PyPI - kairo-code - Versions diffs - 0.1.0__py3-none-any.whl - Mend

kairo-code 0.1.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (144) hide show

image-service/main.py +178 -0
infra/chat/app/main.py +84 -0
kairo/backend/__init__.py +0 -0
kairo/backend/api/__init__.py +0 -0
kairo/backend/api/admin/__init__.py +23 -0
kairo/backend/api/admin/audit.py +54 -0
kairo/backend/api/admin/content.py +142 -0
kairo/backend/api/admin/incidents.py +148 -0
kairo/backend/api/admin/stats.py +125 -0
kairo/backend/api/admin/system.py +87 -0
kairo/backend/api/admin/users.py +279 -0
kairo/backend/api/agents.py +94 -0
kairo/backend/api/api_keys.py +85 -0
kairo/backend/api/auth.py +116 -0
kairo/backend/api/billing.py +41 -0
kairo/backend/api/chat.py +72 -0
kairo/backend/api/conversations.py +125 -0
kairo/backend/api/device_auth.py +100 -0
kairo/backend/api/files.py +83 -0
kairo/backend/api/health.py +36 -0
kairo/backend/api/images.py +80 -0
kairo/backend/api/openai_compat.py +225 -0
kairo/backend/api/projects.py +102 -0
kairo/backend/api/usage.py +32 -0
kairo/backend/api/webhooks.py +79 -0
kairo/backend/app.py +297 -0
kairo/backend/config.py +179 -0
kairo/backend/core/__init__.py +0 -0
kairo/backend/core/admin_auth.py +24 -0
kairo/backend/core/api_key_auth.py +55 -0
kairo/backend/core/database.py +28 -0
kairo/backend/core/dependencies.py +70 -0
kairo/backend/core/logging.py +23 -0
kairo/backend/core/rate_limit.py +73 -0
kairo/backend/core/security.py +29 -0
kairo/backend/models/__init__.py +19 -0
kairo/backend/models/agent.py +30 -0
kairo/backend/models/api_key.py +25 -0
kairo/backend/models/api_usage.py +29 -0
kairo/backend/models/audit_log.py +26 -0
kairo/backend/models/conversation.py +48 -0
kairo/backend/models/device_code.py +30 -0
kairo/backend/models/feature_flag.py +21 -0
kairo/backend/models/image_generation.py +24 -0
kairo/backend/models/incident.py +28 -0
kairo/backend/models/project.py +28 -0
kairo/backend/models/uptime_record.py +24 -0
kairo/backend/models/usage.py +24 -0
kairo/backend/models/user.py +49 -0
kairo/backend/schemas/__init__.py +0 -0
kairo/backend/schemas/admin/__init__.py +0 -0
kairo/backend/schemas/admin/audit.py +28 -0
kairo/backend/schemas/admin/content.py +53 -0
kairo/backend/schemas/admin/stats.py +77 -0
kairo/backend/schemas/admin/system.py +44 -0
kairo/backend/schemas/admin/users.py +48 -0
kairo/backend/schemas/agent.py +42 -0
kairo/backend/schemas/api_key.py +30 -0
kairo/backend/schemas/auth.py +57 -0
kairo/backend/schemas/chat.py +26 -0
kairo/backend/schemas/conversation.py +39 -0
kairo/backend/schemas/device_auth.py +40 -0
kairo/backend/schemas/image.py +15 -0
kairo/backend/schemas/openai_compat.py +76 -0
kairo/backend/schemas/project.py +21 -0
kairo/backend/schemas/status.py +81 -0
kairo/backend/schemas/usage.py +15 -0
kairo/backend/services/__init__.py +0 -0
kairo/backend/services/admin/__init__.py +0 -0
kairo/backend/services/admin/audit_service.py +78 -0
kairo/backend/services/admin/content_service.py +119 -0
kairo/backend/services/admin/incident_service.py +94 -0
