lfx-nightly 0.2.0.dev41__py3-none-any.whl → 0.3.0.dev3__py3-none-any.whl

lfx/schema/message.py

@@ -12,10 +12,11 @@ from uuid import UUID
 from fastapi.encoders import jsonable_encoder
 from langchain_core.load import load
 from langchain_core.messages import AIMessage, BaseMessage, HumanMessage, SystemMessage, ToolMessage
-from langchain_core.prompts.chat import BaseChatPromptTemplate, ChatPromptTemplate
-from langchain_core.prompts.prompt import PromptTemplate
 from pydantic import BaseModel, ConfigDict, Field, ValidationError, field_serializer, field_validator
 
+if TYPE_CHECKING:
+    from langchain_core.prompts.chat import BaseChatPromptTemplate
+
 from lfx.base.prompts.utils import dict_values_to_string
 from lfx.log.logger import logger
 from lfx.schema.content_block import ContentBlock
@@ -26,12 +27,33 @@ from lfx.schema.properties import Properties, Source
 from lfx.schema.validators import timestamp_to_str, timestamp_to_str_validator
 from lfx.utils.constants import MESSAGE_SENDER_AI, MESSAGE_SENDER_NAME_AI, MESSAGE_SENDER_NAME_USER, MESSAGE_SENDER_USER
 from lfx.utils.image import create_image_content_dict
+from lfx.utils.mustache_security import safe_mustache_render
 
 if TYPE_CHECKING:
     from lfx.schema.dataframe import DataFrame
 
 
 class Message(Data):
+    """Message schema for Langflow.
+
+    Message ID Semantics:
+    - Messages only have an ID after being stored in the database
+    - Messages that are skipped (via Component._should_skip_message) will NOT have an ID
+    - Always use get_id(), has_id(), or require_id() methods to safely access the ID
+    - Never access message.id directly without checking if it exists first
+
+    Safe ID Access Patterns:
+    - Use get_id() when ID may or may not exist (returns None if missing)
+    - Use has_id() to check if ID exists before operations that require it
+    - Use require_id() when ID is required (raises ValueError if missing)
+
+    Example:
+        message_id = message.get_id()  # Safe: returns None if no ID
+        if message.has_id():
+            # Safe to use message_id
+            do_something_with_id(message_id)
+    """
+
     model_config = ConfigDict(arbitrary_types_allowed=True)
     # Helper class to deal with image data
     text_key: str = "text"
@@ -109,7 +131,22 @@ class Message(Data):
     def model_post_init(self, /, _context: Any) -> None:
         new_files: list[Any] = []
         for file in self.files or []:
-            if is_image_file(file):
+            # Skip if already an Image instance
+            if isinstance(file, Image):
+                new_files.append(file)
+            # Get the path string if file is a dict or has path attribute
+            elif isinstance(file, dict) and "path" in file:
+                file_path = file["path"]
+                if file_path and is_image_file(file_path):
+                    new_files.append(Image(path=file_path))
+                else:
+                    new_files.append(file_path if file_path else file)
+            elif hasattr(file, "path") and file.path:
+                if is_image_file(file.path):
+                    new_files.append(Image(path=file.path))
+                else:
+                    new_files.append(file.path)
+            elif isinstance(file, str) and is_image_file(file):
                 new_files.append(Image(path=file))
             else:
                 new_files.append(file)
@@ -213,7 +250,8 @@ class Message(Data):
 
         for file in files:
             if isinstance(file, Image):
-                content_dicts.append(file.to_content_dict())
+                # Pass the message's flow_id to the Image for proper path resolution
+                content_dicts.append(file.to_content_dict(flow_id=self.flow_id))
             else:
                 content_dicts.append(create_image_content_dict(file, None, model_name))
         return content_dicts
@@ -250,24 +288,35 @@ class Message(Data):
         prompt_json = prompt.to_json()
         return cls(prompt=prompt_json)
 
