* 🗃️ perf: Cache Group Memberships for ACL Principal Resolution
Continues #14069: caches resolved group-membership ids per member key in a
new USER_PRINCIPALS namespace so repeated permission checks skip the group
query, with exact invalidation on every membership mutation, same-process
build dedup, and optional Redis cross-container build locks.
Co-authored-by: Peter Rothlaender <peter.rothlaender@ginkgo.com>
Co-authored-by: Joachim Keltsch <joachim.keltsch@daimlertruck.com>
* 🧵 fix: Defer Transactional Invalidation and Gate No-Op Bulk Clears
Codex round-2 findings on the principals cache: membership writes inside a
transaction now defer cache invalidation until the session ends so concurrent
readers cannot re-cache pre-commit state with no later correction, and
bulkUpdateGroups skips invalidation entirely when MongoDB reports no modified
or upserted documents. userGroup.spec.ts now runs on a single-node replica set
so the deferral is covered by a real transaction.
* 🌐 fix: Evict Cross-Process Stale Rewrites and Scope Entra Sync to Tenant
Codex round-3 findings: a delayed second invalidation pass (lock wait plus a
short grace) now evicts membership entries that a build in another container
re-cached after the first delete, and syncUserEntraGroupMemberships establishes
the user's tenant ALS context when the OAuth callback runs it pre-middleware,
so tenant-scoped principal keys are invalidated (and sync queries and created
groups are scoped) exactly like authenticated reads. Deferred transactional
invalidations snapshot the caller's ALS so they keep tenant scoping.
---------
Co-authored-by: Peter Rothlaender <peter.rothlaender@ginkgo.com>
Co-authored-by: Joachim Keltsch <joachim.keltsch@daimlertruck.com>
* fix: Add removePorts keyGenerator to all IP-based rate limiters
Six IP-based rate limiters are missing the `keyGenerator: removePorts`
option that is already used by the auth-related limiters (login,
register, resetPassword, verifyEmail). Without it, reverse proxies that
include ports in X-Forwarded-For headers cause
ERR_ERL_INVALID_IP_ADDRESS errors from express-rate-limit.
Fixes#12318
* fix: make removePorts IPv6-safe to prevent rate-limit key collisions
The original regex `/:\d+[^:]*$/` treated the last colon-delimited
segment of bare IPv6 addresses as a port, mangling valid IPs
(e.g. `::1` → `::`, `2001:db8::1` → `2001:db8::`). Distinct IPv6
clients could collapse into the same rate-limit bucket.
Use `net.isIP()` as a fast path for already-valid IPs, then match
bracketed IPv6+port and IPv4+port explicitly. Bare IPv6 addresses
are now returned unchanged.
Also fixes pre-existing property ordering inconsistency in
ttsLimiters.js userLimiterOptions (keyGenerator before store).
* refactor: move removePorts to packages/api as TypeScript, fix import order
- Move removePorts implementation to packages/api/src/utils/removePorts.ts
with proper Express Request typing
- Reduce api/server/utils/removePorts.js to a thin re-export from
@librechat/api for backward compatibility
- Consolidate removePorts import with limiterCache from @librechat/api
in all 6 limiter files, fixing import order (package imports shortest
to longest, local imports longest to shortest)
- Remove narrating inline comments per code style guidelines
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* 🔌 fix: Resolve MCP OAuth flow state race condition
The OAuth callback arrives before the flow state is stored because
`createFlow()` returns a long-running Promise that only resolves on
flow COMPLETION, not when the initial PENDING state is persisted.
Calling it fire-and-forget with `.catch(() => {})` meant the redirect
happened before the state existed, causing "Flow state not found"
errors.
Changes:
- Add `initFlow()` to FlowStateManager that stores PENDING state and
returns immediately, decoupling state persistence from monitoring
- Await `initFlow()` before emitting the OAuth redirect so the
callback always finds existing state
- Keep `createFlow()` in the background for monitoring, but log
warnings instead of silently swallowing errors
- Increase FLOWS cache TTL from 3 minutes to 10 minutes to give
users more time to complete OAuth consent screens
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* 🔌 refactor: Revert FLOWS cache TTL change
The race condition fix (initFlow) is sufficient on its own.
TTL configurability should be a separate enhancement via
librechat.yaml mcpSettings rather than a hardcoded increase.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* 🔌 fix: Address PR review — restore FLOWS TTL, fix blocking-path race, clean up dead args
- Restore FLOWS cache TTL to 10 minutes (was silently dropped back to 3)
- Add initFlow before oauthStart in blocking handleOAuthRequired path
to guarantee state persistence before any redirect
- Pass {} to createFlow metadata arg (dead after initFlow writes state)
- Downgrade background monitor .catch from logger.warn to logger.debug
- Replace process.nextTick with Promise.resolve in test (correct semantics)
- Add initFlow TTL assertion test
- Add blocking-path ordering test (initFlow → oauthStart → createFlow)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix(openid): distinguish ID tokens from access tokens in federated auth
Fix OpenID Connect token handling to properly distinguish ID tokens from access tokens. ID tokens and access tokens are now stored and propagated separately, preventing token placeholders from resolving to identical values.
- AuthService.js: Added idToken field to session storage
- openIdJwtStrategy.js: Updated to read idToken from session
- openidStrategy.js: Explicitly included id_token in federatedTokens
- Test suites: Added comprehensive test coverage for token distinction
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(openid): add separate openid_id_token cookie for ID token storage
Store the OIDC ID token in its own cookie rather than relying solely on
the access token, ensuring correct token type is used for identity
verification vs API authorization.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* test(openid): add JWT strategy cookie fallback tests
Cover the token source resolution logic in openIdJwtStrategy:
session-only, cookie-only, partial session fallback, raw Bearer
fallback, and distinct id_token/access_token from cookies.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* 🔧 refactor: Introduce TOOL_CACHE for isolated caching of tools
- Added TOOL_CACHE key to CacheKeys enum for managing tool-related cache.
- Updated various services and controllers to utilize TOOL_CACHE instead of CONFIG_STORE for better separation of concerns in caching logic.
- Enhanced .env.example with comments on using in-memory cache for blue/green deployments.
* 🔧 refactor: Update cache configuration for in-memory storage handling
- Enhanced the handling of `FORCED_IN_MEMORY_CACHE_NAMESPACES` in `cacheConfig.ts` to default to `CONFIG_STORE` and `APP_CONFIG`, ensuring safer blue/green deployments.
- Updated `.env.example` with clearer comments regarding the usage of in-memory cache namespaces.
- Improved unit tests to validate the new default behavior and handling of empty strings for cache namespaces.