kairo/backend/services/admin/stats_service.py +281 -0
kairo/backend/services/admin/system_service.py +126 -0
kairo/backend/services/admin/user_service.py +157 -0
kairo/backend/services/agent_service.py +107 -0
kairo/backend/services/api_key_service.py +66 -0
kairo/backend/services/api_usage_service.py +126 -0
kairo/backend/services/auth_service.py +101 -0
kairo/backend/services/chat_service.py +501 -0
kairo/backend/services/conversation_service.py +264 -0
kairo/backend/services/device_auth_service.py +193 -0
kairo/backend/services/email_service.py +55 -0
kairo/backend/services/image_service.py +181 -0
kairo/backend/services/llm_service.py +186 -0
kairo/backend/services/project_service.py +109 -0
kairo/backend/services/status_service.py +167 -0
kairo/backend/services/stripe_service.py +78 -0
kairo/backend/services/usage_service.py +150 -0
kairo/backend/services/web_search_service.py +96 -0
kairo/migrations/env.py +60 -0
kairo/migrations/versions/001_initial.py +55 -0
kairo/migrations/versions/002_usage_tracking_and_indexes.py +66 -0
kairo/migrations/versions/003_username_to_email.py +21 -0
kairo/migrations/versions/004_add_plans_and_verification.py +67 -0
kairo/migrations/versions/005_add_projects.py +52 -0
kairo/migrations/versions/006_add_image_generation.py +63 -0
kairo/migrations/versions/007_add_admin_portal.py +107 -0
kairo/migrations/versions/008_add_device_code_auth.py +76 -0
kairo/migrations/versions/009_add_status_page.py +65 -0
kairo/tools/extract_claude_data.py +465 -0
kairo/tools/filter_claude_data.py +303 -0
kairo/tools/generate_curated_data.py +157 -0
kairo/tools/mix_training_data.py +295 -0
kairo_code/__init__.py +3 -0
kairo_code/agents/__init__.py +25 -0
kairo_code/agents/architect.py +98 -0
kairo_code/agents/audit.py +100 -0
kairo_code/agents/base.py +463 -0
kairo_code/agents/coder.py +155 -0
kairo_code/agents/database.py +77 -0
kairo_code/agents/docs.py +88 -0
kairo_code/agents/explorer.py +62 -0
kairo_code/agents/guardian.py +80 -0
kairo_code/agents/planner.py +66 -0
kairo_code/agents/reviewer.py +91 -0
kairo_code/agents/security.py +94 -0
kairo_code/agents/terraform.py +88 -0
kairo_code/agents/testing.py +97 -0
kairo_code/agents/uiux.py +88 -0
kairo_code/auth.py +232 -0
kairo_code/config.py +172 -0
kairo_code/conversation.py +173 -0
kairo_code/heartbeat.py +63 -0
kairo_code/llm.py +291 -0
kairo_code/logging_config.py +156 -0
kairo_code/main.py +818 -0
kairo_code/router.py +217 -0
kairo_code/sandbox.py +248 -0
kairo_code/settings.py +183 -0
kairo_code/tools/__init__.py +51 -0
kairo_code/tools/analysis.py +509 -0
kairo_code/tools/base.py +417 -0
kairo_code/tools/code.py +58 -0
kairo_code/tools/definitions.py +617 -0
kairo_code/tools/files.py +315 -0
kairo_code/tools/review.py +390 -0
kairo_code/tools/search.py +185 -0
kairo_code/ui.py +418 -0
kairo_code-0.1.0.dist-info/METADATA +13 -0
kairo_code-0.1.0.dist-info/RECORD +144 -0
kairo_code-0.1.0.dist-info/WHEEL +5 -0
kairo_code-0.1.0.dist-info/entry_points.txt +2 -0
kairo_code-0.1.0.dist-info/top_level.txt +4 -0