-    def format_text(self):
-        prompt_template = PromptTemplate.from_template(self.template)
+    def format_text(self, template_format="f-string"):
+        if template_format == "mustache":
+            # Use our secure mustache renderer
+            variables_with_str_values = dict_values_to_string(self.variables)
+            formatted_prompt = safe_mustache_render(self.template, variables_with_str_values)
+            self.text = formatted_prompt
+            return formatted_prompt
+        # Use langchain's template for other formats
+        from langchain_core.prompts.prompt import PromptTemplate
+
+        prompt_template = PromptTemplate.from_template(self.template, template_format=template_format)
         variables_with_str_values = dict_values_to_string(self.variables)
         formatted_prompt = prompt_template.format(**variables_with_str_values)
         self.text = formatted_prompt
         return formatted_prompt
 
     @classmethod
-    async def from_template_and_variables(cls, template: str, **variables):
+    async def from_template_and_variables(cls, template: str, template_format: str = "f-string", **variables):
         # This method has to be async for backwards compatibility with versions
         # >1.0.15, <1.1
-        return cls.from_template(template, **variables)
+        return cls.from_template(template, template_format=template_format, **variables)
 
     # Define a sync version for backwards compatibility with versions >1.0.15, <1.1
     @classmethod
-    def from_template(cls, template: str, **variables):
+    def from_template(cls, template: str, template_format: str = "f-string", **variables):
+        from langchain_core.prompts.chat import ChatPromptTemplate
+
         instance = cls(template=template, variables=variables)
-        text = instance.format_text()
+        text = instance.format_text(template_format=template_format)
         message = HumanMessage(content=text)
         contents = []
         for value in variables.values():
@@ -286,7 +335,7 @@ class Message(Data):
     @classmethod
     async def create(cls, **kwargs):
         """If files are present, create the message in a separate thread as is_image_file is blocking."""
-        if "files" in kwargs:
+        if kwargs.get("files"):
             return await asyncio.to_thread(cls, **kwargs)
         return cls(**kwargs)
 
@@ -298,6 +347,50 @@ class Message(Data):
 
         return DataFrame(data=[self])
 
+    def get_id(self) -> str | UUID | None:
+        """Safely get the message ID.
+
+        Returns:
+            The message ID if it exists, None otherwise.
+
+        Note:
+            A message only has an ID if it has been stored in the database.
+            Messages that are skipped (via _should_skip_message) will not have an ID.
+        """
+        return getattr(self, "id", None)
+
+    def has_id(self) -> bool:
+        """Check if the message has an ID.
+
+        Returns:
+            True if the message has an ID, False otherwise.
+
+        Note:
+            A message only has an ID if it has been stored in the database.
+            Messages that are skipped (via _should_skip_message) will not have an ID.
+        """
+        message_id = getattr(self, "id", None)
+        return message_id is not None
+
+    def require_id(self) -> str | UUID:
+        """Get the message ID, raising an error if it doesn't exist.
+
+        Returns:
+            The message ID.
+
+        Raises:
+            ValueError: If the message does not have an ID.
+
+        Note:
+            Use this method when an ID is required for the operation.
+            For optional ID access, use get_id() instead.
+        """
+        message_id = getattr(self, "id", None)
+        if message_id is None:
+            msg = "Message does not have an ID. Messages only have IDs after being stored in the database."
+            raise ValueError(msg)
+        return message_id
+
 
