llms-py 3.0.24__py3-none-any.whl → 3.0.25__py3-none-any.whl

llms/extensions/github_auth/README.md

@@ -0,0 +1,169 @@
+# GitHub Auth Extension
+
+The GitHub Auth extension enables OAuth 2.0 authentication via GitHub for your llms application. When enabled, users must sign in with their GitHub account before accessing the application.
+
+## Features
+
+- **GitHub OAuth 2.0** - Standard OAuth flow with CSRF protection
+- **User Restrictions** - Optionally restrict access to specific GitHub users
+- **Session Management** - Automatic session handling with 24-hour expiry
+- **Environment Variables** - Credentials can use env vars for secure deployment
+
+## Configuration
+
+Create a config file at `~/.llms/users/default/github_auth/config.json`:
+
+```json
+{
+  "enabled": true,
+  "client_id": "$GITHUB_CLIENT_ID",
+  "client_secret": "$GITHUB_CLIENT_SECRET",
+  "redirect_uri": "http://localhost:8000/auth/github/callback",
+  "restrict_to": "$GITHUB_USERS"
+}
+```
+
+| Property        | Description |
+|-----------------|-------------|
+| `client_id`     | GitHub OAuth App client ID |
+| `client_secret` | GitHub OAuth App client secret |
+| `redirect_uri`  | Callback URL registered with GitHub |
+| `restrict_to`   | Optional comma/space-delimited list of allowed GitHub usernames |
+| `enabled`       | Set to `false` to disable the extension |
+
+Values prefixed with `$` are resolved from environment variables.
+
+## Creating a GitHub OAuth App
+
+1. Go to [GitHub Developer Settings](https://github.com/settings/developers)
+2. Click **New OAuth App**
+3. Fill in the application details:
+   - **Application name**: Your app name
+   - **Homepage URL**: Your app's homepage (e.g., `http://localhost:8000`)
+   - **Authorization callback URL**: Must match your `redirect_uri` (e.g., `http://localhost:8000/auth/github/callback`)
+4. Click **Register application**
+5. Copy the **Client ID** and generate a **Client Secret**
+
+## API Endpoints
+
+The extension registers these routes:
+
+| Method | Endpoint                | Description |
+|--------|-------------------------|-------------|
+| GET    | `/auth`                 | Check authentication status |
+| GET    | `/auth/github`          | Initiate GitHub OAuth flow |
+| GET    | `/auth/github/callback` | OAuth callback handler |
+| GET    | `/auth/session`         | Get current session info |
+| POST   | `/auth/logout`          | End the current session |
+
+### GET /auth
+
+Returns the authenticated user's info or a 401 error:
+
+```json
+{
+  "userId": "12345",
+  "userName": "octocat",
+  "displayName": "The Octocat",
+  "profileUrl": "https://avatars.githubusercontent.com/u/12345",
+  "authProvider": "github"
+}
+```
+
+### GET /auth/session
+
+Returns full session details including the session token:
+
+```json
+{
+  "userId": "12345",
+  "userName": "octocat",
+  "displayName": "The Octocat",
+  "profileUrl": "https://avatars.githubusercontent.com/u/12345",
+  "email": "octocat@github.com",
+  "created": 1706600000.123,
+  "sessionToken": "..."
+}
+```
+
+## OAuth Flow
+
+```
+┌─────────┐          ┌─────────┐          ┌────────┐
+│ Browser │          │  llms   │          │ GitHub │
+└────┬────┘          └────┬────┘          └───┬────┘
+     │                    │                   │
+     │ GET /auth/github   │                   │
+     ├───────────────────►│                   │
+     │                    │                   │
+     │   302 Redirect     │                   │
+     │◄───────────────────┤                   │
+     │                    │                   │
+     │  /login/oauth/authorize?...            │
+     ├────────────────────────────────────────►
+     │                    │                   │
+     │         User grants access             │
+     │◄────────────────────────────────────────
+     │                    │                   │
+     │ GET /auth/github/callback?code=...     │
+     ├───────────────────►│                   │
+     │                    │                   │
+     │                    │ POST /access_token │
+     │                    ├──────────────────►│
+     │                    │                   │
+     │                    │   access_token    │
+     │                    │◄──────────────────┤
+     │                    │                   │
+     │                    │ GET /user         │
+     │                    ├──────────────────►│
+     │                    │                   │
+     │                    │   user info       │
+     │                    │◄──────────────────┤
+     │                    │                   │
+     │  302 /?session=... │                   │
+     │  Set-Cookie: token │                   │
+     │◄───────────────────┤                   │
+     │                    │                   │
+```
+
+1. User clicks "Sign in with GitHub" → redirects to `/auth/github`
+2. Server generates CSRF state token and redirects to GitHub
+3. User authorizes the app on GitHub
+4. GitHub redirects back with authorization code
+5. Server exchanges code for access token
+6. Server fetches user info from GitHub API
+7. Server creates session and sets cookie
+
+## Restricting Access
+
+To limit access to specific GitHub users, set `restrict_to` in your config:
+
+```json
+{
+  "client_id": "...",
+  "client_secret": "...",
+  "redirect_uri": "...",
+  "restrict_to": "alice bob charlie"
+}
+```
+
+Users not in this list receive a `403 Forbidden` response.
+
+## UI Component
+
+The extension provides a custom `SignIn` component that displays a "Sign in with GitHub" button. This component automatically overrides the default sign-in UI when the extension is loaded.
+
+## Session Storage
+
+Sessions are stored in memory with:
+- **Token**: Cryptographically secure random string
+- **User data**: GitHub user ID, username, display name, avatar URL, email
+- **Expiry**: Automatic cleanup after 24 hours
+- **Cookie**: `llms-token` with `httponly` flag for security
+
+## Security Notes
+
+- **CSRF Protection**: OAuth state tokens prevent cross-site request forgery
+- **State Cleanup**: Expired state tokens (>10 min) are automatically removed
+- **Session Cleanup**: Sessions older than 24 hours are pruned
+- **HttpOnly Cookie**: Session token is not accessible via JavaScript