kairo/backend/services/web_search_service.py ADDED Viewed

@@ -0,0 +1,96 @@
+import logging
+import re
+from html import unescape
+import httpx
+logger = logging.getLogger(__name__)
+async def web_search(query: str, max_results: int = 5) -> list[dict]:
+    """Search the web via DuckDuckGo HTML and return results."""
+    results = []
+    try:
+        async with httpx.AsyncClient(timeout=10.0) as client:
+            resp = await client.post(
+                "https://html.duckduckgo.com/html/",
+                data={"q": query, "b": ""},
+                headers={
+                    "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
+                },
+            )
+            resp.raise_for_status()
+            html = resp.text
+        # Parse results using regex (avoid BeautifulSoup dependency)
+        # DuckDuckGo HTML results have class="result__a" for links and class="result__snippet" for snippets
+        link_pattern = re.compile(
+            r'<a[^>]+class="result__a"[^>]*href="([^"]*)"[^>]*>(.*?)</a>',
+            re.DOTALL,
+        )
+        snippet_pattern = re.compile(
+            r'<a[^>]+class="result__snippet"[^>]*>(.*?)</a>',
+            re.DOTALL,
+        )
+        links = link_pattern.findall(html)
+        snippets = snippet_pattern.findall(html)
+        for i, (url, title) in enumerate(links[:max_results]):
+            # Clean HTML tags and decode entities
+            clean_title = unescape(re.sub(r"<[^>]+>", "", title)).strip()
+            clean_snippet = ""
+            if i < len(snippets):
+                clean_snippet = unescape(re.sub(r"<[^>]+>", "", snippets[i])).strip()
+            # DuckDuckGo uses redirect URLs - extract actual URL
+            actual_url = url
+            uddg_match = re.search(r"uddg=([^&]+)", url)
+            if uddg_match:
+                from urllib.parse import unquote
+                actual_url = unquote(uddg_match.group(1))
+            if clean_title and actual_url:
+                results.append({
+                    "title": clean_title,
+                    "url": actual_url,
+                    "snippet": clean_snippet,
+                })
+    except Exception as e:
+        logger.warning("Web search failed for '%s': %s", query, e)
+    return results
+def format_search_results(results: list[dict]) -> str:
+    """Format search results for injection into the LLM context."""
+    if not results:
+        return ""
+    parts = [
+        "=== WEB SEARCH RESULTS (AUTHORITATIVE — USE THESE AS YOUR PRIMARY SOURCE) ===",
+        "",
+    ]
+    for i, r in enumerate(results, 1):
+        parts.append(f"Result {i}: {r['title']}")
+        if r.get("snippet"):
+            parts.append(f"  Summary: {r['snippet']}")
+        parts.append(f"  URL: {r['url']}")
+        parts.append("")
+    parts.append("=== END OF SEARCH RESULTS ===")
+    parts.append("")
+    parts.append(
+        "CRITICAL INSTRUCTIONS FOR USING THESE RESULTS:\n"
+        "1. Base your ENTIRE answer on the search results above. They are FRESH and AUTHORITATIVE.\n"
+        "2. Your training data is OUTDATED and UNRELIABLE for this topic. Do NOT fall back to it.\n"
+        "3. If search results say something is FREE or does NOT require signup, trust them — do NOT claim otherwise.\n"
+        "4. If search results show an API works a certain way, describe it EXACTLY as shown — do NOT invent parameters, "
+        "endpoints, headers, or authentication requirements that are not mentioned in the results.\n"
+        "5. Do NOT fabricate URLs. Only share URLs that appear in the search results above.\n"
+        "6. If the search results do not contain enough information, say so honestly. Do NOT guess or fill gaps with training data.\n"
+        "7. Integrate the information naturally into your response. Do NOT use [Source N] citations."
+    )
+    return "\n".join(parts)

