arize-phoenix 11.16.0__py3-none-any.whl → 11.17.0__py3-none-any.whl

{arize_phoenix-11.16.0.dist-info → arize_phoenix-11.17.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: arize-phoenix
-Version: 11.16.0
+Version: 11.17.0
 Summary: AI Observability and Evaluation
 Project-URL: Documentation, https://arize.com/docs/phoenix/
 Project-URL: Issues, https://github.com/Arize-ai/phoenix/issues

{arize_phoenix-11.16.0.dist-info → arize_phoenix-11.17.0.dist-info}/RECORD

@@ -1,12 +1,12 @@
 phoenix/__init__.py,sha256=xkpXH76HFbEDCq8IhiFp-2GnEHx39xPMdOpV5Skew1w,5481
-phoenix/auth.py,sha256=yW78f1xWNjTE30ACGUM14nOd5BzkukhlzA9B45kSUkM,11053
-phoenix/config.py,sha256=VWYsWA9yzL0ml_1dQ9Q-vnEZxBri1TO8zJocBBUVeZc,61985
+phoenix/auth.py,sha256=9rscOefuxy5VPcb6MlOYenuy3gDd5l7RxknONovGslE,11342
+phoenix/config.py,sha256=1Wb3pToeubtw1OFXsLct9HVYxQBsvjTqtPxkCT3q4OA,62749
 phoenix/datetime_utils.py,sha256=pRD-nzxXYKlMWNtd3r2tKGKfPFhwuJhfOAtlGLVAO60,8784
 phoenix/exceptions.py,sha256=n2L2KKuecrdflB9MsCdAYCiSEvGJptIsfRkXMoJle7A,169
 phoenix/py.typed,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
 phoenix/services.py,sha256=ngkyKGVatX3cO2WJdo2hKdaVKP-xJCMvqthvga6kJss,5196
 phoenix/settings.py,sha256=2kHfT3BNOVd4dAO1bq-syEQbHSG8oX2-7NhOwK2QREk,896
-phoenix/version.py,sha256=1jPwVRFknFjr1Z2-4KMQGv_ONw2Eybch5xZM1zNP1rg,24
+phoenix/version.py,sha256=HjDQzFRz8KWfrwF_W0ajYBKE8yZf-yeJHl8aLSu_Zis,24
 phoenix/core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 phoenix/core/embedding_dimension.py,sha256=zKGbcvwOXgLf-yrJBpQyKtd-LEOPRKHnUToyAU8Owis,87
 phoenix/core/model.py,sha256=qBFraOtmwCCnWJltKNP18DDG0mULXigytlFsa6YOz6k,4837
@@ -19,7 +19,7 @@ phoenix/db/bulk_inserter.py,sha256=MbbmKip6gFtnLP1ZA3Z-mP-zy-Qnb9bPD8mRXJQOW2c,1
 phoenix/db/constants.py,sha256=-YE2rkzcROG06_rerfnX5hC7fLzOHx1Gjw4nXhX_um4,46
 phoenix/db/engines.py,sha256=tB_8iWMDz0folryVvw29sbBUxJOB2XZ-Xx0Uexj3uns,6889
 phoenix/db/enums.py,sha256=w3O5YuJEEzVTwVDZb8b2UUFhU8yK_GosF081VVrrno0,188
-phoenix/db/facilitator.py,sha256=aRbkIJkIDP2zMsLKbO7Y8jJq4U2HbV7Lf6GYVWXVImU,20151
+phoenix/db/facilitator.py,sha256=UIC-l14p3R8GFVWPmz04NY-CDm_zAynXCAuIYpj_W_g,20254
 phoenix/db/helpers.py,sha256=dsGONSgkhmVtjMpJh-84KRVTf5uPdQ5c8O2AhUgHkRg,14150
 phoenix/db/migrate.py,sha256=oUrXH8yEbcpL4eh09aSCuUiSrhFli0eT5D_j4ZmYChY,2797
 phoenix/db/models.py,sha256=bxyBRSST8rqBKcAyPyyDHmkv9AadaE3XmQnpcaMvvnk,61588
@@ -114,7 +114,7 @@ phoenix/server/api/exceptions.py,sha256=E2W0x63CBzc0CoQPptrLr9nZxPF9zIP8MCJ3RuJM
 phoenix/server/api/interceptor.py,sha256=ykDnoC_apUd-llVli3m1CW18kNSIgjz2qZ6m5JmPDu8,1294
 phoenix/server/api/queries.py,sha256=--ycVajCdDuN4Y-7bnD9py3BIXVWnZEwrpwDEW2Y8i4,46498
 phoenix/server/api/schema.py,sha256=fcs36xQwFF_Qe41_5cWR8wYpDvOrnbcyTeo5WNMbDsA,1702
-phoenix/server/api/subscriptions.py,sha256=ZOGNsLVr5TNjCWgbzO7Eq6Ls_NRdJH9AxC0cW_v0vhM,25332