llms/extensions/github_auth/__init__.py

@@ -0,0 +1,254 @@
+import json
+import os
+import re
+import secrets
+import time
+from urllib.parse import parse_qs, urlencode
+
+import aiohttp
+from aiohttp import web
+
+
+def install(ctx):
+    g_app = ctx.app
+
+    auth_config_file = os.path.join(ctx.get_user_path(), "github_auth", "config.json")
+
+    auth_config = None
+    if os.path.exists(auth_config_file):
+        try:
+            with open(auth_config_file, encoding="utf-8") as f:
+                auth_config = json.load(f)
+            if "enabled" in auth_config and not auth_config["enabled"]:
+                ctx.log("GitHub Auth is disabled in config")
+                auth_config = None
+        except Exception as e:
+            ctx.err("Failed to load GitHub auth config", e)
+    else:
+        ctx.dbg(f"GitHub Auth config file '{auth_config_file}' not found")
+
+    if not auth_config:
+        # don't load extension if auth_config is not found or is disabled
+        ctx.disabled = True
+        return
+
+    client_id = auth_config.get("client_id", "")
+    client_secret = auth_config.get("client_secret", "")
+    redirect_uri = auth_config.get("redirect_uri", "")
+    restrict_to = auth_config.get("restrict_to", "")
+
+    # Expand environment variables
+    if client_id.startswith("$"):
+        client_id = client_id[1:]
+    if client_secret.startswith("$"):
+        client_secret = client_secret[1:]
+        client_secret = os.getenv(client_secret)
+    if redirect_uri.startswith("$"):
+        redirect_uri = redirect_uri[1:]
+        redirect_uri = os.getenv(redirect_uri)
+    if restrict_to.startswith("$"):
+        restrict_to = restrict_to[1:]
+        restrict_to = os.getenv(restrict_to)
+
+    # check if client_id is set
+    if client_id == "GITHUB_CLIENT_ID":
+        client_id = os.getenv(client_id)
+    if client_secret == "GITHUB_CLIENT_SECRET":
+        client_secret = os.getenv(client_secret)
+    if restrict_to == "GITHUB_USERS":
+        restrict_to = os.getenv(restrict_to)
+
+    if not client_id or not redirect_uri or not client_secret:
+        ctx.disabled = True
+        ctx.log("GitHub OAuth client_id, client_secret and redirect_uri are not configured")
+        return
+
+    from llms.main import AuthProvider
+
+    class GitHubAuthProvider(AuthProvider):
+        def __init__(self, app):
+            super().__init__(app)
+
+    # Adding an Auth Provider forces Authentication to be enabled
+    auth_provider = GitHubAuthProvider(g_app)
+    g_app.auth_providers.append(auth_provider)
+
+    # OAuth handlers
+    async def github_auth_handler(request):
+        # Generate CSRF state token
+        state = secrets.token_urlsafe(32)
+        ctx.oauth_states[state] = {"created": time.time(), "redirect_uri": redirect_uri}
+
+        # Clean up old states (older than 10 minutes)
+        current_time = time.time()
+        expired_states = [s for s, data in ctx.oauth_states.items() if current_time - data["created"] > 600]
+        for s in expired_states:
+            del ctx.oauth_states[s]
+
+        # Build GitHub authorization URL
+        params = {
+            "client_id": client_id,
+            "redirect_uri": redirect_uri,
+            "state": state,
+            "scope": "read:user user:email",
+        }
+        auth_url = f"https://github.com/login/oauth/authorize?{urlencode(params)}"
+
+        return web.HTTPFound(auth_url)
+
+    def validate_user(github_username):
+        # If restrict_to is configured, validate the user
+        if restrict_to:
+            # Parse allowed users (comma or space delimited)
+            allowed_users = [u.strip() for u in re.split(r"[,\s]+", restrict_to) if u.strip()]
+
+            # Check if user is in the allowed list
+            if not github_username or github_username not in allowed_users:
+                ctx.log(f"Access denied for user: {github_username}. Not in allowed list: {allowed_users}")
+                return web.Response(
+                    text=f"Access denied. User '{github_username}' is not authorized to access this application.",
+                    status=403,
+                )
+        return None
+
+    async def github_callback_handler(request):
+        """Handle GitHub OAuth callback"""
+        code = request.query.get("code")
+        state = request.query.get("state")
+
+        # Handle malformed URLs where query params are appended with & instead of ?
+        if not code and "tail" in request.match_info:
+            tail = request.match_info["tail"]
+            if tail.startswith("&"):
+                params = parse_qs(tail[1:])
+                code = params.get("code", [None])[0]
+                state = params.get("state", [None])[0]
+
+        if not code or not state:
+            return web.Response(text="Missing code or state parameter", status=400)
+
+        # Verify state token (CSRF protection)
+        if state not in ctx.oauth_states:
+            return web.Response(text="Invalid state parameter", status=400)
+
+        ctx.oauth_states.pop(state)
+
+        # Exchange code for access token
+        async with aiohttp.ClientSession() as session:
+            token_url = "https://github.com/login/oauth/access_token"
+            token_data = {
+                "client_id": client_id,
+                "client_secret": client_secret,
+                "code": code,
+                "redirect_uri": redirect_uri,
+            }
+            headers = {"Accept": "application/json"}
+
+            async with session.post(token_url, data=token_data, headers=headers) as resp:
+                token_response = await resp.json()
+                access_token = token_response.get("access_token")
+
+                if not access_token:
+                    error = token_response.get("error_description", "Failed to get access token")
+                    return web.json_response(ctx.create_error_response(f"OAuth error: {error}"), status=400)
+
+            # Fetch user info
+            user_url = "https://api.github.com/user"
+            headers = {"Authorization": f"Bearer {access_token}", "Accept": "application/json"}
+
+            async with session.get(user_url, headers=headers) as resp:
+                user_data = await resp.json()
+
+            # Validate user
+            error_response = validate_user(user_data.get("login", ""))
+            if error_response:
+                return error_response
+
+        # Create session
+        session_token = secrets.token_urlsafe(32)
+        ctx.sessions[session_token] = {
+            "userId": str(user_data.get("id", "")),
+            "userName": user_data.get("login", ""),
+            "displayName": user_data.get("name", ""),
+            "profileUrl": user_data.get("avatar_url", ""),
+            "email": user_data.get("email", ""),
+            "created": time.time(),
+        }
+
+        # Redirect to UI with session token
+        response = web.HTTPFound(f"/?session={session_token}")
+        response.set_cookie("llms-token", session_token, httponly=True, path="/", max_age=86400)
+        return response
+
+    async def session_handler(request):
+        """Validate and return session info"""
+        session_token = auth_provider.get_session_token(request)
+
+        if not session_token or session_token not in ctx.sessions:
+            return web.json_response(ctx.create_error_response("Invalid or expired session"), status=401)
+
+        session_data = ctx.sessions[session_token]
+
+        # Clean up old sessions (older than 24 hours)
+        current_time = time.time()
+        expired_sessions = [token for token, data in ctx.sessions.items() if current_time - data["created"] > 86400]
+        for token in expired_sessions:
+            del ctx.sessions[token]
+
+        return web.json_response({**session_data, "sessionToken": session_token})
+
+    async def logout_handler(request):
+        """End OAuth session"""
+        session_token = auth_provider.get_session_token(request)
+
+        if session_token and session_token in g_app.sessions:
+            del g_app.sessions[session_token]
+
+        response = web.json_response({"success": True})
+        response.del_cookie("llms-token")
+        return response
+
+    async def auth_handler(request):
+        """Check authentication status and return user info"""
+        # Check for OAuth session token
+        session_token = auth_provider.get_session_token(request)
+
+        if session_token and session_token in g_app.sessions:
+            session_data = g_app.sessions[session_token]
+            return web.json_response(
+                {
+                    "userId": session_data.get("userId", ""),
+                    "userName": session_data.get("userName", ""),
+                    "displayName": session_data.get("displayName", ""),
+                    "profileUrl": session_data.get("profileUrl", ""),
+                    "authProvider": "github",
+                }
+            )
+
+        # Check for API key in Authorization header
+        # auth_header = request.headers.get('Authorization', '')
+        # if auth_header.startswith('Bearer '):
+        #     # For API key auth, return a basic response
+        #     # You can customize this based on your API key validation logic
+        #     api_key = auth_header[7:]
+        #     if api_key:  # Add your API key validation logic here
+        #         return web.json_response({
+        #             "userId": "1",
+        #             "userName": "apiuser",
+        #             "displayName": "API User",
+        #             "profileUrl": "",
+        #             "authProvider": "apikey"
+        #         })
+
+        # Not authenticated - return error in expected format
+        return web.json_response(g_app.error_auth_required, status=401)
+
+    ctx.add_get("/auth", auth_handler)
+    ctx.add_get("/auth/github", github_auth_handler)
+    ctx.add_get("/auth/github/callback", github_callback_handler)
+    ctx.add_get("/auth/github/callback{tail:.*}", github_callback_handler)
+    ctx.add_get("/auth/session", session_handler)
+    ctx.add_post("/auth/logout", logout_handler)
+
+
+__install__ = install

