iatoolkit 0.55.3__py3-none-any.whl → 0.57.0__py3-none-any.whl

iatoolkit/base_company.py

@@ -88,7 +88,7 @@ class BaseCompany(ABC):
 
     @abstractmethod
     # get context specific for this company
-    def get_user_info(self, user_identifier: str) -> str:
+    def get_user_info(self, user_identifier: str) -> dict:
         raise NotImplementedError("La subclase debe implementar el método get_user_info()")
 
     @abstractmethod

iatoolkit/common/routes.py

@@ -26,8 +26,6 @@ def register_views(injector, app):
     from iatoolkit.views.tasks_view import TaskView
     from iatoolkit.views.tasks_review_view import TaskReviewView
     from iatoolkit.views.login_simulation_view import LoginSimulationView
-    from iatoolkit.views.login_view import LoginView, FinalizeContextView
-    from iatoolkit.views.external_login_view import ExternalLoginView
     from iatoolkit.views.signup_view import SignupView
     from iatoolkit.views.verify_user_view import VerifyAccountView
     from iatoolkit.views.forgot_password_view import ForgotPasswordView
@@ -36,27 +34,41 @@ def register_views(injector, app):
     from iatoolkit.views.user_feedback_api_view import UserFeedbackApiView
     from iatoolkit.views.prompt_api_view import PromptApiView
     from iatoolkit.views.chat_token_request_view import ChatTokenRequestView
+    from iatoolkit.views.login_view import LoginView, FinalizeContextView
+    from iatoolkit.views.external_login_view import ExternalLoginView, RedeemTokenApiView
 
     # iatoolkit home page
     app.add_url_rule('/<company_short_name>', view_func=IndexView.as_view('index'))
 
-    # init (reset) the company context (with api-key)
-    app.add_url_rule('/<company_short_name>/api/init_context_api',
-                     view_func=InitContextApiView.as_view('init_context_api'))
+    # login for the iatoolkit integrated frontend
+    app.add_url_rule('/<company_short_name>/login', view_func=LoginView.as_view('login'))
 
-    # this functions are for login external users (with api-key)
-    # only the first one should be used from an external app
+    # this is the login for external users
     app.add_url_rule('/<company_short_name>/external_login',
                      view_func=ExternalLoginView.as_view('external_login'))
 
+    # this endpoint is called when onboarding_shell finish the context load
+    app.add_url_rule(
+        '/<company_short_name>/finalize',
+        view_func=FinalizeContextView.as_view('finalize_no_token')
+    )
+
+    app.add_url_rule(
+        '/<company_short_name>/finalize/<token>',
+        view_func=FinalizeContextView.as_view('finalize_with_token')
+    )
+
+    # this endpoint is called by the JS for changing the token for a session
+    app.add_url_rule('/<string:company_short_name>/api/redeem_token',
+                     view_func = RedeemTokenApiView.as_view('redeem_token'))
+
     # this endpoint is for requesting a chat token for external users
     app.add_url_rule('/auth/chat_token',
                      view_func=ChatTokenRequestView.as_view('chat-token'))
 
-    # login for the iatoolkit integrated frontend
-    # this is the main login endpoint for the frontend
-    app.add_url_rule('/<company_short_name>/login', view_func=LoginView.as_view('login'))
-    app.add_url_rule('/<company_short_name>/finalize_context_load', view_func=FinalizeContextView.as_view('finalize_context_load'))
+    # init (reset) the company context (with api-key)
+    app.add_url_rule('/<company_short_name>/api/init_context_api',
+                     view_func=InitContextApiView.as_view('init_context_api'))
 
     # register new user, account verification and forgot password
     app.add_url_rule('/<company_short_name>/signup',view_func=SignupView.as_view('signup'))

iatoolkit/iatoolkit.py

@@ -19,7 +19,7 @@ from werkzeug.middleware.proxy_fix import ProxyFix
 from injector import Binder, singleton, Injector
 from importlib.metadata import version as _pkg_version, PackageNotFoundError
 
-IATOOLKIT_VERSION = "0.55.3"
+IATOOLKIT_VERSION = "0.57.0"
 
 # global variable for the unique instance of IAToolkit
 _iatoolkit_instance: Optional['IAToolkit'] = None
@@ -155,10 +155,9 @@ class IAToolkit:
 
         self.app.config.update({
             'VERSION': self.version,
-            'SERVER_NAME': domain,
             'SECRET_KEY': self._get_config_value('FLASK_SECRET_KEY', 'iatoolkit-default-secret'),
-            'SESSION_COOKIE_SAMESITE': "None" if is_https else "Lax",
-            'SESSION_COOKIE_SECURE': is_https,
+            'SESSION_COOKIE_SAMESITE': "None",
+            'SESSION_COOKIE_SECURE': True,
             'SESSION_PERMANENT': False,
             'SESSION_USE_SIGNER': True,
             'JWT_SECRET_KEY': self._get_config_value('JWT_SECRET_KEY', 'iatoolkit-jwt-secret'),

iatoolkit/repositories/models.py

@@ -3,9 +3,10 @@
 #
 # IAToolkit is open source software.
 
-from sqlalchemy import Column, Integer, String, DateTime, Enum, Text, JSON, Boolean, ForeignKey, Table
+from sqlalchemy import Column, Integer, BigInteger, String, DateTime, Enum, Text, JSON, Boolean, ForeignKey, Table
 from sqlalchemy.orm import DeclarativeBase
 from sqlalchemy.orm import relationship, class_mapper, declarative_base
+from sqlalchemy.sql import func
 from datetime import datetime
 from pgvector.sqlalchemy import Vector
 from enum import Enum as PyEnum
@@ -307,3 +308,27 @@ class Prompt(Base):
 
     company = relationship("Company", back_populates="prompts")
     category = relationship("PromptCategory", back_populates="prompts")
+
+class AccessLog(Base):
+    # Modelo ORM para registrar cada intento de acceso a la plataforma.
+    __tablename__ = 'iat_access_log'
+
+    id = Column(BigInteger, primary_key=True)
+
+    timestamp = Column(DateTime(timezone=True), server_default=func.now(), nullable=False, index=True)
+    company_short_name = Column(String(100), nullable=False, index=True)
+    user_identifier = Column(String(255), index=True)
+
+    # Cómo y el Resultado
+    auth_type = Column(String(20), nullable=False) # 'local', 'external_api', 'redeem_token', etc.
+    outcome = Column(String(10), nullable=False)   # 'success' o 'failure'
+    reason_code = Column(String(50))               # Causa de fallo, ej: 'INVALID_CREDENTIALS'
+
+    # Contexto de la Petición
+    source_ip = Column(String(45), nullable=False)
+    user_agent_hash = Column(String(16))           # Hash corto del User-Agent
+    request_path = Column(String(255), nullable=False)
+
+    def __repr__(self):
+        return (f"<AccessLog(id={self.id}, company='{self.company_short_name}', "
+                f"user='{self.user_identifier}', outcome='{self.outcome}')>")

iatoolkit/repositories/profile_repo.py

@@ -72,10 +72,14 @@ class ProfileRepo:
     def create_company(self, new_company: Company):
         company = self.session.query(Company).filter_by(name=new_company.name).first()
         if company:
-            company.parameters = new_company.parameters
-            company.branding = new_company.branding
-            company.onboarding_cards = new_company.onboarding_cards
+            if company.parameters != new_company.parameters:
+                company.parameters = new_company.parameters
+            if company.branding != new_company.branding:
+                company.branding = new_company.branding
+            if company.onboarding_cards != new_company.onboarding_cards:
+                company.onboarding_cards = new_company.onboarding_cards
         else:
+            # Si la compañía no existe, la añade a la sesión.
             self.session.add(new_company)
             company = new_company
 

iatoolkit/services/auth_service.py

@@ -6,7 +6,12 @@
 from flask import request
 from injector import inject
 from iatoolkit.services.profile_service import ProfileService
+from iatoolkit.services.jwt_service import JWTService
+from iatoolkit.repositories.database_manager import DatabaseManager
+from iatoolkit.repositories.models import AccessLog
 from flask import request
+import logging
+import hashlib
 
 
 class AuthService:
@@ -16,11 +21,75 @@ class AuthService:
     """
 
