Spaces:

Kareman
/

rag

Sleeping

App Files Files Community

Kareman commited on Sep 13

Commit

14faba3

0 Parent(s):

feat(ContextAI)

Browse files

Files changed (10) hide show

.DS_Store +0 -0
.gitignore +29 -0
README.md +127 -0
app/auth.py +40 -0
app/config.py +2 -0
app/database.py +11 -0
app/main.py +113 -0
app/models.py +22 -0
app/rag.py +76 -0
requirements.txt +16 -0

.DS_Store ADDED Viewed

Binary file (6.15 kB). View file

.gitignore ADDED Viewed

	@@ -0,0 +1,29 @@

+# Python cache / build files
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+*.sqlite3
+*.log
+# Virtual environment
+venv/
+.env/
+# Environment variables
+.env
+# Uploaded files
+uploads/
+# Chroma database
+chroma_db/
+# IDE/editor configs (optional, but useful to ignore)
+.vscode/
+.idea/
+*.swp
+# SQLite DB
+*.db
+*.sqlite3

README.md ADDED Viewed

	@@ -0,0 +1,127 @@

+# ContextAI
+A **FastAPI-based RAG application** that lets users upload documents (PDF/TXT) and ask questions.
+Powered by **LangChain**, **ChromaDB**, and **LLMs** for context-aware answers.
+📚 FastAPI RAG App with LangChain, ChromaDB & Authentication
+This project is a Retrieval-Augmented Generation (RAG) web application built with FastAPI.
+It allows users to:
+🔑 Sign up / Sign in (JWT-based authentication)
+📂 Upload PDF or text documents
+🧠 Store document embeddings in ChromaDB (vector database)
+💬 Ask questions about uploaded documents
+⚡ Get context-aware answers powered by LangChain + LLMs (via OpenRouter
+)
+🚀 Features
+User authentication with access & refresh tokens
+Secure file uploads (.pdf, .txt)
+Automatic text chunking & embedding with HuggingFace models
+Persistent vector store using ChromaDB
+RAG pipeline with LangChain’s RetrievalQA
+OpenRouter integration for running LLM queries
+CORS configured for frontend integration
+🛠️ Tech Stack
+FastAPI
+LangChain
+ChromaDB
+SQLModel
+ for user database
+HuggingFace Embeddings
+OpenRouter
+ (for LLM access)
+📂 Project Structure
+app/
+ ├── main.py          # FastAPI routes & entrypoint
+ ├── rag.py           # RAG pipeline (embeddings, vector store, QA chain)
+ ├── models.py        # User models & schemas
+ ├── auth.py          # Auth logic (hashing, tokens, verification)
+ ├── database.py      # SQLModel setup
+ └── config.py        # Settings & constants
+uploads/              # User uploaded files (ignored in Git)
+chroma_db/            # Vector DB storage (ignored in Git)
+⚙️ Setup & Installation
+1️⃣ Clone the repo
+git clone https://github.com/your-username/fastapi-rag-app.git
+cd fastapi-rag-app
+2️⃣ Create & activate virtual environment
+python -m venv venv
+source venv/bin/activate   # Linux/Mac
+venv\Scripts\activate      # Windows
+3️⃣ Install dependencies
+pip install -r requirements.txt
+4️⃣ Configure environment variables
+Create a .env file in the project root (or copy from .env.example):
+# OpenRouter
+OPENROUTER=your_openrouter_api_key_here
+# JWT secret
+SECRET_KEY=your_super_secret_key
+⚠️ Never commit your real .env file.
+▶️ Run the App
+Start the FastAPI server:
+uvicorn app.main:app --reload
+The API will be available at:
+👉 http://127.0.0.1:8000
+Interactive API docs:
+👉 http://127.0.0.1:8000/docs
+🔑 Authentication Flow
+Signup → POST /signup with username & password
+Signin → POST /signin to receive access_token & refresh_token
+Use Authorization: Bearer <access_token> for protected endpoints
+📂 Document Workflow
+User logs in
+Upload document → POST /upload (PDF or TXT)
+Ask a question → GET /ask?q=your+question
+The system searches your embeddings in ChromaDB and queries the LLM with context
+📝 Notes
+uploads/ and chroma_db/ are auto-created at runtime if they don’t exist.
+Both folders are ignored by Git (runtime data only).
+Contributions & pull requests are welcome 🚀