+phoenix/server/api/subscriptions.py,sha256=U7JZl-FGfsaIhRkIFdeSQLqR7xCS7CY1h-21BOAcaqY,25439
 phoenix/server/api/utils.py,sha256=quCBRcusc6PUq9tJq7M8PgwFZp7nXgVAxtbw8feribY,833
 phoenix/server/api/dataloaders/__init__.py,sha256=ddiX1BdbyGkPTzMZNo-hkF_2kqIquelBUFvQejnAJYk,6834
 phoenix/server/api/dataloaders/annotation_configs_by_project.py,sha256=_Nfiug9o01JimU3Z0LpZJ0uaMCjchXomyt_dYAxPFRY,1178
@@ -232,7 +232,7 @@ phoenix/server/api/input_types/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5
 phoenix/server/api/mutations/__init__.py,sha256=DlAwXDKQzOpY4vFiDUR9Cu2kmncFr4m-RPRyQABBPIE,1972
 phoenix/server/api/mutations/annotation_config_mutations.py,sha256=i7NsQhYICcQ-I-tnFjGtVAYc8WVmMBacmRaqHWJ25t4,15433
 phoenix/server/api/mutations/api_key_mutations.py,sha256=nfnRjALCaQMi_jIbEPW4G3Dn3tPnmZVU11tpBbBijGA,6242
-phoenix/server/api/mutations/chat_mutations.py,sha256=97g5OEpFklS2hI73ACCzpRBq5s_h9-nxzbUr82XmU-8,24373
+phoenix/server/api/mutations/chat_mutations.py,sha256=KB9_39rcGWI8x687ktAiijgww-P8B9mVJKnyL8NCmKQ,24647
 phoenix/server/api/mutations/dataset_mutations.py,sha256=KRlF-Ag3twqaBpLR_6WYxf57DffaGuFBm-soaBPStbI,27787
 phoenix/server/api/mutations/experiment_mutations.py,sha256=p3CoLAa8nFPa3D759Y2A7De_PVJNGOL98mA3HoZBrRQ,3188
 phoenix/server/api/mutations/export_events_mutations.py,sha256=xoDnVWC7eA_8wNQP0-oyiHojyUZ0EhVVSrsAnztetC0,3993
@@ -245,14 +245,14 @@ phoenix/server/api/mutations/prompt_version_tag_mutations.py,sha256=t77osYb5he2A
 phoenix/server/api/mutations/span_annotations_mutations.py,sha256=LQPcODp7-ZobXspjmtLaamyQa8UkTONC_va-ST9r-k8,15015
 phoenix/server/api/mutations/trace_annotations_mutations.py,sha256=zWoMfOMSQZqw7gZl7Le2PRojkDcG_KOiP1iIuqZpZ8Q,11971
 phoenix/server/api/mutations/trace_mutations.py,sha256=AvtQAfqNWBQpJOZm4e0DZFimhVJ6HQHtSSZtezRadCo,4698
-phoenix/server/api/mutations/user_mutations.py,sha256=9vFWfvfhb6RUdxL8xajV2-P2kVDtFRijRD58OFeBY4M,15373
+phoenix/server/api/mutations/user_mutations.py,sha256=6mwMx5I5c_VgUutOLrN9LSMcyPLgXzNaT0XT24ZwNWM,15473
 phoenix/server/api/openapi/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 phoenix/server/api/openapi/main.py,sha256=yKdzJYI4cxy_1mFcK4_7YObIcuRviBIfwNjB23RG14k,461
 phoenix/server/api/openapi/schema.py,sha256=WGmHWSIyJhtc5EIh_M3vlXU-EgHkFuTlyVofgS0kj1I,529
 phoenix/server/api/routers/__init__.py,sha256=YIzHsIFOOXuCRbDkMUHx-McrANFJK5UfUn6a4BNIzmo,277
-phoenix/server/api/routers/auth.py,sha256=nwoum3HKlrSkNF0MWN91rrsTcWMVKefGI9xPz9s0DGw,11604
+phoenix/server/api/routers/auth.py,sha256=PKGwWdw7O015KmjMY1mIxlvXeU7OrmqIPF5TWTOGmp4,11871
 phoenix/server/api/routers/embeddings.py,sha256=BpZGJee0pdL0W5Rp1L0b30dEtZTgJeVqXky8LgZ0ZXw,898
-phoenix/server/api/routers/oauth2.py,sha256=rwIqeJe4T5jK5NeuPAmrfNsbBqUZhMSFRNJdOJYyFPc,24445
+phoenix/server/api/routers/oauth2.py,sha256=rPcKFvfijzBYLjfwbCNzCn0ihn4wGWh4xh6BRqg9Ay4,24524