* feat: implement admin authentication with OpenID & Local Auth proxy support
* feat: implement admin OAuth exchange flow with caching support
- Added caching for admin OAuth exchange codes with a short TTL.
- Introduced new endpoints for generating and exchanging admin OAuth codes.
- Updated relevant controllers and routes to handle admin panel redirects and token exchanges.
- Enhanced logging for better traceability of OAuth operations.
* refactor: enhance OpenID strategy mock to support multiple verify callbacks
- Updated the OpenID strategy mock to store and retrieve verify callbacks by strategy name.
- Improved backward compatibility by maintaining a method to get the last registered callback.
- Adjusted tests to utilize the new callback retrieval methods, ensuring clarity in the verification process for the 'openid' strategy.
* refactor: reorder import statements for better organization
* refactor: admin OAuth flow with improved URL handling and validation
- Added a utility function to retrieve the admin panel URL, defaulting to a local development URL if not set in the environment.
- Updated the OAuth exchange endpoint to include validation for the authorization code format.
- Refactored the admin panel redirect logic to handle URL parsing more robustly, ensuring accurate origin comparisons.
- Removed redundant local URL definitions from the codebase for better maintainability.
* refactor: remove deprecated requireAdmin middleware and migrate to TypeScript
- Deleted the old requireAdmin middleware file and its references in the middleware index.
- Introduced a new TypeScript version of the requireAdmin middleware with enhanced error handling and logging.
- Updated routes to utilize the new requireAdmin middleware, ensuring consistent access control for admin routes.
* feat: add requireAdmin middleware for admin role verification
- Introduced requireAdmin middleware to enforce admin role checks for authenticated users.
- Implemented comprehensive error handling and logging for unauthorized access attempts.
- Added unit tests to validate middleware functionality and ensure proper behavior for different user roles.
- Updated middleware index to include the new requireAdmin export.
* refactor: OpenID token handling by storing tokens in session to reduce cookie size
* refactor: Improve OpenID user identification logic in logout controller
* refactor: Enhance OpenID logout flow by adding post-logout redirect URI
* refactor: Update logout process to clear additional OpenID user ID cookie
* Refactor: Moved Redis cache infra logic into `packages/api`
- Moved cacheFactory and redisClients from `api/cache` into `packages/api/src/cache` so that features in `packages/api` can use cache without importing backward from the backend.
- Converted all moved files into TS with proper typing.
- Created integration tests to run against actual Redis servers for redisClients and cacheFactory.
- Added a GitHub workflow to run integration tests for the cache feature.
- Bug fix: keyvRedisClient now implements the PING feature properly.
* chore: consolidate imports in getLogStores.js
* chore: reorder imports
* chore: re-add fs-extra as dev dep.
* chore: reorder imports in cacheConfig.ts, cacheFactory.ts, and keyvMongo.ts
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* 🧹 chore: Update logger imports to use @librechat/data-schemas across multiple files and remove unused sleep function from queue.js (#9930)
* chore: Replace local isEnabled utility with @librechat/api import across multiple files, update test files
* chore: Replace local logger import with @librechat/data-schemas logger in countTokens.js and fork.js
* chore: Update logs volume path in docker-compose.yml to correct directory
* chore: import order of isEnabled in static.js
* Remove unused STATIC_CONFIG and LIBRECHAT_YAML_CONFIG cache keys.
These cache keys were identified as dead code - they were being written to but never read from anywhere in the codebase after a recent refactor:
- STATIC_CONFIG was used as a cache namespace that stored configuration data
- LIBRECHAT_YAML_CONFIG was the key used within that namespace to store parsed YAML config
- The cache.set() operation in loadCustomConfig.js stored the config but no cache.get() operations retrieved it
- Configuration data is already handled through other mechanisms without caching
* # removed tests regarding cache
- This allows use APP_CONFIG in FORCED_IN_MEMORY_CACHE_NAMESPACES
- Remove the complexity of nested namespace (e.g. we no longer have to worry about the prefix of every role key)
* added REDIS_USE_ALTERNATIVE_DNS_LOOKUP env variable to modify redis connection by adding dnsLookup
this is required when connecting to elasticache for ioredis
see "Special Note: Aws Elasticache Clusters with TLS" on this webpage: https://www.npmjs.com/package/ioredis
* added REDIS_USE_ALTERNATIVE_DNS_LOOKUP env variable to modify redis connection by adding dnsLookup
this is required when connecting to elasticache for ioredis
see "Special Note: Aws Elasticache Clusters with TLS" on this webpage: https://www.npmjs.com/package/ioredis
---------
Co-authored-by: Marc Amick <MarcAmick@jhu.edu>
* ✨ feat: Add support for enabling Redis cluster configuration
* ✨ feat: Enhance Redis client initialization to support cluster configuration without multiple URIs
* ✨ feat: Add tests for USE_REDIS_CLUSTER configuration and validation
* 🐞 fix: Remove unnecessary blank line in cacheConfig tests
* 📱 refactor: Redis Client Error Logging and Ping only when Ready
* chore: intellisense for warning comment for Keyv Redis client regarding prefix support
* ✨ feat: Add support for forced in-memory cache keys configuration
* refactor: Update cache keys to use uppercase constants and moved cache for `librechat.yaml` into its own cache namespace (STATIC_CONFIG) and with a more descriptive key (LIBRECHAT_YAML_CONFIG)
* 📦 chore: bump `compression` from 1.7.4 to 1.8.1
* chore: bump `express-session` to v1.18.2
* chore: update `connect-redis` from v7.1.0 to v8.1.0
* chore: update import for `connect-redis` to use named export due to v8.0.0 breaking change
- Introduced new violation scores for TTS, STT, Fork, Import, and File Upload actions in the .env.example file.
- Updated logViolation function to accept a score parameter, allowing for dynamic severity levels based on the action type.
- Modified limiters for Fork, Import, Message, STT, TTS, Tool Call, and File Upload to utilize the new violation scores when logging violations.
* feat: Add configurable retention period for temporary chats
* Addressing eslint errors
* Fix: failing test due to missing registration
* Update: variable name and use hours instead of days for chat retention
* Addressing comments
* chore: fix import order in Conversation.js
* chore: import order in Message.js
* chore: fix import order in config.ts
* chore: move common methods to packages/api to reduce potential for circular dependencies
* refactor: update temp chat retention config type to Partial<TCustomConfig>
* refactor: remove unused config variable from AppService and update loadCustomConfig tests with logger mock
* refactor: handle model undefined edge case by moving Session model initialization inside methods
---------
Co-authored-by: Rakshit Tiwari <rak1729e@gmail.com>
* chore: Update @modelcontextprotocol/sdk to version 1.12.3 in package.json and package-lock.json
- Bump version of @modelcontextprotocol/sdk to 1.12.3 to incorporate recent updates.
