* feat(localization): add Korean language support
* feat(Nav): add Korean language option to General Settings (#20)
* feat(localization): add Korean language support
* refactor(localization): remove unused translations in Korean language file
* feat(localization): update Korean translations
* refactor(localization): update Korean translations in Ko.tsx
* fix(Icon/types): pick types from TMessage and TConversation
* refactor: make abortScroll a global recoil state and change props/types for useScrollToRef
* refactor(Message): invoke abort setter onTouchMove and onWheel, refactor(Messages): remove redundancy, reset abortScroll when scroll button is clicked
* feat: add option to disable titling as well as decide what model to use for OpenAI titling
refactor: truncate conversation text so it caps around 200 tokens for titling requests, optimize some of the title prompts
* feat: disable bing titling with TITLE_CONVO as well
* added auto-detect language
* fix(TranslationSelect) now saving the selected language between sessions
* fix(LangSelector.spec)
* fix(conflict)
* fix(Swedish) sv-SE
* Added endpoint picture
* plugin icon fix & new minimalist icon
* changed from BingAIMinimalIcon to BingAIMinimalistIcon
* fix(Conversation) reduced the space between the icon and the title
* refactor(getIcon & getMinimalIcon)
* moved IconProps in ~/common
* refactor(getIcon & getMinimalistIcon) from switch/case to map
* fix(getIcon.tsx) renamed to Icon
* renamed all from Minimalist to Minimal
* feat: add global teardown to remove test data and add registration/log-out to auth flow
* refactor(models/Conversation): index user field and add JSDoc to deleteConvos
* refactor: add user index to message schema and ensure user is saved to each Message
* refactor: add user to each saveMessage call
* fix: handle case where title is null in zod schema
* feat(e2e): ensure messages are deleted on cleanUp
* fix: set last convo for all endpoints on conversation update
* fix: enable registration for CI env
* chore(ChatGPTClient.js): add support for OpenRouter API
chore(OpenAIClient.js): add support for OpenRouter API
* chore: comment out token debugging
* chore: add back streamResult assignment
* chore: remove double condition/assignment from merging
* refactor(routes/endpoints): -> controller/services logic
* feat: add openrouter model fetching
* chore: remove unused endpointsConfig in cleanupPreset function
* refactor: separate models concern from endpointsConfig
* refactor(data-provider): add TModels type and make TEndpointsConfig adaptible to new endpoint keys
* refactor: complete models endpoint service in data-provider
* refactor: onMutate for refreshToken and login, invalidate models query
* feat: complete models endpoint logic for frontend
* chore: remove requireJwtAuth from /api/endpoints and /api/models as not implemented yet
* fix: endpoint will not be overwritten and instead use active value
* feat: openrouter support for plugins
* chore(EndpointOptionsDialog): remove unused recoil value
* refactor(schemas/parseConvo): add handling of secondaryModels to use first of defined secondary models, which includes last selected one as first, or default to the convo's secondary model value
* refactor: remove hooks from store and move to hooks
refactor(switchToConversation): make switchToConversation use latest recoil state, which is necessary to get the most up-to-date models list, replace wrapper function
refactor(getDefaultConversation): factor out logic into 3 pieces to reduce complexity.
