* feat: integrate OpenID Connect support with token reuse
- Added `jwks-rsa` and `new-openid-client` dependencies for OpenID Connect functionality.
- Implemented OpenID token refresh logic in `AuthController`.
- Enhanced `LogoutController` to handle OpenID logout and session termination.
- Updated JWT authentication middleware to support OpenID token provider.
- Modified OAuth routes to accommodate OpenID authentication and token management.
- Created `setOpenIDAuthTokens` function to manage OpenID tokens in cookies.
- Upgraded OpenID strategy with user info fetching and token exchange protocol.
- Introduced `openIdJwtLogin` strategy for handling OpenID JWT tokens.
- Added caching mechanism for exchanged OpenID tokens.
- Updated configuration to include OpenID exchanged tokens cache key.
- updated .env.example to include the new env variables needed for the feature.
* fix: update return type in downloadImage documentation for clarity and fixed openIdJwtLogin env variables
* fix: update Jest configuration and tests for OpenID strategy integration
* fix: update OpenID strategy to include callback URL in setup
* fix: fix optionalJwtAuth middleware to support OpenID token reuse and improve currentUrl method in CustomOpenIDStrategy to override the dynamic host issue related to proxy (e.g. cloudfront)
* fix: fixed code formatting
* Fix: Add mocks for openid-client and passport strategy in Jest configuration to fix unit tests
* fix eslint errors: Format mock file openid-client.
* ✨ feat: Add PKCE support for OpenID and default handling in strategy setup
---------
Co-authored-by: Atef Bellaaj <slalom.bellaaj@external.daimlertruck.com>
Co-authored-by: Ruben Talstra <RubenTalstra1211@outlook.com>
* chore: remove unused redis file
* chore: bump keyv dependencies, and update related imports
* refactor: Implement IoRedis client for rate limiting across middleware, as node-redis via keyv not compatible
* fix: Set max listeners to expected amount
* WIP: memory improvements
* refactor: Simplify getAbortData assignment in createAbortController
* refactor: Update getAbortData to use WeakRef for content management
* WIP: memory improvements in agent chat requests
* refactor: Enhance memory management with finalization registry and cleanup functions
* refactor: Simplify domainParser calls by removing unnecessary request parameter
* refactor: Update parameter types for action tools and agent loading functions to use minimal configs
* refactor: Simplify domainParser tests by removing unnecessary request parameter
* refactor: Simplify domainParser call by removing unnecessary request parameter
* refactor: Enhance client disposal by nullifying additional properties to improve memory management
* refactor: Improve title generation by adding abort controller and timeout handling, consolidate request cleanup
* refactor: Update checkIdleConnections to skip current user when checking for idle connections if passed
* refactor: Update createMCPTool to derive userId from config and handle abort signals
* refactor: Introduce createTokenCounter function and update tokenCounter usage; enhance disposeClient to reset Graph values
* refactor: Update getMCPManager to accept userId parameter for improved idle connection handling
* refactor: Extract logToolError function for improved error handling in AgentClient
* refactor: Update disposeClient to clear handlerRegistry and graphRunnable references in client.run
* refactor: Extract createHandleNewToken function to streamline token handling in initializeClient
* chore: bump @librechat/agents
* refactor: Improve timeout handling in addTitle function for better error management
* refactor: Introduce createFetch instead of using class method
* refactor: Enhance client disposal and request data handling in AskController and EditController
* refactor: Update import statements for AnthropicClient and OpenAIClient to use specific paths
* refactor: Use WeakRef for response handling in SplitStreamHandler to prevent memory leaks
* refactor: Simplify client disposal and rename getReqData to processReqData in AskController and EditController
* refactor: Improve logging structure and parameter handling in OpenAIClient
* refactor: Remove unused GraphEvents and improve stream event handling in AnthropicClient and OpenAIClient
* refactor: Simplify client initialization in AskController and EditController
* refactor: Remove unused mock functions and implement in-memory store for KeyvMongo
* chore: Update dependencies in package-lock.json to latest versions
* refactor: Await token usage recording in OpenAIClient to ensure proper async handling
* refactor: Remove handleAbort route from multiple endpoints and enhance client disposal logic
* refactor: Enhance abort controller logic by managing abortKey more effectively
* refactor: Add newConversation handling in useEventHandlers for improved conversation management
* fix: dropparams
* refactor: Use optional chaining for safer access to request properties in BaseClient
* refactor: Move client disposal and request data processing logic to cleanup module for better organization
* refactor: Remove aborted request check from addTitle function for cleaner logic
* feat: Add Grok 3 model pricing and update tests for new models
* chore: Remove trace warnings and inspect flags from backend start script used for debugging
* refactor: Replace user identifier handling with userId for consistency across controllers, use UserId in clientRegistry
* refactor: Enhance client disposal logic to prevent memory leaks by clearing additional references
* chore: Update @librechat/agents to version 2.4.14 in package.json and package-lock.json
* feat: Implement Redis-based rate limiting, initially import limits
* feat: Enhance rate limiters with Redis support and custom prefixes
* chore: import orders
* chore: update JSDoc for next middleware parameter type in ban and limiter middleware
* feat: add logHeaders middleware to log forwarded headers in requests
* refactor: change log level from info to debug for Redis rate limiters
* feat: increase Redis max listeners and refactor session storage to use Keyv
* implemented Apple Auth login.
