ai_synth

Commit Graph

Author	SHA1	Message	Date
oabrivard	bd4f101d16	fix: use invalid session token instead of no cookie for auth rejection tests Unauthenticated requests (no Cookie header) hang with oneshot() in tests. Using an invalid session token achieves the same 401 result without hanging.	3 months ago
oabrivard	004f08f385	fix: runtime bugs found during first Docker run + integration tests Bugs fixed: - resolve_model queried non-existent admin_provider_models table (use JSONB query on admin_providers) - key_prefix VARCHAR(10) too short for 11-char prefix (migration to VARCHAR(12)) - API key test schema missing additionalProperties: false (OpenAI strict mode) - CSP missing font-src data: directive (PDF font embedding blocked) - Magic link URL not logged in test mode (can't verify without real email) - Rust 1.85 Docker image too old for dependencies (bumped to 1.88) Tests added to prevent recurrence: - schema_meets_openai_strict_mode_requirements: validates additionalProperties on all objects - key_prefix_full_length_stored_in_db: verifies 11-char prefix survives DB round-trip - generate_pipeline_resolves_model_from_admin_config: exercises full generation pipeline Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	3 months ago
oabrivard	439e547367	Phase 4: LLM provider abstraction with Gemini, user API key encryption Backend: - LlmProvider async trait with generate_search_pass/generate_rewrite_pass - GeminiProvider: googleSearch grounding (pass 1), structured JSON output (pass 2) - AES-256-GCM encryption for user API keys at rest (per-key random nonces) - MasterKey with zeroize-on-drop (no Clone to prevent unzeroized copies) - User API key endpoints: list (prefix only), create/update, delete, test - Dynamic category schema builder for structured LLM output - Provider factory (Gemini implemented, OpenAI/Anthropic stubbed for Phase 6) - 37 new unit tests (encryption, schema, Gemini serialization, factory) - 17 integration tests (CRUD, encryption verification, ownership isolation) Frontend: - ApiKeyManager component: per-provider key management in Settings - Password input with show/hide toggle, key prefix display (monospace) - Test button validates key with minimal LLM call - Status badges (configured/not configured) - 11 new tests Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	3 months ago

Author

SHA1

Message

Date

oabrivard

bd4f101d16

fix: use invalid session token instead of no cookie for auth rejection tests

Unauthenticated requests (no Cookie header) hang with oneshot() in tests.
Using an invalid session token achieves the same 401 result without hanging.

oabrivard

004f08f385

fix: runtime bugs found during first Docker run + integration tests

Bugs fixed:
- resolve_model queried non-existent admin_provider_models table (use JSONB query on admin_providers)
- key_prefix VARCHAR(10) too short for 11-char prefix (migration to VARCHAR(12))
- API key test schema missing additionalProperties: false (OpenAI strict mode)
- CSP missing font-src data: directive (PDF font embedding blocked)
- Magic link URL not logged in test mode (can't verify without real email)
- Rust 1.85 Docker image too old for dependencies (bumped to 1.88)

Tests added to prevent recurrence:
- schema_meets_openai_strict_mode_requirements: validates additionalProperties on all objects
- key_prefix_full_length_stored_in_db: verifies 11-char prefix survives DB round-trip
- generate_pipeline_resolves_model_from_admin_config: exercises full generation pipeline

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

oabrivard

439e547367

Phase 4: LLM provider abstraction with Gemini, user API key encryption

Backend:
- LlmProvider async trait with generate_search_pass/generate_rewrite_pass
- GeminiProvider: googleSearch grounding (pass 1), structured JSON output (pass 2)
- AES-256-GCM encryption for user API keys at rest (per-key random nonces)
- MasterKey with zeroize-on-drop (no Clone to prevent unzeroized copies)
- User API key endpoints: list (prefix only), create/update, delete, test
- Dynamic category schema builder for structured LLM output
- Provider factory (Gemini implemented, OpenAI/Anthropic stubbed for Phase 6)
- 37 new unit tests (encryption, schema, Gemini serialization, factory)
- 17 integration tests (CRUD, encryption verification, ownership isolation)

Frontend:
- ApiKeyManager component: per-provider key management in Settings
- Password input with show/hide toggle, key prefix display (monospace)
- Test button validates key with minimal LLM call
- Status badges (configured/not configured)
- 11 new tests

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

3 Commits (0874650a7fde8314e665f75777f4dfa5a360d438)