remdb 0.3.114__py3-none-any.whl → 0.3.172__py3-none-any.whl

rem/settings.py

@@ -21,8 +21,8 @@ Example .env file:
     LLM__OPENAI_API_KEY=sk-...
     LLM__ANTHROPIC_API_KEY=sk-ant-...
 
-    # Database (port 5050 for Docker Compose)
-    POSTGRES__CONNECTION_STRING=postgresql://rem:rem@localhost:5050/rem
+    # Database (port 5051 for Docker Compose prebuilt, 5050 for local dev)
+    POSTGRES__CONNECTION_STRING=postgresql://rem:rem@localhost:5051/rem
     POSTGRES__POOL_MIN_SIZE=5
     POSTGRES__POOL_MAX_SIZE=20
     POSTGRES__STATEMENT_TIMEOUT=30000
@@ -33,14 +33,15 @@ Example .env file:
     AUTH__OIDC_CLIENT_ID=your-client-id
     AUTH__SESSION_SECRET=your-secret-key
 
-    # OpenTelemetry (disabled by default)
+    # OpenTelemetry (disabled by default - enable via env var when collector available)
+    # Standard OTLP collector ports: 4317 (gRPC), 4318 (HTTP)
     OTEL__ENABLED=false
     OTEL__SERVICE_NAME=rem-api
-    OTEL__COLLECTOR_ENDPOINT=http://localhost:4318
-    OTEL__PROTOCOL=http
+    OTEL__COLLECTOR_ENDPOINT=http://localhost:4317
+    OTEL__PROTOCOL=grpc
 
-    # Arize Phoenix (disabled by default)
-    PHOENIX__ENABLED=false
+    # Arize Phoenix (enabled by default - can be disabled via env var)
+    PHOENIX__ENABLED=true
     PHOENIX__COLLECTOR_ENDPOINT=http://localhost:6006/v1/traces
     PHOENIX__PROJECT_NAME=rem
 
@@ -76,6 +77,7 @@ class LLMSettings(BaseSettings):
         LLM__ANTHROPIC_API_KEY or ANTHROPIC_API_KEY - Anthropic API key
         LLM__EMBEDDING_PROVIDER or EMBEDDING_PROVIDER - Default embedding provider (openai)
         LLM__EMBEDDING_MODEL or EMBEDDING_MODEL - Default embedding model name
+        LLM__DEFAULT_STRUCTURED_OUTPUT - Default structured output mode (False = streaming text)
     """
 
     model_config = SettingsConfigDict(
@@ -137,6 +139,11 @@ class LLMSettings(BaseSettings):
         description="Default embedding model (provider-specific model name)",
     )
 
+    default_structured_output: bool = Field(
+        default=False,
+        description="Default structured output mode for agents. False = streaming text (easier), True = JSON schema validation",
+    )
+
     @field_validator("openai_api_key", mode="before")
     @classmethod
     def validate_openai_api_key(cls, v):
@@ -241,6 +248,11 @@ class OTELSettings(BaseSettings):
         description="Export timeout in milliseconds",
     )
 
+    insecure: bool = Field(
+        default=True,
+        description="Use insecure (non-TLS) gRPC connection (default: True for local dev)",
+    )
+
 
 class PhoenixSettings(BaseSettings):
     """
@@ -267,8 +279,8 @@ class PhoenixSettings(BaseSettings):
     )
 
     enabled: bool = Field(
-        default=False,
-        description="Enable Phoenix integration (disabled by default for local dev)",
+        default=True,
+        description="Enable Phoenix integration (enabled by default)",
     )
 
     base_url: str = Field(
@@ -458,10 +470,11 @@ class PostgresSettings(BaseSettings):
     )
 
     connection_string: str = Field(
-        default="postgresql://rem:rem@localhost:5050/rem",
-        description="PostgreSQL connection string (default uses Docker Compose port 5050)",
+        default="postgresql://rem:rem@localhost:5051/rem",
+        description="PostgreSQL connection string (default uses Docker Compose prebuilt port 5051)",
     )
 
+
     pool_size: int = Field(
         default=10,
         description="Connection pool size (deprecated, use pool_min_size/pool_max_size)",
@@ -686,6 +699,91 @@ class S3Settings(BaseSettings):
     )
 