- Update dependencies for ajv and cross-spawn to their latest versions.
- Add ajv as a new dependency in the sdk module.
- Include json-schema-traverse as a new dependency in the sdk module.
* feat: @librechat/auth
* feat: Add crypto module exports to auth package
- Introduced a new crypto module by creating index.ts in the crypto directory.
- Updated the main index.ts of the auth package to export from the new crypto module.
* feat: Update package dependencies and build scripts for auth package
- Added @librechat/auth as a dependency in package.json and package-lock.json.
- Updated build scripts to include the auth package in both frontend and bun build processes.
- Removed unused mongoose and openid-client dependencies from package-lock.json for cleaner dependency management.
* refactor: Migrate crypto utility functions to @librechat/auth
- Replaced local crypto utility imports with the new @librechat/auth package across multiple files.
- Removed the obsolete crypto.js file and its exports.
- Updated relevant services and models to utilize the new encryption and decryption methods from @librechat/auth.
* feat: Enhance OAuth token handling and update dependencies in auth package
* chore: Remove Token model and TokenService due to restructuring of OAuth handling
- Deleted the Token.js model and TokenService.js, which were responsible for managing OAuth tokens.
- This change is part of a broader refactor to streamline OAuth token management and improve code organization.
* refactor: imports from '@librechat/auth' to '@librechat/api' and add OAuth token handling functionality
* refactor: Simplify logger usage in MCP and FlowStateManager classes
* chore: fix imports
* feat: Add OAuth configuration schema to MCP with token exchange method support
* feat: FIRST PASS Implement MCP OAuth flow with token management and error handling
- Added a new route for handling OAuth callbacks and token retrieval.
- Integrated OAuth token storage and retrieval mechanisms.
- Enhanced MCP connection to support automatic OAuth flow initiation on 401 errors.
- Implemented dynamic client registration and metadata discovery for OAuth.
- Updated MCPManager to manage OAuth tokens and handle authentication requirements.
- Introduced comprehensive logging for OAuth processes and error handling.
* refactor: Update MCPConnection and MCPManager to utilize new URL handling
- Added a `url` property to MCPConnection for better URL management.
- Refactored MCPManager to use the new `url` property instead of a deprecated method for OAuth handling.
- Changed logging from info to debug level for flow manager and token methods initialization.
- Improved comments for clarity on existing tokens and OAuth event listener setup.
* refactor: Improve connection timeout error messages in MCPConnection and MCPManager and use initTimeout for connection
- Updated the connection timeout error messages to include the duration of the timeout.
- Introduced a configurable `connectTimeout` variable in both MCPConnection and MCPManager for better flexibility.
* chore: cleanup MCP OAuth Token exchange handling; fix: erroneous use of flowsCache and remove verbose logs
* refactor: Update MCPManager and MCPTokenStorage to use TokenMethods for token management
- Removed direct token storage handling in MCPManager and replaced it with TokenMethods for better abstraction.
- Refactored MCPTokenStorage methods to accept parameters for token operations, enhancing flexibility and readability.
- Improved logging messages related to token persistence and retrieval processes.
* refactor: Update MCP OAuth handling to use static methods and improve flow management
- Refactored MCPOAuthHandler to utilize static methods for initiating and completing OAuth flows, enhancing clarity and reducing instance dependencies.
- Updated MCPManager to pass flowManager explicitly to OAuth handling methods, improving flexibility in flow state management.
- Enhanced comments and logging for better understanding of OAuth processes and flow state retrieval.
* refactor: Integrate token methods into createMCPTool for enhanced token management
* refactor: Change logging from info to debug level in MCPOAuthHandler for improved log management
* chore: clean up logging
* feat: first pass, auth URL from MCP OAuth flow
* chore: Improve logging format for OAuth authentication URL display
* chore: cleanup mcp manager comments
* feat: add connection reconnection logic in MCPManager
* refactor: reorganize token storage handling in MCP
- Moved token storage logic from MCPManager to a new MCPTokenStorage class for better separation of concerns.
- Updated imports to reflect the new token storage structure.
- Enhanced methods for storing, retrieving, updating, and deleting OAuth tokens, improving overall token management.
* chore: update comment for SYSTEM_USER_ID in MCPManager for clarity
* feat: implement refresh token functionality in MCP
- Added refresh token handling in MCPManager to support token renewal for both app-level and user-specific connections.
- Introduced a refreshTokens function to facilitate token refresh logic.
- Enhanced MCPTokenStorage to manage client information and refresh token processes.
- Updated logging for better traceability during token operations.
* chore: cleanup @librechat/auth
* feat: implement MCP server initialization in a separate service
- Added a new service to handle the initialization of MCP servers, improving code organization and readability.
- Refactored the server startup logic to utilize the new initializeMCP function.
- Removed redundant MCP initialization code from the main server file.
* fix: don't log auth url for user connections
* feat: enhance OAuth flow with success and error handling components
- Updated OAuth callback routes to redirect to new success and error pages instead of sending status messages.
- Introduced `OAuthSuccess` and `OAuthError` components to provide user feedback during authentication.
- Added localization support for success and error messages in the translation files.
- Implemented countdown functionality in the success component for a better user experience.
* fix: refresh token handling for user connections, add missing URL and methods
- add standard enum for system user id and helper for determining app-lvel vs. user-level connections
* refactor: update token handling in MCPManager and MCPTokenStorage
* fix: improve error logging in OAuth authentication handler
* fix: concurrency issues for both login url emission and concurrency of oauth flows for shared flows (same user, same server, multiple calls for same server)
* fix: properly fail shared flows for concurrent server calls and prevent duplication of tokens
* chore: remove unused auth package directory from update configuration
* ci: fix mocks in samlStrategy tests
* ci: add mcpConfig to AppService test setup
* chore: remove obsolete MCP OAuth implementation documentation
* fix: update build script for API to use correct command
* chore: bump version of @librechat/api to 1.2.4
* fix: update abort signal handling in createMCPTool function
* fix: add optional clientInfo parameter to refreshTokensFunction metadata
* refactor: replace app.locals.availableTools with getCachedTools in multiple services and controllers for improved tool management
* fix: concurrent refresh token handling issue
* refactor: add signal parameter to getUserConnection method for improved abort handling
* chore: JSDoc typing for `loadEphemeralAgent`
* refactor: update isConnectionActive method to use destructured parameters for improved readability
* feat: implement caching for MCP tools to handle app-level disconnects for loading list of tools
* ci: fix agent test
* refactor: move model definitions and database-related methods to packages/data-schemas
* ci: update tests due to new DB structure
fix: disable mocking `librechat-data-provider`
feat: Add schema exports to data-schemas package
- Introduced a new schema module that exports various schemas including action, agent, and user schemas.
