mindroot 9.2.0__py3-none-any.whl → 9.3.0__py3-none-any.whl

mindroot/coreplugins/admin/plugin_router.py

@@ -21,7 +21,7 @@ def update_plugins(request: PluginUpdateRequest):
         with open('plugins.json', 'w') as file:
             json.dump(plugins_data, file, indent=2)
 
-        plugins.load('plugin_manifest.json')
+        plugins.load('data/plugin_manifest.json')
 
         return {"message": "Plugins updated successfully"}
     except Exception as e:

mindroot/coreplugins/index/handlers/plugin_ops.py

@@ -12,7 +12,7 @@ logger = logging.getLogger(__name__)
 async def get_installed_plugin_metadata(plugin_name: str) -> dict:
     """Get metadata from main plugin manifest"""
     try:
-        manifest_path = Path('plugin_manifest.json')
+        manifest_path = Path('data/plugin_manifest.json')
         logger.debug(f"Reading main plugin manifest from: {manifest_path}")
         
         if not manifest_path.exists():

mindroot/coreplugins/jwt_auth/middleware.py

@@ -142,7 +142,8 @@ async def middleware(request: Request, call_next):
             print("Error checking for static file", e)
             pass
         print("Did not find static file")
-        if request.url.path in public_routes:
+        # Accept explicitly-registered public routes, _or_ the password-reset link which carries its own token
+        if request.url.path in public_routes or request.url.path.startswith('/reset-password'):
             print('Public route: ', request.url.path)
             return await call_next(request)
         elif any([request.url.path.startswith(path) for path in public_static]):

mindroot/coreplugins/user_service/file_trigger_service.py

@@ -7,66 +7,6 @@ from lib.providers.services import service, ServiceProvider
 
 logger = logging.getLogger(__name__)
 
-# Use paths relative to the process working directory
-REQUEST_DIR = "data/password_resets/requests"
-GENERATED_DIR = "data/password_resets/generated"
-CHECK_INTERVAL_SECONDS = 30
-
-@service()
-async def process_password_reset_requests(context=None):
-    """Processes password reset request files from a directory."""
-    # Ensure directories exist
-    os.makedirs(REQUEST_DIR, exist_ok=True)
-    os.makedirs(GENERATED_DIR, exist_ok=True)
-
-    sp = ServiceProvider()
-    initiate_reset = sp.get('user_service.initiate_password_reset')
-    
-    if not (initiate_reset and callable(initiate_reset)):
-        logger.error("Could not get 'user_service.initiate_password_reset' service.")
-        return
-
-    for filename in os.listdir(REQUEST_DIR):
-        request_file_path = os.path.join(REQUEST_DIR, filename)
-        if not os.path.isfile(request_file_path):
-            continue
-
-        try:
-            with open(request_file_path, 'r') as f:
-                data = json.load(f)
-            
-            username = data.get("username")
-            is_admin_reset = data.get("is_admin_reset", False)
-
-            if not username:
-                raise ValueError("Username is missing from request file.")
-
-            logger.info(f"Processing password reset request for user: {username}")
-            token = await initiate_reset(username=username, is_admin_reset=is_admin_reset)
-            
-            reset_link = f"/user_service/reset-password/{token}"
-            generated_file_path = os.path.join(GENERATED_DIR, f"{username}_{datetime.utcnow().strftime('%Y%m%d%H%M%S')}.json")
-            with open(generated_file_path, 'w') as f:
-                json.dump({"username": username, "reset_link": reset_link, "token": token}, f, indent=2)
-            
-            logger.info(f"Successfully generated password reset link for {username}.")
-            os.remove(request_file_path)
-
-        except Exception as e:
-            logger.error(f"Failed to process reset request file {filename}: {e}")
-            error_file_path = os.path.join(REQUEST_DIR, f"{filename}.error")
-            os.rename(request_file_path, error_file_path)
-
-@service()
-async def start_file_watcher_service(context=None):
-    """Starts a background task to watch for password reset request files."""
-    logger.info("Starting password reset file watcher service.")
-    async def watcher_loop():
-        while True:
-            try:
-                await process_password_reset_requests()
-            except Exception as e:
-                logger.error(f"Error in password reset watcher loop: {e}")
-            await asyncio.sleep(CHECK_INTERVAL_SECONDS)
-    
-    asyncio.create_task(watcher_loop())
+# This file is kept for backward compatibility
+# Password reset trigger functionality is now handled directly in router.py
+logger.info("File trigger service loaded - functionality moved to router.py")

mindroot/coreplugins/user_service/password_reset_service.py

@@ -1,3 +1,4 @@
+from typing import Optional
 from lib.providers.services import service
 from .models import UserAuth, PasswordResetToken
 import bcrypt
@@ -5,19 +6,47 @@ import json
 import os
 import secrets
 from datetime import datetime, timedelta
+import logging
+
+logger = logging.getLogger(__name__)
 