 phoenix/server/api/routers/utils.py,sha256=M41BoH-fl37izhRuN2aX7lWm7jOC20A_3uClv9TVUUY,583
 phoenix/server/api/routers/v1/__init__.py,sha256=ngLMPjC7lgZxgKy_Is33KxTRnMzSqy25qTTChCVx_Mo,2696
 phoenix/server/api/routers/v1/annotation_configs.py,sha256=xp5lJmKYlRsINCUrRD9-lTAElw2v4hdFndS5BWrxICA,16048
@@ -261,13 +261,13 @@ phoenix/server/api/routers/v1/datasets.py,sha256=9iPORLmbOrPKgUUcRDMs6ZczSIz7hvc
 phoenix/server/api/routers/v1/evaluations.py,sha256=_I0X01J8EZmTlfAGkvMkZ05IB3x691xzUmHV05ov26Y,12914
 phoenix/server/api/routers/v1/experiment_evaluations.py,sha256=_xnVqFCwZoOUPravdPixZLSQiU1H3sB5EzMknB7E1CI,4837
 phoenix/server/api/routers/v1/experiment_runs.py,sha256=LZeCQWQIEOZ9jK5Gp_C4JbiYY6AmnnWe85cVcvdkCLE,7107
-phoenix/server/api/routers/v1/experiments.py,sha256=osy0JG_iVSCkoRi__0tjldfS5zzBDvNfv-GimbP4ShA,20537
+phoenix/server/api/routers/v1/experiments.py,sha256=wML-cad0NiflFGIysaJECFulXLqj5rjwMmNmKQVaGzw,20592
 phoenix/server/api/routers/v1/models.py,sha256=p3gJN-9SWiUYTUTft4bZMsZVCBNTb4nN1Foy68eRZzQ,1997
 phoenix/server/api/routers/v1/projects.py,sha256=32GwTLsaFgQLVNdjrlrGe90XT3pIX1N7-zX9D9_J_4w,12701
 phoenix/server/api/routers/v1/prompts.py,sha256=chRYcLkOYDJdJfVZVukVTUyIRnLPvsJCg41CuPxOIU8,26695
 phoenix/server/api/routers/v1/spans.py,sha256=ETH6I14O_zY9IW69Fo-LxL796BR3xgt8qdzwqzYAvbE,44208
 phoenix/server/api/routers/v1/traces.py,sha256=uLASCHMgU13tUhuWXnXqaom1crrQVpXi9PUtsyDXU9Y,10318
-phoenix/server/api/routers/v1/users.py,sha256=hUZCe7ctJqEkSJBe046a0OAFMLZodtyO7NLP7U6S8Pg,11986
+phoenix/server/api/routers/v1/users.py,sha256=eO8zMtGU33Td2_G1l9D7Z0a4CG1CwBUCj_Z9z2uk7wg,12089
 phoenix/server/api/routers/v1/utils.py,sha256=oXIOGPzPTkE0ZWUTRCoRIQQ7wTzoSwtWFaUSjlGBqts,4960
 phoenix/server/api/types/Annotation.py,sha256=gsl8CwjIbDUbZRj4d9USwZ_w_Tkz4i7zuZh9ftV80jA,1132
 phoenix/server/api/types/AnnotationConfig.py,sha256=TPukZUgvFC17W93Vnme21EhswasBMR-ZiuSWteiWZOU,3891
@@ -376,6 +376,8 @@ phoenix/server/email/templates/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5
 phoenix/server/email/templates/db_disk_usage_notification.html,sha256=Atv2XnKkC7HasTTCZYAWySr7VbupAGwbIiJ9eQ4r2l0,906
 phoenix/server/email/templates/password_reset.html,sha256=jv0Pe-06JloPZcubRWxPdAFHYEn9eDj_4SjmuoIwshI,441
 phoenix/server/email/templates/welcome.html,sha256=AyVsIOtpmyYwWmmkXjuEgXwkbsag4YHHKfkmOTiNo-M,316
+phoenix/server/experiments/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+phoenix/server/experiments/utils.py,sha256=I8OSkjLse7eVJasyiBwql7ihzOrMivsxOQVhD8aWi1E,356
 phoenix/server/middleware/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 phoenix/server/middleware/gzip.py,sha256=hoznxxXdJlb6_XSyNXFz0OLd9FhtCHv6Tm0TWh0Zijk,1363
 phoenix/server/openapi/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -389,10 +391,10 @@ phoenix/server/static/apple-touch-icon-76x76.png,sha256=CT_xT12I0u2i0WU8JzBZBuOQ
