Merge remote-tracking branch 'upstream/main' into feat/new-chat-input-on-landing

backend/knowledge_base/api.py

@@ -4,7 +4,7 @@ from fastapi import APIRouter, HTTPException, Depends, UploadFile, File, Form, B
 from pydantic import BaseModel, Field, HttpUrl
 from utils.auth_utils import get_current_user_id_from_jwt
 from services.supabase import DBConnection
-from services.file_processor import FileProcessor
+from knowledge_base.file_processor import FileProcessor
 from utils.logger import logger
 from flags.flags import is_enabled
 

backend/services/email_api.py

@@ -4,6 +4,7 @@ from typing import Optional
 import asyncio
 from services.email import email_service
 from utils.logger import logger
+from utils.auth_utils import verify_admin_api_key
 
 router = APIRouter()
 
@@ -16,36 +17,11 @@ class EmailResponse(BaseModel):
     message: str
 
 @router.post("/send-welcome-email", response_model=EmailResponse)
-async def send_welcome_email(request: SendWelcomeEmailRequest):
+async def send_welcome_email(
+    request: SendWelcomeEmailRequest,
+    _: bool = Depends(verify_admin_api_key)
+):
     try:
-        logger.info(f"Sending welcome email to {request.email}")
-        success = email_service.send_welcome_email(
-            user_email=request.email,
-            user_name=request.name
-        )
-        
-        if success:
-            return EmailResponse(
-                success=True,
-                message="Welcome email sent successfully"
-            )
-        else:
-            return EmailResponse(
-                success=False,
-                message="Failed to send welcome email"
-            )
-            
-    except Exception as e:
-        logger.error(f"Error sending welcome email to {request.email}: {str(e)}")
-        raise HTTPException(
-            status_code=500,
-            detail="Internal server error while sending email"
-        )
-
-@router.post("/send-welcome-email-background", response_model=EmailResponse)
-async def send_welcome_email_background(request: SendWelcomeEmailRequest):
-    try:
-        logger.info(f"Queuing welcome email for {request.email}")
         
         def send_email():
             return email_service.send_welcome_email(
@@ -59,12 +35,12 @@ async def send_welcome_email_background(request: SendWelcomeEmailRequest):
         
         return EmailResponse(
             success=True,
-            message="Welcome email queued for sending"
+            message="Welcome email sent"
         )
             
     except Exception as e:
-        logger.error(f"Error queuing welcome email for {request.email}: {str(e)}")
+        logger.error(f"Error sending welcome email for {request.email}: {str(e)}")
         raise HTTPException(
             status_code=500,
-            detail="Internal server error while queuing email"
+            detail="Internal server error while sending welcome email"
         ) 

backend/utils/auth_utils.py

@@ -1,9 +1,10 @@
 import sentry
-from fastapi import HTTPException, Request
+from fastapi import HTTPException, Request, Header
 from typing import Optional
 import jwt
 from jwt.exceptions import PyJWTError
 from utils.logger import structlog
+from utils.config import config
 
 # This function extracts the user ID from Supabase JWT
 async def get_current_user_id_from_jwt(request: Request) -> str:
@@ -229,3 +230,36 @@ async def get_optional_user_id(request: Request) -> Optional[str]:
         return user_id
     except PyJWTError:
         return None
+
+async def verify_admin_api_key(x_admin_api_key: Optional[str] = Header(None)):
+    """
+    Verify admin API key for server-side operations.
+    
+    Args:
+        x_admin_api_key: Admin API key from X-Admin-Api-Key header
+        
+    Returns:
+        bool: True if the API key is valid
+        
+    Raises:
+        HTTPException: If the API key is missing, invalid, or not configured
+    """
+    if not config.ADMIN_API_KEY:
+        raise HTTPException(
+            status_code=500,
+            detail="Admin API key not configured on server"
+        )
+    
+    if not x_admin_api_key:
+        raise HTTPException(
+            status_code=401,
+            detail="Admin API key required. Include X-Admin-Api-Key header."
+        )
+    
+    if x_admin_api_key != config.ADMIN_API_KEY:
+        raise HTTPException(
+            status_code=403,
+            detail="Invalid admin API key"
+        )
+    
+    return True

backend/utils/config.py

@@ -228,6 +228,9 @@ class Configuration:
     LANGFUSE_SECRET_KEY: Optional[str] = None
     LANGFUSE_HOST: str = "https://cloud.langfuse.com"
 
+    # Admin API key for server-side operations
+    ADMIN_API_KEY: Optional[str] = None
+    
     @property
     def STRIPE_PRODUCT_ID(self) -> str:
         if self.ENV_MODE == EnvMode.STAGING:

frontend/src/app/auth/actions.ts

@@ -6,10 +6,18 @@ import { redirect } from 'next/navigation';
 async function sendWelcomeEmail(email: string, name?: string) {
   try {
     const backendUrl = process.env.NEXT_PUBLIC_BACKEND_URL;
-    const response = await fetch(`${backendUrl}/send-welcome-email-background`, {
+    const adminApiKey = process.env.ADMIN_API_KEY;
+    
+    if (!adminApiKey) {
+      console.error('ADMIN_API_KEY not configured');
+      return;
+    }
+    
+    const response = await fetch(`${backendUrl}/api/send-welcome-email`, {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
+        'X-Admin-Api-Key': adminApiKey,
       },
       body: JSON.stringify({
         email,
@@ -20,7 +28,8 @@ async function sendWelcomeEmail(email: string, name?: string) {
     if (response.ok) {
       console.log(`Welcome email queued for ${email}`);
     } else {
-      console.error(`Failed to queue welcome email for ${email}`);
+      const errorData = await response.json().catch(() => ({}));
+      console.error(`Failed to queue welcome email for ${email}:`, errorData);
     }
   } catch (error) {
     console.error('Error sending welcome email:', error);