llms/extensions/github_auth/ui/index.mjs

@@ -0,0 +1,66 @@
+import { ref } from "vue"
+
+const SignIn = {
+    template: `
+    <div class="min-h-full -mt-36 flex flex-col justify-center sm:px-6 lg:px-8">
+        <div class="sm:mx-auto sm:w-full sm:max-w-md text-center">
+            <Welcome />
+        </div>
+        <div class="sm:mx-auto sm:w-full sm:max-w-md">
+            <div v-if="errorMessage" class="mb-3 bg-red-50 dark:bg-red-900/30 border border-red-200 dark:border-red-800 text-red-800 dark:text-red-200 rounded-lg px-4 py-3">
+                <div class="flex items-start space-x-2">
+                    <div class="flex-1">
+                        <div class="text-base font-medium">{{ errorMessage }}</div>
+                    </div>
+                    <button type="button"
+                        @click="errorMessage = null"
+                        class="text-red-400 dark:text-red-300 hover:text-red-600 dark:hover:text-red-100 flex-shrink-0"
+                    >
+                        <svg class="w-4 h-4" fill="currentColor" viewBox="0 0 20 20">
+                            <path fill-rule="evenodd" d="M4.293 4.293a1 1 0 011.414 0L10 8.586l4.293-4.293a1 1 0 111.414 1.414L11.414 10l4.293 4.293a1 1 0 01-1.414 1.414L10 11.414l-4.293 4.293a1 1 0 01-1.414-1.414L8.586 10 4.293 5.707a1 1 0 010-1.414z" clip-rule="evenodd"></path>
+                        </svg>
+                    </button>
+                </div>
+            </div>
+            <div class="py-8 px-4 sm:px-10">
+                <div class="space-y-4">
+                    <button
+                        type="button"
+                        @click="signInWithGitHub"
+                        class="w-full inline-flex items-center justify-center px-4 py-3 border border-gray-300 dark:border-gray-600 rounded-md shadow-sm text-base font-medium text-gray-700 dark:text-gray-300 bg-white dark:bg-gray-800 hover:bg-gray-50 dark:hover:bg-gray-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-gray-500 transition-colors"
+                    >
+                        <svg class="w-6 h-6 mr-3" fill="currentColor" viewBox="0 0 24 24" aria-hidden="true">
+                            <path fill-rule="evenodd" d="M12 2C6.477 2 2 6.484 2 12.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.202 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0022 12.017C22 6.484 17.522 2 12 2z" clip-rule="evenodd" />
+                        </svg>
+                        Sign in with GitHub
+                    </button>
+                </div>
+            </div>
+        </div>
+    </div>     
+    `,
+    emits: ['done'],
+    setup(props, { emit }) {
+        const errorMessage = ref(null)
+
+        function signInWithGitHub() {
+            // Redirect to GitHub OAuth endpoint
+            window.location.href = '/auth/github'
+        }
+
+        return {
+            signInWithGitHub,
+            errorMessage,
+        }
+    }
+}
+
+
+export default {
+    install(ctx) {
+        // Override SignIn component
+        ctx.components({
+            SignIn,
+        })
+    }
+}

llms/llms.json

@@ -1,14 +1,5 @@
 {
     "version": 3,
-    "auth": {
-        "enabled": false,
-        "github": {
-            "client_id": "GITHUB_CLIENT_ID",
-            "client_secret": "GITHUB_CLIENT_SECRET",
-            "redirect_uri": "http://localhost:8000/auth/github/callback",
-            "restrict_to": "GITHUB_USERS"
-        }
-    },
     "disable_extensions": [],
     "defaults": {
         "headers": {

llms/main.py

@@ -17,7 +17,6 @@ import json
 import mimetypes
 import os
 import re
-import secrets
 import shlex
 import shutil
 import site
@@ -45,7 +44,7 @@ from typing import (
     get_origin,
     get_type_hints,
 )
-from urllib.parse import parse_qs, urlencode, urljoin
+from urllib.parse import parse_qs, urljoin
 
 import aiohttp
 from aiohttp import web
@@ -57,8 +56,8 @@ try:
 except ImportError:
     HAS_PIL = False
 