     @inject
-    def __init__(self, profile_service: ProfileService):
-        """
-        Injects ProfileService to access session information and validate API keys.
-        """
+    def __init__(self, profile_service: ProfileService,
+                 jwt_service: JWTService,
+                 db_manager: DatabaseManager
+                 ):
         self.profile_service = profile_service
+        self.jwt_service = jwt_service
+        self.db_manager = db_manager
+
+    def login_local_user(self, company_short_name: str, email: str, password: str) -> dict:
+        # try to autenticate a local user, register the event and return the result
+        auth_response = self.profile_service.login(
+            company_short_name=company_short_name,
+            email=email,
+            password=password
+        )
+
+        if not auth_response.get('success'):
+            self.log_access(
+                company_short_name=company_short_name,
+                user_identifier=email,
+                auth_type='local',
+                outcome='failure',
+                reason_code='INVALID_CREDENTIALS',
+            )
+        else:
+            self.log_access(
+                company_short_name=company_short_name,
+                auth_type='local',
+                outcome='success',
+                user_identifier=auth_response.get('user_identifier')
+            )
+
+        return auth_response
+
+    def redeem_token_for_session(self, company_short_name: str, token: str) -> dict:
+        # redeem a token for a session, register the event and return the result
+        payload = self.jwt_service.validate_chat_jwt(token)
+
+        if not payload:
+            self.log_access(
+                company_short_name=company_short_name,
+                auth_type='redeem_token',
+                outcome='failure',
+                reason_code='JWT_INVALID'
+            )
+            return {'success': False, 'error': 'Token inválido o expirado'}
+
+        # 2. if token is valid, extract the user_identifier
+        user_identifier = payload.get('user_identifier')
+        try:
+            # create the Flask session
+            self.profile_service.set_session_for_user(company_short_name, user_identifier)
+            self.log_access(
+                company_short_name=company_short_name,
+                auth_type='redeem_token',
+                outcome='success',
+                user_identifier=user_identifier
+            )
+            return {'success': True, 'user_identifier': user_identifier}
+        except Exception as e:
+            logging.error(f"Error al crear la sesión desde token para {user_identifier}: {e}")
+            self.log_access(
+                company_short_name=company_short_name,
+                auth_type='redeem_token',
+                outcome='failure',
+                reason_code='SESSION_CREATION_FAILED',
+                user_identifier=user_identifier
+            )
+            return {'success': False, 'error': 'No se pudo crear la sesión del usuario'}
 
     def verify(self) -> dict:
         """
@@ -52,6 +121,7 @@ class AuthService:
         if api_key:
             api_key_entry = self.profile_service.get_active_api_key_entry(api_key)
             if not api_key_entry:
+                logging.info(f"Invalid or inactive API Key {api_key}")
                 return {"success": False, "error": "Invalid or inactive API Key", "status_code": 401}
 
             # obtain the company from the api_key_entry
@@ -61,7 +131,7 @@ class AuthService:
             user_identifier = ''
             if request.is_json:
                 data = request.get_json() or {}
-                user_identifier = data.get('external_user_id', '')
+                user_identifier = data.get('user_identifier', '')
 
             return {
                 "success": True,
@@ -70,5 +140,42 @@ class AuthService:
             }
 
         # --- Failure: No valid credentials found ---
+        logging.info(f"Authentication required. No session cookie or API Key provided.")
         return {"success": False, "error": "Authentication required. No session cookie or API Key provided.",
-                "status_code": 401}
+                "status_code": 402}
+
+    def log_access(self,
+                   company_short_name: str,
+                   auth_type: str,
+                   outcome: str,
+                   user_identifier: str = None,
+                   reason_code: str = None):
+        """
+        Registra un intento de acceso en la base de datos.
+        Es "best-effort" y no debe interrumpir el flujo de autenticación.
+        """
+        session = self.db_manager.scoped_session()
+        try:
+            # Capturar datos del contexto de la petición de Flask
+            source_ip = request.headers.get('X-Forwarded-For', request.remote_addr)
+            path = request.path
+            ua = request.headers.get('User-Agent', '')
+            ua_hash = hashlib.sha256(ua.encode()).hexdigest()[:16] if ua else None
+
+            # Crear la entrada de log
+            log_entry = AccessLog(
+                company_short_name=company_short_name,
+                user_identifier=user_identifier,
+                auth_type=auth_type,
+                outcome=outcome,
+                reason_code=reason_code,
+                source_ip=source_ip,
+                user_agent_hash=ua_hash,
+                request_path=path,
+            )
+            session.add(log_entry)
+            session.commit()
+
+        except Exception as e:
+            logging.error(f"Fallo al escribir en AccessLog: {e}", exc_info=False)
+            session.rollback()

iatoolkit/services/dispatcher_service.py

@@ -178,35 +178,13 @@ class Dispatcher:
         # source 2: external company user
         company_instance = self.company_instances[company_name]
         try:
-            raw_user_data = company_instance.get_user_info(user_identifier)
+            external_user_profile = company_instance.get_user_info(user_identifier)
         except Exception as e:
             logging.exception(e)
             raise IAToolkitException(IAToolkitException.ErrorType.EXTERNAL_SOURCE_ERROR,
                                      f"Error en get_user_info de {company_name}: {str(e)}") from e
 
-        # always normalize the data for consistent structure
-        return self._normalize_user_data(raw_user_data)
-
-    def _normalize_user_data(self, raw_data: dict) -> dict:
-        """
-        Asegura que los datos del usuario siempre tengan una estructura consistente.
-        """
-        # default values
-        normalized_user = {
-            "id": raw_data.get("id", 0),
-            "username": raw_data.get("id", 0),
-            "user_email": raw_data.get("email", ""),
-            "user_fullname": raw_data.get("user_fullname", ""),
-            "is_local": False,
-            "extras": raw_data.get("extras", {})
-        }
-
-        # get the extras from the raw data, if any
-        extras = raw_data.get("extras", {})
-        if isinstance(extras, dict):
-            normalized_user.update(extras)
-
-        return normalized_user
+        return external_user_profile
 
     def get_metadata_from_filename(self, company_name: str, filename: str) -> dict:
         if company_name not in self.company_instances:

iatoolkit/services/jwt_service.py

@@ -24,16 +24,18 @@ class JWTService:
             raise RuntimeError(f"Configuración JWT esencial faltante: {e}")
 
     def generate_chat_jwt(self,
-                          company_id: int,
                           company_short_name: str,
-                          external_user_id: str,
+                          user_identifier: str,
                           expires_delta_seconds: int) -> Optional[str]:
         # generate a JWT for a chat session
         try:
+            if not company_short_name or not user_identifier:
+                logging.error(f"Missing token ID: {company_short_name}/{user_identifier}")
+                return None
+
             payload = {
-                'company_id': company_id,
                 'company_short_name': company_short_name,
-                'external_user_id': external_user_id,
+                'user_identifier': user_identifier,
                 'exp': time.time() + expires_delta_seconds,
                 'iat': time.time(),
                 'type': 'chat_session'  # Identificador del tipo de token
@@ -41,10 +43,10 @@ class JWTService:
             token = jwt.encode(payload, self.secret_key, algorithm=self.algorithm)
             return token
         except Exception as e:
-            logging.error(f"Error al generar JWT para company {company_id}, user {external_user_id}: {e}")
+            logging.error(f"Error al generar JWT para {company_short_name}/{user_identifier}: {e}")
             return None
 