 phoenix/server/static/apple-touch-icon.png,sha256=fOfpjqGpWYbJ0eAurKsyoZP1EAs6ZVooBJ_SGk2ZkDs,3801
 phoenix/server/static/favicon.ico,sha256=bY0vvCKRftemZfPShwZtE93DiiQdaYaozkPGwNFr6H8,34494
 phoenix/server/static/modernizr.js,sha256=mvK-XtkNqjOral-QvzoqsyOMECXIMu5BQwSVN_wcU9c,2564
-phoenix/server/static/.vite/manifest.json,sha256=kdJluW5SaIjnZ4iseFuA4LCG0bVknsw1pSXJT2h3XLo,2165
-phoenix/server/static/assets/components-CK8hwrPx.js,sha256=g1vGnQRiqgG1yDDRMSbiUES-P4kkwsUbl4BPl9EH3Ek,650224
-phoenix/server/static/assets/index-ByWTGseQ.js,sha256=S6_w9RczLWlZc2MxJ5_G_Z7O464nyUIQcns2SXhtAHU,63020
-phoenix/server/static/assets/pages-D8Hgmz1V.js,sha256=zVZMTQw6vFjJPf9FjvfXpYwosimlWXCGtMnwxNBbMKs,1208677
+phoenix/server/static/.vite/manifest.json,sha256=48DKS78rqBq8OHQd2eb76lt5r2gQlHve4Ow7LB2xzLM,2165
+phoenix/server/static/assets/components-B7NKnJXz.js,sha256=yk-zZLTZ1djweAS0tVSnq7Ju28H-P8wvh0-HqNS7ny0,650348
+phoenix/server/static/assets/index-9n9lXgT6.js,sha256=GJb5yf2HCr_6u8_0A2xAuMo7ppXVp7MtP_p83GxnBAM,63064
+phoenix/server/static/assets/pages-CvqPVUA3.js,sha256=uhmqphVuAlblKQBOPY5vw4TcfIfj4GH5Ut_1KwNvrf4,1208813
 phoenix/server/static/assets/vendor-CqDb5u4o.css,sha256=zIyFiNJKxMaQk8AvtLgt1rR01oO10d1MFndSDKH9Clw,5517
 phoenix/server/static/assets/vendor-_6rG8OMg.js,sha256=stdw5w5Q5kJ0EkGpzu_f_IYaEEwKHkn3eNDZSxBRQUE,2682340
 phoenix/server/static/assets/vendor-arizeai-BznCmJFh.js,sha256=qFSHnyPDSh4mml_O0oiMaCmZv2e9E3VQXPxzySPABWA,151750
@@ -439,9 +441,9 @@ phoenix/utilities/project.py,sha256=auVpARXkDb-JgeX5f2aStyFIkeKvGwN9l7qrFeJMVxI,
 phoenix/utilities/re.py,sha256=6YyUWIkv0zc2SigsxfOWIHzdpjKA_TZo2iqKq7zJKvw,2081
 phoenix/utilities/span_store.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 phoenix/utilities/template_formatters.py,sha256=gh9PJD6WEGw7TEYXfSst1UR4pWWwmjxMLrDVQ_CkpkQ,2779
-arize_phoenix-11.16.0.dist-info/METADATA,sha256=Vhoaw8m0XPZKoPzmUJxOrEfcQ-UZhTdIGXceg5fEiuU,30851
-arize_phoenix-11.16.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-arize_phoenix-11.16.0.dist-info/entry_points.txt,sha256=Pgpn8Upxx9P8z8joPXZWl2LlnAlGc3gcQoVchb06X1Q,94
-arize_phoenix-11.16.0.dist-info/licenses/IP_NOTICE,sha256=JBqyyCYYxGDfzQ0TtsQgjts41IJoa-hiwDrBjCb9gHM,469
-arize_phoenix-11.16.0.dist-info/licenses/LICENSE,sha256=HFkW9REuMOkvKRACuwLPT0hRydHb3zNg-fdFt94td18,3794
-arize_phoenix-11.16.0.dist-info/RECORD,,
+arize_phoenix-11.17.0.dist-info/METADATA,sha256=nXdJG0rfxbEw8NVFRaftEkhrc18xcNqpOMRlPgMzd1c,30851
+arize_phoenix-11.17.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+arize_phoenix-11.17.0.dist-info/entry_points.txt,sha256=Pgpn8Upxx9P8z8joPXZWl2LlnAlGc3gcQoVchb06X1Q,94
+arize_phoenix-11.17.0.dist-info/licenses/IP_NOTICE,sha256=JBqyyCYYxGDfzQ0TtsQgjts41IJoa-hiwDrBjCb9gHM,469
+arize_phoenix-11.17.0.dist-info/licenses/LICENSE,sha256=HFkW9REuMOkvKRACuwLPT0hRydHb3zNg-fdFt94td18,3794
+arize_phoenix-11.17.0.dist-info/RECORD,,