app/auth.py ADDED Viewed

	@@ -0,0 +1,40 @@

+from passlib.context import CryptContext
+from datetime import datetime, timedelta
+from jose import JWTError, jwt
+from typing import Optional
+# Password hashing
+pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
+from dotenv import load_dotenv
+load_dotenv()
+def hash_password(password: str):
+    return pwd_context.hash(password)
+def verify_password(password: str, hashed: str):
+    return pwd_context.verify(password, hashed)
+# JWT settings
+SECRET_KEY=os.getenv("SECRET_KEY")
+ALGORITHM = "HS256"
+ACCESS_TOKEN_EXPIRE_MINUTES = 15
+REFRESH_TOKEN_EXPIRE_DAYS = 7
+def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):
+    to_encode = data.copy()
+    expire = datetime.utcnow() + (expires_delta or timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES))
+    to_encode.update({"exp": expire})
+    return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+def create_refresh_token(data: dict, expires_delta: Optional[timedelta] = None):
+    to_encode = data.copy()
+    expire = datetime.utcnow() + (expires_delta or timedelta(days=REFRESH_TOKEN_EXPIRE_DAYS))
+    to_encode.update({"exp": expire})
+    return jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
+def decode_token(token: str):
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        return payload
+    except JWTError:
+        return None

app/config.py ADDED Viewed

	@@ -0,0 +1,2 @@


1	+ # Vector DB storage
2	+ CHROMA_DB_DIR = "./chroma_db"

app/database.py ADDED Viewed

	@@ -0,0 +1,11 @@

+from sqlmodel import SQLModel, create_engine, Session
+DATABASE_URL = "sqlite:///./users.db"
+engine = create_engine(DATABASE_URL, echo=True)
+def init_db():
+    SQLModel.metadata.create_all(engine)
+def get_session():
+    with Session(engine) as session:
+        yield session

app/main.py ADDED Viewed

	@@ -0,0 +1,113 @@

+from app import rag
+import shutil
+import os
+from fastapi import FastAPI, Depends, HTTPException, status, UploadFile, File
+from fastapi.security import OAuth2PasswordBearer
+from sqlmodel import select
+from app.models import User, UserCreate, UserLogin, Token
+from app.auth import hash_password, verify_password, create_access_token, create_refresh_token, decode_token
+from app.database import init_db, get_session
+from sqlmodel import Session
+from fastapi.middleware.cors import CORSMiddleware
+# Initialize DB
+init_db()
+app = FastAPI()
+# Allow your frontend origin
+origins = [
+    "http://localhost:5173",  # React dev server
+]
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=origins,  # or ["*"] for all origins (not recommended for production)
+    allow_credentials=True,
+    allow_methods=["*"],  # allow POST, GET, OPTIONS, etc.
+    allow_headers=["*"],
+)
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
+UPLOAD_DIR = "./uploads"
+os.makedirs(UPLOAD_DIR, exist_ok=True)
+# ------------------------
+# Protected Route Example
+# ------------------------
+def get_current_user(token: str = Depends(oauth2_scheme), session: Session = Depends(get_session)):
+    payload = decode_token(token)
+    if not payload:
+        raise HTTPException(status_code=401, detail="Invalid token")
+    username = payload.get("sub")
+    user = session.exec(select(User).where(User.username == username)).first()
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+    return user
+@app.get("/protected")
+def protected_route(current_user: User = Depends(get_current_user)):
+    return {"message": f"Hello {current_user.username}, you are authenticated!"}
+@app.post("/upload")
+def upload_file(file: UploadFile = File(...), current_user: User = Depends(get_current_user)):
+    user_id = current_user.username
+    file_path = f"./uploads/{file.filename}"
+    with open(file_path, "wb") as f:
+        shutil.copyfileobj(file.file, f)
+    rag.add_document(file_path, user_id=user_id)
+    return {"message": "Document uploaded successfully."}
+@app.get("/ask")
+def ask(q: str, current_user: User = Depends(get_current_user)):
+    user_id = current_user.username
+    qa = rag.get_qa_chain(user_id=user_id)
+    answer = qa.run(q)
+    return {"question": q, "answer": answer}
+# ------------------------
+# Auth Endpoints
+# ------------------------
+@app.post("/signup", response_model=Token)
+def signup(user: UserCreate, session: Session = Depends(get_session)):
+    existing_user = session.exec(select(User).where(User.username == user.username)).first()
+    if existing_user:
+        raise HTTPException(status_code=400, detail="Username already exists")
+    db_user = User(username=user.username, hashed_password=hash_password(user.password))
+    session.add(db_user)
+    session.commit()
+    session.refresh(db_user)
+    access_token = create_access_token({"sub": db_user.username})
+    refresh_token = create_refresh_token({"sub": db_user.username})
+    return {"access_token": access_token, "refresh_token": refresh_token}
+@app.post("/signin", response_model=Token)
+def signin(user: UserLogin, session: Session = Depends(get_session)):
+    db_user = session.exec(select(User).where(User.username == user.username)).first()
+    if not db_user or not verify_password(user.password, db_user.hashed_password):
+        raise HTTPException(status_code=401, detail="Invalid username or password")
+    access_token = create_access_token({"sub": db_user.username})
+    refresh_token = create_refresh_token({"sub": db_user.username})
+    return {"access_token": access_token, "refresh_token": refresh_token}
+from fastapi import Body
+@app.post("/refresh", response_model=Token)
+def refresh_token(refresh_token: str = Body(..., embed=True)):
+    payload = decode_token(refresh_token)
+    if not payload:
+        raise HTTPException(status_code=401, detail="Invalid refresh token")
+    username = payload.get("sub")
+    # ✅ issue a new access token
+    new_access_token = create_access_token({"sub": username})
+    # we can either reuse the refresh_token or rotate it (issue a new one)
+    return {"access_token": new_access_token, "refresh_token": refresh_token}

