kairo-code 0.1.0__py3-none-any.whl

kairo/backend/api/auth.py

@@ -0,0 +1,116 @@
+import asyncio
+import logging
+
+from fastapi import APIRouter, Depends, HTTPException
+
+from backend.core.dependencies import get_auth_service, get_current_user, get_email_service
+from backend.core.rate_limit import rate_limit_auth
+from backend.core.security import create_access_token
+from backend.models.user import User
+
+logger = logging.getLogger(__name__)
+
+from backend.schemas.auth import (
+    ForgotPasswordRequest,
+    LoginRequest,
+    RegisterRequest,
+    ResetPasswordRequest,
+    TokenResponse,
+    UserResponse,
+    VerifyEmailRequest,
+)
+from backend.services.auth_service import AuthService
+from backend.services.email_service import EmailService
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+@router.post("/register", response_model=TokenResponse, status_code=201, dependencies=[Depends(rate_limit_auth)])
+async def register(
+    body: RegisterRequest,
+    auth_service: AuthService = Depends(get_auth_service),
+    email_service: EmailService = Depends(get_email_service),
+):
+    user = await auth_service.register(body.email, body.password)
+    if not user:
+        raise HTTPException(status_code=409, detail="Email already registered")
+    if user.email_verification_token:
+        try:
+            await asyncio.to_thread(
+                email_service.send_verification_email, user.email, user.email_verification_token
+            )
+        except Exception:
+            logger.exception("Failed to send verification email to %s", user.email)
+    token = create_access_token(user.id)
+    return TokenResponse(
+        access_token=token,
+        user=UserResponse.model_validate(user),
+    )
+
+
+@router.post("/login", response_model=TokenResponse, dependencies=[Depends(rate_limit_auth)])
+async def login(
+    body: LoginRequest,
+    auth_service: AuthService = Depends(get_auth_service),
+):
+    user = await auth_service.authenticate(body.email, body.password)
+    if not user:
+        raise HTTPException(status_code=401, detail="Invalid email or password")
+    token = create_access_token(user.id)
+    return TokenResponse(
+        access_token=token,
+        user=UserResponse.model_validate(user),
+    )
+
+
+@router.get("/me", response_model=UserResponse)
+async def get_me(user: User = Depends(get_current_user)):
+    return UserResponse.model_validate(user)
+
+
+@router.post("/verify-email", dependencies=[Depends(rate_limit_auth)])
+async def verify_email(
+    body: VerifyEmailRequest,
+    auth_service: AuthService = Depends(get_auth_service),
+):
+    user = await auth_service.verify_email(body.token)
+    if not user:
+        raise HTTPException(status_code=400, detail="Invalid or expired verification token")
+    return {"message": "Email verified successfully"}
+
+
+@router.post("/forgot-password", dependencies=[Depends(rate_limit_auth)])
+async def forgot_password(
+    body: ForgotPasswordRequest,
+    auth_service: AuthService = Depends(get_auth_service),
+    email_service: EmailService = Depends(get_email_service),
+):
+    """Always returns 200 to prevent email enumeration."""
+    token = await auth_service.request_password_reset(body.email)
+    if token:
+        await asyncio.to_thread(email_service.send_password_reset_email, body.email, token)
+    return {"message": "If that email exists, a reset link has been sent"}
+
+
+@router.post("/reset-password", dependencies=[Depends(rate_limit_auth)])
+async def reset_password(
+    body: ResetPasswordRequest,
+    auth_service: AuthService = Depends(get_auth_service),
+):
+    success = await auth_service.reset_password(body.token, body.password)
+    if not success:
+        raise HTTPException(status_code=400, detail="Invalid or expired reset token")
+    return {"message": "Password reset successfully"}
+
+
+@router.post("/resend-verification", dependencies=[Depends(rate_limit_auth)])
+async def resend_verification(
+    user: User = Depends(get_current_user),
+    auth_service: AuthService = Depends(get_auth_service),
+    email_service: EmailService = Depends(get_email_service),
+):
+    token = await auth_service.regenerate_verification_token(user.id)
+    if not token:
+        return {"message": "Email already verified"}
+    await asyncio.to_thread(email_service.send_verification_email, user.email, token)
+    return {"message": "Verification email sent"}

