Move away from the sessionResponseMap

Author: BenjaminDerProgrammierer

.censitive

@@ -0,0 +1,3 @@
+// Format <globPattern>:[keyRegex]
+**/.env:.*
+

workshop-ui/src/app/api/chat/route.ts

@@ -1,5 +1,4 @@
 import { NextRequest, NextResponse } from 'next/server';
-import OpenAI, { AzureOpenAI } from 'openai';
 import fs from 'fs';
 import path from 'path';
 import { getAppSessionFromRequest, getChatSession, validateAppSession } from '@/lib/session';
@@ -9,17 +8,14 @@ import { trace, Span } from '@opentelemetry/api';
 import { getExerciseByNameWithResponse } from '@/lib/exercise-file-manager';
 import { executePython } from './codeExecutionTool';
 import { runOpenAI } from './openaiRunner';
+import { decrypt, encrypt } from '@/lib/encryption';
 
 const tracer = trace.getTracer('ai-workshop-chat');
 
-// In-memory store for session ID -> OpenAI response ID mapping
-// TODO: Persist this to a database later
-const sessionResponseMap = new Map<string, { previousResponseId: string; sessionInstanceId: string }>();
-
 /**
  * @route   POST /api/chat
  * @desc    Send a chat message
- * @body    { message: string, resetConversation: boolean }
+ * @body    { message: string, encryptedPreviousResponseId: string | undefined }
  * @urlParam exercise: string
  * @response 200 { response: string } or 400 { error: string }
  * @access  Protected (any authenticated user/workshop)
@@ -34,7 +30,7 @@ export async function POST(request: NextRequest) {
     }
 
     // Get body payload and query string parameters
-    const { message, resetConversation } = await request.json();
+    const { message, encryptedPreviousResponseId } = await request.json();
     if (!message || typeof message !== 'string') {
       return NextResponse.json({ error: 'Message is required' }, { status: 400 });
     }
@@ -60,14 +56,15 @@ export async function POST(request: NextRequest) {
       await session.save();
     }
 
-    // Handle conversation reset if requested
-    if (resetConversation === true) {
-      sessionResponseMap.delete(sessionId);
+    let previousResponseId: string | undefined = undefined;
+    if (encryptedPreviousResponseId) {
+      // console.log('Received encryptedPreviousResponseId:', encryptedPreviousResponseId);
+      try {
+        previousResponseId = decrypt(encryptedPreviousResponseId, Buffer.from(process.env.PREVIOUS_RESPONSE_ID_SECRET!, 'hex'));
+      } catch {
+      }
     }
 
-    // Get previous response ID from in-memory store
-    let { previousResponseId, sessionInstanceId } = sessionResponseMap.get(sessionId) || { previousResponseId: undefined, sessionInstanceId: crypto.randomUUID() };
-
     // Read system prompt
     const systemPromptPath = path.join(process.cwd(), 'prompts', exerciseData.folder, exerciseData.system_prompt_file);
     let systemPrompt = await fs.promises.readFile(systemPromptPath, { encoding: 'utf-8' });
@@ -105,24 +102,35 @@ Achtung! Die Dateien haben mehr Zeilen als hier gezeigt. Alle Dateien sind im Or
                 const result = await executePython(
                   script,
                   exerciseData.data_files.map(f => path.join(process.cwd(), 'prompts', exerciseData.folder, f)),
-                  sessionInstanceId
+                  sessionId
                 );
                 if (result.resultFiles) {
                   for (const resultFile of result.resultFiles) {
+                    // TODO: handle non-image files differently (see GH issue #29)
                     const markdownImage = `![Generated Image](${resultFile.url})`;
                     const data = JSON.stringify({ delta: `\n\n${markdownImage}\n\n` });
                     controller.enqueue(encoder.encode(`data: ${data}\n\n`));
                   }
                 }
+                if (result.stdout || result.stderr) {
+                  // TODO: send the output as a collapsed section (see GH issue #17)
+                }
                 return JSON.stringify(result);
               },
               welcomeMessage
             );
 
