chore: Add RAG_PORT to .env.example

* French Translation Update

* French Translation Update

.devcontainer/.env.example

@@ -0,0 +1,2 @@
+# When running devcontainers, you can specify if docker & docker-compose should be installed in your environment 
+INSTALL_DOCKER=false

.devcontainer/Dockerfile

@@ -1,5 +1,33 @@
+# .devcontainer/Dockerfile
 FROM node:18-bullseye
 
+ARG INSTALL_DOCKER="false"
+ENV INSTALL_DOCKER=${INSTALL_DOCKER}
+
+# Install Docker and Docker Compose only if INSTALL_DOCKER is "true"
+RUN if [ "$INSTALL_DOCKER" = "true" ]; then \
+        apt-get update && \
+        apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release && \
+        curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
+        echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && \
+        apt-get update && \
+        apt-get install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin; \
+    fi
+
+# Install sudo
+RUN apt-get update && apt-get install -y sudo
+
+# Set up non-root user
 RUN useradd -m -s /bin/bash vscode
-RUN mkdir -p /workspaces && chown -R vscode:vscode /workspaces
-WORKDIR /workspaces
+RUN if [ "$INSTALL_DOCKER" = "true" ]; then usermod -aG docker vscode; fi
+
+# Add vscode user to sudoers
+RUN echo "vscode ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/vscode && \
+    chmod 0440 /etc/sudoers.d/vscode
+
+USER vscode
+
+WORKDIR /workspaces/LibreChat
+
+# Set the default command
+CMD ["/bin/bash"]

.devcontainer/devcontainer.json

@@ -1,18 +1,23 @@
 {
+  "name": "LibreChat Development",
   "dockerComposeFile": "docker-compose.yml",
   "service": "app",
-  "workspaceFolder": "/workspaces",
+  "workspaceFolder": "/workspaces/LibreChat",
   "customizations": {
     "vscode": {
-      "extensions": [],
-      "settings": {
-        "terminal.integrated.profiles.linux": {
-          "bash": null
-        }
-      }
+      "extensions": ["ms-azuretools.vscode-docker"]
     }
   },
-  "postCreateCommand": "",
-  "features": { "ghcr.io/devcontainers/features/git:1": {} },
-  "remoteUser": "vscode"
+  "features": {
+    "ghcr.io/devcontainers/features/docker-in-docker:2": {
+      "version": "latest",
+      "moby": false,
+      "dockerDashComposeVersion": "v2"
+    }
+  },
+  "remoteUser": "vscode",
+  "postCreateCommand": "sudo chown root:docker /var/run/docker.sock && sudo chmod 660 /var/run/docker.sock && npm run reinstall && npm run pull:rag && npm run copy-ex && MEILI_MASTER_KEY=$(docker-compose -f .devcontainer/docker-compose.yml exec -T meilisearch printenv MEILI_MASTER_KEY) && sed -i \"s/^MEILI_MASTER_KEY=.*/MEILI_MASTER_KEY=$MEILI_MASTER_KEY/\" .env",
+  "remoteEnv": {
+    "INSTALL_DOCKER": "${localEnv:INSTALL_DOCKER:false}"
+  }
 }

.devcontainer/docker-compose.yml

@@ -1,10 +1,16 @@
+# .devcontainer/docker-compose.yml
+
 version: "3.8"
 
 services:
   app:
-    build:
+    group_add:
+    - docker
+    build: 
       context: ..
       dockerfile: .devcontainer/Dockerfile
+      args:
+        - INSTALL_DOCKER=${INSTALL_DOCKER:-false}
     # restart: always
     links:
       - mongodb
@@ -17,6 +23,7 @@ services:
     volumes:
       # This is where VS Code should expect to find your project's source code and the value of "workspaceFolder" in .devcontainer/devcontainer.json
       - ..:/workspaces:cached
+      - /var/run/docker.sock:/var/run/docker.sock
       # Uncomment the next line to use Docker from inside the container. See https://aka.ms/vscode-remote/samples/docker-from-docker-compose for details.
       # - /var/run/docker.sock:/var/run/docker.sock 
     environment:
@@ -36,14 +43,12 @@ services:
     user: vscode
 