-    def validate_chat_jwt(self, token: str, expected_company_short_name: str) -> Optional[Dict[str, Any]]:
+    def validate_chat_jwt(self, token: str) -> Optional[Dict[str, Any]]:
         """
         Valida un JWT de sesión de chat.
         Retorna el payload decodificado si es válido y coincide con la empresa, o None.
@@ -59,33 +61,22 @@ class JWTService:
                 logging.warning(f"Validación JWT fallida: tipo incorrecto '{payload.get('type')}'")
                 return None
 
-            if payload.get('company_short_name') != expected_company_short_name:
-                logging.warning(
-                    f"Validación JWT fallida: company_short_name no coincide. "
-                    f"Esperado: {expected_company_short_name}, Obtenido: {payload.get('company_short_name')}"
-                )
+            # user_identifier debe estar presente
+            if not payload.get('user_identifier'):
+                logging.warning(f"Validación JWT fallida: user_identifier ausente o vacío.")
                 return None
 
-            # external_user_id debe estar presente
-            if 'external_user_id' not in payload or not payload['external_user_id']:
-                logging.warning(f"Validación JWT fallida: external_user_id ausente o vacío.")
-                return None
-
-            # company_id debe estar presente
-            if 'company_id' not in payload or not isinstance(payload['company_id'], int):
-                logging.warning(f"Validación JWT fallida: company_id ausente o tipo incorrecto.")
+            if not payload.get('company_short_name'):
+                logging.warning(f"Validación JWT fallida: company_short_name ausente.")
                 return None
 
             logging.debug(
                 f"JWT validado exitosamente para company: {payload.get('company_short_name')}, user: {payload.get('external_user_id')}")
             return payload
 
-        except jwt.ExpiredSignatureError:
-            logging.info(f"Validación JWT fallida: token expirado para {expected_company_short_name}")
-            return None
         except jwt.InvalidTokenError as e:
-            logging.warning(f"Validación JWT fallida: token inválido para {expected_company_short_name}. Error: {e}")
+            logging.warning(f"Validación JWT fallida: token inválido . Error: {e}")
             return None
         except Exception as e:
-            logging.error(f"Error inesperado durante validación de JWT para {expected_company_short_name}: {e}")
+            logging.error(f"Error inesperado durante validación de JWT : {e}")
             return None

iatoolkit/services/profile_service.py

@@ -60,7 +60,6 @@ class ProfileService:
             # the user_profile variables are used on the LLM templates also (see in query_main.prompt)
             user_identifier = user.email             # no longer de ID
             user_profile = {
-                "id": user_identifier,
                 "user_email": user.email,
                 "user_fullname": f'{user.first_name} {user.last_name}',
                 "user_is_local": True,
@@ -78,8 +77,8 @@ class ProfileService:
         """
         Public method for views to create a web session for an external user.
         """
-        # 1. Fetch the profile from the external system via Dispatcher.
-        user_profile = self.dispatcher.get_user_info(
+        # 1. Fetch the external user profile via Dispatcher.
+        external_user_profile = self.dispatcher.get_user_info(
             company_name=company.short_name,
             user_identifier=user_identifier
         )
@@ -88,7 +87,7 @@ class ProfileService:
         self.create_web_session(
             company=company,
             user_identifier=user_identifier,
-            user_profile=user_profile)
+            user_profile=external_user_profile)
 
     def create_web_session(self, company: Company, user_identifier: str, user_profile: dict):
         """
@@ -96,16 +95,19 @@ class ProfileService:
         """
         user_profile['company_short_name'] = company.short_name
         user_profile['user_identifier'] = user_identifier
-        user_profile['user_id'] = user_identifier
+        user_profile['id'] = user_identifier
         user_profile['company_id'] = company.id
         user_profile['company'] = company.name
 
-        # user_profile['last_activity'] = datetime.now(timezone.utc).timestamp()
+        # save user_profile in Redis session
         self.session_context.save_profile_data(company.short_name, user_identifier, user_profile)
 
-        # save this values into Flask session cookie
+        # save a min Flask session cookie for this user
+        self.set_session_for_user(company.short_name, user_identifier)
+
+    def set_session_for_user(self, company_short_name: str, user_identifier:str ):
+        SessionManager.set('company_short_name', company_short_name)
         SessionManager.set('user_identifier', user_identifier)
-        SessionManager.set('company_short_name', company.short_name)
 
     def get_current_session_info(self) -> dict:
         """

iatoolkit/static/js/chat_feedback.js

@@ -106,7 +106,7 @@ const sendFeedback = async function(message) {
     };
     try {
         // Asumiendo que callLLMAPI está definido globalmente en otro archivo (ej. chat_main.js)
-        const responseData = await callLLMAPI('/feedback', data, "POST");
+        const responseData = await callToolkit('/feedback', data, "POST");
         return responseData;
     } catch (error) {
         console.error("Error al enviar feedback:", error);

iatoolkit/static/js/chat_history.js

@@ -40,7 +40,7 @@ $(document).ready(function () {
         historyContent.hide();
 
         try {
-            const responseData = await callLLMAPI("/api/history", {}, "POST");
+            const responseData = await callToolkit("/api/history", {}, "POST");
 
             if (responseData && responseData.history) {
                 // Guardar datos globalmente

iatoolkit/static/js/chat_main.js

@@ -5,6 +5,13 @@ let abortController = null;
 let selectedPrompt = null; // Will hold a lightweight prompt object
 
 $(document).ready(function () {
+    // Gatilla el redeem sin esperar ni manejar respuesta aquí
+        if (window.redeemToken !== '') {
+            const url = `/api/redeem_token`;
+            // No await: dejamos que callToolkit maneje todo internamente
+            callToolkit(url, {'token': window.redeemToken}, "POST").catch(() => {});
+        }
+
     // --- MAIN EVENT HANDLERS ---
     $('#send-button').on('click', handleChatMessage);
     $('#stop-button').on('click', abortCurrentRequest);
@@ -176,7 +183,7 @@ const handleChatMessage = async function () {
             user_identifier: window.user_identifier
         };
 
-        const responseData = await callLLMAPI("/llm_query", data, "POST");
+        const responseData = await callToolkit("/llm_query", data, "POST");
         if (responseData && responseData.answer) {
             const answerSection = $('<div>').addClass('answer-section llm-output').append(responseData.answer);
             displayBotMessage(answerSection);
@@ -292,28 +299,39 @@ function resetSpecificDataInput() {
  * @param {number} timeoutMs - Timeout in milliseconds.
  * @returns {Promise<object|null>} The response data or null on error.
  */
-const callLLMAPI = async function(apiPath, data, method, timeoutMs = 500000) {
+const callToolkit = async function(apiPath, data, method, timeoutMs = 500000) {
     const url = `${window.iatoolkit_base_url}/${window.companyShortName}${apiPath}`;
 