- Updated index.ts to include the new schema exports for better modularity and organization.
ci: fix appleStrategy tests
fix: Agent.spec.js
ci: refactor handleTools tests to use MongoMemoryServer for in-memory database
fix: getLogStores imports
ci: update banViolation tests to use MongoMemoryServer and improve session mocking
test: refactor samlStrategy tests to improve mock configurations and user handling
ci: fix crypto mock in handleText tests for improved accuracy
ci: refactor spendTokens tests to improve model imports and setup
ci: refactor Message model tests to use MongoMemoryServer and improve database interactions
* refactor: streamline IMessage interface and move feedback properties to types/message.ts
* refactor: use exported initializeRoles from `data-schemas`, remove api workspace version (this serves as an example of future migrations that still need to happen)
* refactor: update model imports to use destructuring from `~/db/models` for consistency and clarity
* refactor: remove unused mongoose imports from model files for cleaner code
* refactor: remove unused mongoose imports from Share, Prompt, and Transaction model files for cleaner code
* refactor: remove unused import in Transaction model for cleaner code
* ci: update deploy workflow to reference new Docker Dev Branch Images Build and add new workflow for building Docker images on dev branch
* chore: cleanup imports
* feat: integrate OpenID Connect support with token reuse
- Added `jwks-rsa` and `new-openid-client` dependencies for OpenID Connect functionality.
- Implemented OpenID token refresh logic in `AuthController`.
- Enhanced `LogoutController` to handle OpenID logout and session termination.
- Updated JWT authentication middleware to support OpenID token provider.
- Modified OAuth routes to accommodate OpenID authentication and token management.
- Created `setOpenIDAuthTokens` function to manage OpenID tokens in cookies.
- Upgraded OpenID strategy with user info fetching and token exchange protocol.
- Introduced `openIdJwtLogin` strategy for handling OpenID JWT tokens.
- Added caching mechanism for exchanged OpenID tokens.
- Updated configuration to include OpenID exchanged tokens cache key.
- updated .env.example to include the new env variables needed for the feature.
* fix: update return type in downloadImage documentation for clarity and fixed openIdJwtLogin env variables
* fix: update Jest configuration and tests for OpenID strategy integration
* fix: update OpenID strategy to include callback URL in setup
* fix: fix optionalJwtAuth middleware to support OpenID token reuse and improve currentUrl method in CustomOpenIDStrategy to override the dynamic host issue related to proxy (e.g. cloudfront)
* fix: fixed code formatting
* Fix: Add mocks for openid-client and passport strategy in Jest configuration to fix unit tests
* fix eslint errors: Format mock file openid-client.
* ✨ feat: Add PKCE support for OpenID and default handling in strategy setup
---------
Co-authored-by: Atef Bellaaj <slalom.bellaaj@external.daimlertruck.com>
Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>
* feat: Add support for new OpenAI models (o4-mini, o3) and update related logic
* 🔧 fix: Rename 'resubmitFiles' to 'isResubmission' for consistency across types and hooks
* 🔧 fix: Replace hardcoded 'pending_req' with CacheKeys.PENDING_REQ for consistency in cache handling
* 🔧 fix: Update cache handling to use Time.ONE_MINUTE instead of hardcoded TTL and streamline imports
* 🔧 fix: Enhance message handling logic to correctly identify parent messages and streamline imports in useSSE
* chore: update @librechat/agents dependency to version 2.4.15
* refactor: Prevent memory leaks by nullifying boundModel.client in disposeClient function
* fix: use of proxy, use undici
* chore: update @librechat/agents dependency to version 2.4.16
* Revert "fix: use of proxy, use undici"
This reverts commit 83153cd582.
* fix: ensure fetch is imported for HTTP requests
* fix: replace direct OpenAI import with CustomOpenAIClient from @librechat/agents
* fix: update keyv peer dependency to version 5.3.2
* fix: update keyv dependency to version 5.3.2
* refactor: replace KeyvMongo with custom implementation and update flow state manager usage
* fix: update @librechat/agents dependency to version 2.4.17
* ci: update OpenAIClient tests to use CustomOpenAIClient from @librechat/agents
* refactor: remove KeyvMongo mock and related dependencies
* chore: remove unused redis file
* chore: bump keyv dependencies, and update related imports
* refactor: Implement IoRedis client for rate limiting across middleware, as node-redis via keyv not compatible
* fix: Set max listeners to expected amount
* WIP: memory improvements
* refactor: Simplify getAbortData assignment in createAbortController
* refactor: Update getAbortData to use WeakRef for content management
* WIP: memory improvements in agent chat requests
* refactor: Enhance memory management with finalization registry and cleanup functions
* refactor: Simplify domainParser calls by removing unnecessary request parameter
* refactor: Update parameter types for action tools and agent loading functions to use minimal configs
* refactor: Simplify domainParser tests by removing unnecessary request parameter
* refactor: Simplify domainParser call by removing unnecessary request parameter
* refactor: Enhance client disposal by nullifying additional properties to improve memory management
* refactor: Improve title generation by adding abort controller and timeout handling, consolidate request cleanup
* refactor: Update checkIdleConnections to skip current user when checking for idle connections if passed
* refactor: Update createMCPTool to derive userId from config and handle abort signals
* refactor: Introduce createTokenCounter function and update tokenCounter usage; enhance disposeClient to reset Graph values
* refactor: Update getMCPManager to accept userId parameter for improved idle connection handling
* refactor: Extract logToolError function for improved error handling in AgentClient
* refactor: Update disposeClient to clear handlerRegistry and graphRunnable references in client.run
* refactor: Extract createHandleNewToken function to streamline token handling in initializeClient
* chore: bump @librechat/agents
* refactor: Improve timeout handling in addTitle function for better error management
* refactor: Introduce createFetch instead of using class method
* refactor: Enhance client disposal and request data handling in AskController and EditController
* refactor: Update import statements for AnthropicClient and OpenAIClient to use specific paths
* refactor: Use WeakRef for response handling in SplitStreamHandler to prevent memory leaks
* refactor: Simplify client disposal and rename getReqData to processReqData in AskController and EditController
* refactor: Improve logging structure and parameter handling in OpenAIClient
* refactor: Remove unused GraphEvents and improve stream event handling in AnthropicClient and OpenAIClient
* refactor: Simplify client initialization in AskController and EditController
* refactor: Remove unused mock functions and implement in-memory store for KeyvMongo
* chore: Update dependencies in package-lock.json to latest versions
* refactor: Await token usage recording in OpenAIClient to ensure proper async handling
* refactor: Remove handleAbort route from multiple endpoints and enhance client disposal logic
* refactor: Enhance abort controller logic by managing abortKey more effectively
* refactor: Add newConversation handling in useEventHandlers for improved conversation management
* fix: dropparams
* refactor: Use optional chaining for safer access to request properties in BaseClient
* refactor: Move client disposal and request data processing logic to cleanup module for better organization