 
+class DataLakeSettings(BaseSettings):
+    """
+    Data lake settings for experiment and dataset storage.
+
+    Data Lake Convention:
+        The data lake provides a standardized structure for storing datasets,
+        experiments, and calibration data in S3. Users bring their own bucket
+        and the version is pinned by default to v0 in the path.
+
+    S3 Path Structure:
+        s3://{bucket}/{version}/datasets/
+        ├── raw/                        # Raw source data + transformers
+        │   └── {dataset_name}/         # e.g., cns_drugs, codes, care
+        ├── tables/                     # Database table data (JSONL)
+        │   ├── resources/              # → resources table
+        │   │   ├── drugs/{category}/   # Psychotropic drugs
+        │   │   ├── care/stages/        # Treatment stages
+        │   │   └── crisis/             # Crisis resources
+        │   └── codes/                  # → codes table
+        │       ├── icd10/{category}/   # ICD-10 codes
+        │       └── cpt/                # CPT codes
+        └── calibration/                # Agent calibration
+            ├── experiments/            # Experiment configs + results
+            │   └── {agent}/{task}/     # e.g., siggy/risk-assessment
+            └── datasets/               # Shared evaluation datasets
+
+    Experiment Storage:
+        - Local: experiments/{agent}/{task}/experiment.yaml
+        - S3: s3://{bucket}/{version}/datasets/calibration/experiments/{agent}/{task}/
+
+    Environment variables:
+        DATA_LAKE__BUCKET_NAME - S3 bucket for data lake (required)
+        DATA_LAKE__VERSION - Path version prefix (default: v0)
+        DATA_LAKE__DATASETS_PREFIX - Datasets directory (default: datasets)
+        DATA_LAKE__EXPERIMENTS_PREFIX - Experiments subdirectory (default: experiments)
+    """
+
+    model_config = SettingsConfigDict(
+        env_prefix="DATA_LAKE__",
+        env_file=".env",
+        env_file_encoding="utf-8",
+        extra="ignore",
+    )
+
+    bucket_name: str | None = Field(
+        default=None,
+        description="S3 bucket for data lake storage (user-provided)",
+    )
+
+    version: str = Field(
+        default="v0",
+        description="API version for data lake paths",
+    )
+
+    datasets_prefix: str = Field(
+        default="datasets",
+        description="Root directory for datasets in the bucket",
+    )
+
+    experiments_prefix: str = Field(
+        default="experiments",
+        description="Subdirectory within calibration for experiments",
+    )
+
+    def get_base_uri(self) -> str | None:
+        """Get the base S3 URI for the data lake."""
+        if not self.bucket_name:
+            return None
+        return f"s3://{self.bucket_name}/{self.version}/{self.datasets_prefix}"
+
+    def get_experiment_uri(self, agent: str, task: str = "general") -> str | None:
+        """Get the S3 URI for an experiment."""
+        base = self.get_base_uri()
+        if not base:
+            return None
+        return f"{base}/calibration/{self.experiments_prefix}/{agent}/{task}"
+
+    def get_tables_uri(self, table: str = "resources") -> str | None:
+        """Get the S3 URI for a table directory."""
+        base = self.get_base_uri()
+        if not base:
+            return None
+        return f"{base}/tables/{table}"
+
+
 class ChunkingSettings(BaseSettings):
     """
     Document chunking settings for semantic text splitting.
@@ -936,7 +1034,7 @@ class ChatSettings(BaseSettings):
     - Prevents context window bloat while maintaining conversation continuity
 
     User Context (on-demand by default):
-    - Agent system prompt includes: "User ID: {user_id}. To load user profile: Use REM LOOKUP users/{user_id}"
+    - Agent system prompt includes: "User: {email}. To load user profile: Use REM LOOKUP \"{email}\""
     - Agent decides whether to load profile based on query
     - More efficient for queries that don't need personalization
 
@@ -969,6 +1067,8 @@ class APISettings(BaseSettings):
         API__RELOAD - Enable auto-reload for development
         API__WORKERS - Number of worker processes (production)
         API__LOG_LEVEL - Logging level (debug, info, warning, error)
+        API__API_KEY_ENABLED - Enable X-API-Key header authentication
+        API__API_KEY - API key for X-API-Key authentication
     """
 
     model_config = SettingsConfigDict(
@@ -1003,6 +1103,31 @@ class APISettings(BaseSettings):
         description="Logging level (debug, info, warning, error, critical)",
     )
 