-    const headers = {"Content-Type": "application/json"};
-    if (window.sessionJWT) {
-        headers['X-Chat-Token'] = window.sessionJWT;
-    }
-
     abortController = new AbortController();
     const timeoutId = setTimeout(() => abortController.abort(), timeoutMs);
 
     try {
-        const response = await fetch(url, {
-            method: method,
-            headers: headers,
-            body: JSON.stringify(data),
-            signal: abortController.signal, // Se usa el signal del controlador global
-            credentials: 'include'
-        });
+        const fetchOptions = {
+                method: method,
+                signal: abortController.signal,
+                credentials: 'include'
+            };
+
+        // Solo agrega body si el método lo soporta y hay datos
+        const methodUpper = (method || '').toUpperCase();
+        const canHaveBody = !['GET', 'HEAD'].includes(methodUpper);
+        if (canHaveBody && data !== undefined && data !== null) {
+            fetchOptions.body = JSON.stringify(data);
+            fetchOptions.headers = {"Content-Type": "application/json"};
+
+        }
+        const response = await fetch(url, fetchOptions);
+
         clearTimeout(timeoutId);
 
         if (!response.ok) {
+            if (response.status === 401) {
+                const errorMessage = `Tu sesión ha expirado. `;
+                const errorIcon = '<i class="bi bi-exclamation-triangle"></i>';
+                const infrastructureError = $('<div>').addClass('error-section').html(errorIcon + `<p>${errorMessage}</p>`);
+                displayBotMessage(infrastructureError);
+                return null;
+                }
             try {
                 // Intentamos leer el error como JSON, que es el formato esperado de nuestra API.
                 const errorData = await response.json();
@@ -337,6 +355,14 @@ const callLLMAPI = async function(apiPath, data, method, timeoutMs = 500000) {
         if (error.name === 'AbortError') {
             throw error; // Re-throw to be handled by handleChatMessage
         } else {
+            // Log detallado en consola
+                console.error('Error de red en callToolkit:', {
+                    url,
+                    method,
+                    error,
+                    message: error?.message,
+                    stack: error?.stack,
+                });
             const friendlyMessage = "Ocurrió un error de red. Por favor, inténtalo de nuevo en unos momentos.";
             const errorIcon = '<i class="bi bi-exclamation-triangle"></i>';
             const commError = $('<div>').addClass('error-section').html(errorIcon + `<p>${friendlyMessage}</p>`);

iatoolkit/templates/chat.html

@@ -111,8 +111,11 @@
                                                data-custom-fields='{{ prompt.custom_fields | tojson  }}'>
                                                 {{ prompt.description }}
                                             </a>
-                                        </li>                                    {% endfor %}
-                                    {% if not loop.last %}<li><hr class="dropdown-divider"></li>{% endif %}
+                                        </li>
+                                    {% endfor %}
+                                    {% if not loop.last %}
+                                        <li><hr class="dropdown-divider"></li>
+                                    {% endif %}
                                 {% endfor %}
                                 {% endif %}
                             </ul>
@@ -180,10 +183,11 @@
     // --- Global Configuration from Backend ---
     window.companyShortName = "{{ company_short_name }}";
     window.user_identifier = "{{ user_identifier }}";
+    window.redeemToken = "{{ redeem_token }}";
     window.iatoolkit_base_url = "{{ iatoolkit_base_url }}";
     window.availablePrompts = {{ prompts.message | tojson }};
-    window.sendButtonColor = "{{ branding.send_button_color }}";
     window.onboardingCards = {{ onboarding_cards | tojson }};
+    window.sendButtonColor = "{{ branding.send_button_color }}";
 </script>
 
 <!-- Carga de los scripts JS externos después de definir las variables globales -->

iatoolkit/templates/login_simulation.html

@@ -3,32 +3,27 @@
 {% block title %}Prueba de Login para {{ company_short_name }}{% endblock %}
 
 {% block content %}
-
 <div class="container-fluid">
   <div class="row flex-fill mt-5 justify-content-center">
-    <!-- login desde sistema externo -->
     <div class="col-12 col-lg-6">
       <div class="border rounded p-4 p-md-5 shadow-sm bg-light">
-        {# El título ahora muestra dinámicamente el nombre de la empresa #}
         <h3 class="text-muted fw-semibold text-start mb-3">
           Login Externo para <span style="color:#0d6efd;">{{ company_short_name }}</span>
         </h3>
         <div class="text-center mb-4">
           <p class="text-muted widget-intro-text">
-            Este formulario permite testear el acceso a IAToolkit desde un portal externo utilizando una api-key. El external user ID es el nombre del usuario ya autentificado en algún portal interno de la empresa.
+            Este formulario simula el inicio de una sesión externa. Al enviar, serás redirigido a la URL de login final.
           </p>
         </div>
 
-        {# El 'action' y 'method' son manejados por JS, pero el id es crucial #}
-        <form id="external-login">
-
+        <!-- Formulario HTML estándar que hace un POST a la misma URL -->
+        <form method="POST" action="">
           <div class="mb-3">
             <label for="external_user_id" class="form-label d-block">External user ID</label>
             <input type="text" id="external_user_id" name="external_user_id" class="form-control" required>
           </div>
-
-          <button type="submit" id="loginButton" class="btn btn-primary">
-            Iniciar Sesión
+          <button type="submit" class="btn btn-primary">
+            Redirigir a External Login
           </button>
         </form>
       </div>
@@ -37,55 +32,3 @@
 </div>
 {% endblock %}
 
-{% block scripts %}
-<script>
-  document.addEventListener('DOMContentLoaded', function() {
-    const companyShortName = "{{ company_short_name }}";
-    const apiKey = "{{ api_key }}";
-    const loginForm = document.getElementById('external-login');
-    const userIdInput = document.getElementById('external_user_id');
-
-    loginForm.addEventListener('submit', function(event) {
-      event.preventDefault();
-      const userIdentifier = userIdInput.value.trim();
-      if (!userIdentifier) return;
-
-      // 1. Reemplazamos la página actual con un mensaje de carga.
-      document.body.innerHTML = '<div style="display:flex; align-items:center; justify-content:center; height:100vh; font-family:sans-serif;">Iniciando sesión, por favor espera...</div>';
-
-      const apiUrl = `/${companyShortName}/external_login`;
-
-      fetch(apiUrl, {
-        method: 'POST',
-        headers: {
-            'Content-Type': 'application/json',
-            'Authorization': `Bearer ${apiKey}`
-        },
-        body: JSON.stringify({
-            // Usamos 'userIdentifier' como el valor para el campo 'external_user_id'
-            user_identifier: userIdentifier
-        })
-      })
-      .then(async response => {
-          if (response.ok) {
-              return response.text();
-          } else {
-              const errorText = await response.text();
-              throw new Error(errorText || `Error ${response.status}`);
-          }
-      })
-      .then(htmlContent => {
-          // 2. Reemplazamos todo el documento con el nuevo HTML recibido.
-          // Esto asegura que todos los scripts y estilos del nuevo HTML se carguen correctamente.
-          document.open();
-          document.write(htmlContent);
-          document.close();
-      })
-      .catch(error => {
-          // Si hay un error, lo mostramos en la página.
-          document.body.innerHTML = `<div style="padding:20px; font-family:monospace; color:red;"><h2>Error</h2><pre>${error.message}</pre></div>`;
-      });
-    });
-  });
-</script>
-{% endblock %}

iatoolkit/views/base_login_view.py

@@ -8,10 +8,12 @@ from flask.views import MethodView
 from flask import render_template, url_for
 from injector import inject
 from iatoolkit.services.profile_service import ProfileService
+from iatoolkit.services.auth_service import AuthService
 from iatoolkit.services.query_service import QueryService
 from iatoolkit.services.branding_service import BrandingService
 from iatoolkit.services.onboarding_service import OnboardingService
 from iatoolkit.services.prompt_manager_service import PromptService
+from iatoolkit.services.jwt_service import JWTService
 
 
 class BaseLoginView(MethodView):
@@ -22,16 +24,22 @@ class BaseLoginView(MethodView):
     @inject
     def __init__(self,
                  profile_service: ProfileService,
+                 auth_service: AuthService,
+                 jwt_service: JWTService,
                  branding_service: BrandingService,
                  prompt_service: PromptService,
                  onboarding_service: OnboardingService,
-                 query_service: QueryService):
+                 query_service: QueryService
+                 ):
         self.profile_service = profile_service
+        self.auth_service = auth_service
+        self.jwt_service = jwt_service
         self.branding_service = branding_service
         self.prompt_service = prompt_service
         self.onboarding_service = onboarding_service
         self.query_service = query_service
 