 USER_DATA_ROOT = "data/users"
 RESET_TOKEN_VALIDITY_HOURS = 1
 
 @service()
-async def initiate_password_reset(username: str, is_admin_reset: bool = False, context=None) -> str:
+async def initiate_password_reset(username: str, is_admin_reset: bool = False, token: Optional[str] = None, context=None) -> str:
     """Initiates a password reset, generates a token, and stores it."""
+    # Log current working directory and absolute paths
+    cwd = os.getcwd()
+    abs_user_data_root = os.path.abspath(USER_DATA_ROOT)
     user_dir = os.path.join(USER_DATA_ROOT, username)
+    abs_user_dir = os.path.abspath(user_dir)
+    
+    logger.info(f"=== PASSWORD RESET INITIATION ===")
+    logger.info(f"Current working directory: {cwd}")
+    logger.info(f"USER_DATA_ROOT (relative): {USER_DATA_ROOT}")
+    logger.info(f"USER_DATA_ROOT (absolute): {abs_user_data_root}")
+    logger.info(f"User directory (relative): {user_dir}")
+    logger.info(f"User directory (absolute): {abs_user_dir}")
+    logger.info(f"Initiating password reset for user: {username}")
+    
     if not os.path.exists(user_dir):
+        logger.error(f"User directory not found: {user_dir} (absolute: {abs_user_dir})")
+        logger.error(f"Directory exists check: {os.path.exists(abs_user_dir)}")
         raise ValueError("User not found")
 
-    token = secrets.token_urlsafe(32)
+    # List existing files in user directory
+    try:
+        existing_files = os.listdir(user_dir)
+        logger.info(f"Existing files in user directory: {existing_files}")
+    except Exception as e:
+        logger.error(f"Error listing user directory: {e}")
+
+    if token is None:
+        token = secrets.token_urlsafe(32)
+    
     expires_at = datetime.utcnow() + timedelta(hours=RESET_TOKEN_VALIDITY_HOURS)
+    logger.info(f"Generated reset token for {username}, expires at: {expires_at.isoformat()}")
 
     reset_data = PasswordResetToken(
         token=token,
@@ -26,54 +55,178 @@ async def initiate_password_reset(username: str, is_admin_reset: bool = False, c
     )
 
     reset_file_path = os.path.join(user_dir, "password_reset.json")
+    abs_reset_file_path = os.path.abspath(reset_file_path)
+    logger.info(f"Saving reset token to: {reset_file_path} (absolute: {abs_reset_file_path})")
+    
     with open(reset_file_path, 'w') as f:
         json.dump(reset_data.dict(), f, indent=2)
-
-    # In a real application, you would email this token to the user.
-    # For this implementation, we return it directly.
+    
+    logger.info(f"Reset token file created successfully")
+    
+    # Verify file was created
+    if os.path.exists(reset_file_path):
+        logger.info(f"Verified: Reset token file exists after creation")
+        try:
+            with open(reset_file_path, 'r') as f:
+                verify_data = json.load(f)
+                logger.info(f"Verified: Reset token file contents: {verify_data}")
+        except Exception as e:
+            logger.error(f"Error reading back reset token file: {e}")
+    else:
+        logger.error(f"ERROR: Reset token file was not created successfully!")
+    
     return token
 
 @service()
 async def reset_password_with_token(token: str, new_password: str, context=None) -> bool:
     """Resets a user's password using a valid reset token."""
-    for username in os.listdir(USER_DATA_ROOT):
+    # Log current working directory and absolute paths
+    cwd = os.getcwd()
+    abs_user_data_root = os.path.abspath(USER_DATA_ROOT)
+    
+    logger.info(f"=== PASSWORD RESET ATTEMPT ===")
+    logger.info(f"Current working directory: {cwd}")
+    logger.info(f"USER_DATA_ROOT (relative): {USER_DATA_ROOT}")
+    logger.info(f"USER_DATA_ROOT (absolute): {abs_user_data_root}")
+    logger.info(f"Attempting password reset with token: {token[:10]}...{token[-10:]}")
+    logger.info(f"Token length: {len(token)}")
+    
+    if not os.path.exists(USER_DATA_ROOT):
+        logger.error(f"USER_DATA_ROOT directory does not exist:")
+        logger.error(f"  Relative path: {USER_DATA_ROOT}")
+        logger.error(f"  Absolute path: {abs_user_data_root}")
+        logger.error(f"  Exists check: {os.path.exists(abs_user_data_root)}")
+        raise ValueError("User data directory not found")
+    
+    users_found = 0
+    tokens_checked = 0
+    
+    try:
+        user_dirs = os.listdir(USER_DATA_ROOT)
+        logger.info(f"Found {len(user_dirs)} potential user directories: {user_dirs}")
+    except Exception as e:
+        logger.error(f"Error listing USER_DATA_ROOT: {e}")
+        raise ValueError("Error accessing user data")
+    
+    for username in user_dirs:
         user_dir = os.path.join(USER_DATA_ROOT, username)
+        abs_user_dir = os.path.abspath(user_dir)
+        logger.info(f"Checking user directory: {user_dir} (absolute: {abs_user_dir})")
+        
+        if not os.path.isdir(user_dir):
+            logger.debug(f"Skipping {username} - not a directory")
+            continue
+            
+        users_found += 1
+        
+        # List all files in this user directory
+        try:
+            user_files = os.listdir(user_dir)
+            logger.info(f"Files in user '{username}' directory: {user_files}")
+        except Exception as e:
+            logger.error(f"Error listing files in user directory {username}: {e}")
+            continue
+        
         reset_file_path = os.path.join(user_dir, "password_reset.json")
+        abs_reset_file_path = os.path.abspath(reset_file_path)
+        logger.info(f"Looking for reset file: {reset_file_path} (absolute: {abs_reset_file_path})")
+        logger.info(f"Reset file exists: {os.path.exists(reset_file_path)}")
 