kairo/backend/api/billing.py

@@ -0,0 +1,41 @@
+from fastapi import APIRouter, Depends, HTTPException
+
+from backend.core.dependencies import get_current_user, get_stripe_service
+from backend.models.user import User
+from backend.schemas.auth import BillingPortalResponse, BillingStatusResponse, CheckoutResponse
+from backend.services.stripe_service import StripeService
+
+router = APIRouter(prefix="/billing", tags=["billing"])
+
+
+@router.post("/create-checkout", response_model=CheckoutResponse)
+async def create_checkout(
+    user: User = Depends(get_current_user),
+    stripe_service: StripeService = Depends(get_stripe_service),
+):
+    if user.plan == "pro":
+        raise HTTPException(status_code=400, detail="Already on Pro plan")
+    checkout_url, customer_id = stripe_service.create_checkout_session(
+        user.id, user.email, user.stripe_customer_id
+    )
+    return CheckoutResponse(checkout_url=checkout_url)
+
+
+@router.post("/portal", response_model=BillingPortalResponse)
+async def billing_portal(
+    user: User = Depends(get_current_user),
+    stripe_service: StripeService = Depends(get_stripe_service),
+):
+    if not user.stripe_customer_id:
+        raise HTTPException(status_code=400, detail="No billing account found")
+    portal_url = stripe_service.create_billing_portal_session(user.stripe_customer_id)
+    return BillingPortalResponse(portal_url=portal_url)
+
+
+@router.get("/status", response_model=BillingStatusResponse)
+async def billing_status(user: User = Depends(get_current_user)):
+    return BillingStatusResponse(
+        plan=user.plan,
+        stripe_customer_id=user.stripe_customer_id,
+        stripe_subscription_id=user.stripe_subscription_id,
+    )

kairo/backend/api/chat.py

@@ -0,0 +1,72 @@
+from fastapi import APIRouter, Depends, HTTPException
+from pydantic import BaseModel, Field
+from starlette.responses import StreamingResponse
+
+from backend.core.dependencies import get_chat_service, get_conversation_service
+from backend.core.rate_limit import rate_limit_chat
+from backend.schemas.chat import ChatRequest
+from backend.services.chat_service import ChatService
+from backend.services.conversation_service import ConversationService
+
+router = APIRouter()
+
+
+@router.post("/chat", dependencies=[Depends(rate_limit_chat)])
+async def chat(
+    request: ChatRequest,
+    chat_service: ChatService = Depends(get_chat_service),
+):
+    return StreamingResponse(
+        chat_service.stream_response(
+            message=request.message,
+            model=request.model,
+            conversation_id=request.conversation_id,
+            temperature=request.temperature,
+            max_tokens=request.max_tokens,
+            project_id=request.project_id,
+        ),
+        media_type="text/event-stream",
+        headers={
+            "Cache-Control": "no-cache",
+            "Connection": "keep-alive",
+            "X-Accel-Buffering": "no",
+        },
+    )
+
+
+class EditMessageRequest(BaseModel):
+    content: str = Field(..., min_length=1, max_length=32000)
+
+
+@router.put("/chat/messages/{message_id}")
+async def edit_message(
+    message_id: str,
+    request: EditMessageRequest,
+    service: ConversationService = Depends(get_conversation_service),
+):
+    msg = await service.edit_message(message_id, request.content)
+    if not msg:
+        raise HTTPException(status_code=404, detail="Message not found")
+    return {
+        "id": msg.id,
+        "conversation_id": msg.conversation_id,
+        "role": msg.role,
+        "content": msg.content,
+        "created_at": msg.created_at,
+    }
+
+
+@router.post("/chat/regenerate/{conversation_id}", dependencies=[Depends(rate_limit_chat)])
+async def regenerate(
+    conversation_id: str,
+    chat_service: ChatService = Depends(get_chat_service),
+):
+    return StreamingResponse(
+        chat_service.regenerate_response(conversation_id=conversation_id),
+        media_type="text/event-stream",
+        headers={
+            "Cache-Control": "no-cache",
+            "Connection": "keep-alive",
+            "X-Accel-Buffering": "no",
+        },
+    )