+
     def _handle_login_path(self, company_short_name: str, user_identifier: str, company):
         """
         Centralized logic to decide between the fast path and the slow path.
@@ -43,13 +51,33 @@ class BaseLoginView(MethodView):
         prep_result = self.query_service.prepare_context(
             company_short_name=company_short_name, user_identifier=user_identifier
         )
+
+        # generate continuation token for external login
+        redeem_token = ''
+        if self.__class__.__name__ == 'ExternalLoginView':
+            redeem_token = self.jwt_service.generate_chat_jwt(
+                company_short_name=company_short_name,
+                user_identifier=user_identifier,
+                expires_delta_seconds=300
+            )
+
+            if not redeem_token:
+                return "Error al generar el redeem_token para login externo.", 500
+
         if prep_result.get('rebuild_needed'):
             # --- SLOW PATH: Render the loading shell ---
             onboarding_cards = self.onboarding_service.get_onboarding_cards(company)
 
             # callback url to call when the context finish loading
-            target_url = url_for('finalize_context_load', company_short_name=company_short_name, _external=True)
-
+            if redeem_token:
+                target_url = url_for('finalize_with_token',
+                                     company_short_name=company_short_name,
+                                     token=redeem_token,
+                                     _external=True)
+            else:
+                target_url = url_for('finalize_no_token',
+                                     company_short_name=company_short_name,
+                                     _external=True)
             return render_template(
                 "onboarding_shell.html",
                 iframe_src_url=target_url,
@@ -62,7 +90,10 @@ class BaseLoginView(MethodView):
             onboarding_cards = self.onboarding_service.get_onboarding_cards(company)
             return render_template(
                 "chat.html",
+                company_short_name=company_short_name,
+                user_identifier=user_identifier,
                 branding=branding_data,
                 prompts=prompts,
-                onboarding_cards=onboarding_cards
+                onboarding_cards=onboarding_cards,
+                redeem_token=redeem_token
             )

iatoolkit/views/external_login_view.py

@@ -7,40 +7,17 @@ import os
 import logging
 from flask import request, jsonify
 from injector import inject
-from iatoolkit.services.auth_service import AuthService
 from iatoolkit.views.base_login_view import BaseLoginView
 
 # Importar los servicios que necesita la clase base
 from iatoolkit.services.profile_service import ProfileService
-from iatoolkit.services.branding_service import BrandingService
-from iatoolkit.services.onboarding_service import OnboardingService
-from iatoolkit.services.query_service import QueryService
-from iatoolkit.services.prompt_manager_service import PromptService
+from iatoolkit.services.jwt_service import JWTService
 
 class ExternalLoginView(BaseLoginView):
     """
     Handles login for external users via API.
     Authenticates and then delegates the path decision (fast/slow) to the base class.
     """
-    @inject
-    def __init__(self,
-                 iauthentication: AuthService,
-                 profile_service: ProfileService,
-                 branding_service: BrandingService,
-                 prompt_service: PromptService,
-                 onboarding_service: OnboardingService,
-                 query_service: QueryService):
-        # Pass the dependencies for the base class to its __init__
-        super().__init__(
-            profile_service=profile_service,
-            branding_service=branding_service,
-            onboarding_service=onboarding_service,
-            query_service=query_service,
-            prompt_service=prompt_service
-        )
-        # Handle the dependency specific to this child class
-        self.iauthentication = iauthentication
-
     def post(self, company_short_name: str):
         data = request.get_json()
         if not data or 'user_identifier' not in data:
@@ -55,9 +32,9 @@ class ExternalLoginView(BaseLoginView):
             return jsonify({"error": "missing user_identifier"}), 404
 
         # 1. Authenticate the API call.
-        iaut = self.iauthentication.verify()
-        if not iaut.get("success"):
-            return jsonify(iaut), 401
+        auth_response = self.auth_service.verify()
+        if not auth_response.get("success"):
+            return jsonify(auth_response), 401
 
         # 2. Create the external user session.
         self.profile_service.create_external_user_session(company, user_identifier)
@@ -67,4 +44,24 @@ class ExternalLoginView(BaseLoginView):
             return self._handle_login_path(company_short_name, user_identifier, company)
         except Exception as e:
             logging.exception(f"Error processing external login path for {company_short_name}/{user_identifier}: {e}")
-            return jsonify({"error": f"Internal server error while starting chat. {str(e)}"}), 500
+            return jsonify({"error": f"Internal server error while starting chat. {str(e)}"}), 500
+
+
+class RedeemTokenApiView(BaseLoginView):
+    # this endpoint is only used ONLY by chat_main.js to redeem a chat token
+    def post(self, company_short_name: str):
+        data = request.get_json()
+        if not data or 'token' not in data:
+            return jsonify({"error": "Falta token de validación"}), 400
+
+        # get the token and validate with auth service
+        token = data.get('token')
+        redeem_result = self.auth_service.redeem_token_for_session(
+            company_short_name=company_short_name,
+            token=token
+        )
+
+        if not redeem_result['success']:
+            return {"error": redeem_result['error']}, 401
+
+        return {"status": "ok"}, 200

iatoolkit/views/login_simulation_view.py

@@ -3,11 +3,13 @@
 #
 # IAToolkit is open source software.
 
+import requests
+import json
+import os
 from flask.views import MethodView
-from flask import render_template, request
+from flask import render_template, request, Response
 from injector import inject
 from iatoolkit.services.profile_service import ProfileService
-import os
 
 
 class LoginSimulationView(MethodView):
@@ -17,11 +19,63 @@ class LoginSimulationView(MethodView):
         self.profile_service = profile_service
 
     def get(self, company_short_name: str = None):
-
-        # Esta API_KEY para el login
-        api_key_for_login = os.getenv("IATOOLKIT_API_KEY", "tu_api_key_por_defecto_o_error")
-
+        """Muestra el formulario para iniciar la simulación."""
         return render_template('login_simulation.html',
-                               company_short_name=company_short_name,
-                               api_key=api_key_for_login
+                               company_short_name=company_short_name
                                )
+
+    def post(self, company_short_name: str):
+        """
+        Recibe el POST del formulario y actúa como un proxy servidor-a-servidor.
+        Llama al endpoint 'external_login' y devuelve su respuesta (HTML y headers).
+        """
+        api_key = os.getenv("IATOOLKIT_API_KEY")
+        # Obtenemos la URL base de la petición actual para construir la URL interna
+        base_url = request.host_url.rstrip('/')
+
+        # 1. Obtener el user_identifier del formulario
+        user_identifier = request.form.get('external_user_id')
+
+        if not user_identifier:
+            return Response("Error: El campo 'external_user_id' es requerido.", status=400)
+
+        # 2. Preparar la llamada a la API real de external_login
+        target_url = f"{base_url}/{company_short_name}/external_login"
+        headers = {
+            'Content-Type': 'application/json',
+            'Authorization': f'Bearer {api_key}'
+        }
+        # El payload debe ser un diccionario que se convertirá a JSON
+        payload = {'user_identifier': user_identifier}
+
+        try:
+            # 3. Llamada POST segura desde este servidor al endpoint de IAToolkit
+            internal_response = requests.post(
+                target_url,
+                headers=headers,
+                data=json.dumps(payload),
+                timeout=120,
+                stream=True  # Usamos stream para manejar la respuesta eficientemente
+            )
+            internal_response.raise_for_status()
+
+            # 4. Creamos una nueva Response de Flask para el navegador del usuario.
+            user_response = Response(
+                internal_response.iter_content(chunk_size=1024),
+                status=internal_response.status_code
+            )
+
+            # 5. Copiamos TODAS las cabeceras de la respuesta interna a la respuesta final.
+            # Esto es CRUCIAL para que las cookies ('Set-Cookie') lleguen al navegador.
+            for key, value in internal_response.headers.items():
+                # Excluimos cabeceras que no debemos pasar (controladas por el servidor WSGI)
+                if key.lower() not in ['content-encoding', 'content-length', 'transfer-encoding', 'connection']:
+                    user_response.headers[key] = value
+
+            return user_response
+
+        except requests.exceptions.HTTPError as e:
+            error_text = f"Error en la llamada interna a la API: {e.response.status_code}. Respuesta: {e.response.text}"
+            return Response(error_text, status=e.response.status_code, mimetype='text/plain')
+        except requests.exceptions.RequestException as e:
+            return Response(f'Error de conexión con el servicio de IA: {str(e)}', status=502, mimetype='text/plain')