-VERSION = "3.0.24"
 _ROOT = None
+VERSION = "3.0.25"
 DEBUG = os.getenv("DEBUG") == "1"
 MOCK = os.getenv("MOCK") == "1"
 MOCK_DIR = os.getenv("MOCK_DIR")
@@ -70,8 +69,6 @@ g_handlers = {}
 g_verbose = False
 g_logprefix = ""
 g_default_model = ""
-g_sessions = {}  # OAuth session storage: {session_token: {userId, userName, displayName, profileUrl, email, created}}
-g_oauth_states = {}  # CSRF protection: {state: {created, redirect_uri}}
 g_app = None  # ExtensionsContext Singleton
 
 
@@ -2790,8 +2787,36 @@ async def watch_config_files(config_path, providers_path, interval=1):
             pass
 
 
-def get_session_token(request):
-    return request.query.get("session") or request.headers.get("X-Session-Token") or request.cookies.get("llms-token")
+class AuthProvider:
+    def __init__(self, app):
+        self.app = app
+
+    def get_session_token(self, request: web.Request):
+        return (
+            request.query.get("session") or request.headers.get("X-Session-Token") or request.cookies.get("llms-token")
+        )
+
+    def get_session(self, request: web.Request) -> Optional[Dict[str, Any]]:
+        session_token = self.get_session_token(request)
+
+        if not session_token or session_token not in self.app.sessions:
+            return None
+
+        session_data = self.app.sessions[session_token]
+        return session_data
+
+    def get_username(self, request: web.Request) -> Optional[str]:
+        session = self.get_session(request)
+        if session:
+            return session.get("userName")
+        return None
+
+    def check_auth(self, request: web.Request) -> Tuple[bool, Optional[Dict[str, Any]]]:
+        """Check if request is authenticated. Returns (is_authenticated, user_data)"""
+        session = self.get_session(request)
+        if session:
+            return True, session
+        return False, None
 
 
 class AppExtensions:
@@ -2824,6 +2849,9 @@ class AppExtensions:
         self.index_headers = []
         self.index_footers = []
         self.allowed_directories = []
+        self.auth_providers = []
+        self.sessions = {}  # OAuth session storage: {session_token: {userId, userName, displayName, profileUrl, email, created}}
+        self.oauth_states = {}  # CSRF protection: {state: {created, redirect_uri}}
         self.request_args = {
             "image_config": dict,  # e.g. { "aspect_ratio": "1:1" }
             "temperature": float,  # e.g: 0.7
@@ -2879,7 +2907,6 @@ class AppExtensions:
 
     def set_config(self, config: Dict[str, Any]):
         self.config = config
-        self.auth_enabled = self.config.get("auth", {}).get("enabled", False)
 
     def set_allowed_directories(
         self, directories: List[Annotated[str, "List of absolute paths that are allowed to be accessed."]]
@@ -2897,40 +2924,38 @@ class AppExtensions:
         """Get the list of allowed directories."""
         return self.allowed_directories
 
-    # Authentication middleware helper
-    def check_auth(self, request: web.Request) -> Tuple[bool, Optional[Dict[str, Any]]]:
-        """Check if request is authenticated. Returns (is_authenticated, user_data)"""
-        if not self.auth_enabled:
-            return True, None
-
-        # Check for OAuth session token
-        session_token = get_session_token(request)
-        if session_token and session_token in g_sessions:
-            return True, g_sessions[session_token]
-
-        # Check for API key
-        auth_header = request.headers.get("Authorization", "")
-        if auth_header.startswith("Bearer "):
-            api_key = auth_header[7:]
-            if api_key:
-                return True, {"authProvider": "apikey"}
+    def add_auth_provider(self, auth_provider: AuthProvider) -> None:
+        """Add an authentication provider."""
+        self.auth_providers.append(auth_provider)
 
-        return False, None
+    def is_auth_enabled(self) -> bool:
+        return len(self.auth_providers) > 0
 
     def get_session(self, request: web.Request) -> Optional[Dict[str, Any]]:
-        session_token = get_session_token(request)
+        for auth_provider in self.auth_providers:
+            session = auth_provider.get_session(request)
+            if session:
+                return session
+            return None
 
-        if not session_token or session_token not in g_sessions:
+    def get_username(self, request: web.Request) -> Optional[str]:
+        for auth_provider in self.auth_providers:
+            username = auth_provider.get_username(request)
+            if username:
+                return username
             return None
 
-        session_data = g_sessions[session_token]
-        return session_data
+    def check_auth(self, request: web.Request) -> Tuple[bool, Optional[Dict[str, Any]]]:
+        """Check if request is authenticated. Returns (is_authenticated, user_data)"""
+        if len(self.auth_providers) == 0:
+            return True, None
 
-    def get_username(self, request: web.Request) -> Optional[str]:
-        session = self.get_session(request)
-        if session:
-            return session.get("userName")
-        return None
+        for auth_provider in self.auth_providers:
+            is_authenticated, user_data = auth_provider.check_auth(request)
+            if is_authenticated:
+                return True, user_data
+
+        return False, None
 
     def get_user_path(self, username: Optional[str] = None) -> str:
         if username:
@@ -3032,6 +3057,7 @@ def handler_name(handler):
 class ExtensionContext:
     def __init__(self, app: AppExtensions, path: str):
         self.app = app
+        self.config = app.config
         self.cli_args = app.cli_args
         self.extra_args = app.extra_args
         self.error_auth_required = app.error_auth_required
@@ -3046,8 +3072,24 @@ class ExtensionContext:
         self.verbose = g_verbose
         self.aspect_ratios = app.aspect_ratios
         self.request_args = app.request_args
+        self.sessions = app.sessions
+        self.oauth_states = app.oauth_states
         self.disabled = False
 
+    def add_auth_provider(self, auth_provider: AuthProvider) -> None:
+        """Add an authentication provider."""
+        self.app.add_auth_provider(auth_provider)
+        self.log(f"Added Auth Provider: {auth_provider.__class__.__name__}, Authentication is now enabled")
+
+    def get_session(self, request: web.Request) -> Optional[Dict[str, Any]]:
+        return self.app.get_session(request)
+
+    def get_username(self, request: web.Request) -> Optional[str]:
+        return self.app.get_username(request)
+
+    def check_auth(self, request: web.Request) -> Tuple[bool, Optional[Dict[str, Any]]]:
+        return self.app.check_auth(request)
+
     def set_allowed_directories(
         self, directories: List[Annotated[str, "List of absolute paths that are allowed to be accessed."]]
     ) -> None:
@@ -3129,6 +3171,9 @@ class ExtensionContext:
     def error_response(self, e: Exception, stacktrace: bool = False) -> Dict[str, Any]:
         return to_error_response(e, stacktrace=stacktrace)
 