+    api_key_enabled: bool = Field(
+        default=False,
+        description=(
+            "Enable X-API-Key header authentication for API endpoints. "
+            "When enabled, requests must include X-API-Key header with valid key. "
+            "This provides simple API key auth independent of OAuth."
+        ),
+    )
+
+    api_key: str | None = Field(
+        default=None,
+        description=(
+            "API key for X-API-Key authentication. Required when api_key_enabled=true. "
+            "Generate with: python -c \"import secrets; print(secrets.token_urlsafe(32))\""
+        ),
+    )
+
+    rate_limit_enabled: bool = Field(
+        default=True,
+        description=(
+            "Enable rate limiting for API endpoints. "
+            "Set to false to disable rate limiting entirely (useful for development)."
+        ),
+    )
+
 
 class ModelsSettings(BaseSettings):
     """
@@ -1051,10 +1176,26 @@ class ModelsSettings(BaseSettings):
 
     @property
     def module_list(self) -> list[str]:
-        """Get modules as a list, filtering empty strings."""
-        if not self.import_modules:
-            return []
-        return [m.strip() for m in self.import_modules.split(";") if m.strip()]
+        """
+        Get modules as a list, filtering empty strings.
+
+        Auto-detects ./models folder if it exists and is importable.
+        """
+        modules = []
+        if self.import_modules:
+            modules = [m.strip() for m in self.import_modules.split(";") if m.strip()]
+
+        # Auto-detect ./models if it exists and is a Python package (convention over configuration)
+        from pathlib import Path
+
+        models_path = Path("./models")
+        if models_path.exists() and models_path.is_dir():
+            # Check if it's a Python package (has __init__.py)
+            if (models_path / "__init__.py").exists():
+                if "models" not in modules:
+                    modules.insert(0, "models")
+
+        return modules
 
 
 class SchemaSettings(BaseSettings):
@@ -1240,6 +1381,276 @@ class GitSettings(BaseSettings):
     )
 