iatoolkit/views/login_view.py

@@ -7,11 +7,14 @@ from flask.views import MethodView
 from flask import request, redirect, render_template, url_for
 from injector import inject
 from iatoolkit.services.profile_service import ProfileService
+from iatoolkit.services.auth_service import AuthService
+from iatoolkit.services.jwt_service import JWTService
 from iatoolkit.services.query_service import QueryService
 from iatoolkit.services.prompt_manager_service import PromptService
 from iatoolkit.services.branding_service import BrandingService
 from iatoolkit.services.onboarding_service import OnboardingService
 from iatoolkit.views.base_login_view import BaseLoginView
+import logging
 
 
 class LoginView(BaseLoginView):
@@ -19,7 +22,6 @@ class LoginView(BaseLoginView):
     Handles login for local users.
     Authenticates and then delegates the path decision (fast/slow) to the base class.
     """
-
     def post(self, company_short_name: str):
         company = self.profile_service.get_company_by_short_name(company_short_name)
         if not company:
@@ -28,8 +30,8 @@ class LoginView(BaseLoginView):
         email = request.form.get('email')
         password = request.form.get('password')
 
-        # 1. Authenticate user and create the unified session.
-        auth_response = self.profile_service.login(
+        # 1. Authenticate internal user
+        auth_response = self.auth_service.login_local_user(
             company_short_name=company_short_name,
             email=email,
             password=password
@@ -62,28 +64,39 @@ class FinalizeContextView(MethodView):
     Finalizes context loading in the slow path.
     This view is invoked by the iframe inside onboarding_shell.html.
     """
-
     @inject
     def __init__(self,
                  profile_service: ProfileService,
+                 auth_service: AuthService,
                  query_service: QueryService,
                  prompt_service: PromptService,
                  branding_service: BrandingService,
-                 onboarding_service: OnboardingService
+                 onboarding_service: OnboardingService,
+                 jwt_service: JWTService,
                  ):
         self.profile_service = profile_service
+        self.jwt_service = jwt_service
         self.query_service = query_service
         self.prompt_service = prompt_service
         self.branding_service = branding_service
         self.onboarding_service = onboarding_service
 
-    def get(self, company_short_name: str):
-        # 1. Use the centralized method to get session info.
+    def get(self, company_short_name: str, token: str = None):
         session_info = self.profile_service.get_current_session_info()
-        user_identifier = session_info.get('user_identifier')
-
-        if not user_identifier:
-            # This can happen if the session expires or is invalid.
+        if session_info:
+            # session exists, internal user
+            user_identifier = session_info.get('user_identifier')
+            token = ''
+        elif token:
+            # user identified by api-key
+            payload = self.jwt_service.validate_chat_jwt(token)
+            if not payload:
+                logging.warning("Fallo crítico: No se pudo leer el auth token.")
+                return redirect(url_for('index', company_short_name=company_short_name))
+
+            user_identifier = payload.get('user_identifier')
+        else:
+            logging.warning("Fallo crítico: missing session information or auth token")
             return redirect(url_for('index', company_short_name=company_short_name))
 
         company = self.profile_service.get_company_by_short_name(company_short_name)
@@ -104,13 +117,17 @@ class FinalizeContextView(MethodView):
 
             return render_template(
                 "chat.html",
+                company_short_name=company_short_name,
+                user_identifier=user_identifier,
                 branding=branding_data,
                 prompts=prompts,
-                onboarding_cards=onboarding_cards
+                onboarding_cards=onboarding_cards,
+                redeem_token=token
             )
 
         except Exception as e:
             return render_template("error.html",
                                    company=company,
                                    company_short_name=company_short_name,
-                                   message=f"An unexpected error occurred during context loading: {str(e)}"), 500
+                                   message=f"An unexpected error occurred during context loading: {str(e)}"), 500
+

{iatoolkit-0.55.3.dist-info → iatoolkit-0.57.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: iatoolkit
-Version: 0.55.3
+Version: 0.57.0
 Summary: IAToolkit
 Author: Fernando Libedinsky
 License-Expression: MIT