+    def create_error_response(self, message, error_code="Error", stack_trace=None):
+        return create_error_response(message, error_code, stack_trace)
+
     def add_provider(self, provider: Any):
         self.log(f"Registered provider: {provider.__name__}")
         self.app.all_providers.append(provider)
@@ -3983,33 +4028,11 @@ def cli_exec(cli_args, extra_args):
         port = int(cli_args.serve)
 
         # Validate auth configuration if enabled
-        auth_enabled = g_config.get("auth", {}).get("enabled", False)
-        if auth_enabled:
-            github_config = g_config.get("auth", {}).get("github", {})
-            client_id = github_config.get("client_id", "")
-            client_secret = github_config.get("client_secret", "")
-
-            # Expand environment variables
-            if client_id.startswith("$"):
-                client_id = client_id[1:]
-            if client_secret.startswith("$"):
-                client_secret = client_secret[1:]
-
-            client_id = os.getenv(client_id, client_id)
-            client_secret = os.getenv(client_secret, client_secret)
-
-            if (
-                not client_id
-                or not client_secret
-                or client_id == "GITHUB_CLIENT_ID"
-                or client_secret == "GITHUB_CLIENT_SECRET"
-            ):
-                print("ERROR: Authentication is enabled but GitHub OAuth is not properly configured.")
-                print("Please set GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET environment variables,")
-                print("or disable authentication by setting 'auth.enabled' to false in llms.json")
-                return ExitCode.FAILED
-
-            _log("Authentication enabled - GitHub OAuth configured")
+        if g_config.get("auth", {}).get("enabled", False):
+            print("ERROR: GitHub Authentication has moved to the github_auth extension.")
+            print("Please remove the auth configuration from llms.json.")
+            print("Learn more: https://llmspy.org/docs/deployment/github-oauth")
+            return ExitCode.FAILED
 
         client_max_size = g_config.get("limits", {}).get(
             "client_max_size", 20 * 1024 * 1024
@@ -4226,236 +4249,6 @@ def cli_exec(cli_args, extra_args):
 
         app.router.add_get("/~cache/{tail:.*}", cache_handler)
 
-        # OAuth handlers
-        async def github_auth_handler(request):
-            """Initiate GitHub OAuth flow"""
-            if "auth" not in g_config or "github" not in g_config["auth"]:
-                return web.json_response(create_error_response("GitHub OAuth not configured"), status=500)
-
-            auth_config = g_config["auth"]["github"]
-            client_id = auth_config.get("client_id", "")
-            redirect_uri = auth_config.get("redirect_uri", "")
-
-            # Expand environment variables
-            if client_id.startswith("$"):
-                client_id = client_id[1:]
-            if redirect_uri.startswith("$"):
-                redirect_uri = redirect_uri[1:]
-
-            client_id = os.getenv(client_id, client_id)
-            redirect_uri = os.getenv(redirect_uri, redirect_uri)
-
-            if not client_id:
-                return web.json_response(create_error_response("GitHub client_id not configured"), status=500)
-
-            # Generate CSRF state token
-            state = secrets.token_urlsafe(32)
-            g_oauth_states[state] = {"created": time.time(), "redirect_uri": redirect_uri}
-
-            # Clean up old states (older than 10 minutes)
-            current_time = time.time()
-            expired_states = [s for s, data in g_oauth_states.items() if current_time - data["created"] > 600]
-            for s in expired_states:
-                del g_oauth_states[s]
-
-            # Build GitHub authorization URL
-            params = {
-                "client_id": client_id,
-                "redirect_uri": redirect_uri,
-                "state": state,
-                "scope": "read:user user:email",
-            }
-            auth_url = f"https://github.com/login/oauth/authorize?{urlencode(params)}"
-
-            return web.HTTPFound(auth_url)
-
-        def validate_user(github_username):
-            auth_config = g_config["auth"]["github"]
-            # Check if user is restricted
-            restrict_to = auth_config.get("restrict_to", "")
-
-            # Expand environment variables
-            if restrict_to.startswith("$"):
-                restrict_to = restrict_to[1:]
-
-            restrict_to = os.getenv(restrict_to, None if restrict_to == "GITHUB_USERS" else restrict_to)
-
-            # If restrict_to is configured, validate the user
-            if restrict_to:
-                # Parse allowed users (comma or space delimited)
-                allowed_users = [u.strip() for u in re.split(r"[,\s]+", restrict_to) if u.strip()]
-
-                # Check if user is in the allowed list
-                if not github_username or github_username not in allowed_users:
-                    _log(f"Access denied for user: {github_username}. Not in allowed list: {allowed_users}")
-                    return web.Response(
-                        text=f"Access denied. User '{github_username}' is not authorized to access this application.",
-                        status=403,
-                    )
-            return None
-
-        async def github_callback_handler(request):
-            """Handle GitHub OAuth callback"""
-            code = request.query.get("code")
-            state = request.query.get("state")
-
-            # Handle malformed URLs where query params are appended with & instead of ?
-            if not code and "tail" in request.match_info:
-                tail = request.match_info["tail"]
-                if tail.startswith("&"):
-                    params = parse_qs(tail[1:])
-                    code = params.get("code", [None])[0]
-                    state = params.get("state", [None])[0]
-
-            if not code or not state:
-                return web.Response(text="Missing code or state parameter", status=400)
-
-            # Verify state token (CSRF protection)
-            if state not in g_oauth_states:
-                return web.Response(text="Invalid state parameter", status=400)
-
-            g_oauth_states.pop(state)
-
-            if "auth" not in g_config or "github" not in g_config["auth"]:
-                return web.json_response(create_error_response("GitHub OAuth not configured"), status=500)
-
-            auth_config = g_config["auth"]["github"]
-            client_id = auth_config.get("client_id", "")
-            client_secret = auth_config.get("client_secret", "")
-            redirect_uri = auth_config.get("redirect_uri", "")
-
-            # Expand environment variables
-            if client_id.startswith("$"):
-                client_id = client_id[1:]
-            if client_secret.startswith("$"):
-                client_secret = client_secret[1:]
-            if redirect_uri.startswith("$"):
-                redirect_uri = redirect_uri[1:]
-
-            client_id = os.getenv(client_id, client_id)
-            client_secret = os.getenv(client_secret, client_secret)
-            redirect_uri = os.getenv(redirect_uri, redirect_uri)
-
-            if not client_id or not client_secret:
-                return web.json_response(create_error_response("GitHub OAuth credentials not configured"), status=500)
-
-            # Exchange code for access token
-            async with aiohttp.ClientSession() as session:
-                token_url = "https://github.com/login/oauth/access_token"
-                token_data = {
-                    "client_id": client_id,
-                    "client_secret": client_secret,
-                    "code": code,
-                    "redirect_uri": redirect_uri,
-                }
-                headers = {"Accept": "application/json"}
-
-                async with session.post(token_url, data=token_data, headers=headers) as resp:
-                    token_response = await resp.json()
-                    access_token = token_response.get("access_token")
-
-                    if not access_token:
-                        error = token_response.get("error_description", "Failed to get access token")
-                        return web.json_response(create_error_response(f"OAuth error: {error}"), status=400)
-
-                # Fetch user info
-                user_url = "https://api.github.com/user"
-                headers = {"Authorization": f"Bearer {access_token}", "Accept": "application/json"}
-
-                async with session.get(user_url, headers=headers) as resp:
-                    user_data = await resp.json()
-
-                # Validate user
-                error_response = validate_user(user_data.get("login", ""))
-                if error_response:
-                    return error_response
-
-            # Create session
-            session_token = secrets.token_urlsafe(32)
-            g_sessions[session_token] = {
-                "userId": str(user_data.get("id", "")),
-                "userName": user_data.get("login", ""),
-                "displayName": user_data.get("name", ""),
-                "profileUrl": user_data.get("avatar_url", ""),
-                "email": user_data.get("email", ""),
-                "created": time.time(),
-            }
-
-            # Redirect to UI with session token
-            response = web.HTTPFound(f"/?session={session_token}")
-            response.set_cookie("llms-token", session_token, httponly=True, path="/", max_age=86400)
-            return response
-
-        async def session_handler(request):
-            """Validate and return session info"""
-            session_token = get_session_token(request)
-
-            if not session_token or session_token not in g_sessions:
-                return web.json_response(create_error_response("Invalid or expired session"), status=401)
-
-            session_data = g_sessions[session_token]
-
-            # Clean up old sessions (older than 24 hours)
-            current_time = time.time()
-            expired_sessions = [token for token, data in g_sessions.items() if current_time - data["created"] > 86400]
-            for token in expired_sessions:
-                del g_sessions[token]
-
-            return web.json_response({**session_data, "sessionToken": session_token})
-
-        async def logout_handler(request):
-            """End OAuth session"""
-            session_token = get_session_token(request)
-
-            if session_token and session_token in g_sessions:
-                del g_sessions[session_token]
-
-            response = web.json_response({"success": True})
-            response.del_cookie("llms-token")
-            return response
-
-        async def auth_handler(request):
-            """Check authentication status and return user info"""
-            # Check for OAuth session token
-            session_token = get_session_token(request)
-
-            if session_token and session_token in g_sessions:
-                session_data = g_sessions[session_token]
-                return web.json_response(
-                    {
-                        "userId": session_data.get("userId", ""),
-                        "userName": session_data.get("userName", ""),
-                        "displayName": session_data.get("displayName", ""),
-                        "profileUrl": session_data.get("profileUrl", ""),
-                        "authProvider": "github",
-                    }
-                )
-
-            # Check for API key in Authorization header
-            # auth_header = request.headers.get('Authorization', '')
-            # if auth_header.startswith('Bearer '):
-            #     # For API key auth, return a basic response
-            #     # You can customize this based on your API key validation logic
-            #     api_key = auth_header[7:]
-            #     if api_key:  # Add your API key validation logic here
-            #         return web.json_response({
-            #             "userId": "1",
-            #             "userName": "apiuser",
-            #             "displayName": "API User",
-            #             "profileUrl": "",
-            #             "authProvider": "apikey"
-            #         })
-
-            # Not authenticated - return error in expected format
-            return web.json_response(g_app.error_auth_required, status=401)
-
-        app.router.add_get("/auth", auth_handler)
-        app.router.add_get("/auth/github", github_auth_handler)
-        app.router.add_get("/auth/github/callback", github_callback_handler)
-        app.router.add_get("/auth/github/callback{tail:.*}", github_callback_handler)
-        app.router.add_get("/auth/session", session_handler)
-        app.router.add_post("/auth/logout", logout_handler)
-
         async def ui_static(request: web.Request) -> web.Response:
             path = Path(request.match_info["path"])
 