kairo/backend/api/conversations.py

@@ -0,0 +1,125 @@
+import json
+
+from fastapi import APIRouter, Depends, HTTPException, Query
+from starlette.responses import Response
+
+from backend.core.dependencies import get_conversation_service
+from backend.schemas.conversation import (
+    ConversationDetail,
+    ConversationRename,
+    ConversationSummary,
+    MessageSchema,
+)
+from backend.services.conversation_service import ConversationService
+
+router = APIRouter()
+
+
+@router.get("/")
+async def list_conversations(
+    limit: int = Query(default=50, ge=1, le=100),
+    offset: int = Query(default=0, ge=0),
+    q: str = Query(default="", max_length=200),
+    project_id: str | None = Query(default=None),
+    service: ConversationService = Depends(get_conversation_service),
+):
+    if q.strip():
+        items, total = await service.search(q.strip(), limit=limit, offset=offset)
+    else:
+        items, total = await service.list_all(limit=limit, offset=offset, project_id=project_id)
+    return {"items": items, "total": total}
+
+
+@router.get("/search-messages")
+async def search_messages(
+    q: str = Query(..., min_length=2, max_length=200),
+    limit: int = Query(default=20, ge=1, le=50),
+    offset: int = Query(default=0, ge=0),
+    service: ConversationService = Depends(get_conversation_service),
+):
+    results = await service.search_messages(q, limit=limit, offset=offset)
+    return {"results": results}
+
+
+@router.get("/{conversation_id}", response_model=ConversationDetail)
+async def get_conversation(
+    conversation_id: str,
+    service: ConversationService = Depends(get_conversation_service),
+):
+    conv = await service.get(conversation_id)
+    if not conv:
+        raise HTTPException(status_code=404, detail="Conversation not found")
+    return conv
+
+
+@router.delete("/{conversation_id}", status_code=204)
+async def delete_conversation(
+    conversation_id: str,
+    service: ConversationService = Depends(get_conversation_service),
+):
+    deleted = await service.delete(conversation_id)
+    if not deleted:
+        raise HTTPException(status_code=404, detail="Conversation not found")
+
+
+@router.patch("/{conversation_id}")
+async def rename_conversation(
+    conversation_id: str,
+    body: ConversationRename,
+    service: ConversationService = Depends(get_conversation_service),
+):
+    conv = await service.rename(conversation_id, body.title)
+    if not conv:
+        raise HTTPException(status_code=404, detail="Conversation not found")
+    return {"id": conv.id, "title": conv.title}
+
+
+@router.get("/{conversation_id}/export")
+async def export_conversation(
+    conversation_id: str,
+    format: str = Query(default="md", pattern="^(md|json)$"),
+    service: ConversationService = Depends(get_conversation_service),
+):
+    conv = await service.get(conversation_id)
+    if not conv:
+        raise HTTPException(status_code=404, detail="Conversation not found")
+
+    messages = sorted(conv.messages, key=lambda m: m.created_at)
+    safe_title = conv.title.replace(" ", "_").replace("/", "-")[:50]
+
+    if format == "json":
+        data = {
+            "title": conv.title,
+            "model": conv.model,
+            "created_at": str(conv.created_at),
+            "updated_at": str(conv.updated_at),
+            "messages": [
+                {
+                    "role": m.role,
+                    "content": m.content,
+                    "created_at": str(m.created_at),
+                }
+                for m in messages
+            ],
+        }
+        return Response(
+            content=json.dumps(data, indent=2, ensure_ascii=False),
+            media_type="application/json",
+            headers={"Content-Disposition": f'attachment; filename="{safe_title}.json"'},
+        )
+
+    # Markdown format
+    lines = [f"# {conv.title}\n"]
+    lines.append(f"**Model:** {conv.model}  ")
+    lines.append(f"**Date:** {conv.created_at}\n")
+    lines.append("---\n")
+    for m in messages:
+        label = "User" if m.role == "user" else "Assistant"
+        lines.append(f"## {label}\n")
+        lines.append(f"{m.content}\n")
+    content = "\n".join(lines)
+    return Response(
+        content=content,
+        media_type="text/markdown",
+        headers={"Content-Disposition": f'attachment; filename="{safe_title}.md"'},
+    )