         if not os.path.exists(reset_file_path):
+            logger.info(f"No reset file found for user {username} - skipping")
+            continue
+
+        logger.info(f"Found reset file for user {username}, reading token data")
+        
+        try:
+            with open(reset_file_path, 'r') as f:
+                reset_data_dict = json.load(f)
+                logger.info(f"Reset file contents for {username}: {reset_data_dict}")
+                reset_data = PasswordResetToken(**reset_data_dict)
+        except (json.JSONDecodeError, TypeError, ValueError) as e:
+            logger.error(f"Error parsing reset file for {username}: {e}")
+            continue
+        except Exception as e:
+            logger.error(f"Unexpected error reading reset file for {username}: {e}")
             continue
 
-        with open(reset_file_path, 'r') as f:
+        tokens_checked += 1
+        stored_token = reset_data.token
+        logger.info(f"Comparing tokens for user {username}:")
+        logger.info(f"  Provided token: '{token[:10]}...{token[-10:]}' (length: {len(token)})")
+        logger.info(f"  Stored token:   '{stored_token[:10]}...{stored_token[-10:]}' (length: {len(stored_token)})")
+        logger.info(f"  Tokens match: {stored_token == token}")
+        
+        # Also check for URL encoding issues
+        import urllib.parse
+        decoded_token = urllib.parse.unquote(token)
+        logger.info(f"  URL decoded token: '{decoded_token[:10]}...{decoded_token[-10:]}' (length: {len(decoded_token)})")
+        logger.info(f"  Decoded tokens match: {stored_token == decoded_token}")
+        
+        if reset_data.token == token or reset_data.token == decoded_token:
+            logger.info(f"Token match found for user {username}!")
+            matched_token = token if reset_data.token == token else decoded_token
+            logger.info(f"Matched using {'original' if matched_token == token else 'URL-decoded'} token")
+            
+            # Check expiration
             try:
-                reset_data = PasswordResetToken(**json.load(f))
-            except (json.JSONDecodeError, TypeError):
+                expires_at = datetime.fromisoformat(reset_data.expires_at)
+                current_time = datetime.utcnow()
+                logger.info(f"Token expires at: {expires_at}")
+                logger.info(f"Current time: {current_time}")
+                logger.info(f"Token expired: {expires_at < current_time}")
+                
+                if expires_at < current_time:
+                    logger.warning(f"Token expired for user {username}, removing reset file")
+                    os.remove(reset_file_path)
+                    raise ValueError("Password reset token has expired.")
+            except ValueError as e:
+                if "expired" in str(e):
+                    raise
+                logger.error(f"Error parsing expiration date for {username}: {e}")
                 continue
 
-        if reset_data.token == token:
-            if datetime.fromisoformat(reset_data.expires_at) < datetime.utcnow():
-                os.remove(reset_file_path) # Expired token
-                raise ValueError("Password reset token has expired.")
-
+            # Update password
             auth_file_path = os.path.join(user_dir, "auth.json")
+            abs_auth_file_path = os.path.abspath(auth_file_path)
+            logger.info(f"Updating password for user {username}")
+            logger.info(f"Auth file: {auth_file_path} (absolute: {abs_auth_file_path})")
+            
             if not os.path.exists(auth_file_path):
+                logger.error(f"Auth file not found for user {username}: {auth_file_path}")
                 os.remove(reset_file_path)
                 raise FileNotFoundError("User auth file not found.")
 
