diff --git a/application/api/answer/routes/stream.py b/application/api/answer/routes/stream.py index 7583aa0b..1c3f1778 100644 --- a/application/api/answer/routes/stream.py +++ b/application/api/answer/routes/stream.py @@ -80,6 +80,12 @@ class StreamResource(Resource, BaseAnswerResource): processor = StreamProcessor(data, decoded_token) try: processor.initialize() + if not processor.decoded_token: + return Response( + self.error_stream_generate("Unauthorized"), + status=401, + mimetype="text/event-stream", + ) docs_together, docs_list = processor.pre_fetch_docs(data["question"]) tools_data = processor.pre_fetch_tools() diff --git a/application/api/answer/services/conversation_service.py b/application/api/answer/services/conversation_service.py index 5d37e32b..09baf3d1 100644 --- a/application/api/answer/services/conversation_service.py +++ b/application/api/answer/services/conversation_service.py @@ -62,6 +62,8 @@ class ConversationService: attachment_ids: Optional[List[str]] = None, ) -> str: """Save or update a conversation in the database""" + if decoded_token is None: + raise ValueError("Invalid or missing authentication token") user_id = decoded_token.get("sub") if not user_id: raise ValueError("User ID not found in token") diff --git a/application/api/user/sharing/routes.py b/application/api/user/sharing/routes.py index fac8bda0..31436a2c 100644 --- a/application/api/user/sharing/routes.py +++ b/application/api/user/sharing/routes.py @@ -220,8 +220,23 @@ class GetPubliclySharedConversations(Resource): shared and "conversation_id" in shared ): - # conversation_id is now stored as an ObjectId, not a DBRef + # Handle DBRef (legacy), ObjectId, dict, and string formats for conversation_id conversation_id = shared["conversation_id"] + if isinstance(conversation_id, DBRef): + conversation_id = conversation_id.id + elif isinstance(conversation_id, dict): + # Handle dict representation of DBRef (e.g., {"$ref": "...", "$id": "..."}) + if "$id" in conversation_id: + conv_id = conversation_id["$id"] + # $id might be a dict like {"$oid": "..."} or a string + if isinstance(conv_id, dict) and "$oid" in conv_id: + conversation_id = ObjectId(conv_id["$oid"]) + else: + conversation_id = ObjectId(conv_id) + elif "_id" in conversation_id: + conversation_id = ObjectId(conversation_id["_id"]) + elif isinstance(conversation_id, str): + conversation_id = ObjectId(conversation_id) conversation = conversations_collection.find_one( {"_id": conversation_id} ) diff --git a/application/requirements.txt b/application/requirements.txt index 0e006768..82ee2b75 100644 --- a/application/requirements.txt +++ b/application/requirements.txt @@ -17,7 +17,7 @@ esutils==1.0.1 elevenlabs==2.27.0 Flask==3.1.2 faiss-cpu==1.13.2 -fastmcp==2.13.3 +fastmcp==2.14.0 flask-restx==1.3.2 google-genai==1.54.0 google-api-python-client==2.187.0 @@ -34,12 +34,12 @@ joblib==1.5.3 jsonpatch==1.33 jsonpointer==3.0.0 kombu==5.6.1 -langchain==1.1.3 +langchain==1.2.0 langchain-community==0.4.1 langchain-core==1.2.5 langchain-openai==1.1.6 langchain-text-splitters==1.1.0 -langsmith==0.5.0 +langsmith==0.5.1 lazy-object-proxy==1.12.0 lxml==6.0.2 markupsafe==3.0.3 @@ -53,7 +53,7 @@ openai==2.14.0 openapi3-parser==1.1.22 orjson==3.11.5 packaging==24.2 -pandas==2.2.3 +pandas==2.3.3 openpyxl==3.1.5 pathable==0.4.4 pillow @@ -70,7 +70,7 @@ pymongo==4.15.5 pypdf==6.5.0 python-dateutil==2.9.0.post0 python-dotenv -python-jose==3.4.0 +python-jose==3.5.0 python-pptx==1.0.2 redis==7.1.0 referencing>=0.28.0,<0.31.0