Closes: #3438
TODO:
- write config Doc
* removed some comments
* removed comment
* Add unit tests for Apple login strategy
Introduce comprehensive tests for the Apple login strategy, covering new user creation, existing user updates, and error handling scenarios during the authentication flow. Mocks implemented for external dependencies to ensure isolated testing.
* Remove unnecessary blank line in socialLogins.js
* ✨ feat: Add OpenWeather Tool for Weather Data Retrieval 🌤️
* chore: linting
* chore: move test files
* fix: tool icon, allow user-provided keys, conform to app key assignment pattern
* chore: linting not included in #5212
---------
Co-authored-by: Jonathan Addington <jonathan.addington@jmaddington.com>
The `express-session` library comes with a session storage meant for
testing by default. That is why you get a message like this when you
start up LibreChat with OIDC enabled:
Warning: connect.session() MemoryStore is not
designed for a production environment, as it will leak
memory, and will not scale past a single process.
LibreChat can already use Redis as a session storage, although Redis support
is still marked as experimental. It also makes the set-up more complex, since
you will need to configure and run yet another service.
This pull request provides a simple alternative by using a in-memory session
store marked as a production-ready alternative by the guys from
`express-session`¹. You can still configure Redis, but this provides a simple,
good default for everyone else.
See also https://github.com/danny-avila/LibreChat/discussions/1014
¹⁾ https://github.com/expressjs/session?tab=readme-ov-file#compatible-session-stores
* fix: hide audio element on mobile
* chore: add tts docs link
* fix: select voice option on first render
* fix: NotAllowedError, prevent async playback for mobile triggers, consolidate MessageAudio code, user user-triggered unmutes
* fix: Firefox/unsupported type for MediaSource hack
* refactor(STT): make icon red when recording. consolidate logic to AudioRecorder component
* fix: revert Redis changes to use separate client for sessions
* chore: fix `endpoint` typescript issues and typo in console info message
* feat(api): files GET endpoint and save only file_id references to messages
* refactor(client): `useGetFiles` query hook, update file types, optimistic update of filesQuery on file upload
* refactor(buildTree): update to use params object and accept fileMap
* feat: map files to messages; refactor(ChatView): messages only available after files are fetched
* fix: fetch files only when authenticated
* feat(api): AppService
- rename app.locals.configs to app.locals.paths
- load custom config use fileStrategy from yaml config in app.locals
* refactor: separate Firebase and Local strategies, call based on config
* refactor: modularize file strategies and employ with use of DALL-E
* refactor(librechat.yaml): add fileStrategy field
* feat: add source to MongoFile schema, as well as BatchFile, and ExtendedFile types
* feat: employ file strategies for upload/delete files
* refactor(deleteFirebaseFile): add user id validation for firebase file deletion
* chore(deleteFirebaseFile): update jsdocs
* feat: employ strategies for vision requests
* fix(client): handle messages with deleted files
* fix(client): ensure `filesToDelete` always saves/sends `file.source`
* feat(openAI): configurable `resendImages` and `imageDetail`
* refactor(getTokenCountForMessage): recursive process only when array of Objects and only their values (not keys) aside from `image_url` types
* feat(OpenAIClient): calculateImageTokenCost
* chore: remove comment
* refactor(uploadAvatar): employ fileStrategy for avatars, from social logins or user upload
* docs: update docs on how to configure fileStrategy
* fix(ci): mock winston and winston related modules, update DALLE3.spec.js with changes made
* refactor(redis): change terminal message to reflect current development state
* fix(DALL-E-2): pass fileStrategy to dall-e
* refactor: use keyv for search caching with 1 min expirations
* feat: keyvRedis; chore: bump keyv, bun.lockb, add jsconfig for vscode file resolution
* feat: api/search redis support
* refactor(redis) use ioredis cluster for keyv
fix(OpenID): when redis is configured, use redis memory store for express-session
* fix: revert using uri for keyvredis
* fix(SearchBar): properly debounce search queries, fix weird render behaviors
* refactor: add authentication to search endpoint and show error messages in results
* feat: redis support for violation logs
* fix(logViolation): ensure a number is always being stored in cache
* feat(concurrentLimiter): uses clearPendingReq, clears pendingReq on abort, redis support
* fix(api/search/enable): query only when authenticated
* feat(ModelService): redis support
* feat(checkBan): redis support
* refactor(api/search): consolidate keyv logic
* fix(ci): add default empty value for REDIS_URI
* refactor(keyvRedis): use condition to initialize keyvRedis assignment
* refactor(connectDb): handle disconnected state (should create a new conn)
* fix(ci/e2e): handle case where cleanUp did not successfully run
* fix(getDefaultEndpoint): return endpoint from localStorage if defined and endpointsConfig is default
* ci(e2e): remove afterAll messages as startup/cleanUp will clear messages
* ci(e2e): remove teardown for CI until further notice
* chore: bump playwright/test
* ci(e2e): reinstate teardown as CI issue is specific to github env
* fix(ci): click settings menu trigger by testid