@@ -4494,8 +4287,8 @@ def cli_exec(cli_args, extra_args):
             enabled, disabled = provider_status()
             ret["status"] = {"all": list(g_config["providers"].keys()), "enabled": enabled, "disabled": disabled}
             # Add auth configuration
-            ret["requiresAuth"] = auth_enabled
-            ret["authType"] = "oauth" if auth_enabled else "apikey"
+            ret["requiresAuth"] = g_app.is_auth_enabled()
+            ret["authTypes"] = [provider.__class__.__name__ for provider in g_app.auth_providers]
             return web.json_response(ret)
 
         app.router.add_get("/config", config_handler)

llms/ui/App.mjs

@@ -173,7 +173,10 @@ export default {
                         <div>
                             <ModelSelector :models="$state.models" v-model="$state.selectedModel" />
                         </div>
-                        <TopBar id="top-bar" />
+                        <div class="flex items-center gap-2">
+                            <TopBar id="top-bar" />
+                            <Avatar />
+                        </div>
                     </div>
                     <TopPanel v-if="$ai.hasAccess" id="top-panel" :class="$ctx.cls('top-panel', 'shrink-0')" />
                     <div id="page" :class="$ctx.cls('page', 'flex-1 overflow-y-auto min-h-0 flex flex-col')">

llms/ui/ai.mjs

@@ -6,7 +6,7 @@ const headers = { 'Accept': 'application/json' }
 const prefsKey = 'llms.prefs'
 
 export const o = {
-    version: '3.0.24',
+    version: '3.0.25',
     base,
     prefsKey,
     welcome: 'Welcome to llms.py',
@@ -165,7 +165,6 @@ export const o = {
         return { config, models, extensions, auth }
     },
 
-
     async uploadFile(file) {
         const formData = new FormData()
         formData.append('file', file)

llms/ui/modules/chat/ChatBody.mjs

@@ -643,8 +643,7 @@ export const ChatBody = {
                 <div class="mx-auto max-w-6xl px-4 py-6">
 