-            with open(auth_file_path, 'r+') as auth_file:
-                auth_data_dict = json.load(auth_file)
-                auth_data = UserAuth(**auth_data_dict)
-
-                new_password_hash = bcrypt.hashpw(new_password.encode(), bcrypt.gensalt()).decode()
-                auth_data.password_hash = new_password_hash
+            try:
+                with open(auth_file_path, 'r+') as auth_file:
+                    auth_data_dict = json.load(auth_file)
+                    auth_data = UserAuth(**auth_data_dict)
 
-                if reset_data.is_admin_reset and 'admin' not in auth_data.roles:
-                    auth_data.roles.append('admin')
+                    new_password_hash = bcrypt.hashpw(new_password.encode(), bcrypt.gensalt()).decode()
+                    auth_data.password_hash = new_password_hash
+                    logger.info(f"Password hash updated for user {username}")
 
-                auth_file.seek(0)
-                json.dump(auth_data.dict(), auth_file, indent=2, default=str)
-                auth_file.truncate()
+                    if reset_data.is_admin_reset and 'admin' not in auth_data.roles:
+                        auth_data.roles.append('admin')
+                        logger.info(f"Added admin role to user {username}")
 
-            os.remove(reset_file_path) # Invalidate token after use
-            return True
+                    auth_file.seek(0)
+                    json.dump(auth_data.dict(), auth_file, indent=2, default=str)
+                    auth_file.truncate()
+                    logger.info(f"Auth file updated for user {username}")
 
+                os.remove(reset_file_path)
+                logger.info(f"Reset token file removed for user {username}")
+                logger.info(f"Password reset completed successfully for user {username}")
+                return True
+                
+            except Exception as e:
+                logger.error(f"Error updating auth file for user {username}: {e}")
+                raise ValueError(f"Error updating user authentication: {e}")
+
+    logger.warning(f"=== TOKEN NOT FOUND ===")
+    logger.warning(f"Token not found after checking {users_found} users and {tokens_checked} tokens")
+    logger.warning(f"Provided token: '{token}'")
+    logger.warning(f"Current working directory: {cwd}")
+    logger.warning(f"Searched in: {abs_user_data_root}")
     raise ValueError("Invalid password reset token.")

mindroot/coreplugins/user_service/router.py

@@ -1,36 +1,96 @@
 from fastapi import APIRouter, Request, Form, Depends
 from fastapi.responses import HTMLResponse, RedirectResponse
 from lib.templates import render
+import os
+import json
+import logging
+# Import services directly to avoid coroutine-call confusion
 from .password_reset_service import reset_password_with_token, initiate_password_reset
 from lib.providers.services import service_manager
 from lib.providers import ProviderManager
+from lib.route_decorators import public_route
 
+logger = logging.getLogger(__name__)
 router = APIRouter()
 
-@router.get("/reset-password/{token}")
-async def get_reset_password_form(request: Request, token: str):
-    return await render('reset_password', {"request": request, "token": token, "error": None, "success": False})
+@public_route()
+@router.get("/reset-password/{filename}")
+async def get_reset_password_form_by_file(request: Request, filename: str):
+    """Show password reset form if trigger file exists"""
+    trigger_dir = "data/password_resets"
+    file_path = os.path.join(trigger_dir, f"{filename}")
+    print("file path", file_path)
 
-@router.post("/reset-password/{token}")
-async def handle_reset_password(request: Request, token: str, password: str = Form(...), confirm_password: str = Form(...), services: ProviderManager = Depends(lambda: service_manager)):
-    if password != confirm_password:
-        return await render('reset_password', {"request": request, "token": token, "error": "Passwords do not match.", "success": False})
+    # Validate filename format
+    if not filename  or not filename.replace('-', '').replace('_', '').isalnum():
+        print('1')
+        html = await render('reset_password', {"request": request, "token": filename, "error": "Invalid file format", "success": False})
+        return HTMLResponse(content=html)
+    
+    if not os.path.exists(file_path) or not os.path.isfile(file_path):
+        print('2')
+        html = await render('reset_password', {"request": request, "token": filename, "error": "Reset file not found or expired", "success": False})
+        return HTMLResponse(content=html)
+    
+    # File exists and is actually a file, show the form
+    html = await render('reset_password', {"request": request, "token": filename, "error": None, "success": False})
+    return HTMLResponse(content=html)
 