     # Overrides default command so things don't shut down after the process ends.
-    command: /bin/sh -c "while sleep 1000; do :; done"  
+    command: /bin/sh -c "while sleep 1000; do :; done"
 
   mongodb:
     container_name: chat-mongodb
     expose:
       - 27017
-    # ports:
-    #   - 27018:27017
     image: mongo
     # restart: always
     volumes:
@@ -55,11 +60,8 @@ services:
     # restart: always
     expose:
       - 7700
-    # Uncomment this to access meilisearch from outside docker
-    # ports: 
-    #   - 7700:7700 # if exposing these ports, make sure your master key is not the default value
     environment:
       - MEILI_NO_ANALYTICS=true
-      - MEILI_MASTER_KEY=5c71cf56d672d009e36070b5bc5e47b743535ae55c818ae3b735bb6ebfb4ba63
+      - MEILI_MASTER_KEY=${MEILI_MASTER_KEY:-$(openssl rand -hex 16)}
     volumes:
       - ./meili_data_v1.5:/meili_data

.env.example

@@ -64,6 +64,8 @@ PROXY=
 
 # ANYSCALE_API_KEY=
 # APIPIE_API_KEY=
+# COHERE_API_KEY=
+# DATABRICKS_API_KEY=
 # FIREWORKS_API_KEY=
 # GROQ_API_KEY=
 # HUGGINGFACE_TOKEN=
@@ -78,7 +80,7 @@ PROXY=
 #============#
 
 ANTHROPIC_API_KEY=user_provided
-# ANTHROPIC_MODELS=claude-3-opus-20240229,claude-3-sonnet-20240229,claude-3-haiku-20240307,claude-2.1,claude-2,claude-1.2,claude-1,claude-1-100k,claude-instant-1,claude-instant-1-100k
+# ANTHROPIC_MODELS=claude-3-5-sonnet-20240620,claude-3-opus-20240229,claude-3-sonnet-20240229,claude-3-haiku-20240307,claude-2.1,claude-2,claude-1.2,claude-1,claude-1-100k,claude-instant-1,claude-instant-1-100k
 # ANTHROPIC_REVERSE_PROXY=
 
 #============#
@@ -121,6 +123,8 @@ GOOGLE_KEY=user_provided
 # Vertex AI
 # GOOGLE_MODELS=gemini-1.5-flash-preview-0514,gemini-1.5-pro-preview-0514,gemini-1.0-pro-vision-001,gemini-1.0-pro-002,gemini-1.0-pro-001,gemini-pro-vision,gemini-1.0-pro
 
+# GOOGLE_TITLE_MODEL=gemini-pro
+
 # Google Gemini Safety Settings
 # NOTE (Vertex AI): You do not have access to the BLOCK_NONE setting by default.
 # To use this restricted HarmBlockThreshold setting, you will need to either:
@@ -319,6 +323,9 @@ ALLOW_EMAIL_LOGIN=true
 ALLOW_REGISTRATION=true
 ALLOW_SOCIAL_LOGIN=false
 ALLOW_SOCIAL_REGISTRATION=false
+ALLOW_PASSWORD_RESET=false
+# ALLOW_ACCOUNT_DELETION=true # note: enabled by default if omitted/commented out
+ALLOW_UNVERIFIED_EMAIL_LOGIN=true
 
 SESSION_EXPIRY=1000 * 60 * 15
 REFRESH_TOKEN_EXPIRY=(1000 * 60 * 60 * 24) * 7
@@ -367,6 +374,9 @@ LDAP_BIND_CREDENTIALS=
 LDAP_USER_SEARCH_BASE=
 LDAP_SEARCH_FILTER=mail={{username}}
 LDAP_CA_CERT_PATH=
+# LDAP_ID=
+# LDAP_USERNAME=
+# LDAP_FULL_NAME=
 
 #========================#
 # Email Password Reset   #
@@ -394,6 +404,13 @@ FIREBASE_STORAGE_BUCKET=
 FIREBASE_MESSAGING_SENDER_ID=
 FIREBASE_APP_ID=
 
+#========================#
+# Shared Links           #
+#========================#
+
+ALLOW_SHARED_LINKS=true
+ALLOW_SHARED_LINKS_PUBLIC=true
+
 #===================================================#
 #                        UI                         #
 #===================================================#
@@ -404,6 +421,9 @@ HELP_AND_FAQ_URL=https://librechat.ai
 
 # SHOW_BIRTHDAY_ICON=true
 
+# Google tag manager id
+#ANALYTICS_GTM_ID=user provided google tag manager id
+
 #==================================================#
 #                      Others                      #
 #==================================================#
@@ -416,3 +436,6 @@ HELP_AND_FAQ_URL=https://librechat.ai
 
 # E2E_USER_EMAIL=
 # E2E_USER_PASSWORD=
+
+# RAG_PORT
+RAG_PORT=8000

.github/CONTRIBUTING.md

@@ -126,6 +126,18 @@ Apply the following naming conventions to branches, labels, and other Git-relate
       
    - **Current Stance**: At present, this backend transition is of lower priority and might not be pursued.
 