* refactor: Remove aborted request check from addTitle function for cleaner logic
* feat: Add Grok 3 model pricing and update tests for new models
* chore: Remove trace warnings and inspect flags from backend start script used for debugging
* refactor: Replace user identifier handling with userId for consistency across controllers, use UserId in clientRegistry
* refactor: Enhance client disposal logic to prevent memory leaks by clearing additional references
* chore: Update @librechat/agents to version 2.4.14 in package.json and package-lock.json
* feat: Implement Redis-based rate limiting, initially import limits
* feat: Enhance rate limiters with Redis support and custom prefixes
* chore: import orders
* chore: update JSDoc for next middleware parameter type in ban and limiter middleware
* feat: add logHeaders middleware to log forwarded headers in requests
* refactor: change log level from info to debug for Redis rate limiters
* feat: increase Redis max listeners and refactor session storage to use Keyv
* chore: bump Model Context Protocol SDK dependencies
* fix: correct indentation in MCPConnection class
* refactor: enhance SSE transport with abort controller and add error handling for empty results
* chore: remove outdated Model Context Protocol SDK dependency
* chore: update @modelcontextprotocol/sdk dependency to version 1.7.0
* chore: add debugging comments for PingRequest handling in MCPConnection class
* refactor: update callTool method to accept structured arguments and options
* refactor: simplify maxContextTokens calculation in initializeAgentOptions
* chore: update @babel/runtime dependency to version 7.26.10
* chore: update @librechat/agents dependency to version 2.2.9
* chore: update @librechat/agents dependency to version 2.3.6
* refactor: imports and prevent s3 initialization if strategy not configured
* refactor: mark redis as non-experimental
* refactor: add missing `maxContextTokens` for OpenAI parameters
* refactor: improve log message for Redis initialization
* chore: update @librechat/agents dependency to version 2.3.8
* refactor: extend `streamBuffer` condition to include BEDROCK provider as easily gets throttled by AWS
* refactor: filter out 'think' parts from message content in Anthropic and OpenAI clients
* feat: Add 'Run Code' and 'Temporary Chat' permissions to role management
* feat: Add NextFunction typedef to api/typedefs.js
* feat: Add temporary chat and run code permissions to role schema
* refactor: Enhance access check middleware with logging for permission errors and better typing
* refactor: Set default value of USE permission to true in multiConvoPermissionsSchema
* refactor: Implement checkAccess function for separation of permission validation logic from middleware
* feat: Integrate permission checks for tool execution and enhance Markdown code block with execution capability
* fix: Convert REDIS_MAX_LISTENERS to a number, closes#5979
* refactor: Improve MeiliSearch integration with environment-based configuration for running index sync
* chore: Remove Question issue template from GitHub repository
* feat: Enable indexing in MeiliSearch configuration and clean up error handling in indexSync
* feat: Update .env.example to include optional indexing configuration
* refactor: rename env var for disabling index sync to MEILI_NO_SYNC
* Added the option to change the default trusted proxy
* feat: Add TRUST_PROXY configuration to .env.example for reverse proxy settings
* feat: Enhance Redis support with cluster configuration and TLS options
* feat(redis): add cluster support, environment config and url mapping
- Add Redis cluster configuration with isEnabled flag
- Configure prefix and max listeners settings
- Improve code formatting and readability
- Fix URL vs host parameter handling
- Update environment variables and regex patterns
---------
Co-authored-by: Gil Assunção <gil.assuncao@parceiros.nos.pt>
Co-authored-by: Pedro Reis <pedro.malheiro@parceiros.nos.pt>
Co-authored-by: João Trigo Soares <joao.soares@parceiros.nos.pt>
* ✨feat: OAuth for Actions
* WIP: PoC flow state manager
* refactor: Add identifier field to token model from action schema
* chore: fix potential file type issues
* ci: fix type issue with action metadata auth
* fix: ensure FlowManagerOptions has a default ttl value
* WIP: OAUTH actions
* WIP: first pass OAuth Action
* fix: standardize identifier usage in OAuth flow handling
* fix: update token retrieval to include userId in query and use correct identifier
* refacotr: update token retrieval to use userId for OAuth token query
* feat: Tool Call Auth styling
* fix: streamline token creation and add type field to token schema
* refactor: cleanup OAuth flow by encrypting client credentials and ensuring oauth operations only run under condition
* refactor: use encrypted credentials in OAuth callback
* fix: update Token collection indexes to use expiresAt TTL index and not createdAt legacy index
* refactor: enhance Token index cleanup by improving logging and removing redundant index creation logic
* refactor: remove unused OAuth login route and related logic for improved clarity
* refactor: replace fetch with axios for OAuth token exchange and improve error handling
* refactor: better UX after authentication before oauth tool execution
* refactor: implement cleanup handlers for FlowStateManager intervals to enhance resource management
* refactor: encrypt OAuth tokens before storing and decrypt upon retrieval for enhanced security
* refactor: enhance authentication success page with improved styling and countdown feature
* refactor: add response_type parameter to OAuth redirect URI for improved compatibility
* chore: update translation.json new localizations
* chore: remove unused OGDialog import from OGDialogTemplate component
* refactor: Actions Auth using new Dialog styling, use same component with Agents/Assistants
* refactor: update removeNullishValues function to support removal of empty strings and adjust transform usage in schemas
* chore: bump version of librechat-data-provider to 0.7.6991
* refactor: integrate removeNullishValues function to clean metadata before encryption in agent and assistant routes
* refactor: update OAuth input fields to use 'password' type for better security
* refactor: update localization placeholders for sign-in message to use double curly braces
* refactor: add access_type parameter for offline access in createActionTool function
* refactor: implement handleOAuthToken function for token management and encryption
* feat: refresh token support
* refactor: add default expiration for access token and error handling for missing token
* feat: localizations for ActionAuth
* refactor: set refresh token expiration to null to not expire if expiry never given
* fix: prevent crash fromerror within async handleAbortError in AskController, EditController, and AgentController
* feat: Action Callback URL
* 🌍 i18n: Update translation.json with latest translations
* refactor: handle errors in flow state checking to prevent unhandled promise rejections
* fix: improve flow state concurrency to prevent multiple token creation calls
* refactor: RequestExecutor to use separate axios instance
* refactor: improve concurrency flows by keeping completed state until TTL expiry
* refactor: increase TTL for flow state management and adjust monitoring interval
* ci: mock axios instance creation in actions spec
* feat: add Babel and Jest configuration files; implement FlowStateManager tests with concurrency handling
* chore: add disableOAuth prop to ActionsAuth (not implemented for Assistants yet)
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This commit updates the cache stores in the `getLogStores.js` file to use Redis as the store if the `USE_REDIS` environment variable is enabled. It also adds a new environment variable `DEBUG_MEMORY_CACHE` to enable debugging of the memory cache.