+@public_route()
+@router.post("/reset-password/{filename}")
+async def handle_reset_password_by_file(request: Request, filename: str, password: str = Form(...), confirm_password: str = Form(...), services: ProviderManager = Depends(lambda: service_manager)):
+    """Handle password reset using trigger file"""
+    trigger_dir = "data/password_resets"
+    file_path = os.path.join(trigger_dir, f"{filename}")
+    
+    # Validate filename format
+    if not filename or not filename.replace('-', '').replace('_', '').isalnum():
+        html = await render('reset_password', {"request": request, "token": filename, "error": "Invalid file format", "success": False})
+        return HTMLResponse(content=html)
+    
+    if password != confirm_password:
+        html = await render('reset_password', {"request": request, "token": filename, "error": "Passwords do not match.", "success": False})
+        return HTMLResponse(content=html)
+    
+    if not os.path.exists(file_path) or not os.path.isfile(file_path):
+        html = await render('reset_password', {"request": request, "token": filename, "error": "Reset file not found or expired.", "success": False})
+        return HTMLResponse(content=html)
+    
     try:
-        success = await services.get('user_service.reset_password_with_token')(token=token, new_password=password)
+        # Read the trigger file
+        with open(file_path, 'r') as f:
+            data = f.read().strip()
+        
+        # Parse the file content: "username is_admin_reset"
+        parts = data.split(' ')
+        if len(parts) != 2:
+            html = await render('reset_password', {"request": request, "token": filename, "error": "Invalid reset file format.", "success": False})
+            return HTMLResponse(content=html)
+        
+        username, is_admin_reset_str = parts
+        is_admin_reset = is_admin_reset_str.lower() == 'true'
+        
+        if not username:
+            html = await render('reset_password', {"request": request, "token": filename, "error": "Invalid reset file format.", "success": False})
+            return HTMLResponse(content=html)
+        
+        logger.info(f"Processing password reset for user: {username} from file: {filename}")
+        
+        # Generate token and reset password
+        token = await initiate_password_reset(username=username, is_admin_reset=is_admin_reset)
+        success = await reset_password_with_token(token=token, new_password=password)
+        
         if success:
-            return await render('reset_password', {"request": request, "token": token, "error": None, "success": True})
+            # Delete the trigger file
+            os.remove(file_path)
+            logger.info(f"Successfully reset password for {username}, removed trigger file: {filename}")
+            html = await render('reset_password', {"request": request, "token": filename, "error": None, "success": True})
+            return HTMLResponse(content=html)
         else:
-            return await render('reset_password', {"request": request, "token": token, "error": "Invalid or expired token.", "success": False})
-    except ValueError as e:
-        return await render('reset_password', {"request": request, "token": token, "error": str(e), "success": False})
-
-# This is an admin-only function to generate a reset link.
-# In a real app, this would be more protected.
-@router.get("/admin/initiate-reset/{username}")
-async def admin_initiate_reset(username: str, services: ProviderManager = Depends(lambda: service_manager)):
-    try:
-        token = await services.get('user_service.initiate_password_reset')(username=username)
-        return HTMLResponse(f'<h1>Password Reset Link</h1><p>Share this link with the user: <a href="/user_service/reset-password/{token}">/user_service/reset-password/{token}</a></p>')
-    except ValueError as e:
-        return HTMLResponse(f'<h1>Error</h1><p>{str(e)}</p>', status_code=404)
+            html = await render('reset_password', {"request": request, "token": filename, "error": "Password reset failed.", "success": False})
+            return HTMLResponse(content=html)
+            
+    except Exception as e:
+        logger.error(f"Error processing trigger file {filename}: {e}")
+        html = await render('reset_password', {"request": request, "token": filename, "error": f"Error processing reset: {str(e)}", "success": False})
+        return HTMLResponse(content=html)

mindroot/lib/plugins/manifest.py

@@ -1,9 +1,10 @@
 import json
 import os
+import shutil
 from datetime import datetime
 
 # Central definition of manifest file location
-MANIFEST_FILE = 'plugin_manifest.json'
+MANIFEST_FILE = 'data/plugin_manifest.json'
 
 def load_plugin_manifest():
     """Load the plugin manifest file.
@@ -68,12 +69,20 @@ def update_plugin_manifest(plugin_name, source, source_path, remote_source=None,
 
 def create_default_plugin_manifest():
     """Create a new default manifest file."""
-    # read from default_plugin_manifest.json in same dir as this file
-    default_manifest_path = os.path.join(os.path.dirname(__file__), 'default_plugin_manifest.json')
-    with open(default_manifest_path, 'r') as f:
-        default_manifest = json.load(f)
-    save_plugin_manifest(default_manifest)
-
+    # First check if there's an existing manifest in the root directory
+    old_manifest_path = 'plugin_manifest.json'
+    if os.path.exists(old_manifest_path):
+        # Move existing manifest from root to data directory
+        os.makedirs(os.path.dirname(MANIFEST_FILE), exist_ok=True)
+        shutil.move(old_manifest_path, MANIFEST_FILE)
+    else:
+        # No existing manifest, create from default template
+        # read from default_plugin_manifest.json in same dir as this file
+        default_manifest_path = os.path.join(os.path.dirname(__file__), 'default_plugin_manifest.json')
+        with open(default_manifest_path, 'r') as f:
+            default_manifest = json.load(f)
+        os.makedirs(os.path.dirname(MANIFEST_FILE), exist_ok=True)
+        save_plugin_manifest(default_manifest)
 def toggle_plugin_state(plugin_name, enabled):
     """Toggle a plugin's enabled state.
     

