() + "-" + webhook_id;
 
   // To delete - Start

package/services/RateManager.js

@@ -0,0 +1,116 @@
+const project = require("../models/project");
+
+
+class RateManager {
+
+    constructor(config) {
+
+        if (!config) {
+            throw new Error('config is mandatory')
+        }
+
+        if (!config.tdCache) {
+            throw new Error('config.tdCache is mandatory')
+        }
+
+        this.tdCache = config.tdCache;
+
+    
+        // Default rates 
+        this.defaultRates = {
+            webhook: {
+                capacity: parseInt(process.env.BUCKET_WH_CAPACITY) || 10,
+                refill_rate: (parseInt(process.env.BUCKET_WH_REFILL_RATE_PER_MIN) || 10) / 60
+            },
+            message: {
+                capacity: parseInt(process.env.BUCKET_MSG_CAPACITY) || 100,
+                refill_rate: (parseInt(process.env.BUCKET_MSG_REFILL_RATE_PER_MIN) || 100) / 60
+            },
+            block: {
+                capacity: parseInt(process.env.BUCKET_BLK_CAPACITY) || 100,
+                refill_rate: (parseInt(process.env.BUCKET_BLK_REFILL_RATE_PER_MIN) || 100) / 60
+            }
+        }
+    }
+
+    async canExecute(projectOrId, id, type) {
+        
+        let project = projectOrId;
+        if (typeof projectOrId === 'string') {
+            project = await this.loadProject(projectOrId);
+            id = projectOrId;
+        }
+        
+        const config = await this.getRateConfig(project, type);
+        const key = `bucket:${type}:${id}`
+
+        let bucket = await this.getBucket(key, type, project);
+        let current_tokens = bucket.tokens;
+        let elapsed = (new Date() - new Date(bucket.timestamp)) / 1000;
+        let tokens = Math.min(config.capacity, current_tokens + (elapsed * config.refill_rate));
+
+        if (tokens > 0) {
+            tokens -= 1;
+            bucket.tokens = tokens;
+            bucket.timestamp = new Date();
+            this.setBucket(key, bucket)
+            return true;
+        } else {
+            bucket.timestamp = new Date();
+            return false;
+        }
+    }
+
+    async getRateConfig(project, type) {
+
+        const baseConfig = this.defaultRates[type];
+        if (!project) {
+            return baseConfig;
+        }
+
+        const custom = project?.profile?.customization?.rates?.[type];
+        if (!custom) {
+            return baseConfig;
+        }
+
+        return {
+            ...baseConfig,
+            ...custom
+        }
+    }
+
+    async setBucket(key, bucket) {
+        const bucket_string = JSON.stringify(bucket);
+        await this.tdCache.set(key, bucket_string, { EX: 600 });
+    }
+
+    async getBucket(key, type, project) {
+        let bucket = await this.tdCache.get(key);
+        if (bucket) {
+            return JSON.parse(bucket);
+        }
+        bucket = await this.createBucket(type, project);
+        return bucket;
+    }
+
+    async createBucket(type, project) {
+        const config = await this.getRateConfig(project, type)
+        return {
+            tokens: config.capacity,
+            timestamp: new Date()
+        }
+    }
+
+    async loadProject(id_project) {
+        // Hint: implement redis cache also for project
+        try {
+            return project.findById(id_project);
+        } catch (err) {
+            winston.error("(RateManager) Error getting project ", err);
+            return null;
+        }
+    }
+
+}
+
+module.exports = RateManager;

package/services/requestService.js

@@ -2855,7 +2855,10 @@ class RequestService {
         winston.debug("[RequestService] response: ", response);
         resolve(response.data);
       }).catch((err) => {
-        winston.error("get request parameter error: ", err.response.data);
+        winston.error("get request parameter error:", {
+          message: err.message,
+          data: err.response?.data
+        });
         reject(err);
       })
     })

package/services/webhookService.js

@@ -66,7 +66,7 @@ class WebhookService {
             await httpUtil.post(url, payload).then((response) => {
                 resolve(response.data);
             }).catch((err) => {
-                winston.error("Error calling webhook on post. Status " + err?.status + " " + err?.statusText + JSON.stringify(err?.response?.data));
+                winston.error("Error calling webhook on post. Status " + err?.status + " StatusText " + err?.statusText + " Data " + JSON.stringify(err?.response?.data));
                 reject(err);
             })
 

package/test/webhookRoute.js

@@ -1,6 +1,8 @@
 //During the test the env variable is set to test
 process.env.NODE_ENV = 'test';
 process.env.LOG_LEVEL = 'error';
+process.env.BUCKET_WH_CAPACITY = 2
+process.env.BUCKET_WH_REFILL_RATE = 2 / 60;
 
 var projectService = require('../services/projectService');
 var userService = require('../services/userService');
@@ -617,4 +619,83 @@ describe('WebhookRoute', () => {
             });
         });
     })
+
+    it('webhook-rate-limit', (done) => {
+
+        var email = "test-signup-" + Date.now() + "@email.com";
+        var pwd = "pwd";
+
+        userService.signup(email, pwd, "Test Firstname", "Test lastname").then(function (savedUser) {
+            projectService.create("test-webhook-create", savedUser._id).then(function (savedProject) {
+
+                chai.request(server)
+                    .post('/' + savedProject._id + '/faq_kb')
+                    .auth(email, pwd)
+                    .send({ name: "testbot", type: "tilebot", subtype: "webhook", language: "en", template: "blank" })
+                    .end((err, res) => {
+
+                        if (err) { console.error("err: ", err); }
+                        if (log) { console.log("res.body", res.body); }
+
+                        res.should.have.status(200);
+                        res.body.should.be.a('object');
+
+                        let chatbot_id = res.body._id;
+                        let webhook_intent_id = "3bfda939-ff76-4762-bbe0-fc0f0dc4c777"
+
+                        chai.request(server)
+                            .post('/' + savedProject._id + '/webhooks/')
+                            .auth(email, pwd)
+                            .send({ chatbot_id: chatbot_id, block_id: webhook_intent_id })
+                            .end((err, res) => {
+
+                                if (err) { console.error("err: ", err); }
+                                if (log) { console.log("res.body", res.body); }
+
+                                res.should.have.status(200);
+                                res.body.should.be.a('object');
+
+                                let webhook_id = res.body.webhook_id;
+
+                                let iterations = 4;
+                                let interval = 1000;
+                                async function send(i) {
+                                    chai.request(server)
+                                        .post('/webhook/' + webhook_id)
+                                        .auth(email, pwd)
+                                        .end((err, res) => {
+
+                                            if (err) { console.error("err: ", err); }
+                                            if (log) { console.log("res.body", res.body); }
+                                            
+                                            if (i !== 3) {
+                                                res.should.have.status(200);
+                                                res.body.should.be.a('object');
+                                                expect(res.body.success).to.equal(true);
+                                                expect(res.body.message).to.equal("Webhook disabled in test mode");
+                                            } else {
+                                                res.should.have.status(429);
+                                                res.body.should.be.a('object');
+                                                expect(res.body.message).to.equal("Rate limit exceeded");
+                                            }
+
+                                            i += 1;
+                                            if (i < iterations) {
+                                                setTimeout(() => {
+                                                    send(i)
+                                                }, interval);
+                                            } else {
+                                                done();
+                                            }
+                                    });
+                                }
+                                send(0);
+
+                        
+                            });
+
+                    });
+            });
+        });
+    })
 });