phoenix/auth.py

@@ -47,6 +47,18 @@ def is_valid_password(*, password: Secret, salt: bytes, password_hash: bytes) ->
     return password_hash == compute_password_hash(password=password, salt=salt)
 
 
+def sanitize_email(email: str) -> str:
+    """
+    Sanitizes an email address by trimming whitespace and converting to lowercase.
+
+    Args:
+        email (str): the email address to sanitize
+    Returns:
+        str: the sanitized email address
+    """
+    return email.strip().lower()
+
+
 def validate_email_format(email: str) -> None:
     """
     Checks that the email has a valid format.

phoenix/config.py

@@ -333,6 +333,10 @@ Whether to verify client certificates for mutual TLS (mTLS) authentication.
 When set to true, clients must provide valid certificates signed by the CA specified in
 PHOENIX_TLS_CA_FILE.
 """
+ENV_PHOENIX_DEFAULT_RETENTION_POLICY_DAYS = "PHOENIX_DEFAULT_RETENTION_POLICY_DAYS"
+"""
+The default retention policy for traces in days.
+"""
 
 
 @dataclass(frozen=True)
@@ -494,6 +498,20 @@ def get_env_tls_verify_client() -> bool:
     return _bool_val(ENV_PHOENIX_TLS_VERIFY_CLIENT, False)
 
 
+def get_env_default_retention_policy_days() -> int:
+    """
+    Returns the number of days for the default retention policy as set by the
+    PHOENIX_DEFAULT_RETENTION_POLICY_DAYS environment variable, defaulting to 0 if not set.
+
+    Returns:
+        int: Number of days for the default retention policy. Defaults to 0 if the environment variable is not set.
+    """  # noqa: E501
+    days = _int_val(ENV_PHOENIX_DEFAULT_RETENTION_POLICY_DAYS, 0)
+    if days < 0:
+        raise ValueError("PHOENIX_DEFAULT_RETENTION_POLICY_DAYS must be non-negative")
+    return days
+
+
 def get_env_tls_config() -> Optional[TLSConfig]:
     """
     Retrieves and validates TLS configuration from environment variables.
@@ -865,6 +883,8 @@ def get_env_admins() -> dict[str, str]:
     """
     if not (env_value := getenv(ENV_PHOENIX_ADMINS)):
         return {}
+    from phoenix.auth import sanitize_email
+
     usernames = set()
     emails = set()
     ans = {}
@@ -881,7 +901,7 @@ def get_env_admins() -> dict[str, str]:
                 f"Expected format: 'username=email'"
             )
         username = pair[:last_equals_pos].strip()
-        email_addr = pair[last_equals_pos + 1 :].strip()
+        email_addr = sanitize_email(pair[last_equals_pos + 1 :])
         try:
             email_addr = validate_email(email_addr, check_deliverability=False).normalized
         except EmailNotValidError:

phoenix/db/facilitator.py

@@ -28,6 +28,7 @@ from phoenix.auth import (
 from phoenix.config import (
     get_env_admins,
     get_env_default_admin_initial_password,
+    get_env_default_retention_policy_days,
     get_env_disable_basic_auth,
 )
 from phoenix.db import models
@@ -334,7 +335,9 @@ async def _ensure_default_project_trace_retention_policy(db: DbSessionFactory) -
         ):
             return
         cron_expression = TraceRetentionCronExpression(root="0 0 * * 0")
-        rule = TraceRetentionRule(root=MaxDaysRule(max_days=0))
+        rule = TraceRetentionRule(
+            root=MaxDaysRule(max_days=get_env_default_retention_policy_days())
+        )
         await session.execute(
             sa.insert(models.ProjectTraceRetentionPolicy),
             [

phoenix/server/api/mutations/chat_mutations.py

@@ -23,6 +23,7 @@ from strawberry.relay import GlobalID
 from strawberry.types import Info
 from typing_extensions import assert_never
 