* fix: backend tests
* feat: optimistic update by calling newConvo when models are fetched
* feat: openrouter support for titling convos
* feat: cache models fetch
* chore: add missing dep to AuthContext useEffect
* chore: fix useTimeout types
* chore: delete old getDefaultConvo file
* chore: remove newConvo logic from Root, remove console log from api models caching
* chore: ensure bun is used for building in b:client script
* fix: default endpoint will not default to null on a completely fresh login (no localStorage/cookies)
* chore: add openrouter docs to free_ai_apis.md and .env.example
* chore: remove openrouter console logs
* feat: add debugging env variable for Plugins
* Language translation: swedish translation
* fix: remove unwanted row in Sv translation
remove com_nav_language
---------
Co-authored-by: Marcus Nätteldal <marcus.natteldal@ltu.se>
* chore: cleanup client depend 🧹
* chore: replace joi with zod and remove unused user validator
* chore: move dep from root to api, cleanup other unused api deps
* chore: remove unused dev dep
* chore: update bun lockfile
* fix: bun scripts
* chore: add bun flag to update script
* chore: remove legacy webpack + babel dev deps
* chore: add back dev deps needed for frontend unit testing
* fix(validators): make schemas as expected and more robust with a full test suite of edge cases
* chore: remove axios from root package, remove path from api, update bun
* refactor: require Auth middleware in route index files
* feat: concurrent message limiter
* feat: complete concurrent message limiter with caching
* refactor: SSE response methods separated from handleText
* fix(abortMiddleware): fix req and res order to standard, use endpointOption in req.body
* chore: minor name changes
* refactor: add isUUID condition to saveMessage
* fix(concurrentLimiter): logic correctly handles the max number of concurrent messages and res closing/finalization
* chore: bump keyv and remove console.log from Message
* fix(concurrentLimiter): ensure messages are only saved in later message children
* refactor(concurrentLimiter): use KeyvFile instead, could make other stores configurable in the future
* feat: add denyRequest function for error responses
* feat(utils): add isStringTruthy function
Introduce the isStringTruthy function to the utilities module to check if a string value is a case-insensitive match for 'true'
* feat: add optional message rate limiters by IP and userId
* feat: add optional message rate limiters by IP and userId to edit route
* refactor: rename isStringTruthy to isTrue for brevity
* refactor(getError): use map to make code cleaner
* refactor: use memory for concurrent rate limiter to prevent clearing on startup/exit, add multiple log files, fix error message for concurrent violation
* feat: check if errorMessage is object, stringify if so
* chore: send object to denyRequest which will stringify it
* feat: log excessive requests
* fix(getError): correctly pluralize messages
* refactor(limiters): make type consistent between logs and errorMessage
* refactor(cache): move files out of lib/db into separate cache dir
>> feat: add getLogStores function so Keyv instance is not redundantly created on every violation
feat: separate violation logging to own function with logViolation
* fix: cache/index.js export, properly record userViolations
* refactor(messageLimiters): use new logging method, add logging to registrations
* refactor(logViolation): make userLogs an array of logs per user
* feat: add logging to login limiter
* refactor: pass req as first param to logViolation and record offending IP
* refactor: rename isTrue helper fn to isEnabled
* feat: add simple non_browser check and log violation
* fix: open handles in unit tests, remove KeyvMongo as not used and properly mock global fetch
* chore: adjust nodemon ignore paths to properly ignore logs
* feat: add math helper function for safe use of eval
* refactor(api/convos): use middleware at top of file to avoid redundancy
* feat: add delete all static method for Sessions
* fix: redirect to login on refresh if user is not found, or the session is not found but hasn't expired (ban case)
* refactor(getLogStores): adjust return type
* feat: add ban violation and check ban logic
refactor(logViolation): pass both req and res objects
* feat: add removePorts helper function
* refactor: rename getError to getMessageError and add getLoginError for displaying different login errors
* fix(AuthContext): fix type issue and remove unused code
* refactor(bans): ban by ip and user id, send response based on origin
* chore: add frontend ban messages
* refactor(routes/oauth): add ban check to handler, also consolidate logic to avoid redundancy
* feat: add ban check to AI messaging routes
* feat: add ban check to login/registration
* fix(ci/api): mock KeyvMongo to avoid tests hanging
* docs: update .env.example
> refactor(banViolation): calculate interval rate crossover, early return if duration is invalid
ci(banViolation): add tests to ensure users are only banned when expected
* docs: improve wording for mod system
* feat: add configurable env variables for violation scores
* chore: add jsdoc for uaParser.js
* chore: improve ban text log
* chore: update bun test scripts
* refactor(math.js): add fallback values
* fix(KeyvMongo/banLogs): refactor keyv instances to top of files to avoid memory leaks, refactor ban logic to use getLogStores instead
