open-swarm 0.1.1745275181__py3-none-any.whl → 0.1.1748636295__py3-none-any.whl

swarm/views/chat_views.py

@@ -1,243 +1,83 @@
-
-# --- Content for src/swarm/views/chat_views.py ---
-import logging
-import json
-import uuid
-import time
-import asyncio
-from typing import Dict, Any, AsyncGenerator, List, Optional
-
-from django.shortcuts import render
-from django.http import StreamingHttpResponse, JsonResponse, Http404, HttpRequest, HttpResponse, HttpResponseBase
-from django.views import View
-from django.utils.decorators import method_decorator
+"""
+Chat-related views for Open Swarm MCP Core.
+"""
+import asyncio # Import asyncio
 from django.views.decorators.csrf import csrf_exempt
-from django.contrib.auth.decorators import login_required
-from django.conf import settings
-from django.urls import reverse # Needed for reverse() used in tests
-
-from rest_framework import status
-from rest_framework.views import APIView
 from rest_framework.response import Response
-from rest_framework.permissions import IsAuthenticated, AllowAny
-from rest_framework.exceptions import ValidationError, PermissionDenied, NotFound, APIException, ParseError, NotAuthenticated
-from rest_framework.request import Request # Import DRF Request
-
-# Utility to wrap sync functions for async execution
-from asgiref.sync import sync_to_async
-
-# Assuming serializers are in the same app
-from swarm.serializers import ChatCompletionRequestSerializer
-# Assuming utils are in the same app/directory level
-# Make sure these utils are async-safe or wrapped if they perform sync I/O
-from .utils import get_blueprint_instance, validate_model_access, get_available_blueprints
-# Import custom permission
-from swarm.auth import HasValidTokenOrSession # Keep this import
-
-logger = logging.getLogger(__name__)
-# Specific logger for debug prints, potentially configured differently
-print_logger = logging.getLogger('print_debug')
-
-# ==============================================================================
-# API Views (DRF based)
-# ==============================================================================
-
-class HealthCheckView(APIView):
-    """ Simple health check endpoint. """
-    permission_classes = [AllowAny]
-    def get(self, request, *args, **kwargs):
-        """ Returns simple 'ok' status. """
-        return Response({"status": "ok"})
-
-class ChatCompletionsView(APIView):
-    """
-    Handles chat completion requests (/v1/chat/completions), compatible with OpenAI API spec.
-    Supports both streaming and non-streaming responses.
-    Uses asynchronous handling for potentially long-running blueprint operations.
-    """
-    # Default serializer class for request validation.
-    serializer_class = ChatCompletionRequestSerializer
-    # Default permission classes are likely set in settings.py
-    # permission_classes = [IsAuthenticated] # Example default
-
-    # --- Internal Helper Methods (Unchanged) ---
-
-    async def _handle_non_streaming(self, blueprint_instance, messages: List[Dict[str, str]], request_id: str, model_name: str) -> Response:
-        """ Handles non-streaming requests. """
-        logger.info(f"[ReqID: {request_id}] Processing non-streaming request for model '{model_name}'.")
-        final_response_data = None; start_time = time.time()
-        try:
-            # The blueprint's run method should be an async generator.
-            async_generator = blueprint_instance.run(messages)
-            async for chunk in async_generator:
-                # Check if the chunk contains the expected final message list.
-                if isinstance(chunk, dict) and "messages" in chunk and isinstance(chunk["messages"], list):
-                    final_response_data = chunk["messages"]
-                    logger.debug(f"[ReqID: {request_id}] Received final data chunk.")
-                    break # Stop after getting the final data
-                else:
-                    logger.warning(f"[ReqID: {request_id}] Unexpected chunk format during non-streaming run: {chunk}")
-
-            if not final_response_data or not isinstance(final_response_data, list) or not final_response_data:
-                 logger.error(f"[ReqID: {request_id}] Blueprint '{model_name}' did not return a valid final message list. Got: {final_response_data}")
-                 raise APIException("Blueprint did not return valid data.", code=status.HTTP_500_INTERNAL_SERVER_ERROR)
-
-            if not isinstance(final_response_data[0], dict) or 'role' not in final_response_data[0]:
-                 logger.error(f"[ReqID: {request_id}] Blueprint '{model_name}' returned invalid message structure. Got: {final_response_data[0]}")