+from phoenix.config import PLAYGROUND_PROJECT_NAME
 from phoenix.datetime_utils import local_now, normalize_datetime
 from phoenix.db import models
 from phoenix.db.helpers import get_dataset_example_revisions
@@ -64,6 +65,7 @@ from phoenix.server.api.types.DatasetVersion import DatasetVersion
 from phoenix.server.api.types.node import from_global_id_with_expected_type
 from phoenix.server.api.types.Span import Span
 from phoenix.server.dml_event import SpanInsertEvent
+from phoenix.server.experiments.utils import generate_experiment_project_name
 from phoenix.trace.attributes import unflatten
 from phoenix.trace.schemas import SpanException
 from phoenix.utilities.json import jsonify
@@ -163,6 +165,7 @@ class ChatCompletionMutationMixin:
             if input.dataset_version_id
             else None
         )
+        project_name = generate_experiment_project_name()
         async with info.context.db() as session:
             dataset = await session.scalar(select(models.Dataset).filter_by(id=dataset_id))
             if dataset is None:
@@ -196,7 +199,7 @@ class ChatCompletionMutationMixin:
                 description=input.experiment_description,
                 repetitions=1,
                 metadata_=input.experiment_metadata or dict(),
-                project_name=PLAYGROUND_PROJECT_NAME,
+                project_name=project_name,
             )
             session.add(experiment)
             await session.flush()
@@ -222,6 +225,7 @@ class ChatCompletionMutationMixin:
                             ),
                             prompt_name=input.prompt_name,
                         ),
+                        project_name=project_name,
                     )
                     for revision in batch
                 ),
@@ -320,6 +324,8 @@ class ChatCompletionMutationMixin:
         info: Info[Context, None],
         llm_client: PlaygroundStreamingClient,
         input: ChatCompletionInput,
+        project_name: str = PLAYGROUND_PROJECT_NAME,
+        project_description: str = "Traces from prompt playground",
     ) -> ChatCompletionMutationPayload:
         attributes: dict[str, Any] = {}
         attributes.update(dict(prompt_metadata(input.prompt_name)))
@@ -414,15 +420,15 @@ class ChatCompletionMutationMixin:
             # Get or create the project ID
             if (
                 project_id := await session.scalar(
-                    select(models.Project.id).where(models.Project.name == PLAYGROUND_PROJECT_NAME)
+                    select(models.Project.id).where(models.Project.name == project_name)
                 )
             ) is None:
                 project_id = await session.scalar(
                     insert(models.Project)
                     .returning(models.Project.id)
                     .values(
-                        name=PLAYGROUND_PROJECT_NAME,
-                        description="Traces from prompt playground",
+                        name=project_name,
+                        description=project_description,
                     )
                 )
             trace = models.Trace(
@@ -622,5 +628,3 @@ TOOL_JSON_SCHEMA = ToolAttributes.TOOL_JSON_SCHEMA
 PROMPT_TEMPLATE_VARIABLES = SpanAttributes.LLM_PROMPT_TEMPLATE_VARIABLES
 
 LLM_PROVIDER = SpanAttributes.LLM_PROVIDER
-
-PLAYGROUND_PROJECT_NAME = "playground"

phoenix/server/api/mutations/user_mutations.py

@@ -21,6 +21,7 @@ from phoenix.auth import (
     PASSWORD_REQUIREMENTS,
     PHOENIX_ACCESS_TOKEN_COOKIE_NAME,
     PHOENIX_REFRESH_TOKEN_COOKIE_NAME,
+    sanitize_email,
     validate_email_format,
     validate_password_format,
 )
@@ -115,20 +116,23 @@ class UserMutationMixin:
         info: Info[Context, None],
         input: CreateUserInput,
     ) -> UserMutationPayload:
+        # Sanitize email by trimming and lowercasing
+        email = sanitize_email(input.email)
+
         user: models.User
         if input.auth_method is AuthMethod.OAUTH2:
             user = models.OAuth2User(
-                email=input.email,
+                email=email,
                 username=input.username,
             )
         else:
             assert input.password
-            validate_email_format(input.email)
+            validate_email_format(email)
             validate_password_format(input.password)
             salt = secrets.token_bytes(DEFAULT_SECRET_LENGTH)
             password_hash = await info.context.hash_password(Secret(input.password), salt)
             user = models.LocalUser(
-                email=input.email,
+                email=email,
                 username=input.username,
                 password_hash=password_hash,
                 password_salt=salt,

phoenix/server/api/routers/auth.py

@@ -6,7 +6,7 @@ from pathlib import Path
 from urllib.parse import urlencode, urlparse, urlunparse
 
 from fastapi import APIRouter, Depends, HTTPException, Request, Response
-from sqlalchemy import select
+from sqlalchemy import func, select
 from sqlalchemy.orm import joinedload
 from starlette.status import (
     HTTP_204_NO_CONTENT,
@@ -29,6 +29,7 @@ from phoenix.auth import (
     delete_oauth2_state_cookie,
     delete_refresh_token_cookie,
     is_valid_password,
+    sanitize_email,
     set_access_token_cookie,
     set_refresh_token_cookie,
     validate_password_format,
@@ -87,9 +88,14 @@ async def login(request: Request) -> Response:
     if not email or not password:
         raise HTTPException(status_code=HTTP_401_UNAUTHORIZED, detail="Email and password required")
 