refactor(getLogStores): get a single log store by type
* fix(ci): refactor tests due to banLogs changes, also make sure to clear and revoke sessions even if ban duration is 0
* fix(banViolation.js): getLogStores import
* feat: handle 500 code error at login
* fix(middleware): handle case where user.id is _id and not just id
* ci: add ban secrets for backend unit tests
* refactor: logout user upon ban
* chore: log session delete message only if deletedCount > 0
* refactor: change default ban duration (2h) and make logic more clear in JSDOC
* fix: login and registration limiters will now return rate limiting error
* fix: userId not parsable as non ObjectId string
* feat: add useTimeout hook to properly clear timeouts when invoking functions within them
refactor(AuthContext): cleanup code by using new hook and defining types in ~/common
* fix: login error message for rate limits
* docs: add info for automated mod system and rate limiters, update other docs accordingly
* chore: bump data-provider version
* feat(api): refresh token logic
* feat(client): refresh token logic
* feat(data-provider): refresh token logic
* fix: SSE uses esm
* chore: add default refresh token expiry to AuthService, add message about env var not set when generating a token
* chore: update scripts to more compatible bun methods, ran bun install again
* chore: update env.example and playwright workflow with JWT_REFRESH_SECRET
* chore: update breaking changes docs
* chore: add timeout to url visit
* chore: add default SESSION_EXPIRY in generateToken logic, add act script for testing github actions
* fix(e2e): refresh automatically in development environment to pass e2e tests
* docs: make_your_own.md formatting fix for mkdocs
* feat: add express-mongo-sanitize
feat: add login/registration rate limiting
* chore: remove unnecessary console log
* wip: remove token handling from localStorage to encrypted DB solution
* refactor: minor change to UserService
* fix mongo query and add keys route to server
* fix backend controllers and simplify schema/crud
* refactor: rename token to key to separate from access/refresh tokens, setTokenDialog -> setKeyDialog
* refactor(schemas): TEndpointOption token -> key
* refactor(api): use new encrypted key retrieval system
* fix(SetKeyDialog): fix key prop error
* fix(abortMiddleware): pass random UUID if messageId is not generated yet for proper error display on frontend
* fix(getUserKey): wrong prop passed in arg, adds error handling
* fix: prevent message without conversationId from saving to DB, prevents branching on the frontend to a new top-level branch
* refactor: change wording of multiple display messages
* refactor(checkExpiry -> checkUserKeyExpiry): move to UserService file
* fix: type imports from common
* refactor(SubmitButton): convert to TS
* refactor(key.ts): change localStorage map key name
* refactor: add new custom tailwind classes to better match openAI colors
* chore: remove unnecessary warning and catch ScreenShot error
* refactor: move userKey frontend logic to hooks and remove use of localStorage and instead query the DB
* refactor: invalidate correct query key, memoize userKey hook, conditionally render SetKeyDialog to avoid unnecessary calls, refactor SubmitButton props and useEffect for showing 'provide key first'
* fix(SetKeyDialog): use enum-like object for expiry values
feat(Dropdown): add optionsClassName to dynamically change dropdown options container classes
* fix: handle edge case where user had provided a key but the server changes to env variable for keys
* refactor(OpenAI/titleConvo): move titling to client to retain authorized credentials in message lifecycle for titling
* fix(azure): handle user_provided keys correctly for azure
* feat: send user Id to OpenAI to differentiate users in completion requests
* refactor(OpenAI/titleConvo): adding tokens helps minimize LLM from using the language in title response
* feat: add delete endpoint for keys
* chore: remove throttling of title
* feat: add 'Data controls' to Settings, add 'Revoke' keys feature in Key Dialog and Data controls
* refactor: reorganize PluginsClient files in langchain format
* feat: use langchain for titling convos
* chore: cleanup titling convo, with fallback to original method, escape braces, use only snippet for language detection
* refactor: move helper functions to appropriate langchain folders for reusability
* fix: userProvidesKey handling for gptPlugins
* fix: frontend handling of plugins key
* chore: cleanup logging and ts-ignore SSE
* fix: forwardRef misuse in DangerButton
* fix(GoogleConfig/FileUpload): localize errors and simplify validation with zod
* fix: cleanup google logging and fix user provided key handling
* chore: remove titling from google
* chore: removing logging from browser endpoint
* wip: fix menu flicker
* feat: useLocalStorage hook
* feat: add Tooltip for UI
* refactor(EndpointMenu): utilize Tooltip and useLocalStorage, remove old 'New Chat' slide-over
* fix(e2e): use testId for endpoint menu trigger
* chore: final touches to EndpointMenu before future refactor to declutter component
* refactor(localization): change select endpoint to open menu and add translations
* chore: add final prop to error message response
* ci: minor edits to facilitate testing
* ci: new e2e test which tests for new key setting/revoking features