{iatoolkit-0.55.3.dist-info → iatoolkit-0.57.0.dist-info}/RECORD

@@ -1,11 +1,11 @@
 iatoolkit/__init__.py,sha256=4PWjMJjktixtrxF6BY405qyA50Sv967kEP2x-oil6qk,1120
-iatoolkit/base_company.py,sha256=uFJmy77LPAceVqkTeuJqo15-auDiq4aTwvC_bbBD0mQ,4607
+iatoolkit/base_company.py,sha256=nfF-G0h63jy3Qh9kCnvx8Ozx76IjG2p7a34HpweWhOk,4608
 iatoolkit/cli_commands.py,sha256=G5L9xQXZ0lVFXQWBaE_KEZHyfuiT6PL1nTQRoSdnBzc,2302
 iatoolkit/company_registry.py,sha256=tduqt3oV8iDX_IB1eA7KIgvIxE4edTcy-3qZIXh3Lzw,2549
-iatoolkit/iatoolkit.py,sha256=1Uo619dvzhZzMwgycUFLb0iH3eIJiBw-FuDZbQmMsGE,17645
+iatoolkit/iatoolkit.py,sha256=tFx-D1Q0usCdOc3vSNdtz94mTCWhUGcyRkDISI2QMMs,17583
 iatoolkit/common/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 iatoolkit/common/exceptions.py,sha256=EXx40n5htp7UiOM6P1xfJ9U6NMcADqm62dlFaKz7ICU,1154
-iatoolkit/common/routes.py,sha256=EcfJXJ3e3sQX_jRiMRKambcYoAaLnnjMuKS9H7NqkDM,6082
+iatoolkit/common/routes.py,sha256=c8kRk8pEK_nV-2P1LiYXRERmW_QoW21Hk6CZkkizv6Y,6419
 iatoolkit/common/session_manager.py,sha256=UeKfD15bcEA3P5e0WSURfotLqpsiIMp3AXxAMhtgHs0,471
 iatoolkit/common/util.py,sha256=w9dTd3csK0gKtFSp-a4t7XmCPZiYDhiON92uXRbTT8A,14624
 iatoolkit/infra/__init__.py,sha256=5JqK9sZ6jBuK83zDQokUhxQ0wuJJJ9DXB8pYCLkX7X4,102
@@ -29,24 +29,24 @@ iatoolkit/repositories/__init__.py,sha256=5JqK9sZ6jBuK83zDQokUhxQ0wuJJJ9DXB8pYCL
 iatoolkit/repositories/database_manager.py,sha256=QgV8hNnVv9RmeOvUdomdj_mfk0bf3Rl8Ti41a-5zIAY,3700
 iatoolkit/repositories/document_repo.py,sha256=Y7bF1kZB1HWJsAGjWdF7P2aVYeTYNufq9ngQXp7mDkY,1124
 iatoolkit/repositories/llm_query_repo.py,sha256=YT_t7cYGQk8rwzH_17-28aTzO-e2jUfa2rvXy8tugvA,3612
-iatoolkit/repositories/models.py,sha256=3YbIJXNMZiTkMbPyiSOiyzqUKEQF0JIfN4VSWYzwr44,13146
-iatoolkit/repositories/profile_repo.py,sha256=vwDuVec9IDUCSyM7ecf790oqdpV36cpM2bgqP8POkHQ,4128
+iatoolkit/repositories/models.py,sha256=qM95kiKm_92JoPNXiwMT4HTjr5BjalnrDiatG3Rte-M,14300
+iatoolkit/repositories/profile_repo.py,sha256=21am3GP7XCG0nq6i3pArQ7mfGsrRn8rdcWT98fsdwlU,4397
 iatoolkit/repositories/tasks_repo.py,sha256=icVO_r2oPagGnnBhwVFzznnvEEU2EAx-2dlWuWvoDC4,1745
 iatoolkit/repositories/vs_repo.py,sha256=UkpmQQiocgM5IwRBmmWhw3HHzHP6zK1nN3J3TcQgjhc,5300
 iatoolkit/services/__init__.py,sha256=5JqK9sZ6jBuK83zDQokUhxQ0wuJJJ9DXB8pYCLkX7X4,102
-iatoolkit/services/auth_service.py,sha256=9vK09ozxdjcSwM8H8HVdsSb3JXx00GnFs4o7tyfOXLs,2762
+iatoolkit/services/auth_service.py,sha256=vBVKkFJWsaPhhR-LvfLXfIrR-mmR-P5Y8Ya_5p1pgC8,7126
 iatoolkit/services/benchmark_service.py,sha256=CdbFYyS3FHFhNzWQEa9ZNjUlmON10DT1nKNbZQ1EUi8,5880
 iatoolkit/services/branding_service.py,sha256=gXj9Lj6EIFNIHT6wAHia5lr4_2a2sD-ExMbewno5YD8,7505
-iatoolkit/services/dispatcher_service.py,sha256=7tltTH-r-Bg2J2xs597Vyhzflw736dOpPG_soPZFokI,13570
+iatoolkit/services/dispatcher_service.py,sha256=Qdn2x4cozpgpKg2448sUxkhO6tuplzb8xPWUxdTTFBE,12772
 iatoolkit/services/document_service.py,sha256=nMXrNtbHQuc9pSaten0LvKY0kT8_WngBDmZJUP3jNPw,5936
 iatoolkit/services/excel_service.py,sha256=JdAcg7_vPz3J16cf2chC6j7WYVpiT55tDX9667tfMUc,3764
 iatoolkit/services/file_processor_service.py,sha256=B1sUUhZNFf-rT4_1wrD38GKNoBFMp2g0dYrXYMCWe2E,4122
 iatoolkit/services/history_service.py,sha256=3IxcdpKV1mHBGIiv2KIYV3LsVQJ0GPdFuCOiGYRszMU,1255
-iatoolkit/services/jwt_service.py,sha256=YoZ9h7_o9xBko-arNQv4MbcwnxoSWVNj4VbZmMo_QGY,3908
+iatoolkit/services/jwt_service.py,sha256=W2kQVNQheQSLkNLS7RZ4jd3hmySBPLbHAS5hvBrUI10,3244
 iatoolkit/services/load_documents_service.py,sha256=ZpB0BZ3qX1fGJGBtZtMLbFdWWx0hkPoeCS3OqJKwCTs,7291
 iatoolkit/services/mail_service.py,sha256=2h-fcF3swZDya_o7IpgXkmuj3iEVHVCiHi7oVxU99sQ,2182
 iatoolkit/services/onboarding_service.py,sha256=cMO2Ho1-G3wAeVNl-j25LwCMJjRwj3yKHpYKnZUFLDE,2001
-iatoolkit/services/profile_service.py,sha256=w4ZhMuhZMH5_UHbDgvKeZHXNNecEIiExtuKI8fKZL-k,20232
+iatoolkit/services/profile_service.py,sha256=uWlCsoGAPZaJkvVTBZVBWdh6Rk5LHcpDHWgYqi5vTp4,20317
 iatoolkit/services/prompt_manager_service.py,sha256=U-XmSpkeXvv1KRN4dytdMxSYBMRSB7y-UHcb18mk0nA,8342
 iatoolkit/services/query_service.py,sha256=J42KzthYIIsUX8cUS2E7vcXA6IZOJ28Y8I637m-9za4,17649
 iatoolkit/services/search_service.py,sha256=i1xGWu7ORKIIDH0aAQBkF86dVVbLQ0Yrooz5TiZ6aGo,1823
@@ -55,10 +55,10 @@ iatoolkit/services/tasks_service.py,sha256=itREO5rDnUIgsqtyCOBKDtH30QL5v1egs4qPT
 iatoolkit/services/user_feedback_service.py,sha256=ooy750qWmYOeJi-IJQofu8pLG4svGjGU_JKpKMURZkw,2353
 iatoolkit/services/user_session_context_service.py,sha256=TeYi4xF04Xk-4Qnp6cVTmxuNzA4B1nMVUuFDjTHeiZQ,6764
 iatoolkit/static/images/fernando.jpeg,sha256=W68TYMuo5hZVpbP-evwH6Nu4xWFv2bc8pJzSKDoLTeQ,100612
-iatoolkit/static/js/chat_feedback.js,sha256=DDT2NPgglrLnW75vtEAVXS72MNt7vlMcavzr94q80qQ,4398
+iatoolkit/static/js/chat_feedback.js,sha256=zlLEDQfEocGK7RKG2baqI-9fyQlqe6hVuAHOKTPmWek,4399
 iatoolkit/static/js/chat_filepond.js,sha256=mzXafm7a506EpM37KATTK3zvAswO1E0KSUY1vKbwuRc,3163