kairo/backend/api/device_auth.py

@@ -0,0 +1,100 @@
+from fastapi import APIRouter, Depends, HTTPException
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from backend.config import settings
+from backend.core.database import get_db
+from backend.core.dependencies import get_current_user
+from backend.core.rate_limit import rate_limit_auth
+from backend.models.user import PlanType, User
+from backend.schemas.device_auth import (
+    DeviceApproveRequest,
+    DeviceApproveResponse,
+    DeviceCodeRequest,
+    DeviceCodeResponse,
+    DeviceTokenRequest,
+    DeviceTokenResponse,
+)
+from backend.services.device_auth_service import DeviceAuthService
+
+router = APIRouter(prefix="/auth/device", tags=["Device Auth"])
+
+_ERROR_DESCRIPTIONS = {
+    "authorization_pending": "The user has not yet approved the request.",
+    "slow_down": "Polling too frequently. Increase interval.",
+    "expired_token": "The device code has expired. Please restart authentication.",
+    "access_denied": "The user denied the request or does not have a Max plan.",
+}
+
+
+@router.post(
+    "/code",
+    response_model=DeviceCodeResponse,
+    dependencies=[Depends(rate_limit_auth)],
+)
+async def request_device_code(
+    body: DeviceCodeRequest,
+    db: AsyncSession = Depends(get_db),
+):
+    """Initiate the device code flow (RFC 8628). Called by the CLI."""
+    svc = DeviceAuthService(db)
+    device = await svc.create_device_code(body.client_name)
+
+    base_url = settings.APP_BASE_URL.rstrip("/")
+    return DeviceCodeResponse(
+        device_code=device.device_code,
+        user_code=device.user_code,
+        verification_uri=f"{base_url}/cli-auth",
+        verification_uri_complete=f"{base_url}/cli-auth?code={device.user_code}",
+        expires_in=DeviceAuthService.EXPIRY_MINUTES * 60,
+        interval=device.interval,
+    )
+
+
+@router.post("/token")
+async def poll_device_token(
+    body: DeviceTokenRequest,
+    db: AsyncSession = Depends(get_db),
+):
+    """Poll for the access token. Called by the CLI at the configured interval."""
+    svc = DeviceAuthService(db)
+    status, user_info = await svc.poll_token(body.device_code)
+
+    if status == "approved" and user_info:
+        return DeviceTokenResponse(
+            access_token=user_info["raw_key"],
+            plan=user_info["plan"],
+            email=user_info["email"],
+        )
+
+    # RFC 8628: return 400 with structured error for non-success states
+    raise HTTPException(
+        status_code=400,
+        detail={
+            "error": status,
+            "error_description": _ERROR_DESCRIPTIONS.get(status, "Unknown error"),
+        },
+    )
+
+
+@router.post("/approve", response_model=DeviceApproveResponse)
+async def approve_device(
+    body: DeviceApproveRequest,
+    user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_db),
+):
+    """Approve a pending device code. Called from the web UI by a logged-in user."""
+    if user.plan != PlanType.MAX.value:
+        raise HTTPException(
+            status_code=403,
+            detail="Kairo Code requires a Max plan.",
+        )
+
+    svc = DeviceAuthService(db)
+    result = await svc.approve(body.user_code, user)
+    if not result:
+        raise HTTPException(status_code=404, detail="Invalid or expired code.")
+
+    return DeviceApproveResponse(
+        approved=True,
+        message="CLI authorized successfully.",
+    )