 
+class DBListenerSettings(BaseSettings):
+    """
+    PostgreSQL LISTEN/NOTIFY database listener settings.
+
+    The DB Listener is a lightweight worker that subscribes to PostgreSQL
+    NOTIFY events and dispatches them to external systems (SQS, REST, custom).
+
+    Architecture:
+        - Single-replica deployment (to avoid duplicate processing)
+        - Dedicated connection for LISTEN (not from connection pool)
+        - Automatic reconnection with exponential backoff
+        - Graceful shutdown on SIGTERM
+
+    Use Cases:
+        - Sync data changes to external systems (Phoenix, webhooks)
+        - Trigger async jobs without polling
+        - Event-driven architectures with PostgreSQL as event source
+
+    Example PostgreSQL trigger:
+        CREATE OR REPLACE FUNCTION notify_feedback_insert()
+        RETURNS TRIGGER AS $$
+        BEGIN
+            PERFORM pg_notify('feedback_sync', json_build_object(
+                'id', NEW.id,
+                'table', 'feedbacks',
+                'action', 'insert'
+            )::text);
+            RETURN NEW;
+        END;
+        $$ LANGUAGE plpgsql;
+
+    Environment variables:
+        DB_LISTENER__ENABLED - Enable the listener worker (default: false)
+        DB_LISTENER__CHANNELS - Comma-separated PostgreSQL channels to listen on
+        DB_LISTENER__HANDLER_TYPE - Handler type: 'sqs', 'rest', or 'custom'
+        DB_LISTENER__SQS_QUEUE_URL - SQS queue URL (for handler_type=sqs)
+        DB_LISTENER__REST_ENDPOINT - REST endpoint URL (for handler_type=rest)
+        DB_LISTENER__RECONNECT_DELAY - Initial reconnect delay in seconds
+        DB_LISTENER__MAX_RECONNECT_DELAY - Maximum reconnect delay in seconds
+
+    References:
+        - PostgreSQL NOTIFY: https://www.postgresql.org/docs/current/sql-notify.html
+        - Brandur's Notifier: https://brandur.org/notifier
+    """
+
+    model_config = SettingsConfigDict(
+        env_prefix="DB_LISTENER__",
+        env_file=".env",
+        env_file_encoding="utf-8",
+        extra="ignore",
+    )
+
+    enabled: bool = Field(
+        default=False,
+        description="Enable the DB Listener worker (disabled by default)",
+    )
+
+    channels: str = Field(
+        default="",
+        description=(
+            "Comma-separated list of PostgreSQL channels to LISTEN on. "
+            "Example: 'feedback_sync,entity_update,user_events'"
+        ),
+    )
+
+    handler_type: str = Field(
+        default="rest",
+        description=(
+            "Handler type for dispatching notifications. Options: "
+            "'sqs' (publish to SQS), 'rest' (POST to endpoint), 'custom' (Python handlers)"
+        ),
+    )
+
+    sqs_queue_url: str = Field(
+        default="",
+        description="SQS queue URL for handler_type='sqs'",
+    )
+
+    rest_endpoint: str = Field(
+        default="http://localhost:8000/api/v1/internal/events",
+        description=(
+            "REST endpoint URL for handler_type='rest'. "
+            "Receives POST with {channel, payload, source} JSON body."
+        ),
+    )
+
+    reconnect_delay: float = Field(
+        default=1.0,
+        description="Initial delay (seconds) between reconnection attempts",
+    )
+
+    max_reconnect_delay: float = Field(
+        default=60.0,
+        description="Maximum delay (seconds) between reconnection attempts (exponential backoff cap)",
+    )
+
+    @property
+    def channel_list(self) -> list[str]:
+        """Get channels as a list, filtering empty strings."""
+        if not self.channels:
+            return []
+        return [c.strip() for c in self.channels.split(",") if c.strip()]
+
+
+class EmailSettings(BaseSettings):
+    """
+    Email service settings for SMTP.
+
+    Supports passwordless login via email codes and transactional emails.
+    Uses Gmail SMTP with App Passwords by default.
+
+    Generate app password at: https://myaccount.google.com/apppasswords
+
+    Environment variables:
+        EMAIL__ENABLED - Enable email service (default: false)
+        EMAIL__SMTP_HOST - SMTP server host (default: smtp.gmail.com)
+        EMAIL__SMTP_PORT - SMTP server port (default: 587 for TLS)
+        EMAIL__SENDER_EMAIL - Sender email address
+        EMAIL__SENDER_NAME - Sender display name
+        EMAIL__APP_PASSWORD - Gmail app password (from secrets)
+        EMAIL__USE_TLS - Use TLS encryption (default: true)
+        EMAIL__LOGIN_CODE_EXPIRY_MINUTES - Login code expiry (default: 10)
+
+    Branding environment variables (for email templates):
+        EMAIL__APP_NAME - Application name in emails (default: REM)
+        EMAIL__LOGO_URL - Logo URL for email templates (40x40 recommended)
+        EMAIL__TAGLINE - Tagline shown in email footer
+        EMAIL__WEBSITE_URL - Main website URL for email links
+        EMAIL__PRIVACY_URL - Privacy policy URL for email footer
+        EMAIL__TERMS_URL - Terms of service URL for email footer
+    """
+
+    model_config = SettingsConfigDict(
+        env_prefix="EMAIL__",
+        env_file=".env",
+        env_file_encoding="utf-8",
+        extra="ignore",
+    )
+
+    enabled: bool = Field(
+        default=False,
+        description="Enable email service (requires app_password to be set)",
+    )
+
+    smtp_host: str = Field(
+        default="smtp.gmail.com",
+        description="SMTP server host",
+    )
+
+    smtp_port: int = Field(
+        default=587,
+        description="SMTP server port (587 for TLS, 465 for SSL)",
+    )
+
+    sender_email: str = Field(
+        default="",
+        description="Sender email address",
+    )
+
+    sender_name: str = Field(
+        default="REM",
+        description="Sender display name",
+    )
+
+    # Branding settings for email templates
+    app_name: str = Field(
+        default="REM",
+        description="Application name shown in email templates",
+    )
+
+    logo_url: str | None = Field(
+        default=None,
+        description="Logo URL for email templates (40x40 recommended)",
+    )
+
+    tagline: str = Field(
+        default="Your AI-powered platform",
+        description="Tagline shown in email footer",
+    )
+
+    website_url: str = Field(
+        default="https://rem.ai",
+        description="Main website URL for email links",
+    )
+
+    privacy_url: str = Field(
+        default="https://rem.ai/privacy",
+        description="Privacy policy URL for email footer",
+    )
+
+    terms_url: str = Field(
+        default="https://rem.ai/terms",
+        description="Terms of service URL for email footer",
+    )
+
+    app_password: str | None = Field(
+        default=None,
+        description="Gmail app password for SMTP authentication",
+    )
+
+    use_tls: bool = Field(
+        default=True,
+        description="Use TLS encryption for SMTP",
+    )
+
+    login_code_expiry_minutes: int = Field(
+        default=10,
+        description="Login code expiry in minutes",
+    )
+
+    trusted_email_domains: str = Field(
+        default="",
+        description=(
+            "Comma-separated list of trusted email domains for new user registration. "
+            "Existing users can always login regardless of domain. "
+            "New users must have an email from a trusted domain. "
+            "Empty string means all domains are allowed. "
+            "Example: 'siggymd.ai,example.com'"
+        ),
+    )
+
+    @property
+    def trusted_domain_list(self) -> list[str]:
+        """Get trusted domains as a list, filtering empty strings."""
+        if not self.trusted_email_domains:
+            return []
+        return [d.strip().lower() for d in self.trusted_email_domains.split(",") if d.strip()]
+
+    def is_domain_trusted(self, email: str) -> bool:
+        """Check if an email's domain is in the trusted list.
+
+        Args:
+            email: Email address to check
+
+        Returns:
+            True if domain is trusted (or if no trusted domains configured)
+        """
+        domains = self.trusted_domain_list
+        if not domains:
+            # No restrictions configured
+            return True
+
+        email_domain = email.lower().split("@")[-1].strip()
+        return email_domain in domains
+
+    @property
+    def is_configured(self) -> bool:
+        """Check if email service is properly configured."""
+        return bool(self.sender_email and self.app_password)
+
+    @property
+    def template_kwargs(self) -> dict:
+        """
+        Get branding kwargs for email templates.
+
+        Returns a dict that can be passed to template functions:
+            login_code_template(..., **settings.email.template_kwargs)
+        """
+        kwargs = {
+            "app_name": self.app_name,
+            "tagline": self.tagline,
+            "website_url": self.website_url,
+            "privacy_url": self.privacy_url,
+            "terms_url": self.terms_url,
+        }
+        if self.logo_url:
+            kwargs["logo_url"] = self.logo_url
+        return kwargs
+
+
 class TestSettings(BaseSettings):
     """
     Test environment settings.
@@ -1334,11 +1745,6 @@ class Settings(BaseSettings):
         description="Root path for reverse proxy (e.g., /rem for ALB routing)",
     )
 