-iatoolkit/static/js/chat_history.js,sha256=4hYNODIwYNd5vaQqkR28HZyXYIFKgSayrnmOuT_DUac,4381
-iatoolkit/static/js/chat_main.js,sha256=j3rbJjWWCEAM1XUXPv6K2SW4S3kBrPAwEzVtLTjHslI,17314
+iatoolkit/static/js/chat_history.js,sha256=4h6ldU7cDvgkW84fMKB8JReoxCX0NKSQAir_4CzAF9I,4382
+iatoolkit/static/js/chat_main.js,sha256=3ZsMy6NauobPRaYDvSJAws26l16FDslXGm8kGfXLt_E,18538
 iatoolkit/static/js/chat_onboarding.js,sha256=b6ofiFcPhuCaPmSFIvDQZqcMUVvbI7LpIsjZOZJUSAU,3185
 iatoolkit/static/styles/chat_iatoolkit.css,sha256=aA-PZ2TGl_k82JSVVBC2-CJT0NiZAuLOGoiaJhdeVUU,11416
 iatoolkit/static/styles/chat_info.css,sha256=17DbgoNYE21VYWfb5L9-QLCpD2R1idK4imKRLwXtJLY,1058
@@ -75,21 +75,21 @@ iatoolkit/templates/_navbar.html,sha256=o1PvZE5ueLmVpGUAmsjtu-vS_WPROTlJc2sTXl6A
 iatoolkit/templates/about.html,sha256=ciC08grUVz5qLzdzDDqDX31xirg5PrJIRYabWpV9oA8,294
 iatoolkit/templates/base.html,sha256=hHfBqZJsPcZGlb4BxAbHvpJFcSjckLIAVTYTmoyXrz0,2323
 iatoolkit/templates/change_password.html,sha256=G5a3hYLTpz_5Q_eZ4LNcYSqLeW-CuT4NCHD8bkhAd9k,3573
-iatoolkit/templates/chat.html,sha256=AgVynrJzUlBr8aG334YKg3U35Nas0-RoVfzFAx9Ntfk,13961
+iatoolkit/templates/chat.html,sha256=usmyuke0Moh6jNMWvxK2p_N15V6UzHNeXyXDd45XWIU,14087
 iatoolkit/templates/chat_modals.html,sha256=NwwgPoOmVbjy4aO2eHsy1TUMXRiOfTOC5Jx_F2ehhcs,6947
 iatoolkit/templates/error.html,sha256=c3dxieMygsvdjQMiQu_sn6kqqag9zFtVu-z5FunX6so,580
 iatoolkit/templates/forgot_password.html,sha256=NRZqbNHJXSLNArF_KLbzuem-U57v07awS0ikI_DJbfM,2360
 iatoolkit/templates/header.html,sha256=179agI7rnYwP_rvJNXIiVde5E8Ec5649_XKq6eew2Hk,1263
 iatoolkit/templates/index.html,sha256=Q2wBHDv3HTBt-jURVLggye7XOqoqDY8E0LnrmLdc3SQ,7910
-iatoolkit/templates/login_simulation.html,sha256=DqzH0ygJzkGHjdQcoITdONe8GJmv4u_rgoAw1TizYeo,3513
+iatoolkit/templates/login_simulation.html,sha256=1svwCBPrJ3Gy6bD9WMuz25NBSdFgZt4j8_sC7HE6MFU,1270
 iatoolkit/templates/onboarding_shell.html,sha256=r1ivSR2ci8GrDSm1uaD-cf78rfO1bKT5gXa-v5aHLAk,4659
 iatoolkit/templates/signup.html,sha256=9ArDvcNQgHFR2dwxy-37AXzGUOeOsT7Nz5u0y6fAB3U,4385
 iatoolkit/templates/test.html,sha256=rwNtxC83tbCl5COZFXYvmRBxxmgFJtPNuVBd_nq9KWY,133
 iatoolkit/views/__init__.py,sha256=5JqK9sZ6jBuK83zDQokUhxQ0wuJJJ9DXB8pYCLkX7X4,102
-iatoolkit/views/base_login_view.py,sha256=6IWJXEg_6K9cPYoKnG_-Kpt_hIdYnv5ZNC5anIrytXk,2819
+iatoolkit/views/base_login_view.py,sha256=_JM-SMFlftxhpIRV7KyHsTAnAJN_ThY2j1WaYP-HneI,4111
 iatoolkit/views/change_password_view.py,sha256=tM0woZyKdhY4XYjS_YXg2sKq3RYkXGfcq_eVAKrNvNM,4498
 iatoolkit/views/chat_token_request_view.py,sha256=wf32_A2Sq8NHYWshCwL10Tovd1znLoD0jQjzutR3sVE,4408
-iatoolkit/views/external_login_view.py,sha256=IC3X0IZYAfTjHfWSzCwrjqlnBin3Ky7hJZzj3AGk8ZI,2884
+iatoolkit/views/external_login_view.py,sha256=ZFd2Qm_B7ecLxFfu9vL4YjIfkRP6M18slGZszQzpB2g,2572
 iatoolkit/views/file_store_api_view.py,sha256=Uz9f6sey3_F5K8zuyQz6SwYRKAalCjD1ekf-Mkl_Kfo,2326
 iatoolkit/views/forgot_password_view.py,sha256=-qKJeeOBqJFdvDUk7rCNg1E1cDQnJQkozPpb0T0FgwA,3159
 iatoolkit/views/history_api_view.py,sha256=x-tZhB8UzqrD2n-WDIfmHK9iVhGZ9f0yncsGs9mxwt0,1953
@@ -97,15 +97,15 @@ iatoolkit/views/index_view.py,sha256=P5aVdEWxsYOZGbzcXd6WFE733qZ7YXIoeqriUMAM6V8
 iatoolkit/views/init_context_api_view.py,sha256=1j8NKfODfPrffbA5YO8TPMHh-ildlLNzReIxv_qO-W4,2586
 iatoolkit/views/llmquery_api_view.py,sha256=Rh-y-VENwwtNsDrYAD_SWKwjK16fW-pFRWlEvI-OYwY,2120
 iatoolkit/views/llmquery_web_view.py,sha256=WhjlA1mfsoL8hL9tlKQfjCUcaTzT43odlp_uQKmT314,1500
-iatoolkit/views/login_simulation_view.py,sha256=GFKtrHXzU_bPRgtPO1quoPknV_GeI-fUHq9YVPqNrJs,854
-iatoolkit/views/login_view.py,sha256=3mV-I1KWrVCi4GBmSWCPmIIKj0reZEBMmyTZdBKFCFM,4630
+iatoolkit/views/login_simulation_view.py,sha256=0Qt-puRnltI2HZxlfdyJmOf26-hQp3xjknGV_jkwV7E,3484
+iatoolkit/views/login_view.py,sha256=VmW5oDOBqbxLcHx7-LcLyGoI9WMwyg-UbMedV7vap8g,5448
 iatoolkit/views/prompt_api_view.py,sha256=MP0r-MiswwKcbNc_5KY7aVbHkrR218I8XCiCX1D0yTA,1244
 iatoolkit/views/signup_view.py,sha256=BCjhM2lMiDPwYrlW_eEwPl-ZLupblbFfsonWtq0E4vU,3922
 iatoolkit/views/tasks_review_view.py,sha256=keLsLCyOTTlcoIapnB_lbuSvLwrPVZVpBiFC_7ChbLg,3388
 iatoolkit/views/tasks_view.py,sha256=a3anTXrJTTvbQuc6PSpOzidLKQFL4hWa7PI2Cppcz8w,4110
 iatoolkit/views/user_feedback_api_view.py,sha256=59XB9uQLHI4Q6QA4_XhK787HzfXb-c6EY7k1Ccyr4hI,2424
 iatoolkit/views/verify_user_view.py,sha256=7XLSaxvs8LjBr3cYOUDa9B8DqW_50IGlq0IvmOQcD0Y,2340
-iatoolkit-0.55.3.dist-info/METADATA,sha256=JYdzDOAsjbP7j9lAd6wtdNf6Lj2LjJEBpbqIPpCLt6Y,9301
-iatoolkit-0.55.3.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-iatoolkit-0.55.3.dist-info/top_level.txt,sha256=V_w4QvDx0b1RXiy8zTCrD1Bp7AZkFe3_O0-9fMiwogg,10
-iatoolkit-0.55.3.dist-info/RECORD,,
+iatoolkit-0.57.0.dist-info/METADATA,sha256=zrwlhrbdyUpcYe4x6e3-1nexr7_p8-b2aEcDzuv4Vzs,9301
+iatoolkit-0.57.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+iatoolkit-0.57.0.dist-info/top_level.txt,sha256=V_w4QvDx0b1RXiy8zTCrD1Bp7AZkFe3_O0-9fMiwogg,10
+iatoolkit-0.57.0.dist-info/RECORD,,