                     <div v-if="!$ai.hasAccess">
-                        <OAuthSignIn v-if="$ai.authType === 'oauth'" @done="$ai.signIn($event)" />
-                        <SignIn v-else @done="$ai.signIn($event)" />
+                        <SignIn @done="$ai.signIn($event)" />
                     </div>
                     <!-- Welcome message when no thread is selected -->
                     <div v-else-if="!currentThread" class="text-center py-12">

llms/ui/modules/layout.mjs

@@ -34,7 +34,7 @@ const Avatar = {
                 @click.stop="toggleMenu"
                 :src="$ai.auth.profileUrl"
                 :title="authTitle"
-                class="size-8 rounded-full cursor-pointer hover:ring-2 hover:ring-gray-300"
+                class="mr-1 size-6 rounded-full cursor-pointer hover:ring-2 hover:ring-gray-300"
             />
             <div
                 v-if="showMenu"
@@ -112,61 +112,6 @@ const Avatar = {
     }
 }
 
-const OAuthSignIn = {
-    template: `
-    <div class="min-h-full -mt-36 flex flex-col justify-center sm:px-6 lg:px-8">
-        <div class="sm:mx-auto sm:w-full sm:max-w-md text-center">
-            <Welcome />
-        </div>
-        <div class="sm:mx-auto sm:w-full sm:max-w-md">
-            <div v-if="errorMessage" class="mb-3 bg-red-50 dark:bg-red-900/30 border border-red-200 dark:border-red-800 text-red-800 dark:text-red-200 rounded-lg px-4 py-3">
-                <div class="flex items-start space-x-2">
-                    <div class="flex-1">
-                        <div class="text-base font-medium">{{ errorMessage }}</div>
-                    </div>
-                    <button type="button"
-                        @click="errorMessage = null"
-                        class="text-red-400 dark:text-red-300 hover:text-red-600 dark:hover:text-red-100 flex-shrink-0"
-                    >
-                        <svg class="w-4 h-4" fill="currentColor" viewBox="0 0 20 20">
-                            <path fill-rule="evenodd" d="M4.293 4.293a1 1 0 011.414 0L10 8.586l4.293-4.293a1 1 0 111.414 1.414L11.414 10l4.293 4.293a1 1 0 01-1.414 1.414L10 11.414l-4.293 4.293a1 1 0 01-1.414-1.414L8.586 10 4.293 5.707a1 1 0 010-1.414z" clip-rule="evenodd"></path>
-                        </svg>
-                    </button>
-                </div>
-            </div>
-            <div class="py-8 px-4 sm:px-10">
-                <div class="space-y-4">
-                    <button
-                        type="button"
-                        @click="signInWithGitHub"
-                        class="w-full inline-flex items-center justify-center px-4 py-3 border border-gray-300 dark:border-gray-600 rounded-md shadow-sm text-base font-medium text-gray-700 dark:text-gray-300 bg-white dark:bg-gray-800 hover:bg-gray-50 dark:hover:bg-gray-700 focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-gray-500 transition-colors"
-                    >
-                        <svg class="w-6 h-6 mr-3" fill="currentColor" viewBox="0 0 24 24" aria-hidden="true">
-                            <path fill-rule="evenodd" d="M12 2C6.477 2 2 6.484 2 12.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.202 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0022 12.017C22 6.484 17.522 2 12 2z" clip-rule="evenodd" />
-                        </svg>
-                        Sign in with GitHub
-                    </button>
-                </div>
-            </div>
-        </div>
-    </div>     
-    `,
-    emits: ['done'],
-    setup(props, { emit }) {
-        const errorMessage = ref(null)
-
-        function signInWithGitHub() {
-            // Redirect to GitHub OAuth endpoint
-            window.location.href = '/auth/github'
-        }
-
-        return {
-            signInWithGitHub,
-            errorMessage,
-        }
-    }
-}
-
 const SignIn = {
     template: `
     <div class="min-h-full -mt-12 flex flex-col justify-center py-12 sm:px-6 lg:px-8">
@@ -263,7 +208,6 @@ export default {
             Brand,
             Welcome,
             Avatar,
-            OAuthSignIn,
             SignIn,
             ErrorViewer,
         })

{llms_py-3.0.24.dist-info → llms_py-3.0.25.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: llms-py
-Version: 3.0.24
+Version: 3.0.25
 Summary: A lightweight CLI tool and OpenAI-compatible server for querying multiple Large Language Model (LLM) providers
 Home-page: https://github.com/ServiceStack/llms
 Author: ServiceStack