* ✨ feat: Implement session management with CRUD operations and integrate into user workflows
* ✨ refactor: Update session model import paths and enhance session creation logic in AuthService
* ✨ refactor: Validate session and user ID formats in session management functions
* ✨ style: Enhance UI components with improved styling and accessibility features
* chore: Update login form tests to use getByTestId instead of getByRole, remove console.log()
* chore: Update login form tests to use getByTestId instead of getByRole
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* feat: Code Interpreter API & File Search Agent Uploads
chore: add back code files
wip: first pass, abstract key dialog
refactor: influence checkbox on key changes
refactor: update localization keys for 'execute code' to 'run code'
wip: run code button
refactor: add throwError parameter to loadAuthValues and getUserPluginAuthValue functions
feat: first pass, API tool calling
fix: handle missing toolId in callTool function and return 404 for non-existent tools
feat: show code outputs
fix: improve error handling in callTool function and log errors
fix: handle potential null value for filepath in attachment destructuring
fix: normalize language before rendering and prevent null return
fix: add loading indicator in RunCode component while executing code
feat: add support for conditional code execution in Markdown components
feat: attachments
refactor: remove bash
fix: pass abort signal to graph/run
refactor: debounce and rate limit tool call
refactor: increase debounce delay for execute function
feat: set code output attachments
feat: image attachments
refactor: apply message context
refactor: pass `partIndex`
feat: toolCall schema/model/methods
feat: block indexing
feat: get tool calls
chore: imports
chore: typing
chore: condense type imports
feat: get tool calls
fix: block indexing
chore: typing
refactor: update tool calls mapping to support multiple results
fix: add unique key to nav link for rendering
wip: first pass, tool call results
refactor: update query cache from successful tool call mutation
style: improve result switcher styling
chore: note on using \`.toObject()\`
feat: add agent_id field to conversation schema
chore: typing
refactor: rename agentMap to agentsMap for consistency
feat: Agent Name as chat input placeholder
chore: bump agents
📦 chore: update @langchain dependencies to latest versions to match agents package
📦 chore: update @librechat/agents dependency to version 1.8.0
fix: Aborting agent stream removes sender; fix(bedrock): completion removes preset name label
refactor: remove direct file parameter to use req.file, add `processAgentFileUpload` for image uploads
feat: upload menu
feat: prime message_file resources
feat: implement conversation access validation in chat route
refactor: remove file parameter from processFileUpload and use req.file instead
feat: add savedMessageIds set to track saved message IDs in BaseClient, to prevent unnecessary double-write to db
feat: prevent duplicate message saves by checking savedMessageIds in AgentController
refactor: skip legacy RAG API handling for agents
feat: add files field to convoSchema
refactor: update request type annotations from Express.Request to ServerRequest in file processing functions
feat: track conversation files
fix: resendFiles, addPreviousAttachments handling
feat: add ID validation for session_id and file_id in download route
feat: entity_id for code file uploads/downloads
fix: code file edge cases
feat: delete related tool calls
feat: add stream rate handling for LLM configuration
feat: enhance system content with attached file information
fix: improve error logging in resource priming function
* WIP: PoC, sequential agents
WIP: PoC Sequential Agents, first pass content data + bump agents package
fix: package-lock
WIP: PoC, o1 support, refactor bufferString
feat: convertJsonSchemaToZod
fix: form issues and schema defining erroneous model
fix: max length issue on agent form instructions, limit conversation messages to sequential agents
feat: add abort signal support to createRun function and AgentClient
feat: PoC, hide prior sequential agent steps
fix: update parameter naming from config to metadata in event handlers for clarity, add model to usage data
refactor: use only last contentData, track model for usage data
chore: bump agents package
fix: content parts issue
refactor: filter contentParts to include tool calls and relevant indices
feat: show function calls
refactor: filter context messages to exclude tool calls when no tools are available to the agent
fix: ensure tool call content is not undefined in formatMessages
feat: add agent_id field to conversationPreset schema
feat: hide sequential agents
feat: increase upload toast duration to 10 seconds
* refactor: tool context handling & update Code API Key Dialog
feat: toolContextMap
chore: skipSpecs -> useSpecs
ci: fix handleTools tests
feat: API Key Dialog
* feat: Agent Permissions Admin Controls
feat: replace label with button for prompt permission toggle
feat: update agent permissions
feat: enable experimental agents and streamline capability configuration
feat: implement access control for agents and enhance endpoint menu items
feat: add welcome message for agent selection in localization
feat: add agents permission to access control and update version to 0.7.57
* fix: update types in useAssistantListMap and useMentions hooks for better null handling
* feat: mention agents
* fix: agent tool resource race conditions when deleting agent tool resource files
* feat: add error handling for code execution with user feedback
* refactor: rename AdminControls to AdminSettings for clarity
* style: add gap to button in AdminSettings for improved layout
* refactor: separate agent query hooks and check access to enable fetching
* fix: remove unused provider from agent initialization options, creates issue with custom endpoints
* refactor: remove redundant/deprecated modelOptions from AgentClient processes
* chore: update @librechat/agents to version 1.8.5 in package.json and package-lock.json
* fix: minor styling issues + agent panel uniformity
* fix: agent edge cases when set endpoint is no longer defined
* refactor: remove unused cleanup function call from AppService
* fix: update link in ApiKeyDialog to point to pricing page
* fix: improve type handling and layout calculations in SidePanel component
* fix: add missing localization string for agent selection in SidePanel
* chore: form styling and localizations for upload filesearch/code interpreter
* fix: model selection placeholder logic in AgentConfig component
* style: agent capabilities
* fix: add localization for provider selection and improve dropdown styling in ModelPanel
* refactor: use gpt-4o-mini > gpt-3.5-turbo
* fix: agents configuration for loadDefaultInterface and update related tests
