This document describes the simplified authentication system that integrates with the BI Assistant session management.
The authentication system provides basic user signin, login, and logout functionality without JWT tokens. Each authenticated user automatically gets a dedicated BI session for interacting with the BI Assistant.
- POST /auth/signin - Register a new user
- POST /auth/login - Login user and create BI session
- POST /auth/logout - Logout user and cleanup BI session
- GET /auth/me - Get current user info with BI session details
- GET /auth/current-session - Get current user's BI session ID
- GET /auth/users - List all users (admin only)
- GET /sessions/my-session - Get current user's BI session info
- POST /chat/my-chat - Chat using current user's BI session
- POST /chat/my-chat/stream - Streaming chat using current user's BI session
- Registration: User registers with email, password, full name, and role
- Login:
- User credentials are verified
- Auth session is created with a session cookie
- Dedicated BI session is automatically created
- Both sessions are linked together
- Chat: User can chat directly using their dedicated BI session
- Logout: Both auth session and BI session are cleaned up
- Auth Sessions: Simple session management using cookies
- BI Sessions: Full-featured BI Assistant sessions with conversation history
- Automatic Linking: Each auth session is linked to exactly one BI session
The system comes with two default users for testing:
{
"user@example.com": {
"password": "password123",
"role": "user",
"full_name": "Test User"
},
"admin@example.com": {
"password": "admin123",
"role": "admin",
"full_name": "Admin User"
}
}# Login
curl -X POST "http://localhost:8000/auth/login" \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "password123"}' \
-c cookies.txt
# Get current user info with BI session details
curl -X GET "http://localhost:8000/auth/me" -b cookies.txt
# Get BI session info
curl -X GET "http://localhost:8000/auth/current-session" -b cookies.txt# Chat using authenticated user's session
curl -X POST "http://localhost:8000/chat/my-chat" \
-H "Content-Type: application/json" \
-d '{"message": "Hello, what can you help me with?"}' \
-b cookies.txtcurl -X POST "http://localhost:8000/auth/logout" -b cookies.txtRun the Python test client:
cd /path/to/bi_assistant
python test_auth_client.pyOpen auth_demo.html in a web browser and test the authentication flow interactively.
- Passwords are stored in plain text (should be hashed in production)
- No JWT tokens (using simple session cookies)
- In-memory storage (should use database in production)
- No rate limiting or advanced security features
- CORS is wide open (should be restricted in production)
Other services can access the current user's BI session using:
- Get BI Session ID:
GET /auth/current-session - Use BI Session ID: Pass the
bi_session_idto other APIs that require session information
Example:
# Get user's BI session ID
response = requests.get("/auth/current-session", cookies=cookies)
bi_session_id = response.json()["bi_session_id"]
# Use it with other services
requests.post("/some-service",
json={"session_id": bi_session_id},
cookies=cookies)- Add proper JWT token authentication
- Implement password hashing (bcrypt)
- Add database persistence
- Add role-based access control
- Add session expiration management
- Add password reset functionality
- Add user profile management