-                 raise APIException("Blueprint returned invalid message structure.", code=status.HTTP_500_INTERNAL_SERVER_ERROR)
-
-            response_payload = { "id": f"chatcmpl-{request_id}", "object": "chat.completion", "created": int(time.time()), "model": model_name, "choices": [{"index": 0, "message": final_response_data[0], "logprobs": None, "finish_reason": "stop"}], "usage": {"prompt_tokens": 0, "completion_tokens": 0, "total_tokens": 0}, "system_fingerprint": None }
-            end_time = time.time(); logger.info(f"[ReqID: {request_id}] Non-streaming request completed in {end_time - start_time:.2f}s.")
-            return Response(response_payload, status=status.HTTP_200_OK)
-        except APIException: raise
-        except Exception as e: logger.error(f"[ReqID: {request_id}] Unexpected error during non-streaming blueprint execution: {e}", exc_info=True); raise APIException(f"Internal server error during generation: {e}", code=status.HTTP_500_INTERNAL_SERVER_ERROR) from e
-
-    async def _handle_streaming(self, blueprint_instance, messages: List[Dict[str, str]], request_id: str, model_name: str) -> StreamingHttpResponse:
-        """ Handles streaming requests using SSE. """
-        logger.info(f"[ReqID: {request_id}] Processing streaming request for model '{model_name}'.")
-        async def event_stream():
-            start_time = time.time(); chunk_index = 0
-            try:
-                logger.debug(f"[ReqID: {request_id}] Getting async generator from blueprint.run()..."); async_generator = blueprint_instance.run(messages); logger.debug(f"[ReqID: {request_id}] Got async generator. Starting iteration...")
-                async for chunk in async_generator:
-                    logger.debug(f"[ReqID: {request_id}] Received stream chunk {chunk_index}: {chunk}")
-                    if not isinstance(chunk, dict) or "messages" not in chunk or not isinstance(chunk["messages"], list) or not chunk["messages"] or not isinstance(chunk["messages"][0], dict): logger.warning(f"[ReqID: {request_id}] Skipping invalid chunk format: {chunk}"); continue
-                    delta_content = chunk["messages"][0].get("content"); delta = {"role": "assistant"}
-                    if delta_content is not None: delta["content"] = delta_content
-                    response_chunk = { "id": f"chatcmpl-{request_id}", "object": "chat.completion.chunk", "created": int(time.time()), "model": model_name, "choices": [{"index": 0, "delta": delta, "logprobs": None, "finish_reason": None}] }
-                    logger.debug(f"[ReqID: {request_id}] Sending SSE chunk {chunk_index}"); yield f"data: {json.dumps(response_chunk)}\n\n"; chunk_index += 1; await asyncio.sleep(0.01)
-                logger.debug(f"[ReqID: {request_id}] Finished iterating stream. Sending [DONE]."); yield "data: [DONE]\n\n"; end_time = time.time(); logger.info(f"[ReqID: {request_id}] Streaming request completed in {end_time - start_time:.2f}s.")
-            except APIException as e: logger.error(f"[ReqID: {request_id}] API error during streaming: {e}", exc_info=True); error_msg = f"API error: {e.detail}"; error_chunk = {"error": {"message": error_msg, "type": "api_error", "code": e.status_code}}; yield f"data: {json.dumps(error_chunk)}\n\n"; yield "data: [DONE]\n\n"
-            except Exception as e: logger.error(f"[ReqID: {request_id}] Unexpected error during streaming: {e}", exc_info=True); error_msg = f"Internal server error: {str(e)}"; error_chunk = {"error": {"message": error_msg, "type": "internal_error"}}; yield f"data: {json.dumps(error_chunk)}\n\n"; yield "data: [DONE]\n\n"
-        return StreamingHttpResponse(event_stream(), content_type="text/event-stream")
-
-    # --- Restore Custom dispatch method (wrapping perform_authentication) ---
-    @method_decorator(csrf_exempt)
-    async def dispatch(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponseBase:
-        """
-        Override DRF's dispatch method to specifically wrap the authentication step.
-        """
-        self.args = args
-        self.kwargs = kwargs
-        drf_request: Request = self.initialize_request(request, *args, **kwargs)
-        self.request = drf_request
-        self.headers = self.default_response_headers
-
-        response = None
+from rest_framework.decorators import api_view, authentication_classes, permission_classes
+from rest_framework.permissions import IsAuthenticated
+from swarm.auth import EnvOrTokenAuthentication
+from swarm.utils.logger_setup import setup_logger
+# Import utils but rename to avoid conflict if this module grows
+from swarm.views import utils as view_utils
+# from swarm.views.utils import parse_chat_request, serialize_swarm_response, get_blueprint_instance