kairo/migrations/env.py ADDED Viewed

@@ -0,0 +1,60 @@
+import asyncio
+import os
+from logging.config import fileConfig
+from alembic import context
+from sqlalchemy import pool
+from sqlalchemy.ext.asyncio import async_engine_from_config
+from backend.core.database import Base
+from backend.models import Conversation, Message, User, UsageRecord, Project, ImageGeneration  # noqa: F401
+config = context.config
+if config.config_file_name is not None:
+    fileConfig(config.config_file_name)
+# Override with env var if available
+db_url = os.environ.get("KAIRO_DATABASE_URL")
+if db_url:
+    config.set_main_option("sqlalchemy.url", db_url)
+target_metadata = Base.metadata
+def run_migrations_offline() -> None:
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(
+        url=url,
+        target_metadata=target_metadata,
+        literal_binds=True,
+        dialect_opts={"paramstyle": "named"},
+    )
+    with context.begin_transaction():
+        context.run_migrations()
+def do_run_migrations(connection):
+    context.configure(connection=connection, target_metadata=target_metadata)
+    with context.begin_transaction():
+        context.run_migrations()
+async def run_async_migrations() -> None:
+    connectable = async_engine_from_config(
+        config.get_section(config.config_ini_section, {}),
+        prefix="sqlalchemy.",
+        poolclass=pool.NullPool,
+    )
+    async with connectable.connect() as connection:
+        await connection.run_sync(do_run_migrations)
+    await connectable.dispose()
+def run_migrations_online() -> None:
+    asyncio.run(run_async_migrations())
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()

kairo/migrations/versions/001_initial.py ADDED Viewed

@@ -0,0 +1,55 @@
+"""Initial schema
+Revision ID: 001
+Revises:
+Create Date: 2025-01-01 00:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "001"
+down_revision = None
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    op.create_table(
+        "users",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column("username", sa.String(), unique=True, nullable=False),
+        sa.Column("hashed_password", sa.String(), nullable=False),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+    )
+    op.create_table(
+        "conversations",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column("title", sa.String(), nullable=False),
+        sa.Column("model", sa.String(), nullable=False),
+        sa.Column("user_id", sa.String(), sa.ForeignKey("users.id"), nullable=True),
+        sa.Column("summary", sa.Text(), nullable=True),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False),
+    )
+    op.create_table(
+        "messages",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column(
+            "conversation_id",
+            sa.String(),
+            sa.ForeignKey("conversations.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column("role", sa.String(), nullable=False),
+        sa.Column("content", sa.Text(), nullable=False),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+    )
+def downgrade() -> None:
+    op.drop_table("messages")
+    op.drop_table("conversations")
+    op.drop_table("users")

kairo/migrations/versions/002_usage_tracking_and_indexes.py ADDED Viewed

@@ -0,0 +1,66 @@
+"""Usage tracking and indexes
+Revision ID: 002
+Revises: 001
+Create Date: 2025-01-15 00:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "002"
+down_revision = "001"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    # usage_records table
+    op.create_table(
+        "usage_records",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column(
+            "user_id",
+            sa.String(),
+            sa.ForeignKey("users.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column(
+            "conversation_id",
+            sa.String(),
+            sa.ForeignKey("conversations.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column("model", sa.String(), nullable=False),
+        sa.Column("prompt_tokens", sa.Integer(), nullable=False),
+        sa.Column("completion_tokens", sa.Integer(), nullable=False),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+    )
+    # Add limit columns to users
+    op.add_column(
+        "users",
+        sa.Column("daily_token_limit", sa.Integer(), nullable=False, server_default="100000"),
+    )
+    op.add_column(
+        "users",
+        sa.Column("monthly_token_limit", sa.Integer(), nullable=False, server_default="2000000"),
+    )
+    # Performance indexes
+    op.create_index("ix_conversations_user_id", "conversations", ["user_id"])
+    op.create_index("ix_messages_conversation_id", "messages", ["conversation_id"])
+    op.create_index("ix_messages_created_at", "messages", ["created_at"])
+    op.create_index("ix_usage_records_user_id", "usage_records", ["user_id"])
+    op.create_index("ix_usage_records_user_date", "usage_records", ["user_id", "created_at"])
+def downgrade() -> None:
+    op.drop_index("ix_usage_records_user_date")
+    op.drop_index("ix_usage_records_user_id")
+    op.drop_index("ix_messages_created_at")
+    op.drop_index("ix_messages_conversation_id")
+    op.drop_index("ix_conversations_user_id")
+    op.drop_column("users", "monthly_token_limit")
+    op.drop_column("users", "daily_token_limit")
+    op.drop_table("usage_records")