kairo/backend/api/files.py

@@ -0,0 +1,83 @@
+import logging
+from pathlib import Path
+
+from fastapi import APIRouter, Depends, HTTPException, UploadFile, File
+from pydantic import BaseModel
+
+from backend.core.dependencies import get_current_user
+from backend.models.user import User
+
+logger = logging.getLogger(__name__)
+
+router = APIRouter()
+
+MAX_FILE_SIZE = 10 * 1024 * 1024  # 10 MB
+
+TEXT_EXTENSIONS = {
+    ".txt", ".md", ".py", ".js", ".ts", ".tsx", ".jsx", ".css", ".html",
+    ".json", ".yaml", ".yml", ".xml", ".csv", ".sh", ".bash", ".zsh",
+    ".rb", ".go", ".rs", ".java", ".c", ".cpp", ".h", ".hpp", ".swift",
+    ".kt", ".scala", ".r", ".sql", ".toml", ".ini", ".cfg", ".conf",
+    ".env", ".gitignore", ".dockerfile", ".makefile",
+}
+
+IMAGE_EXTENSIONS = {".png", ".jpg", ".jpeg", ".gif", ".webp"}
+
+
+class FileUploadResponse(BaseModel):
+    filename: str
+    text: str
+    type: str
+
+
+@router.post("/files/upload", response_model=FileUploadResponse)
+async def upload_file(
+    file: UploadFile = File(...),
+    user: User = Depends(get_current_user),
+):
+    if not file.filename:
+        raise HTTPException(status_code=400, detail="No filename provided.")
+
+    content = await file.read()
+    if len(content) > MAX_FILE_SIZE:
+        raise HTTPException(status_code=413, detail="File too large. Maximum size is 10 MB.")
+
+    ext = Path(file.filename).suffix.lower()
+
+    if ext in TEXT_EXTENSIONS:
+        try:
+            text = content.decode("utf-8")
+        except UnicodeDecodeError:
+            try:
+                text = content.decode("latin-1")
+            except Exception:
+                raise HTTPException(status_code=400, detail="Could not decode file as text.")
+        return FileUploadResponse(filename=file.filename, text=text, type="text")
+
+    if ext in IMAGE_EXTENSIONS:
+        return FileUploadResponse(
+            filename=file.filename,
+            text=f"[Image: {file.filename} ({len(content) // 1024} KB)]",
+            type="image",
+        )
+
+    if ext == ".pdf":
+        return FileUploadResponse(
+            filename=file.filename,
+            text=f"[PDF: {file.filename} ({len(content) // 1024} KB)]",
+            type="pdf",
+        )
+
+    if ext in (".doc", ".docx"):
+        return FileUploadResponse(
+            filename=file.filename,
+            text=f"[Document: {file.filename} ({len(content) // 1024} KB)]",
+            type="document",
+        )
+
+    # Fallback: try to read as text
+    try:
+        text = content.decode("utf-8")
+        return FileUploadResponse(filename=file.filename, text=text, type="text")
+    except UnicodeDecodeError:
+        raise HTTPException(status_code=400, detail=f"Unsupported file type: {ext}")