 class DefaultModel(BaseModel):
     model_config = ConfigDict(

lfx/schema/workflow.py

@@ -0,0 +1,171 @@
+"""Workflow execution schemas for V2 API."""
+
+from __future__ import annotations
+
+from enum import Enum
+from typing import Any, Literal
+
+from pydantic import BaseModel, ConfigDict, Field
+
+
+class JobStatus(str, Enum):
+    """Job execution status."""
+
+    QUEUED = "queued"
+    IN_PROGRESS = "in_progress"
+    COMPLETED = "completed"
+    FAILED = "failed"
+    ERROR = "error"
+
+
+class ErrorDetail(BaseModel):
+    """Error detail schema."""
+
+    error: str
+    code: str | None = None
+    details: dict[str, Any] | None = None
+
+
+class ComponentOutput(BaseModel):
+    """Component output schema."""
+
+    type: str = Field(..., description="Type of the component output (e.g., 'message', 'data', 'tool', 'text')")
+    component_id: str
+    status: JobStatus
+    content: Any | None = None
+    metadata: dict[str, Any] | None = None
+
+
+class GlobalInputs(BaseModel):
+    """Global inputs that apply to all input components in the workflow."""
+
+    input_value: str | None = Field(None, description="The input value to send to input components")
+    input_type: str = Field("chat", description="The type of input (chat, text, etc.)")
+    session_id: str | None = Field(None, description="Session ID for conversation continuity")
+
+
+class WorkflowExecutionRequest(BaseModel):
+    """Request schema for workflow execution."""
+
+    background: bool = False
+    stream: bool = False
+    flow_id: str
+    inputs: dict[str, Any] | None = Field(
+        None, description="Inputs with 'global' key for global inputs and component IDs for component-specific tweaks"
+    )
+
+    model_config = ConfigDict(
+        json_schema_extra={
+            "examples": [
+                {
+                    "background": False,
+                    "stream": False,
+                    "flow_id": "flow_67ccd2be17f0819081ff3bb2cf6508e60bb6a6b452d3795b",
+                    "inputs": {
+                        "global": {
+                            "input_value": "Hello, how can you help me today?",
+                            "input_type": "chat",
+                            "session_id": "session-123",
+                        },
+                        "llm_component": {"temperature": 0.7, "max_tokens": 100},
+                        "opensearch_component": {"opensearch_url": "https://opensearch:9200"},
+                    },
+                },
+                {
+                    "background": True,
+                    "stream": False,
+                    "flow_id": "flow_67ccd2be17f0819081ff3bb2cf6508e60bb6a6b452d3795b",
+                    "inputs": {"global": {"input_value": "Process this in the background", "input_type": "text"}},
+                },
+                {
+                    "background": False,
+                    "stream": True,
+                    "flow_id": "flow_67ccd2be17f0819081ff3bb2cf6508e60bb6a6b452d3795b",
+                    "inputs": {"chat_component": {"text": "Stream this conversation"}},
+                },
+            ]
+        },
+        extra="forbid",
+    )
+
+
+class WorkflowExecutionResponse(BaseModel):
+    """Synchronous workflow execution response."""
+
+    flow_id: str
+    job_id: str
+    object: Literal["response"] = "response"
+    created_timestamp: str
+    status: JobStatus
+    errors: list[ErrorDetail] = []
+    inputs: dict[str, Any] = {}
+    outputs: dict[str, ComponentOutput] = {}
+    metadata: dict[str, Any] = {}
+
+
+class WorkflowJobResponse(BaseModel):
+    """Background job response."""
+
+    job_id: str
+    created_timestamp: str
+    status: JobStatus
+    errors: list[ErrorDetail] = []
+
+
+class WorkflowStreamEvent(BaseModel):
+    """Streaming event response."""
+
+    type: str
+    run_id: str
+    timestamp: int
+    raw_event: dict[str, Any]
+
+
+class WorkflowStopRequest(BaseModel):
+    """Request schema for stopping workflow."""
+
+    job_id: str
+    force: bool = Field(default=False, description="Force stop the workflow")
+
+
+class WorkflowStopResponse(BaseModel):
+    """Response schema for stopping workflow."""
+
+    job_id: str
+    status: Literal["stopped", "stopping", "not_found", "error"]
+    message: str
+
+
+# OpenAPI response definitions
+WORKFLOW_EXECUTION_RESPONSES = {
+    200: {
+        "description": "Workflow execution response",
+        "content": {
+            "application/json": {
+                "schema": {
+                    "oneOf": [
+                        WorkflowExecutionResponse.model_json_schema(),
+                        WorkflowJobResponse.model_json_schema(),
+                    ]
+                }
+            },
+            "text/event-stream": {
+                "schema": WorkflowStreamEvent.model_json_schema(),
+                "description": "Server-sent events for streaming execution",
+            },
+        },
+    }
+}
+
+WORKFLOW_STATUS_RESPONSES = {
+    200: {
+        "description": "Workflow status response",
+        "content": {
+            "application/json": {"schema": WorkflowExecutionResponse.model_json_schema()},
+            "text/event-stream": {
+                "schema": WorkflowStreamEvent.model_json_schema(),
+                "description": "Server-sent events for streaming status",
+            },
+        },
+    }
+}