+# from swarm.views.utils import load_conversation_history, store_conversation_history, run_conversation
+# from swarm.views.utils import config, llm_config  # Import from utils
+
+logger = setup_logger(__name__)
+
+# Revert to standard sync def
+@api_view(['POST'])
+@csrf_exempt
+@authentication_classes([EnvOrTokenAuthentication])
+@permission_classes([IsAuthenticated])
+def chat_completions(request): # Mark as sync again
+    """Handle chat completion requests via POST."""
+    if request.method != "POST":
+        return Response({"error": "Method not allowed. Use POST."}, status=405)
+    logger.info(f"Authenticated User: {request.user}")
+
+    # Use functions from view_utils
+    parse_result = view_utils.parse_chat_request(request)
+    if isinstance(parse_result, Response):
+        return parse_result
+
+    body, model, messages, context_vars, conversation_id, tool_call_id = parse_result
+    # Use llm_config loaded in utils
+    model_type = "llm" if model in view_utils.llm_config and view_utils.llm_config[model].get("passthrough") else "blueprint"
+    logger.info(f"Identified model type: {model_type} for model: {model}")
+
+    # --- Handle LLM Passthrough directly ---
+    if model_type == "llm":
+         logger.warning(f"LLM Passthrough requested for model '{model}'. This is not yet fully implemented in this view.")
+         # TODO: Implement direct call to Swarm core or LLM client for passthrough
+         return Response({"error": f"LLM passthrough for model '{model}' not implemented."}, status=501)
+
+    # --- Handle Blueprint ---
+    blueprint_instance = view_utils.get_blueprint_instance(model, context_vars)
+    if isinstance(blueprint_instance, Response): # Handle error response from get_blueprint_instance
+        return blueprint_instance
+    if blueprint_instance is None: # Handle case where get_blueprint_instance signaled non-blueprint
+         return Response({"error": f"Model '{model}' is not a loadable blueprint."}, status=404)
+
+
+    messages_extended = view_utils.load_conversation_history(conversation_id, messages, tool_call_id)
+
+    try:
+        # Use asyncio.run() to call the async run_conversation function
+        # This blocks the sync view until the async operation completes.
         try:
-            # --- Wrap ONLY perform_authentication ---
-            print_logger.debug(f"User before perform_authentication: {getattr(drf_request, 'user', 'N/A')}, Auth: {getattr(drf_request, 'auth', 'N/A')}")
-            # This forces the synchronous DB access within perform_authentication into a thread
-            await sync_to_async(self.perform_authentication)(drf_request)
-            print_logger.debug(f"User after perform_authentication: {getattr(drf_request, 'user', 'N/A')}, Auth: {getattr(drf_request, 'auth', 'N/A')}")
-            # --- End wrapping ---
-
-            # Run permission and throttle checks synchronously after auth.
-            # These checks operate on the now-populated request.user/auth attributes.
-            self.check_permissions(drf_request)
-            print_logger.debug("Permissions check passed.")
-            self.check_throttles(drf_request)
-            print_logger.debug("Throttles check passed.")
-
-            # Find and execute the handler (e.g., post).
-            if drf_request.method.lower() in self.http_method_names:
-                handler = getattr(self, drf_request.method.lower(), self.http_method_not_allowed)
+            response_obj, updated_context = asyncio.run(
+                view_utils.run_conversation(blueprint_instance, messages_extended, context_vars)
+            )
+        except RuntimeError as e:
+            if "cannot be called from a running event loop" in str(e):
+                 logger.error("Detected nested asyncio.run call. This can happen in certain test/server setups.")
+                 # If already in a loop (e.g., certain test runners or ASGI servers),
+                 # you might need a different way to run the async code, like ensure_future
+                 # or adapting the server setup. For now, return an error.
+                 return Response({"error": "Server configuration error: Nested event loop detected."}, status=500)
             else:
-                handler = self.http_method_not_allowed
-
-            # IMPORTANT: Await the handler if it's async (like self.post)
-            if asyncio.iscoroutinefunction(handler):
-                response = await handler(drf_request, *args, **kwargs)
-            else:
-                # Wrap sync handlers if any exist (like GET, OPTIONS).
-                response = await sync_to_async(handler)(drf_request, *args, **kwargs)