+    # Sanitize email by trimming and lowercasing
+    email = sanitize_email(email)
+
     async with request.app.state.db() as session:
         user = await session.scalar(
-            select(models.User).filter_by(email=email).options(joinedload(models.User.role))
+            select(models.User)
+            .where(func.lower(models.User.email) == email)
+            .options(joinedload(models.User.role))
         )
         if (
             user is None
@@ -207,6 +213,10 @@ async def initiate_password_reset(request: Request) -> Response:
     data = await request.json()
     if not (email := data.get("email")):
         raise MISSING_EMAIL
+
+    # Sanitize email by trimming and lowercasing
+    email = sanitize_email(email)
+
     sender: EmailSender = request.app.state.email_sender
     if sender is None:
         raise SMTP_UNAVAILABLE
@@ -214,7 +224,7 @@ async def initiate_password_reset(request: Request) -> Response:
     async with request.app.state.db() as session:
         user = await session.scalar(
             select(models.User)
-            .filter_by(email=email)
+            .where(func.lower(models.User.email) == email)
             .options(
                 joinedload(models.User.password_reset_token).load_only(models.PasswordResetToken.id)
             )

phoenix/server/api/routers/oauth2.py

@@ -27,6 +27,7 @@ from phoenix.auth import (
     PHOENIX_OAUTH2_STATE_COOKIE_NAME,
     delete_oauth2_nonce_cookie,
     delete_oauth2_state_cookie,
+    sanitize_email,
     set_access_token_cookie,
     set_oauth2_nonce_cookie,
     set_oauth2_state_cookie,
@@ -217,7 +218,7 @@ class UserInfo:
         if not (idp_user_id := (self.idp_user_id or "").strip()):
             raise ValueError("idp_user_id cannot be empty")
         object.__setattr__(self, "idp_user_id", idp_user_id)
-        if not (email := (self.email or "").strip()):
+        if not (email := sanitize_email(self.email or "")):
             raise ValueError("email cannot be empty")
         object.__setattr__(self, "email", email)
         if username := (self.username or "").strip():
@@ -356,7 +357,7 @@ async def _get_existing_oauth2_user(
             - User has a password set
             - User has mismatched OAuth2 credentials
     """  # noqa: E501
-    if not (email := (user_info.email or "").strip()):
+    if not (email := sanitize_email(user_info.email or "")):
         raise ValueError("Email is required.")
     if not (oauth2_user_id := (user_info.idp_user_id or "").strip()):
         raise ValueError("OAuth2 user ID is required.")
@@ -370,7 +371,7 @@ async def _get_existing_oauth2_user(
         if email and email != user.email:
             user.email = email
     else:
-        user = await session.scalar(stmt.filter_by(email=email))
+        user = await session.scalar(stmt.where(func.lower(models.User.email) == email))
         if user is None or not isinstance(user, models.OAuth2User):
             raise SignInNotAllowed("Sign in is not allowed.")
         # Case 1: Different OAuth2 client - update both client and user IDs
@@ -520,7 +521,7 @@ async def _email_and_username_exist(
             select(
                 cast(
                     func.coalesce(
-                        func.max(case((models.User.email == email, 1), else_=0)),
+                        func.max(case((func.lower(models.User.email) == email, 1), else_=0)),
                         0,
                     ),
                     Boolean,
@@ -532,7 +533,7 @@ async def _email_and_username_exist(
                     ),
                     Boolean,
                 ).label("username_exists"),
-            ).where(or_(models.User.email == email, models.User.username == username))
+            ).where(or_(func.lower(models.User.email) == email, models.User.username == username))
         )
     ).all()
     return email_exists, username_exists

phoenix/server/api/routers/v1/experiments.py

@@ -20,6 +20,7 @@ from phoenix.db.insertion.helpers import insert_on_conflict
 from phoenix.server.api.types.node import from_global_id_with_expected_type
 from phoenix.server.authorization import is_not_locked
 from phoenix.server.dml_event import ExperimentInsertEvent
+from phoenix.server.experiments.utils import generate_experiment_project_name
 
 from .models import V1RoutesBaseModel
 from .utils import ResponseBody, add_errors_to_responses, add_text_csv_content_to_responses
@@ -159,7 +160,7 @@ async def create_experiment(
 