lfx/services/deps.py

@@ -24,6 +24,7 @@ if TYPE_CHECKING:
         SettingsServiceProtocol,
         StorageServiceProtocol,
         TracingServiceProtocol,
+        TransactionServiceProtocol,
         VariableServiceProtocol,
     )
 
@@ -118,6 +119,17 @@ def get_tracing_service() -> TracingServiceProtocol | None:
     return get_service(ServiceType.TRACING_SERVICE)
 
 
+def get_transaction_service() -> TransactionServiceProtocol | None:
+    """Retrieves the transaction service instance.
+
+    Returns the transaction service for logging component executions.
+    Returns None if no transaction service is registered.
+    """
+    from lfx.services.schema import ServiceType
+
+    return get_service(ServiceType.TRANSACTION_SERVICE)
+
+
 async def get_session():
     msg = "get_session is deprecated, use session_scope instead"
     logger.warning(msg)

lfx/services/interfaces.py

@@ -3,7 +3,7 @@
 from __future__ import annotations
 
 from abc import abstractmethod
-from typing import TYPE_CHECKING, Any, Protocol
+from typing import TYPE_CHECKING, Any, Protocol, runtime_checkable
 
 if TYPE_CHECKING:
     import asyncio
@@ -106,3 +106,45 @@ class TracingServiceProtocol(Protocol):
     def log(self, message: str, **kwargs) -> None:
         """Log tracing information."""
         ...
+
+
+@runtime_checkable
+class TransactionServiceProtocol(Protocol):
+    """Protocol for transaction logging service.
+
+    This service handles logging of component execution transactions,
+    tracking inputs, outputs, and status of each vertex build.
+    """
+
+    @abstractmethod
+    async def log_transaction(
+        self,
+        flow_id: str,
+        vertex_id: str,
+        inputs: dict[str, Any] | None,
+        outputs: dict[str, Any] | None,
+        status: str,
+        target_id: str | None = None,
+        error: str | None = None,
+    ) -> None:
+        """Log a transaction record for a vertex execution.
+
+        Args:
+            flow_id: The flow ID (as string)
+            vertex_id: The vertex/component ID
+            inputs: Input parameters for the component
+            outputs: Output results from the component
+            status: Execution status (success/error)
+            target_id: Optional target vertex ID
+            error: Optional error message
+        """
+        ...
+
+    @abstractmethod
+    def is_enabled(self) -> bool:
+        """Check if transaction logging is enabled.
+
+        Returns:
+            True if transaction logging is enabled, False otherwise.
+        """
+        ...

lfx/services/mcp_composer/service.py

@@ -1292,7 +1292,7 @@ class MCPComposerService(Service):
                     "oauth_host": "OAUTH_HOST",
                     "oauth_port": "OAUTH_PORT",
                     "oauth_server_url": "OAUTH_SERVER_URL",
-                    "oauth_callback_path": "OAUTH_CALLBACK_PATH",
+                    "oauth_callback_url": "OAUTH_CALLBACK_URL",
                     "oauth_client_id": "OAUTH_CLIENT_ID",
                     "oauth_client_secret": "OAUTH_CLIENT_SECRET",  # pragma: allowlist secret
                     "oauth_auth_url": "OAUTH_AUTH_URL",
@@ -1301,6 +1301,12 @@ class MCPComposerService(Service):
                     "oauth_provider_scope": "OAUTH_PROVIDER_SCOPE",
                 }
 