-
-        except Exception as exc:
-            # Let DRF handle exceptions to generate appropriate responses
-            response = self.handle_exception(exc)
-
-        # Finalize response should now receive a valid Response/StreamingHttpResponse
-        self.response = self.finalize_response(drf_request, response, *args, **kwargs)
-        return self.response
-
-    # --- POST Handler (Keep sync_to_async wrappers here too) ---
-    async def post(self, request: Request, *args: Any, **kwargs: Any) -> HttpResponseBase:
-        """
-        Handles POST requests for chat completions. Assumes dispatch has handled auth/perms.
-        """
-        request_id = str(uuid.uuid4())
-        logger.info(f"[ReqID: {request_id}] Processing POST request.")
-        print_logger.debug(f"[ReqID: {request_id}] User in post: {getattr(request, 'user', 'N/A')}, Auth: {getattr(request, 'auth', 'N/A')}")
-
-        # --- Request Body Parsing & Validation ---
-        try: request_data = request.data
-        except ParseError as e: logger.error(f"[ReqID: {request_id}] Invalid request body format: {e.detail}"); raise e
-        except json.JSONDecodeError as e: logger.error(f"[ReqID: {request_id}] JSON Decode Error: {e}"); raise ParseError(f"Invalid JSON body: {e}")
-
-        # --- Serialization and Validation ---
-        serializer = self.serializer_class(data=request_data)
-        try:
-            print_logger.debug(f"[ReqID: {request_id}] Validating request data: {request_data}")
-            # Wrap sync is_valid call as it *might* do DB lookups
-            await sync_to_async(serializer.is_valid)(raise_exception=True)
-            print_logger.debug(f"[ReqID: {request_id}] Request data validation successful.")
-        except ValidationError as e: print_logger.error(f"[ReqID: {request_id}] Request data validation FAILED: {e.detail}"); raise e
-        except Exception as e: print_logger.error(f"[ReqID: {request_id}] Unexpected error during serializer validation: {e}", exc_info=True); raise APIException(f"Internal error during request validation: {e}", code=status.HTTP_500_INTERNAL_SERVER_ERROR) from e
-
-        validated_data = serializer.validated_data
-        model_name = validated_data['model']
-        messages = validated_data['messages']
-        stream = validated_data.get('stream', False)
-        blueprint_params = validated_data.get('params', None)
-
-        # --- Model Access Validation ---
-        # This function likely performs sync DB lookups, so wrap it.
-        print_logger.debug(f"[ReqID: {request_id}] Checking model access for user '{request.user}' and model '{model_name}'")
-        try:
-            access_granted = await sync_to_async(validate_model_access)(request.user, model_name)
-        except Exception as e:
-            logger.error(f"[ReqID: {request_id}] Error during model access validation for model '{model_name}': {e}", exc_info=True)
-            raise APIException("Error checking model permissions.", code=status.HTTP_500_INTERNAL_SERVER_ERROR) from e
-
-        if not access_granted:
-             logger.warning(f"[ReqID: {request_id}] User '{request.user}' denied access to model '{model_name}'.")
-             raise PermissionDenied(f"You do not have permission to access the model '{model_name}'.")
-        print_logger.debug(f"[ReqID: {request_id}] Model access granted.")
-
-        # --- Get Blueprint Instance ---
-        # This function should ideally be async or sync-safe.
-        print_logger.debug(f"[ReqID: {request_id}] Getting blueprint instance for '{model_name}' with params: {blueprint_params}")
-        try:
-            blueprint_instance = await get_blueprint_instance(model_name, params=blueprint_params)
-        except Exception as e:
-             logger.error(f"[ReqID: {request_id}] Error getting blueprint instance for '{model_name}': {e}", exc_info=True)
-             raise APIException(f"Failed to load model '{model_name}': {e}", code=status.HTTP_500_INTERNAL_SERVER_ERROR) from e
-
-        if blueprint_instance is None:
-            logger.error(f"[ReqID: {request_id}] Blueprint '{model_name}' not found or failed to initialize (get_blueprint_instance returned None).")
-            raise NotFound(f"The requested model (blueprint) '{model_name}' was not found or could not be initialized.")
-
-        # --- Handle Streaming or Non-Streaming Response ---
-        if stream:
-            return await self._handle_streaming(blueprint_instance, messages, request_id, model_name)
-        else:
-            return await self._handle_non_streaming(blueprint_instance, messages, request_id, model_name)
+                 raise e # Reraise other RuntimeErrors
 