-            sessionResponseMap.set(sessionId, {
-              previousResponseId: newPreviousResponseId,
-              sessionInstanceId,
-            });
+            // Update session with new response ID
+            // Encrypt previousResponseId before sending to client
+            let encryptedResponseId: string | undefined;
+            // console.log('New previousResponseId:', newPreviousResponseId);
+            // console.log('Encryption key:', process.env.PREVIOUS_RESPONSE_ID_SECRET);
+            // Revert key.toString('hex') first
+
+            encryptedResponseId = encrypt(newPreviousResponseId, Buffer.from(process.env.PREVIOUS_RESPONSE_ID_SECRET!, 'hex'));
+
+            const data = JSON.stringify({ encryptedResponseId });
+            controller.enqueue(encoder.encode(`data: ${data}\n\n`));
 
             controller.enqueue(encoder.encode(`data: [DONE]\n\n`));
           } catch (error) {

workshop-ui/src/app/chat/[exercise]/page.tsx

@@ -35,6 +35,7 @@ export default function Home() {
   const inputRef = useRef<HTMLTextAreaElement>(null);
   const dropdownRef = useRef<HTMLDivElement>(null);
   const [isFirstCall, setIsFirstCall] = useState(true);
+  const [responseId, setResponseId] = useState<string | undefined>(undefined);
 
   // Cache for data file content - only fetch once per component session
   const dataFileContentCache = useRef<string | null>(null);
@@ -158,7 +159,7 @@ export default function Home() {
         },
         body: JSON.stringify({
           message: userMessage,
-          resetConversation: isFirstCall,
+          encryptedPreviousResponseId: responseId,
         }),
       });
 
@@ -217,6 +218,10 @@ export default function Home() {
                   assistantMessage += parsed.delta;
                   setCurrentBotMessage(assistantMessage);
                 }
+                if (parsed.encryptedResponseId) {
+                  setResponseId(parsed.encryptedResponseId);
+                  console.log('Received encryptedResponseId:', parsed.encryptedResponseId);
+                }
               } catch {
                 // Ignore parsing errors for SSE data
               }

workshop-ui/src/lib/encryption.ts

@@ -0,0 +1,51 @@
+import crypto from 'crypto';
+
+// Function to encrypt data
+export function encrypt(text: string, key: Buffer): string {
+  const algorithm = 'aes-256-gcm';
+  const iv = crypto.randomBytes(16); // Generate a random initialization vector
+  
+  const cipher = crypto.createCipheriv(algorithm, key, iv);
+  cipher.setAAD(Buffer.from('nextjs-app', 'utf8'));
+  
+  let encrypted = cipher.update(text, 'utf8', 'hex');
+  encrypted += cipher.final('hex');
+  
+  const authTag = cipher.getAuthTag();
+  
+  // Combine IV, auth tag, and encrypted data
+  return iv.toString('hex') + ':' + authTag.toString('hex') + ':' + encrypted;
+}
+
+// Function to decrypt data
+export function decrypt(encryptedText: string, key: Buffer): string {
+  const algorithm = 'aes-256-gcm';
+  
+  // Split the IV, auth tag, and encrypted data
+  const textParts = encryptedText.split(':');
+  const iv = Buffer.from(textParts[0], 'hex');
+  const authTag = Buffer.from(textParts[1], 'hex');
+  const encryptedData = textParts[2];
+  
+  const decipher = crypto.createDecipheriv(algorithm, key, iv);
+  decipher.setAAD(Buffer.from('nextjs-app', 'utf8'));
+  decipher.setAuthTag(authTag);
+  
+  let decrypted = decipher.update(encryptedData, 'hex', 'utf8');
+  decrypted += decipher.final('utf8');
+  
+  return decrypted;
+}
+
+// Example usage
+// const key = crypto.randomBytes(32); // Generate a random 256-bit key
+// const textToEncrypt = 'Hello, World!';
+
+// const hexKey = key.toString('hex');
+// console.log('Hexadecimal Key:', hexKey);
+
+// const encrypted = encrypt(textToEncrypt, key);
+// console.log('Encrypted:', encrypted);
+
+// const decrypted = decrypt(encrypted, key);
+// console.log('Decrypted:', decrypted);