mindroot/migrate.py

@@ -0,0 +1,30 @@
+import os
+import shutil
+from pathlib import Path
+
+def migrate_plugin_manifest():
+    """Migrate plugin_manifest.json from root to data/ directory if needed."""
+    root_manifest = 'plugin_manifest.json'
+    data_manifest = 'data/plugin_manifest.json'
+    
+    # If the new location already exists, no migration needed
+    if os.path.exists(data_manifest):
+        print(f"Plugin manifest already exists at {data_manifest}")
+        return
+    
+    # If old location exists, move it to new location
+    if os.path.exists(root_manifest):
+        print(f"Migrating plugin manifest from {root_manifest} to {data_manifest}")
+        # Ensure data directory exists
+        os.makedirs('data', exist_ok=True)
+        # Move the file
+        shutil.move(root_manifest, data_manifest)
+        print(f"Plugin manifest migration complete")
+    else:
+        print("No existing plugin manifest found to migrate")
+
+def run_migrations():
+    """Run all necessary migrations."""
+    print("Running MindRoot migrations...")
+    migrate_plugin_manifest()
+    print("Migrations complete")

mindroot/server.py

@@ -14,6 +14,7 @@ import socket
 from fastapi.middleware.cors import CORSMiddleware
 from starlette.middleware.base import BaseHTTPMiddleware
 from dotenv import load_dotenv
+from .migrate import run_migrations
 
 # Load environment variables from .env file at the start
 # Set override=True to make .env variables override existing environment variables
@@ -35,6 +36,7 @@ def get_project_root():
 def create_directories():
     root = get_project_root()
     directories = [
+        "data",
         "imgs",
         "models",
         "models/face",
@@ -102,6 +104,9 @@ class HeaderMiddleware(BaseHTTPMiddleware):
 
 def main():
     global app
+    
+    # Run migrations first, before anything else
+    run_migrations()
 
     cmd_args = parse_args()
     # save ALL parsed args in app state

{mindroot-9.2.0.dist-info → mindroot-9.3.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mindroot
-Version: 9.2.0
+Version: 9.3.0
 Summary: MindRoot AI Agent Framework
 Requires-Python: >=3.9
 License-File: LICENSE