app/models.py ADDED Viewed

	@@ -0,0 +1,22 @@

+from sqlmodel import SQLModel, Field
+from pydantic import BaseModel
+# Database model
+class User(SQLModel, table=True):
+    id: int | None = Field(default=None, primary_key=True)
+    username: str
+    hashed_password: str
+# Pydantic models for API
+class UserCreate(BaseModel):
+    username: str
+    password: str
+class UserLogin(BaseModel):
+    username: str
+    password: str
+class Token(BaseModel):
+    access_token: str
+    refresh_token: str
+    token_type: str = "bearer"

app/rag.py ADDED Viewed

	@@ -0,0 +1,76 @@

+import numpy as np
+import os
+os.environ['NUMPY_IMPORT'] = 'done'  # This ensures numpy is loaded
+from langchain_community.vectorstores import Chroma
+from langchain_community.embeddings import HuggingFaceEmbeddings
+from langchain_community.document_loaders import TextLoader
+from langchain.document_loaders import PyPDFLoader
+from langchain.text_splitter import CharacterTextSplitter
+from app.config import CHROMA_DB_DIR
+from langchain.chat_models import ChatOpenAI
+from langchain.chains import RetrievalQA
+from dotenv import load_dotenv
+load_dotenv()
+OPENAI_ROUTER_TOKEN=os.getenv("OPENROUTER")
+# Embeddings
+embeddings = HuggingFaceEmbeddings(model_name=EMBEDDING_MODEL)
+# Chroma DB
+db = Chroma(persist_directory=CHROMA_DB_DIR, embedding_function=embeddings)
+from langchain.docstore.document import Document
+def add_document(file_path: str, user_id: str):
+    # Load file
+    if file_path.lower().endswith(".pdf"):
+        loader = PyPDFLoader(file_path)
+    elif file_path.lower().endswith(".txt"):
+        loader = TextLoader(file_path, encoding="utf-8")
+    else:
+        raise RuntimeError(f"Unsupported file type: {file_path}")
+    documents = loader.load()
+    # Split into chunks
+    splitter = CharacterTextSplitter(chunk_size=500, chunk_overlap=50)
+    docs = splitter.split_documents(documents)
+    # Add metadata directly to Document objects
+    docs_with_metadata = [
+        Document(page_content=d.page_content, metadata={"user_id": user_id, "filename": os.path.basename(file_path)})
+        for d in docs
+    ]
+    # Add to vector store
+    db.add_documents(docs_with_metadata)
+def get_qa_chain(user_id: str):
+    """
+    Return a RetrievalQA pipeline for a specific user using OpenRouter's Phi-3 Medium Instruct model.
+    Args:
+        user_id (str): Unique identifier for the user.
+    """
+    # Initialize LLM with OpenRouter
+    llm = ChatOpenAI(
+        openai_api_key=OPENAI_ROUTER_TOKEN,  # your OpenRouter API key
+        model="meta-llama/llama-4-scout:free",       # free OpenRouter model
+        temperature=0,
+        max_tokens=512,
+        openai_api_base="https://openrouter.ai/api/v1"  # OpenRouter endpoint
+    )
+    # Create retriever filtered by user_id
+    retriever = db.as_retriever(search_kwargs={"filter": {"user_id": user_id}})
+    # Build RetrievalQA pipeline
+    qa = RetrievalQA.from_chain_type(llm=llm, retriever=retriever, chain_type="stuff")
+    return qa

requirements.txt ADDED Viewed

	@@ -0,0 +1,16 @@

+fastapi
+uvicorn
+langchain
+langchain-community
+langchain-core
+chromadb
+pydantic
+sentence-transformers
+transformers
+huggingface-hub
+passlib[bcrypt]          # for hashing passwords
+python-jose[cryptography]  # for JWT tokens
+python-multipart          # already there, for file uploads
+sqlmodel
+pypdf
+numpy