* feat: DALLE Agents support
* 🛂 feat: Added Security for Conversation Access
* refactor: Update concurrentLimiter and convoAccess middleware to use isEnabled function for Redis check
* refactor: handle access check even if cache is not available (edge case)
* 🗨️ feat: Prompts (#7)
* WIP: MERGE prompts/frontend (#1)
* added schema for prompt and promptgroup, added model methods for prompts, added routes for prompts
* * updated promptGroup Schema
* updated model methods for prompts (get, add, delete)
* slight fixes in prompt routes
* * Created Files Management components
* Created Vector Stores components
* Added file management route in the routes folder
* Completed UI for Files list, Compeleted UI for vector stores list, Completed UI for upload file modal, Completed UI for preview file, Completed UI for preview vector store
* Fixed style and UI fixes for file dashboard, file list and vector stores list
* added responsiveness classes for vector store page
* fixed responsiveness of file page, dashboard page, and main page
* fixed styling and responsiveness issues on dashboard page, file list page and vector store page
* added queries and mutations for prompts and promptGroups, added relevant endpoints in data-provider, added relevant components prompts, added and updated relevant APIs
* added types on mutation queries data service, updated prompt attributes
* feature: Prompts and prompt groups management, added relevant APIs, added types for data service/queries/mutations, added relevant mutation and queries
* chore: typing clarifications
* added drop down on prompts mgmt dashboard
* Fixes: fixed version switching issue on tags update or labels update, added cross button on create prompt group, fixed list updation on prompt group renaiming, added CSV upload button
* Feature: Added oneliner and category attributes in prompt group, added schema for categories, added schema methods and route for categories
* chore: typing and lint issues
* chore: more type and linter fixes
* chore: linting
* chore: prompt controller and backend typing example; MOVE TO CONTROLLER DIRECTORY
* chore: more type fixes
* style: prompt name changes
* chore: more type changes, and stateful prompt name change without flickering
* fix: Return result of savePrompt in patchPrompt API endpoint
* fix: navigation prompt queries; refactor: name 'prompt-groups' to just 'groups'
* refactor: fetch prompt groups rewrite
* refactor(prompts): query/mutation statefulness
* refactor: remove `isActive` field
* refactor: remove labels, consolidate logic
* style: width, layout shift
* refactor: improve hover toggle behavior and styling
* refactor: add useParams hook to PromptListItem for dynamic rendering and add timeout ref for blur timeout
* chore: hide upload button
* refactor: import Button component from correct location in PromptSidePanel
* style: prompt editor styling
* style: fix more layout shifts
* style: container scroll
* refactor: Rename CreatePrompt component to CreatePromptForm
* refactor: use react-hook-form
* refactor: Add Prompts components and routes to Dashboard
* style: skeletons for loading
* fix: optimize makePromptProduction
* refactor: consolidate variables
* feat: create prompt form validation
* refactor: Consolidate variables and update mutation hooks
* style: minor touchups
* chore: Update lucide-react npm dependency to version 0.394.0 and npm audit fix
* refactor: add a new icon for the Prompts heading.
* style: Update PromptsView heading to use h1 instead of h2 and other minor margin issues
* chore: wording
* refactor: Update PromptsView heading to use h1 instead of h2, consolidate variables, and add new icons
* refactor: Prompts Button for Mobile
* feature: added category field in prompt group, added relevant API and static data on BE to support FE UI for category in prompt group
* chore: template for prompt cards
---------
Co-authored-by: Fawadpot <contactfawada@gmail.com>
* WIP: Prompts/frontend Continued (#2)
* chore: loading style, remove unused component
* feat: Add CategorySelector component for prompt group category selection
* feat: add categories to create prompt
* feat: prompt versions styling
* feat: optimistic updates for prompt production state
* refactor: optimize form state and show if prompt field is dirty with cross icon, also other styling changes
* chore: remove unused code and localizations
* fix: light mode styling
* WIP: SidePanel Prompts
* refactor: move to groups directory
* refactor: rename GroupsSidePanel to GroupSidePanel and update imports
* style: ListCard
* refactor: isProduction changes
* refactor: infinite query with productionPrompt
* refactor: optimize snippets and prompts, and styling
* refactor: Update getSnippet function to accept a length parameter
* chore: localizations
* feat: prompts navigation to chat and vice versa
* fix: create prompt
* feat: remember last selected category for creating prompts
* fix(promptGroups): fix pagination and add usePromptGroupsNav hook
* Prompts/frontend 3 (#3)
* fix: stateful issues with prompt groups
* style: improved layout
* refactor: improve variable naming in Eng.ts
* refactor: theme selector styling improvements
* added prompt cards on chat new page, with dark mode, added API to fetch random prompts, added types for useQuery
Slightly improved usePromptGroupNav logic to fetch updated result for pageSize, updated prompt cards view with darkmode and responsiveness
fixed page size option buttons styling to match the theme
added dark mode on create prompt page and prompt edit/preview page
fixed page size option buttons styling to match the theme
added dark mode on create prompt page and prompt edit/preview page
* WIP: Prompts/frontend (#4)
* fix: optimize and fix paginated query
* fix: remove unique constraint on names
* refactor: button links and styling
* style: menu border light mode
* feat: Add Auto-Send Switch component for prompts groups
* refactor(ChatView): use form context for submission text
* chore: clear convo state on navigation to dashboard routes
* chore: save prompt edit name on tab, remove console log
* feat: basic prompt submission
* refactor: move Auto-Send Switch
* style(ListCard): border styling
* feat: Add function to detect variables in text
* feat: Add OriginalDialog component to UI library
* chore(ui): Update SelectDropDown options list class to use text-xs size
* refactor: submitMessage hook now includes submitPrompt, make compatible to document query selector
* WIP: Variable Dialog
* feat: variable submission working for both auto-send and non-autosend
* feat: dashboard breadcrumbs and prompts/chat navigation
* refactor: dashboard breadcrumb and dashboard link to chat navigation
* refactor: Update VariableDialog and VariableForm styles
* Prompts: Admin features (#5)
* fix: link issue
* fix: usePromptGroupsNav add missing dep.