+        serialized = view_utils.serialize_swarm_response(response_obj, model, updated_context)
 
-# ==============================================================================
-# Simple Django Views (Example for Web UI - if ENABLE_WEBUI=True)
-# ==============================================================================
+        if conversation_id:
+            serialized["conversation_id"] = conversation_id
+            # Storing history can remain synchronous for now unless it becomes a bottleneck
+            view_utils.store_conversation_history(conversation_id, messages_extended, response_obj)
 
-@method_decorator(csrf_exempt, name='dispatch') # Apply csrf_exempt if needed
-@method_decorator(login_required, name='dispatch') # Require login
-class IndexView(View):
-    """ Renders the main chat interface page. """
-    def get(self, request):
-        """ Handles GET requests to render the index page. """
-        # Assuming get_available_blueprints is sync safe
-        available_blueprints = get_available_blueprints()
-        context = {
-            'available_blueprints': available_blueprints,
-            'user': request.user, # User should be available here
-        }
-        return render(request, 'index.html', context)
+        return Response(serialized, status=200)
+    except Exception as e:
+        logger.error(f"Error during execution: {e}", exc_info=True)
+        return Response({"error": f"Error during execution: {str(e)}"}, status=500)

swarm/views/core_views.py

@@ -11,101 +11,108 @@ from django.http import JsonResponse, HttpResponse
 from django.conf import settings
 from django.views.decorators.csrf import csrf_exempt
 from django.contrib.auth import authenticate, login
-from django.contrib.auth.forms import AuthenticationForm # Use standard auth form
-
 
 # Assuming blueprint discovery happens elsewhere and results are available if needed
 # from .utils import blueprints_metadata # Or however metadata is accessed
-
-# Use the current config loader
-from swarm.core import config_loader, server_config
+from swarm.extensions.config.config_loader import load_server_config # Import if needed
 
 logger = logging.getLogger(__name__)
 