-    sql_dir: str = Field(
-        default="src/rem/sql",
-        description="Directory for SQL files and migrations",
-    )
-
     # Nested settings groups
     api: APISettings = Field(default_factory=APISettings)
     chat: ChatSettings = Field(default_factory=ChatSettings)
@@ -1352,18 +1758,31 @@ class Settings(BaseSettings):
     migration: MigrationSettings = Field(default_factory=MigrationSettings)
     storage: StorageSettings = Field(default_factory=StorageSettings)
     s3: S3Settings = Field(default_factory=S3Settings)
+    data_lake: DataLakeSettings = Field(default_factory=DataLakeSettings)
     git: GitSettings = Field(default_factory=GitSettings)
     sqs: SQSSettings = Field(default_factory=SQSSettings)
+    db_listener: DBListenerSettings = Field(default_factory=DBListenerSettings)
     chunking: ChunkingSettings = Field(default_factory=ChunkingSettings)
     content: ContentSettings = Field(default_factory=ContentSettings)
     schema_search: SchemaSettings = Field(default_factory=SchemaSettings)
+    email: EmailSettings = Field(default_factory=EmailSettings)
     test: TestSettings = Field(default_factory=TestSettings)
 
 
+# Auto-load .env file from current directory if it exists
+# This happens BEFORE config file loading, so .env takes precedence
+from pathlib import Path
+from dotenv import load_dotenv
+
+_dotenv_path = Path(".env")
+if _dotenv_path.exists():
+    load_dotenv(_dotenv_path, override=False)  # Don't override existing env vars
+    logger.debug(f"Loaded environment from {_dotenv_path.resolve()}")
+
 # Load configuration from ~/.rem/config.yaml before initializing settings
 # This allows user configuration to be merged with environment variables
-# Set REM_SKIP_CONFIG_FILE=true to disable (useful for development with .env)
-if not os.getenv("REM_SKIP_CONFIG_FILE", "").lower() in ("true", "1", "yes"):
+# Set REM_SKIP_CONFIG=1 to disable (useful for development with .env)
+if not os.getenv("REM_SKIP_CONFIG", "").lower() in ("true", "1", "yes"):
     try:
         from rem.config import load_config, merge_config_to_env