* style: dashbreadcrumb and sidepanel text color
* temp fix: remove refetch on pageNumber change
* fix: handle multiple variable replacement
* WIP: create project schema and add project groups to fetch
* feat: Add functionality to add prompt group IDs to a project
* feat: Add caching for startup config in config route
* chore: remove prompt landing
* style: Update Skeleton component with additional background styling
* chore: styling and types
* WIP: SharePrompt first draft
* feat(SharePrompt): form validation
* feat: shared global indicators
* refactor: prompt details
* refactor: change NoPromptGroup directory
* feat: preview prompt
* feat: remove/add global prompts, add rbac-related enums
* refactor: manage prompts location
* WIP: first draft admin settings for prompts
* feat: SystemRoles enum
* refactor: update PromptDetails component styling
* style: ellipsis custom class for showing more preview text
* WIP: initial role schema and initialization
* style: improved margins for single unordered lists
* fix: use custom chat form context to prevent re-renders from FormProvider
* feat: Role mutations for Prompt Permissions
* feat: fetch user role
* feat: update AdminSettings form default values from user role values
* refactor: rename PromptPermissions to Permissions for general definitions
* feat: initial role checks
* feat: Add optional `bodyProps` parameter to generateCheckAccess middleware
* refactor: UI access checks
* Prompts: delete (#6)
* Fixed delete prompt version API, fixed types and logic for prompt version deletion, updated prompt delete mutation logic
* chore: Update return type of deletePrompt function in Prompt.js
---------
Co-authored-by: Fawadpot <contactfawada@gmail.com>
* chore: Update package-lock.json version to 0.7.4-rc1 and fast-xml-parser to 4.4.0
* feat: toast for saving admin settings, add timer no-access navigation
* feat: always make prod
* feat: Add localization to category labels in CategorySelector component
* feat: Update category label localization in CategorySelector component
* fix: Enable making prompt production in Prompt API
---------
Co-authored-by: Fawadpot <contactfawada@gmail.com>
* feat: Add helper fn for dark mode detection in ThemeProvider
* style: surface-primary definition
* fix(useHasAccess): utilize user.role and not just USER role
* fix: empty category and role fetch
* refactort: increase max height to options list and use label if no localization is found
* fix: update CategorySelector to handle empty category value and improve localization
* refactor: move prompts to own store/reactquery modules, add in filter WIP
* refactor: Rename AutoSendSwitch to AutoSendPrompt
* style: theming commit
* style: fix slight coloring issue for convos in dark mode
* style: better composition for prompts side panel
* style: remove gray-750 and make it gray-850
* chore: adjust theming
* feat: filter all prompt groups and properly remove prompts from projects
* refactor: optimize delete prompt groups further
* chore: localization
* feat: Add uniqueProperty filtering to normalizeData function
* WIP: filter prompts
* chore: Update FilterPrompts component to include User icon in FilterItem
* feat(FilterPrompts): set categories
* feat: more system filters and show selected category icon
* style: always make prod, flips switch to avoid mis-clicks
* style: ui/ux loading/no prompts
* chore: style FilterPrompts ChatView
* fix: handle missing role edge case
* style: special variables
* feat: special variables
* refactor: improve replaceSpecialVars function in prompts.ts
* feat: simple/advanced editor modes
* chore: bump versions
* feat: localizations and hide production button on simple mode
* fix: error connecting layout shift
* fix: prompts CRUD for admins
* fix: secure single group fetch
* style: sidepanel styling
* style(PromptName): bring edit button closer to name
* style: mobile prompts header
* style: mobile prompts header continued
* style: align send prompts switch right
* feat: description
* Update special variables description in Eng.ts
* feat: update/create/preview oneliner
* fix: allow empty oneliner update
* style: loading improvement and always make selected prompt Production if simple mode
* fix: production index set and remove unused props
* fix(ci): mock initializeRoles
* fix: address #3128
* fix: address #3128
* feat: add deletion confirmation dialog
* fix: mobile UI issues
* style: prompt library UI update
* style: focus, logcal tab order
* style: Refactor SelectDropDown component to improve code readability and maintainability
* chore: bump data-provider
* chore: fix labels
* refactor: confirm delete prompt version
---------
Co-authored-by: Marco Beretta <81851188+berry-13@users.noreply.github.com>
* feat: verification email
* chore: email verification invalid; localize: update
* fix: redirect to login when signup: fix: save emailVerified correctly
* docs: update ALLOW_UNVERIFIED_EMAIL_LOGIN; fix: don't accept login only when ALLOW_UNVERIFIED_EMAIL_LOGIN = true
* fix: user needs to be authenticated
* style: update
* fix: registration success message and redirect logic
* refactor: use `isEnabled` in ALLOW_UNVERIFIED_EMAIL_LOGIN
* refactor: move checkEmailConfig to server/utils
* refactor: use req as param for verifyEmail function
* chore: jsdoc
* chore: remove console log
* refactor: rename `createNewUser` to `createSocialUser`
* refactor: update typing and add expiresAt field to userSchema
* refactor: begin use of user methods over direct model access for User
* refactor: initial email verification rewrite
* chore: typing
* refactor: registration flow rewrite
* chore: remove help center text
* refactor: update getUser to getUserById and add findUser methods. general fixes from recent changes
* refactor: Update updateUser method to remove expiresAt field and use $set and $unset operations, createUser now returns Id only
* refactor: Update openidStrategy to use optional chaining for avatar check, move saveBuffer init to buffer condition
* refactor: logout on deleteUser mutatation
* refactor: Update openidStrategy login success message format
* refactor: Add emailVerified field to Discord and Facebook profile details
* refactor: move limiters to separate middleware dir
* refactor: Add limiters for email verification and password reset
* refactor: Remove getUserController and update routes and controllers accordingly
* refactor: Update getUserById method to exclude password and version fields
* refactor: move verification to user route, add resend verification option
* refactor: Improve email verification process and resend option
* refactor: remove more direct model access of User and remove unused code
* refactor: replace user authentication methods and token generation
* fix: add user.id to jwt user
* refactor: Update AuthContext to include setError function, add resend link to Login Form, make registration redirect shorter
* fix(updateUserPluginsService): ensure userPlugins variable is defined
* refactor: Delete all shared links for a specific user
* fix: remove use of direct User.save() in handleExistingUser
* fix(importLibreChatConvo): handle missing createdAt field in messages
---------
Co-authored-by: Danny Avila <danny@librechat.ai>
* fix: remove double initialization of speech routes
* refactor(useMessageHelpers): more consistent latestMessage updates based on unique textKey and early returns when setting
* feat: TTS/STT rate limiters
* chore: remove console log
* fix: make modular chat true by default
* fix: hide audio element on mobile
* chore: add tts docs link
* fix: select voice option on first render
* fix: NotAllowedError, prevent async playback for mobile triggers, consolidate MessageAudio code, user user-triggered unmutes
* fix: Firefox/unsupported type for MediaSource hack
* refactor(STT): make icon red when recording. consolidate logic to AudioRecorder component
* fix: revert Redis changes to use separate client for sessions