{mindroot-9.2.0.dist-info → mindroot-9.3.0.dist-info}/RECORD

@@ -1,5 +1,6 @@
 mindroot/__init__.py,sha256=OrFRGt_fdSYjolLXUzjSX2CIn1cOAm6l47ENNAkwmgQ,83
-mindroot/server.py,sha256=vFJSZ4FPI7YBWDlBfGihNMh1IiwBo9R0Sz8dM15cm4k,4888
+mindroot/migrate.py,sha256=kVmcvtXkXRj0weVvPfwTKvdhv1VVYgPLuFnOY0XXxn4,1071
+mindroot/server.py,sha256=mKqO1BNT9i5N5xTuLXPLXK7YAF-9AXNMeDP4rODBGJI,5015
 mindroot/coreplugins/admin/__init__.py,sha256=388n_hMskU0TnZ4xT10US_kFkya-EPBjWcv7AZf_HOk,74
 mindroot/coreplugins/admin/agent_importer.py,sha256=8hQLO64iKtPA5gv9-mLUfUCcnRp3IH9-sTfgkPsrmqo,6376
 mindroot/coreplugins/admin/agent_router.py,sha256=mstYUURNRb9MpfNwqMYC7WY3FOQJ-5H0TNNz4mDSjFM,9220
@@ -8,7 +9,7 @@ mindroot/coreplugins/admin/persona_handler.py,sha256=eRYmmOmupLJuiujWN35SS2nwRgo
 mindroot/coreplugins/admin/persona_router.py,sha256=tyPxBe-pRnntHo_xyazvnwKZxHmvEI5_Fsu0YkZbrXA,6036
 mindroot/coreplugins/admin/plugin_manager.py,sha256=ZXzxSNY6Y0_PXvnZSsSK3WDTkgDJNDuDlFP8y-F72h8,15355
 mindroot/coreplugins/admin/plugin_manager_backup.py,sha256=pUnh-EW4BMOrL2tYUq1X2BC65aoTBhDM-o2-mlDYXfU,24583
-mindroot/coreplugins/admin/plugin_router.py,sha256=EEDIM0MMPhqeej8Lu8cazYgzaXH1sKZLy_6kBOwrUgY,1020
+mindroot/coreplugins/admin/plugin_router.py,sha256=SAxq2ladUyfENlzVr4rSZ0itMKvBJPl37mxgwjfQQD8,1025
 mindroot/coreplugins/admin/router.py,sha256=Wzeri92Rv39YKTYflMZ3E1pnYy959KHWRjS8D4Xgaao,1580
 mindroot/coreplugins/admin/server_router.py,sha256=aZ5v7QBcK1LJ2yiciUA4elY26iSGl-8m03L1h3ogvP4,4533
 mindroot/coreplugins/admin/service_models.py,sha256=ccYdLjWlEbbkIq9y9T5TL8NGSO6m1LLiJb9J2wkbenY,3354
@@ -1310,7 +1311,7 @@ mindroot/coreplugins/index/utils.py,sha256=UF30B_XM3FNHjwn_BnxaW9yEjwZl-TjyDBcUD
 mindroot/coreplugins/index/handlers/__init__.py,sha256=MPoCNJooyIGXwD9lXyIR8RQwUE5MrPj4wFpJVIzPCtM,421
 mindroot/coreplugins/index/handlers/agent_ops.py,sha256=6faXdvDwZfZSsev5BLlKxJkDo4BNskVNAstWt3_T6kA,3849
 mindroot/coreplugins/index/handlers/index_ops.py,sha256=VvGev9qKMtXK0LJnyO4s0fKeJwFLlXIBI3SPgYIGMD8,3898
-mindroot/coreplugins/index/handlers/plugin_ops.py,sha256=KT5Ga8Q42rBfkaqyDd4VPtu3x1Ax7mEApS8a-xIhq2E,5599
+mindroot/coreplugins/index/handlers/plugin_ops.py,sha256=lYSNAvdbXtaTdJToe5Sn30H7PmkKrB3vP34g4NuUkS0,5604
 mindroot/coreplugins/index/handlers/publish.py,sha256=J4SiDSvaXpYV7My66nFjD1jHTVeDsV986iIwUAUlLok,4684
 mindroot/coreplugins/index/indices/default/index.json,sha256=2zR869dAVESvpGuRATZXaaQkh7n2oqkjc3DY2VcqXgc,37991
 mindroot/coreplugins/index/indices/default/personas/Assistant/avatar.png,sha256=AsT2_jjGpZvEhzTEwSVhEShSYaIBhcUDrlj_bAG_HVY,1169266
@@ -1694,7 +1695,7 @@ mindroot/coreplugins/index/static/js/lit-html/node/directives/until.js.map,sha25
 mindroot/coreplugins/index/static/js/lit-html/node/directives/when.js,sha256=NLe0NJ-6jqjVDUrT_DzmSpREsRaLo1yarzdYcV_5xHY,181
 mindroot/coreplugins/index/static/js/lit-html/node/directives/when.js.map,sha256=tOonih_-EaqrunhNGshA9xN--WIVdGikjg8MkVp0itQ,1534
 mindroot/coreplugins/jwt_auth/__init__.py,sha256=qFCBnx0oAKTtMSXiPEa7VXOIlWDTU-5CY0XvodgSUlM,79
-mindroot/coreplugins/jwt_auth/middleware.py,sha256=Is8haTLe9K4PdN8hrpoN9lqee6fYfI8Viww6oZfTNIk,9227
+mindroot/coreplugins/jwt_auth/middleware.py,sha256=TPz1MZch6BJXtIMlmdQqUO3-xbUy9TMqFDTU8uetfzQ,9388
 mindroot/coreplugins/jwt_auth/mod.py,sha256=AfRDh9vyGGTE0qLdEOXl2TZYufYxqjsE34uIDQXq--o,1039
 mindroot/coreplugins/jwt_auth/role_checks.py,sha256=bruZIIBSOvXNWB1YZ2s5btrbbXNf18w6MdORpJByV60,1555
 mindroot/coreplugins/jwt_auth/router.py,sha256=ecXYao_UG33UjQF15Hi-tf_X0eFsqLEldyqGpt7JNSw,1162
@@ -1762,13 +1763,13 @@ mindroot/coreplugins/usage/templates/usage.jinja2,sha256=bSAjGbgx-hgzkPR0u1OIoJi
 mindroot/coreplugins/user_service/__init__.py,sha256=YdQYM2GS6I2vB6r4ilODQjcV6LKTnKlCmo1EbfCQeVE,171