kairo/migrations/versions/003_username_to_email.py ADDED Viewed

@@ -0,0 +1,21 @@
+"""Rename username to email
+Revision ID: 003
+Revises: 002
+Create Date: 2026-01-27 00:00:00.000000
+"""
+from alembic import op
+revision = "003"
+down_revision = "002"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    op.alter_column("users", "username", new_column_name="email")
+def downgrade() -> None:
+    op.alter_column("users", "email", new_column_name="username")

kairo/migrations/versions/004_add_plans_and_verification.py ADDED Viewed

@@ -0,0 +1,67 @@
+"""Add plans, stripe, email verification, password reset
+Revision ID: 004
+Revises: 003
+Create Date: 2026-01-28 00:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "004"
+down_revision = "003"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    op.add_column(
+        "users",
+        sa.Column("plan", sa.String(), nullable=False, server_default="free"),
+    )
+    op.add_column(
+        "users",
+        sa.Column("stripe_customer_id", sa.String(), nullable=True),
+    )
+    op.add_column(
+        "users",
+        sa.Column("stripe_subscription_id", sa.String(), nullable=True),
+    )
+    op.add_column(
+        "users",
+        sa.Column("email_verified", sa.Boolean(), nullable=False, server_default="false"),
+    )
+    op.add_column(
+        "users",
+        sa.Column("email_verification_token", sa.String(), nullable=True),
+    )
+    op.add_column(
+        "users",
+        sa.Column("password_reset_token", sa.String(), nullable=True),
+    )
+    op.add_column(
+        "users",
+        sa.Column("password_reset_expires", sa.DateTime(timezone=True), nullable=True),
+    )
+    op.create_index(
+        "ix_users_stripe_customer_id", "users", ["stripe_customer_id"], unique=True,
+    )
+    op.create_index(
+        "ix_users_email_verification_token", "users", ["email_verification_token"],
+    )
+    op.create_index(
+        "ix_users_password_reset_token", "users", ["password_reset_token"],
+    )
+def downgrade() -> None:
+    op.drop_index("ix_users_password_reset_token", table_name="users")
+    op.drop_index("ix_users_email_verification_token", table_name="users")
+    op.drop_index("ix_users_stripe_customer_id", table_name="users")
+    op.drop_column("users", "password_reset_expires")
+    op.drop_column("users", "password_reset_token")
+    op.drop_column("users", "email_verification_token")
+    op.drop_column("users", "email_verified")
+    op.drop_column("users", "stripe_subscription_id")
+    op.drop_column("users", "stripe_customer_id")
+    op.drop_column("users", "plan")

kairo/migrations/versions/005_add_projects.py ADDED Viewed

@@ -0,0 +1,52 @@
+"""Add projects table and link conversations to projects
+Revision ID: 005
+Revises: 004
+Create Date: 2026-01-29 00:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "005"
+down_revision = "004"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    op.create_table(
+        "projects",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column("name", sa.String(), nullable=False),
+        sa.Column("instructions", sa.Text(), nullable=True),
+        sa.Column(
+            "user_id",
+            sa.String(),
+            sa.ForeignKey("users.id"),
+            nullable=False,
+        ),
+        sa.Column("created_at", sa.DateTime(timezone=True), nullable=False),
+        sa.Column("updated_at", sa.DateTime(timezone=True), nullable=False),
+    )
+    op.create_index("ix_projects_user_id", "projects", ["user_id"])
+    op.add_column(
+        "conversations",
+        sa.Column(
+            "project_id",
+            sa.String(),
+            sa.ForeignKey("projects.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+    )
+    op.create_index(
+        "ix_conversations_project_id", "conversations", ["project_id"]
+    )
+def downgrade() -> None:
+    op.drop_index("ix_conversations_project_id", table_name="conversations")
+    op.drop_column("conversations", "project_id")
+    op.drop_index("ix_projects_user_id", table_name="projects")
+    op.drop_table("projects")