{llms_py-3.0.24.dist-info → llms_py-3.0.25.dist-info}/RECORD

@@ -2,8 +2,8 @@ llms/__init__.py,sha256=DKwTZDsyYL_wHe7yvLw49Nf8PSgPSyWaeVdotUqSvrQ,84
 llms/__main__.py,sha256=hrBulHIt3lmPm1BCyAEVtB6DQ0Hvc3gnIddhHCmJasg,151
 llms/db.py,sha256=oozp5I5lECVO8oZEFwcZl3ES5mARqWeR1BkoqG5kSqM,11687
 llms/index.html,sha256=nGk1Djtn9p7l6LuKp4Kg0JIB9fCzxtTWXFfmDb4ggpc,1658
-llms/llms.json,sha256=xeIOuraZKs4CwSJ8R2aDAOClLqx6rdEN68O6s51_7cA,11824
-llms/main.py,sha256=MBRi98pE7MZ70Iw45vMVEHqeRn6WH4oJFAY5gvjnhFM,184270
+llms/llms.json,sha256=u6qFL_0d6dyQOvHLUbk_8-rkzgkmznOLm4ca_m4faCw,11533
+llms/main.py,sha256=EbmW1JJxrudnx2g6imi3mmiOoWCEJx0bMfQmgNAnjkA,174804
 llms/providers-extra.json,sha256=_6DmGBiQY9LM6_Y0zOiObYn7ba4g3akSNQfmHcYlENc,11101
 llms/providers.json,sha256=yls3OUqPIBLSf2rk0xgwUHKkvd-8drGq4JW7w49rEws,299324
 llms/extensions/analytics/ui/index.mjs,sha256=m1XwaqYCLwK267JAUCAltkN_nOXep0GxfpvGNS5i4_w,69547
@@ -49,6 +49,9 @@ llms/extensions/gallery/README.md,sha256=zif27qiMef1dBboMEPvTJqPDnLvrqntraVSw8oQ
 llms/extensions/gallery/__init__.py,sha256=24cABEIyqD0zLi32Jrqxoe-qdsS_q4mdJK7NgS0SiEY,1756
 llms/extensions/gallery/db.py,sha256=IgiwBnqdGf0GYWCltphLD0NWS_MnbPDpRUJszh2_DW0,9032
 llms/extensions/gallery/ui/index.mjs,sha256=2a6dsZqCoey3So3QLCaHMqYSdzOcLR7ZBi60auFx-24,28356
+llms/extensions/github_auth/README.md,sha256=3WQbs93lw4CXohRgBQCnXJ8I5nDZmYgCwv0HXWPHv7Q,6800
+llms/extensions/github_auth/__init__.py,sha256=7tItmIEuvs-Ev5I0yEVVRqVAPVUxQbjcQxwFXemy30E,9926
+llms/extensions/github_auth/ui/index.mjs,sha256=TR-FJh_g475DcLUzsyAbKbsnTNJoQy6XHNJl5EVG2T4,3544
 llms/extensions/katex/README.md,sha256=fD_0riNXrKW0SfehifIc3jnXKg9diQdlXVq5X_e1zTc,1473
 llms/extensions/katex/__init__.py,sha256=CvEe9CPtzoANc4AFuxZTbrJZdggoWLuKnENKfEdncPQ,206
 llms/extensions/katex/ui/README.md,sha256=Xkjgncuvv4WT4TzNX4muWHYKJOwZ-kSpNnyveLlJDNU,7268
@@ -169,8 +172,8 @@ llms/extensions/system_prompts/ui/index.mjs,sha256=Ec2dXSzEj6RnEuW2U3HxeXK3LTl_l
 llms/extensions/system_prompts/ui/prompts.json,sha256=t5DD3bird-87wFa4OlW-bC2wdoYDrVzfyc8TO5OaotI,128489
 llms/extensions/tools/__init__.py,sha256=PRZe0QMfsOymJ3jTqO0VFppNEWI4f2bYSOImK_YrGQM,2036
 llms/extensions/tools/ui/index.mjs,sha256=1TgCn74oX_rUAhxO8w54HlIgNkHnI5ma-GCqXp-qYVY,39434
-llms/ui/App.mjs,sha256=CoUzO9mV__-jV19NKHYIbwHsjWMnO11jyNSbnJhe1gQ,7486
-llms/ui/ai.mjs,sha256=SMAvpE5QzcoQvCNaoOptjZX8k8P3kH4L4yEkDTMfP-E,6541
+llms/ui/App.mjs,sha256=8yljf7M7LUp4q7XPEHTCUKpJB3X2d8ePnatRamwTM00,7622
+llms/ui/ai.mjs,sha256=heyruTHUvMpDbSwBJx1sZRtzaQtRQ-ma_u1Cv5g0U1k,6540
 llms/ui/app.css,sha256=SVVzmFhTd0chuGq5yhv3FjgNudgo6WXlM2fnb-csK4c,190220
 llms/ui/ctx.mjs,sha256=4x-LTmofhf6OvLThSlDSTQOsLkzyBFOEMRGIOLHszqs,14974
 llms/ui/fav.svg,sha256=_R6MFeXl6wBFT0lqcUxYQIDWgm246YH_3hSTW0oO8qw,734
@@ -191,14 +194,14 @@ llms/ui/lib/vue-router.min.mjs,sha256=fR30GHoXI1u81zyZ26YEU105pZgbbAKSXbpnzFKIxl
 llms/ui/lib/vue.min.mjs,sha256=T1TVu9SFEoLArPLKKEp6gsj_eScmHl5TkUebxGK6ldk,166282
 llms/ui/lib/vue.mjs,sha256=75FuLhUTPk19sncwNIrm0BGEL0_Qw298-_v01fPWYoI,542872
 llms/ui/modules/icons.mjs,sha256=LGcH0ys0QLS2ZKCO42qHpwPYbBV_EssoWLezU4XZEzU,27751
-llms/ui/modules/layout.mjs,sha256=8pAxs8bedQI3b3eRA9nrfpLZznLmrpp4BZvigYAQjpQ,12572
+llms/ui/modules/layout.mjs,sha256=83XCQ0Kzm1lq885PBeB0xDPUAOiTkeVktZlH1KN_XzA,9167
 llms/ui/modules/model-selector.mjs,sha256=6U4rAZ7vmQELFRQGWk4YEtq02v3lyHdMq6yUOp-ArXg,43184
-llms/ui/modules/chat/ChatBody.mjs,sha256=jusiYUxz8NoN6iYCrEayYW5t2wdOx0So79aLxjk7J9c,58187
+llms/ui/modules/chat/ChatBody.mjs,sha256=OyjAQPHNIbdqEhQq01ysbx7Cbt1CezUERbgFpcbnrNI,58081
 llms/ui/modules/chat/SettingsDialog.mjs,sha256=HMBJTwrapKrRIAstIIqp0QlJL5O-ho4hzgvfagPfsX8,19930
 llms/ui/modules/chat/index.mjs,sha256=nS_L6G1RSuCybgnA6n-q8Sn3OeSbQWL2iW3-zCIFqJk,39548
-llms_py-3.0.24.dist-info/licenses/LICENSE,sha256=bus9cuAOWeYqBk2OuhSABVV1P4z7hgrEFISpyda_H5w,1532
-llms_py-3.0.24.dist-info/METADATA,sha256=DIZBWhv5icDwZzyHFqY9up_pq-9Om3JiNpW4GNYpjfA,2195
-llms_py-3.0.24.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-llms_py-3.0.24.dist-info/entry_points.txt,sha256=WswyE7PfnkZMIxboC-MS6flBD6wm-CYU7JSUnMhqMfM,40
-llms_py-3.0.24.dist-info/top_level.txt,sha256=gC7hk9BKSeog8gyg-EM_g2gxm1mKHwFRfK-10BxOsa4,5
-llms_py-3.0.24.dist-info/RECORD,,
+llms_py-3.0.25.dist-info/licenses/LICENSE,sha256=bus9cuAOWeYqBk2OuhSABVV1P4z7hgrEFISpyda_H5w,1532
+llms_py-3.0.25.dist-info/METADATA,sha256=Bbn39CQjmUUq-bdheQOOW3cPBKZc2G9ogdNOnzPmK5w,2195
+llms_py-3.0.25.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+llms_py-3.0.25.dist-info/entry_points.txt,sha256=WswyE7PfnkZMIxboC-MS6flBD6wm-CYU7JSUnMhqMfM,40
+llms_py-3.0.25.dist-info/top_level.txt,sha256=gC7hk9BKSeog8gyg-EM_g2gxm1mKHwFRfK-10BxOsa4,5
+llms_py-3.0.25.dist-info/RECORD,,