-# --- Web UI Views (if ENABLE_WEBUI is True) ---
+# Placeholder for blueprint metadata if needed by index
+# In a real app, this might be loaded dynamically or passed via context
+try:
+    # Attempt to import the discovery function if views need dynamic data
+    from swarm.extensions.blueprint.blueprint_discovery import discover_blueprints
+    # Note: Calling discover_blueprints here might be too early or cause issues.
+    # It's often better handled in specific views that need it (like list_models)
+    # or passed via Django context processors.
+    # For now, provide an empty dict as fallback.
+    try:
+        # Use settings.BLUEPRINTS_DIR which should be configured
+        blueprints_metadata = discover_blueprints(directories=[str(settings.BLUEPRINTS_DIR)])
+    except Exception:
+        blueprints_metadata = {}
+except ImportError:
+    blueprints_metadata = {}
+
 
+@csrf_exempt
 def index(request):
-    """Render the main index page (likely the chat UI)."""
-    # This view might need context data like available models/blueprints
-    # It should only be active if ENABLE_WEBUI is true (checked in urls.py)
-    logger.debug(f"Index view called for user: {request.user}")
+    """Render the main index page with blueprint options."""
+    logger.debug("Rendering index page")
+    # Get blueprint names from the potentially loaded metadata
+    blueprint_names_list = list(blueprints_metadata.keys())
     context = {
-        'title': settings.SWARM_TITLE or "Open Swarm",
-        'description': settings.SWARM_DESCRIPTION or "A Swarm Framework Interface",
-        # Add other context needed by the template
+        "dark_mode": request.session.get('dark_mode', True),
+        "enable_admin": os.getenv("ENABLE_ADMIN", "false").lower() in ("true", "1", "t"),
+        "blueprints": blueprint_names_list # Pass the list of names
     }
-    # Ensure the template exists
-    template_name = "swarm/index.html"
-    # Check if template exists? Django handles TemplateDoesNotExist.
-    return render(request, template_name, context)
-
-def custom_login(request):
-    """Handles user login."""
-    if request.method == 'POST':
-        form = AuthenticationForm(request, data=request.POST)
-        if form.is_valid():
-            username = form.cleaned_data.get('username')
-            password = form.cleaned_data.get('password')
-            user = authenticate(username=username, password=password)
-            if user is not None:
-                login(request, user)
-                logger.info(f"User '{username}' logged in successfully.")
-                return redirect('/') # Redirect to index after login
-            else:
-                logger.warning(f"Login failed for user '{username}': Invalid credentials.")
-                # Return form with error (AuthenticationForm handles this)
-        else:
-            logger.warning(f"Login form invalid: {form.errors.as_json()}")
-    else:
-        form = AuthenticationForm()
-
-    # Only render if ENABLE_WEBUI is true (checked in urls.py)
-    return render(request, 'swarm/login.html', {'form': form})
+    return render(request, "index.html", context)
 
+DEFAULT_CONFIG = {
+    "llm": {
+        "default": {
+            "provider": "openai",
+            "model": "gpt-4o", # Example fallback model
+            "base_url": "https://api.openai.com/v1",
+            "api_key": "",
+            "temperature": 0.3
+        }
+    },
+     "blueprints": {},
+     "mcpServers": {}
+}
 
 def serve_swarm_config(request):
-    """Serves the swarm_config.json content."""
-    # Find the config file used by the blueprint base or config loader
-    # This logic might need refinement depending on where config is reliably found
-    config_path = None
+    """Serve the swarm configuration file as JSON."""
     try:
-         # Use the same logic as BlueprintBase if possible, or find_config_file
-         config_path = config_loader.find_config_file(filename=config_loader.DEFAULT_CONFIG_FILENAME, start_dir=Path(settings.BASE_DIR).parent) # Search from project root
-         if not config_path:
-              # Fallback to location relative to settings? Unlikely to be correct.
-              config_path = Path(settings.BASE_DIR) / '..' / config_loader.DEFAULT_CONFIG_FILENAME # Adjust relative path if needed
-              config_path = config_path.resolve()
+        # Use load_server_config which handles finding the file
+        config_data = load_server_config()
+        return JsonResponse(config_data)
+    except (FileNotFoundError, ValueError, Exception) as e:
+        logger.error(f"Error serving swarm_config.json: {e}. Serving default.")
+        # Return a default config on error
+        return JsonResponse(DEFAULT_CONFIG, status=500)
+
 