         # generate a semi-unique name for the experiment
         experiment_name = request_body.name or _generate_experiment_name(dataset_name)
-        project_name = f"Experiment-{getrandbits(96).to_bytes(12, 'big').hex()}"
+        project_name = generate_experiment_project_name()
         project_description = (
             f"dataset_id: {dataset_globalid}\ndataset_version_id: {dataset_version_globalid}"
         )

phoenix/server/api/routers/v1/users.py

@@ -31,6 +31,7 @@ from phoenix.auth import (
     DEFAULT_SYSTEM_EMAIL,
     DEFAULT_SYSTEM_USERNAME,
     compute_password_hash,
+    sanitize_email,
     validate_email_format,
     validate_password_format,
 )
@@ -205,6 +206,8 @@ async def create_user(
 ) -> CreateUserResponseBody:
     user_data = request_body.user
     email, username, role = user_data.email, user_data.username, user_data.role
+    # Sanitize email by trimming and lowercasing
+    email = sanitize_email(email)
     validate_email_format(email)
 
     # Prevent creation of SYSTEM users

phoenix/server/api/subscriptions.py

@@ -64,6 +64,7 @@ from phoenix.server.api.types.node import from_global_id_with_expected_type
 from phoenix.server.api.types.Span import Span
 from phoenix.server.daemons.span_cost_calculator import SpanCostCalculator
 from phoenix.server.dml_event import SpanInsertEvent
+from phoenix.server.experiments.utils import generate_experiment_project_name
 from phoenix.server.types import DbSessionFactory
 from phoenix.utilities.template_formatters import (
     FStringTemplateFormatter,
@@ -287,16 +288,17 @@ class Subscription:
                 ]
             ):
                 raise NotFound("No examples found for the given dataset and version")
+            project_name = generate_experiment_project_name()
             if (
                 playground_project_id := await session.scalar(
-                    select(models.Project.id).where(models.Project.name == PLAYGROUND_PROJECT_NAME)
+                    select(models.Project.id).where(models.Project.name == project_name)
                 )
             ) is None:
                 playground_project_id = await session.scalar(
                     insert(models.Project)
                     .returning(models.Project.id)
                     .values(
-                        name=PLAYGROUND_PROJECT_NAME,
+                        name=project_name,
                         description="Traces from prompt playground",
                     )
                 )
@@ -308,7 +310,7 @@ class Subscription:
                 description=input.experiment_description,
                 repetitions=1,
                 metadata_=input.experiment_metadata or dict(),
-                project_name=PLAYGROUND_PROJECT_NAME,
+                project_name=project_name,
             )
             session.add(experiment)
             await session.flush()

phoenix/server/experiments/utils.py

@@ -0,0 +1,14 @@
+from __future__ import annotations
+
+import re
+from secrets import token_hex
+
+EXPERIMENT_PROJECT_NAME_PATTERN = re.compile(r"^Experiment-[0-9a-f]{24}$")
+
+
+def generate_experiment_project_name() -> str:
+    return f"Experiment-{token_hex(12)}"
+
+
+def is_experiment_project_name(name: str) -> bool:
+    return bool(EXPERIMENT_PROJECT_NAME_PATTERN.match(name))

phoenix/server/static/.vite/manifest.json

@@ -1,22 +1,22 @@
 {
-  "_components-CK8hwrPx.js": {
-    "file": "assets/components-CK8hwrPx.js",
+  "_components-B7NKnJXz.js": {
+    "file": "assets/components-B7NKnJXz.js",
     "name": "components",
     "imports": [
       "_vendor-_6rG8OMg.js",
-      "_pages-D8Hgmz1V.js",
+      "_pages-CvqPVUA3.js",
       "_vendor-arizeai-BznCmJFh.js",
       "_vendor-codemirror-29fWLPAy.js",
       "_vendor-three-C5WAXd5r.js"
     ]
   },
-  "_pages-D8Hgmz1V.js": {
-    "file": "assets/pages-D8Hgmz1V.js",
+  "_pages-CvqPVUA3.js": {
+    "file": "assets/pages-CvqPVUA3.js",
     "name": "pages",
     "imports": [
       "_vendor-_6rG8OMg.js",
       "_vendor-arizeai-BznCmJFh.js",
-      "_components-CK8hwrPx.js",
+      "_components-B7NKnJXz.js",
       "_vendor-codemirror-29fWLPAy.js",
       "_vendor-recharts-Cu431IpB.js"
     ]
@@ -69,15 +69,15 @@
     "name": "vendor-three"
   },
   "index.tsx": {
-    "file": "assets/index-ByWTGseQ.js",
+    "file": "assets/index-9n9lXgT6.js",
     "name": "index",
     "src": "index.tsx",
     "isEntry": true,
     "imports": [
       "_vendor-_6rG8OMg.js",
       "_vendor-arizeai-BznCmJFh.js",
-      "_pages-D8Hgmz1V.js",
-      "_components-CK8hwrPx.js",
+      "_pages-CvqPVUA3.js",
+      "_components-B7NKnJXz.js",
       "_vendor-three-C5WAXd5r.js",
       "_vendor-codemirror-29fWLPAy.js",
       "_vendor-shiki-Ce9e01lU.js",