kairo/migrations/versions/006_add_image_generation.py ADDED Viewed

@@ -0,0 +1,63 @@
+"""Add image generation support
+Revision ID: 006
+Revises: 005
+Create Date: 2026-01-29 12:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "006"
+down_revision = "005"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    # Add image_url to messages
+    op.add_column(
+        "messages",
+        sa.Column("image_url", sa.String(), nullable=True),
+    )
+    # Create image_generations table
+    op.create_table(
+        "image_generations",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column(
+            "user_id",
+            sa.String(),
+            sa.ForeignKey("users.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column(
+            "conversation_id",
+            sa.String(),
+            sa.ForeignKey("conversations.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column("prompt", sa.Text(), nullable=False),
+        sa.Column("image_url", sa.String(), nullable=False),
+        sa.Column("width", sa.Integer(), nullable=False, server_default="1024"),
+        sa.Column("height", sa.Integer(), nullable=False, server_default="1024"),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=sa.text("now()"),
+        ),
+    )
+    op.create_index(
+        "ix_image_generations_user_id", "image_generations", ["user_id"]
+    )
+    op.create_index(
+        "ix_image_generations_created_at", "image_generations", ["created_at"]
+    )
+def downgrade() -> None:
+    op.drop_index("ix_image_generations_created_at", table_name="image_generations")
+    op.drop_index("ix_image_generations_user_id", table_name="image_generations")
+    op.drop_table("image_generations")
+    op.drop_column("messages", "image_url")

kairo/migrations/versions/007_add_admin_portal.py ADDED Viewed

@@ -0,0 +1,107 @@
+"""Add admin portal: role, status, audit_logs, feature_flags
+Revision ID: 007
+Revises: 006
+Create Date: 2026-01-30 00:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "007"
+down_revision = "006"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    # Add role and status to users
+    op.add_column(
+        "users",
+        sa.Column("role", sa.String(), nullable=False, server_default="user"),
+    )
+    op.add_column(
+        "users",
+        sa.Column("status", sa.String(), nullable=False, server_default="active"),
+    )
+    op.create_index("ix_users_role", "users", ["role"])
+    op.create_index("ix_users_status", "users", ["status"])
+    # Create audit_logs table
+    op.create_table(
+        "audit_logs",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column(
+            "admin_user_id",
+            sa.String(),
+            sa.ForeignKey("users.id", ondelete="CASCADE"),
+            nullable=False,
+        ),
+        sa.Column("action", sa.String(), nullable=False),
+        sa.Column("target_type", sa.String(), nullable=False),
+        sa.Column("target_id", sa.String(), nullable=True),
+        sa.Column("details", sa.JSON(), nullable=True),
+        sa.Column("result", sa.String(), nullable=False, server_default="success"),
+        sa.Column("ip_address", sa.String(), nullable=True),
+        sa.Column("user_agent", sa.Text(), nullable=True),
+        sa.Column("session_id", sa.String(), nullable=True),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=sa.text("now()"),
+        ),
+    )
+    op.create_index("ix_audit_logs_admin_user_id", "audit_logs", ["admin_user_id"])
+    op.create_index("ix_audit_logs_action", "audit_logs", ["action"])
+    op.create_index("ix_audit_logs_target_type", "audit_logs", ["target_type"])
+    op.create_index("ix_audit_logs_created_at", "audit_logs", ["created_at"])
+    # Create feature_flags table
+    op.create_table(
+        "feature_flags",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column("key", sa.String(), nullable=False, unique=True),
+        sa.Column("enabled", sa.Boolean(), nullable=False, server_default="false"),
+        sa.Column(
+            "updated_by",
+            sa.String(),
+            sa.ForeignKey("users.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column(
+            "updated_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=sa.text("now()"),
+        ),
+    )
+    # Seed initial feature flags
+    import uuid
+    op.execute(
+        sa.text(
+            "INSERT INTO feature_flags (id, key, enabled) VALUES "
+            "(:id1, 'FEATURE_KAIRO_API_ENABLED', false), "
+            "(:id2, 'FEATURE_KAIRO_AGENTS_ENABLED', false), "
+            "(:id3, 'FEATURE_IMAGE_GEN_ENABLED', false)"
+        ).bindparams(
+            id1=str(uuid.uuid4()),
+            id2=str(uuid.uuid4()),
+            id3=str(uuid.uuid4()),
+        )
+    )
+def downgrade() -> None:
+    op.drop_table("feature_flags")
+    op.drop_index("ix_audit_logs_created_at", table_name="audit_logs")
+    op.drop_index("ix_audit_logs_target_type", table_name="audit_logs")
+    op.drop_index("ix_audit_logs_action", table_name="audit_logs")
+    op.drop_index("ix_audit_logs_admin_user_id", table_name="audit_logs")
+    op.drop_table("audit_logs")
+    op.drop_index("ix_users_status", table_name="users")
+    op.drop_index("ix_users_role", table_name="users")
+    op.drop_column("users", "status")
+    op.drop_column("users", "role")