-         if config_path and config_path.exists():
-              logger.info(f"Serving config from: {config_path}")
-              # Load config to potentially redact sensitive info before serving
-              config_data = config_loader.load_config(config_path)
-              # Redact sensitive keys (e.g., api_key)
-              if 'llm' in config_data:
-                   for profile in config_data['llm']: config_data['llm'][profile].pop('api_key', None)
-              return JsonResponse(config_data)
-         else:
-              logger.error(f"Swarm config file not found at expected locations (tried: {config_path})")
-              return JsonResponse({"error": "Configuration file not found."}, status=404)
+@csrf_exempt
+def custom_login(request):
+    """Handle custom login at /accounts/login/, redirecting to 'next' URL on success."""
+    from django.contrib.auth.models import User # Import here to avoid potential early init issues
+    if request.method == "POST":
+        username = request.POST.get("username")
+        password = request.POST.get("password")
+        user = authenticate(request, username=username, password=password)
+        if user is not None:
+            login(request, user)
+            next_url = request.GET.get("next", getattr(settings, 'LOGIN_REDIRECT_URL', '/')) # Use setting or fallback
+            logger.info(f"User '{username}' logged in successfully. Redirecting to {next_url}")
+            return redirect(next_url)
+        else:
+            # If ENABLE_API_AUTH is false, auto-login as testuser (for dev/test convenience)
+            enable_auth = os.getenv("ENABLE_API_AUTH", "true").lower() in ("true", "1", "t") # Default to TRUE
+            if not enable_auth:
+                try:
+                    # Ensure test user exists and has a known password
+                    user, created = User.objects.get_or_create(username="testuser")
+                    if created or not user.has_usable_password():
+                         user.set_password("testpass") # Set a default password
+                         user.save()
 
-    except Exception as e:
-        logger.error(f"Error serving swarm config: {e}", exc_info=True)
-        return JsonResponse({"error": "Failed to load or serve configuration."}, status=500)
+                    if user.check_password("testpass"): # Check against the known password
+                        login(request, user)
+                        next_url = request.GET.get("next", getattr(settings, 'LOGIN_REDIRECT_URL', '/'))
+                        logger.info(f"Auto-logged in as 'testuser' since ENABLE_API_AUTH is false")
+                        return redirect(next_url)
+                    else:
+                         logger.warning("Auto-login failed: 'testuser' exists but password incorrect.")
 
-# --- Potentially other core API views if needed ---
-# Example: A view to list available blueprints (might duplicate CLI list command logic)
+                except Exception as auto_login_err:
+                    logger.error(f"Error during testuser auto-login attempt: {auto_login_err}")
+            # If authentication failed (and auto-login didn't happen or failed)
+            logger.warning(f"Login failed for user '{username}'.")
+            return render(request, "account/login.html", {"error": "Invalid credentials"})
+    # If GET request
+    return render(request, "account/login.html")
 
-@csrf_exempt # If POST is needed and no CSRF token available from UI
-def list_available_blueprints_api(request):
-     """API endpoint to list discoverable blueprints."""
-     # Re-use discovery logic if possible, or adapt from CLI
-     from swarm.extensions.blueprint.discovery import discover_blueprints # Assuming this exists
-     try:
-        bp_dir = Path(settings.BLUEPRINTS_DIR) # Assuming settings has BLUEPRINTS_DIR
-        discovered = discover_blueprints(directories=[str(bp_dir)])
-        # Format the response
-        blueprint_list = [{"name": name, "description": meta.get("description", "N/A")} for name, meta in discovered.items()]
-        return JsonResponse({"blueprints": blueprint_list})
-     except Exception as e:
-          logger.error(f"Error listing blueprints via API: {e}", exc_info=True)
-          return JsonResponse({"error": "Failed to list blueprints."}, status=500)
+# Add any other views that were originally in the main views.py if needed