+                # Backwards compatibility: if oauth_callback_url not set, try oauth_callback_path
+                if ("oauth_callback_url" not in auth_config or not auth_config.get("oauth_callback_url")) and (
+                    "oauth_callback_path" in auth_config and auth_config.get("oauth_callback_path")
+                ):
+                    auth_config["oauth_callback_url"] = auth_config["oauth_callback_path"]
+
                 # Add environment variables as command line arguments
                 # Only set non-empty values to avoid Pydantic validation errors
                 for config_key, env_key in oauth_env_mapping.items():

lfx/services/schema.py

@@ -19,3 +19,4 @@ class ServiceType(str, Enum):
     JOB_QUEUE_SERVICE = "job_queue_service"
     SHARED_COMPONENT_CACHE_SERVICE = "shared_component_cache_service"
     MCP_COMPOSER_SERVICE = "mcp_composer_service"
+    TRANSACTION_SERVICE = "transaction_service"

lfx/services/settings/auth.py

@@ -1,14 +1,33 @@
 import secrets
+from enum import Enum
 from pathlib import Path
 from typing import Literal
 
 from passlib.context import CryptContext
-from pydantic import Field, SecretStr, field_validator
+from pydantic import Field, SecretStr, field_validator, model_validator
 from pydantic_settings import BaseSettings, SettingsConfigDict
 
 from lfx.log.logger import logger
 from lfx.services.settings.constants import DEFAULT_SUPERUSER, DEFAULT_SUPERUSER_PASSWORD
-from lfx.services.settings.utils import read_secret_from_file, write_secret_to_file
+from lfx.services.settings.utils import (
+    derive_public_key_from_private,
+    generate_rsa_key_pair,
+    read_secret_from_file,
+    write_public_key_to_file,
+    write_secret_to_file,
+)
+
+
+class JWTAlgorithm(str, Enum):
+    """JWT signing algorithm options."""
+
+    HS256 = "HS256"
+    RS256 = "RS256"
+    RS512 = "RS512"
+
+    def is_asymmetric(self) -> bool:
+        """Return True if this algorithm uses asymmetric (public/private key) cryptography."""
+        return self in (JWTAlgorithm.RS256, JWTAlgorithm.RS512)
 
 
 class AuthSettings(BaseSettings):
@@ -16,10 +35,22 @@ class AuthSettings(BaseSettings):
     CONFIG_DIR: str
     SECRET_KEY: SecretStr = Field(
         default=SecretStr(""),
-        description="Secret key for JWT. If not provided, a random one will be generated.",
+        description="Secret key for JWT (used with HS256). If not provided, a random one will be generated.",
+        frozen=False,
+    )
+    PRIVATE_KEY: SecretStr = Field(
+        default=SecretStr(""),
+        description="RSA private key for JWT signing (RS256/RS512). Auto-generated if not provided.",
         frozen=False,
     )
-    ALGORITHM: str = "HS256"
+    PUBLIC_KEY: str = Field(
+        default="",
+        description="RSA public key for JWT verification (RS256/RS512). Derived from private key if not provided.",
+    )
+    ALGORITHM: JWTAlgorithm = Field(
+        default=JWTAlgorithm.HS256,
+        description="JWT signing algorithm. Use RS256 or RS512 for asymmetric signing (recommended for production).",
+    )
     ACCESS_TOKEN_EXPIRE_SECONDS: int = 60 * 60  # 1 hour
     REFRESH_TOKEN_EXPIRE_SECONDS: int = 60 * 60 * 24 * 7  # 7 days
 