 mindroot/coreplugins/user_service/admin_init.py,sha256=wQ28wmohiER0iMEyz4kypSbSDkD38LE7WXSgZyo0-pA,3923
 mindroot/coreplugins/user_service/email_service.py,sha256=ptcnvPIxF7kY9NgdDlNZYGirzi6ruY8sWmuMp-fHLgA,1591
-mindroot/coreplugins/user_service/file_trigger_service.py,sha256=HyIvY_6UHE1oJgxDx-PsPcQa1l2cG9Cg4P_EvsnMVCI,2853
+mindroot/coreplugins/user_service/file_trigger_service.py,sha256=ryHY_YBlQYLGyOO59PKqC5ijy0DOcaXLtvIQOaumELE,381
 mindroot/coreplugins/user_service/hooks.py,sha256=4di2j0tVhEKplDaG9fTlRtErIflZPYBfC3iHGBtUgh0,875
 mindroot/coreplugins/user_service/mod.py,sha256=CW0CtNp4EOg3HsNS-PlwVVy4F5q0v0RJyAvifKVhFRM,4856
 mindroot/coreplugins/user_service/models.py,sha256=s_dy881Ob8Ng94PQ-Iw9lYq306l3QsnDLVk7e3OED5w,1137
-mindroot/coreplugins/user_service/password_reset_service.py,sha256=K77GPP-APQOsqRxMzoaOb5OA7MCwubSMdRNcau7BJ3M,2992
+mindroot/coreplugins/user_service/password_reset_service.py,sha256=KsZ4VxCplJHWI0wNc-8dUiWNV6l74FIw3HiWCSdP8aI,10537
 mindroot/coreplugins/user_service/role_service.py,sha256=e6XrxhMC4903C-Y515XSC544uXAik6-CSee-TIPGIwA,2329
-mindroot/coreplugins/user_service/router.py,sha256=IH89Ahk9T9WyAkvEi7Kgv6EIJ0jKOuN6u6sZ32mfDRs,2201
+mindroot/coreplugins/user_service/router.py,sha256=7TxaEYswj4NmQanfW8T15HTu3FoYMR1m3OUJeAPn_Ag,4873
 mindroot/coreplugins/user_service/backup/admin_service.py,sha256=scc59rxlZz4uuVvgjf-9HL2gKi7-uiCdSt6LjWJILR8,4259
 mindroot/coreplugins/user_service/backup/admin_setup.py,sha256=JGszAw8nVtnNiisSUGu9jtoStKGyN44KpbRlKAhDJho,3001
 mindroot/coreplugins/user_service/templates/reset_password.jinja2,sha256=GE2rHNmSUlAS5EoJuu9g3KsUel5RNMKMVYTfxhi2IPM,2097
@@ -1804,7 +1805,7 @@ mindroot/lib/plugins/__init__.py,sha256=ZpIgOKsGjyvAe9KenqZ_5ppxaQ7br9EmU7RBI_VX
 mindroot/lib/plugins/default_plugin_manifest.json,sha256=lg3mIQmQPU6nkOKjClstvXGC82tNP9RuV-LLQVIJAIw,1406
 mindroot/lib/plugins/installation.py,sha256=Ju3gD3cv9I5qIY0hrL7-4t5xYeivEtEgUveWIiE1oqM,15360
 mindroot/lib/plugins/loader.py,sha256=OhBzfzHuZCwxVtloVrgkHUJCaLG3_n4k9lDLMIuuZsg,9541
-mindroot/lib/plugins/manifest.py,sha256=DOCpwZRFCbk4fAhXlh67uDunYGMBD-OK6_W4E9tf-_k,3955
+mindroot/lib/plugins/manifest.py,sha256=33jnEWI-2eNmWRXHVxdQWPovLSiyeD_gTIsna9a8u-M,4474
 mindroot/lib/plugins/mapping.py,sha256=B3nxbStLzyYj8CEuEfxWXMbCu_dOtK_zVTbcCBw5mMc,838
 mindroot/lib/plugins/paths.py,sha256=vPDjEF9NU1xHMIcnN4_Hf1gjyleyXAAfRcf86WXt4M4,4312
 mindroot/lib/providers/__init__.py,sha256=e0DzrmFHxZJCzWf-GE41_n6zjzN1XmL_d-8cBcmYh5U,11681
@@ -1826,9 +1827,9 @@ mindroot/protocols/services/stream_chat.py,sha256=fMnPfwaB5fdNMBLTEg8BXKAGvrELKH
 mindroot/registry/__init__.py,sha256=40Xy9bmPHsgdIrOzbtBGzf4XMqXVi9P8oZTJhn0r654,151
 mindroot/registry/component_manager.py,sha256=WZFNPg4SNvpqsM5NFiC2DpgmrJQCyR9cNhrCBpp30Qk,995
 mindroot/registry/data_access.py,sha256=NgNMamxIjaKeYxzxnVaQz1Y-Rm0AI51si3788_JHUTM,5316
-mindroot-9.2.0.dist-info/licenses/LICENSE,sha256=8plAmZh8y9ccuuqFFz4kp7G-cO_qsPgAOoHNvabSB4U,1070
-mindroot-9.2.0.dist-info/METADATA,sha256=YMYUpTxmYkwH8qigO998NI6gc_R0H5qQVelCoz_-UGs,891
-mindroot-9.2.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-mindroot-9.2.0.dist-info/entry_points.txt,sha256=0bpyjMccLttx6VcjDp6zfJPN0Kk0rffor6IdIbP0j4c,50
-mindroot-9.2.0.dist-info/top_level.txt,sha256=gwKm7DmNjhdrCJTYCrxa9Szne4lLpCtrEBltfsX-Mm8,9
-mindroot-9.2.0.dist-info/RECORD,,
+mindroot-9.3.0.dist-info/licenses/LICENSE,sha256=8plAmZh8y9ccuuqFFz4kp7G-cO_qsPgAOoHNvabSB4U,1070
+mindroot-9.3.0.dist-info/METADATA,sha256=XifktWZGe9gF5apBJpZIgxLKNikiSXIOPqrGsMmTcus,891
+mindroot-9.3.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+mindroot-9.3.0.dist-info/entry_points.txt,sha256=0bpyjMccLttx6VcjDp6zfJPN0Kk0rffor6IdIbP0j4c,50
+mindroot-9.3.0.dist-info/top_level.txt,sha256=gwKm7DmNjhdrCJTYCrxa9Szne4lLpCtrEBltfsX-Mm8,9
+mindroot-9.3.0.dist-info/RECORD,,