kairo/migrations/versions/008_add_device_code_auth.py ADDED Viewed

@@ -0,0 +1,76 @@
+"""Add device code auth flow (RFC 8628)
+Revision ID: 008
+Revises: 007
+Create Date: 2026-01-31 00:00:00.000000
+"""
+from alembic import op
+import sqlalchemy as sa
+revision = "008"
+down_revision = "007"
+branch_labels = None
+depends_on = None
+def upgrade() -> None:
+    # Create device_codes table
+    op.create_table(
+        "device_codes",
+        sa.Column("id", sa.String(), primary_key=True),
+        sa.Column("device_code", sa.String(), nullable=False, unique=True),
+        sa.Column("user_code", sa.String(), nullable=False, unique=True),
+        sa.Column(
+            "user_id",
+            sa.String(),
+            sa.ForeignKey("users.id", ondelete="CASCADE"),
+            nullable=True,
+        ),
+        sa.Column("status", sa.String(), nullable=False, server_default="pending"),
+        sa.Column(
+            "cli_api_key_id",
+            sa.String(),
+            sa.ForeignKey("api_keys.id", ondelete="SET NULL"),
+            nullable=True,
+        ),
+        sa.Column("expires_at", sa.DateTime(timezone=True), nullable=False),
+        sa.Column(
+            "created_at",
+            sa.DateTime(timezone=True),
+            nullable=False,
+            server_default=sa.text("now()"),
+        ),
+        sa.Column("approved_at", sa.DateTime(timezone=True), nullable=True),
+        sa.Column("client_name", sa.String(), nullable=True),
+        sa.Column("cli_token", sa.String(), nullable=True),
+        sa.Column("interval", sa.Integer(), nullable=False, server_default="5"),
+    )
+    op.create_index("ix_device_codes_device_code", "device_codes", ["device_code"], unique=True)
+    op.create_index("ix_device_codes_user_code", "device_codes", ["user_code"], unique=True)
+    op.create_index("ix_device_codes_user_id", "device_codes", ["user_id"])
+    op.create_index("ix_device_codes_status", "device_codes", ["status"])
+    # Add key_type to api_keys
+    op.add_column(
+        "api_keys",
+        sa.Column("key_type", sa.String(), nullable=False, server_default="api"),
+    )
+    # Add source to usage_records
+    op.add_column(
+        "usage_records",
+        sa.Column("source", sa.String(), nullable=False, server_default="chat"),
+    )
+    op.create_index("ix_usage_records_source", "usage_records", ["source"])
+def downgrade() -> None:
+    op.drop_index("ix_usage_records_source", table_name="usage_records")
+    op.drop_column("usage_records", "source")
+    op.drop_column("api_keys", "key_type")
+    op.drop_index("ix_device_codes_status", table_name="device_codes")
+    op.drop_index("ix_device_codes_user_id", table_name="device_codes")
+    op.drop_index("ix_device_codes_user_code", table_name="device_codes")
+    op.drop_index("ix_device_codes_device_code", table_name="device_codes")
+    op.drop_table("device_codes")