@@ -138,3 +169,63 @@ class AuthSettings(BaseSettings):
             logger.debug("Saved secret key")
 
         return value if isinstance(value, SecretStr) else SecretStr(value).get_secret_value()
+
+    @model_validator(mode="after")
+    def setup_rsa_keys(self):
+        """Generate or load RSA keys when using RS256/RS512 algorithm."""
+        if not self.ALGORITHM.is_asymmetric():
+            return self
+
+        config_dir = self.CONFIG_DIR
+        private_key_value = self.PRIVATE_KEY.get_secret_value() if self.PRIVATE_KEY else ""
+
+        if not config_dir:
+            # No config dir - generate keys in memory if not provided
+            if not private_key_value:
+                logger.debug("No CONFIG_DIR provided, generating RSA keys in memory")
+                private_key_pem, public_key_pem = generate_rsa_key_pair()
+                object.__setattr__(self, "PRIVATE_KEY", SecretStr(private_key_pem))
+                object.__setattr__(self, "PUBLIC_KEY", public_key_pem)
+            elif not self.PUBLIC_KEY:
+                # Derive public key from private key
+                public_key_pem = derive_public_key_from_private(private_key_value)
+                object.__setattr__(self, "PUBLIC_KEY", public_key_pem)
+            return self
+
+        private_key_path = Path(config_dir) / "private_key.pem"
+        public_key_path = Path(config_dir) / "public_key.pem"
+
+        if private_key_value:
+            # Private key provided via env var - save it and derive public key
+            logger.debug("RSA private key provided")
+            write_secret_to_file(private_key_path, private_key_value)
+
+            if not self.PUBLIC_KEY:
+                public_key_pem = derive_public_key_from_private(private_key_value)
+                object.__setattr__(self, "PUBLIC_KEY", public_key_pem)
+                write_public_key_to_file(public_key_path, public_key_pem)
+        # No private key provided - load from file or generate
+        elif private_key_path.exists():
+            logger.debug("Loading RSA keys from files")
+            private_key_pem = read_secret_from_file(private_key_path)
+            object.__setattr__(self, "PRIVATE_KEY", SecretStr(private_key_pem))
+
+            if public_key_path.exists():
+                public_key_pem = public_key_path.read_text(encoding="utf-8")
+                object.__setattr__(self, "PUBLIC_KEY", public_key_pem)
+            else:
+                # Derive public key from private key
+                public_key_pem = derive_public_key_from_private(private_key_pem)
+                object.__setattr__(self, "PUBLIC_KEY", public_key_pem)
+                write_public_key_to_file(public_key_path, public_key_pem)
+        else:
+            # Generate new RSA key pair
+            logger.debug("Generating new RSA key pair")
+            private_key_pem, public_key_pem = generate_rsa_key_pair()
+            write_secret_to_file(private_key_path, private_key_pem)
+            write_public_key_to_file(public_key_path, public_key_pem)
+            object.__setattr__(self, "PRIVATE_KEY", SecretStr(private_key_pem))
+            object.__setattr__(self, "PUBLIC_KEY", public_key_pem)
+            logger.debug("RSA key pair generated and saved")
+
+        return self

lfx/services/settings/base.py

@@ -313,6 +313,10 @@ class Settings(BaseSettings):
     """If set to True, Langflow will start the agentic MCP server that provides tools for
     flow/component operations, template search, and graph visualization."""
 
+    # Developer API
+    developer_api_enabled: bool = False
+    """If set to True, Langflow will enable developer API endpoints for advanced debugging and introspection."""
+
     # Public Flow Settings
     public_flow_cleanup_interval: int = Field(default=3600, gt=600)
     """The interval in seconds at which public temporary flows will be cleaned up.
@@ -497,7 +501,13 @@ class Settings(BaseSettings):
             if info.data["save_db_in_config_dir"]:
                 database_dir = info.data["config_dir"]
             else:
-                database_dir = Path(__file__).parent.parent.parent.resolve()
+                # Use langflow package path, not lfx, for backwards compatibility
+                try:
+                    import langflow
+
+                    database_dir = Path(langflow.__file__).parent.resolve()
+                except ImportError:
+                    database_dir = Path(__file__).parent.parent.parent.resolve()
 
             pre_db_file_name = "langflow-pre.db"
             db_file_name = "langflow.db"

lfx/services/settings/constants.py

@@ -41,3 +41,5 @@ AGENTIC_VARIABLES = [
     "FIELD_NAME",
     "ASTRA_TOKEN",
 ]
+
+DEFAULT_AGENTIC_VARIABLE_VALUE = ""