kairo/backend/api/health.py

@@ -0,0 +1,36 @@
+from fastapi import APIRouter, Depends
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from backend.core.database import get_db
+from backend.core.dependencies import get_llm_service
+from backend.schemas.status import StatusPageResponse
+from backend.services.llm_service import LLMService
+from backend.services.status_service import StatusService
+
+router = APIRouter()
+
+
+@router.get("/health")
+async def health(llm_service: LLMService = Depends(get_llm_service)):
+    vllm_ok = await llm_service.check_health()
+    return {
+        "status": "ok",
+        "vllm": "connected" if vllm_ok else "disconnected",
+    }
+
+
+@router.get("/models")
+async def list_models(llm_service: LLMService = Depends(get_llm_service)):
+    models = await llm_service.list_available_models()
+    return {"models": models}
+
+
+@router.get("/status", response_model=StatusPageResponse)
+async def get_status_page(
+    db: AsyncSession = Depends(get_db),
+    llm_service: LLMService = Depends(get_llm_service),
+):
+    """Public status page endpoint. No authentication required."""
+    svc = StatusService(db, llm_service)
+    data = await svc.get_status_page()
+    return StatusPageResponse(**data)

kairo/backend/api/images.py

@@ -0,0 +1,80 @@
+import logging
+
+from fastapi import APIRouter, Depends, HTTPException, UploadFile, File, Form
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from backend.config import settings
+from backend.core.dependencies import get_current_user, get_db
+from backend.models.user import User
+from backend.schemas.image import ImageGenerateRequest, ImageGenerateResponse
+from backend.services.image_service import ImageService
+
+logger = logging.getLogger(__name__)
+
+router = APIRouter()
+
+
+@router.post("/images/generate", response_model=ImageGenerateResponse)
+async def generate_image(
+    request: ImageGenerateRequest,
+    user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_db),
+):
+    if not settings.FEATURE_IMAGE_GEN_ENABLED:
+        raise HTTPException(status_code=404, detail="Image generation is not available.")
+
+    service = ImageService(db, user_id=user.id)
+
+    allowed, reason = await service.check_access()
+    if not allowed:
+        raise HTTPException(status_code=403, detail=reason)
+
+    try:
+        result = await service.generate(
+            prompt=request.prompt,
+            conversation_id=request.conversation_id,
+            width=request.width,
+            height=request.height,
+        )
+        return ImageGenerateResponse(**result)
+    except Exception:
+        logger.exception("Image generation failed")
+        raise HTTPException(status_code=500, detail="Image generation failed. Please try again.")
+
+
+@router.post("/images/img2img", response_model=ImageGenerateResponse)
+async def img2img(
+    image: UploadFile = File(...),
+    prompt: str = Form(..., min_length=1, max_length=2000),
+    conversation_id: str | None = Form(default=None),
+    strength: float = Form(default=0.75, ge=0.0, le=1.0),
+    user: User = Depends(get_current_user),
+    db: AsyncSession = Depends(get_db),
+):
+    if not settings.FEATURE_IMAGE_GEN_ENABLED:
+        raise HTTPException(status_code=404, detail="Image generation is not available.")
+
+    service = ImageService(db, user_id=user.id)
+
+    allowed, reason = await service.check_access()
+    if not allowed:
+        raise HTTPException(status_code=403, detail=reason)
+
+    if image.content_type not in ("image/png", "image/jpeg", "image/webp"):
+        raise HTTPException(status_code=400, detail="Image must be PNG, JPEG, or WebP.")
+
+    image_bytes = await image.read()
+    if len(image_bytes) > 10 * 1024 * 1024:
+        raise HTTPException(status_code=413, detail="Image too large. Maximum 10 MB.")
+
+    try:
+        result = await service.generate_img2img(
+            image_bytes=image_bytes,
+            prompt=prompt,
+            conversation_id=conversation_id,
+            strength=strength,
+        )
+        return ImageGenerateResponse(**result)
+    except Exception:
+        logger.exception("img2img generation failed")
+        raise HTTPException(status_code=500, detail="Image generation failed. Please try again.")