+## 7. Module Import Conventions
+
+- `npm` packages first, 
+     - from shortest line (top) to longest (bottom)
+
+- Followed by typescript types (pertains to data-provider and client workspaces)
+     - longest line (top) to shortest (bottom)
+     - types from package come first
+
+- Lastly, local imports
+     - longest line (top) to shortest (bottom)
+     - imports with alias `~` treated the same as relative import with respect to line length
 
 ---
 

.gitignore

@@ -11,6 +11,7 @@ logs
 pids
 *.pid
 *.seed
+.git
 
 # Directory for instrumented libs generated by jscoverage/JSCover
 lib-cov
@@ -45,6 +46,7 @@ api/node_modules/
 client/node_modules/
 bower_components/
 *.d.ts
+!vite-env.d.ts
 
 # Floobits
 .floo

Dockerfile

@@ -1,4 +1,4 @@
-# v0.7.2
+# v0.7.3
 
 # Base node image
 FROM node:20-alpine AS node

Dockerfile.multi

@@ -1,4 +1,4 @@
-# v0.7.2
+# v0.7.3
 
 # Build API, Client and Data Provider
 FROM node:20-alpine AS base

README.md

@@ -27,7 +27,7 @@
 </p>
 
 <p align="center">
-<a href="https://railway.app/template/b5k2mn?referralCode=myKrVZ">
+<a href="https://railway.app/template/b5k2mn?referralCode=HI9hWz">
   <img src="https://railway.app/button.svg" alt="Deploy on Railway" height="30">
 </a>
 <a href="https://zeabur.com/templates/0X2ZY8">
@@ -58,9 +58,13 @@
 - 🌎 Multilingual UI:
   - English, 中文, Deutsch, Español, Français, Italiano, Polski, Português Brasileiro,
   - Русский, 日本語, Svenska, 한국어, Tiếng Việt, 繁體中文, العربية, Türkçe, Nederlands, עברית
-- 🎨 Customizable Dropdown & Interface: Adapts to both power users and newcomers.
+- 🎨 Customizable Dropdown & Interface: Adapts to both power users and newcomers
+- 📧 Verify your email to ensure secure access
+- 🗣️ Chat hands-free with Speech-to-Text and Text-to-Speech magic
+  - Automatically send and play Audio
+  - Supports OpenAI, Azure OpenAI, and Elevenlabs
 - 📥 Import Conversations from LibreChat, ChatGPT, Chatbot UI
-- 📤 Export conversations as screenshots, markdown, text, json.
+- 📤 Export conversations as screenshots, markdown, text, json
 - 🔍 Search all messages/conversations
 - 🔌 Plugins, including web access, image generation with DALL-E-3 and more
 - 👥 Multi-User, Secure Authentication with Moderation and Token spend tools
@@ -77,7 +81,7 @@ LibreChat brings together the future of assistant AIs with the revolutionary tec
 
 With LibreChat, you no longer need to opt for ChatGPT Plus and can instead use free or pay-per-call APIs. We welcome contributions, cloning, and forking to enhance the capabilities of this advanced chatbot platform.
 
-[![Watch the video](https://img.youtube.com/vi/YLVUW5UP9N0/maxresdefault.jpg)](https://www.youtube.com/watch?v=YLVUW5UP9N0)
+[![Watch the video](https://img.youtube.com/vi/bSVHEbVPNl4/maxresdefault.jpg)](https://www.youtube.com/watch?v=bSVHEbVPNl4)
 Click on the thumbnail to open the video☝️
 
 ---

api/app/clients/BaseClient.js

@@ -1,7 +1,7 @@
 const crypto = require('crypto');
 const fetch = require('node-fetch');
 const { supportsBalanceCheck, Constants } = require('librechat-data-provider');
-const { getConvo, getMessages, saveMessage, updateMessage, saveConvo } = require('~/models');
+const { getMessages, saveMessage, updateMessage, saveConvo } = require('~/models');
 const { addSpaceIfNeeded, isEnabled } = require('~/server/utils');
 const checkBalance = require('~/models/checkBalance');
 const { getFiles } = require('~/models/File');
@@ -19,6 +19,14 @@ class BaseClient {
       day: 'numeric',
     });
     this.fetch = this.fetch.bind(this);
+    /** @type {boolean} */
+    this.skipSaveConvo = false;
+    /** @type {boolean} */
+    this.skipSaveUserMessage = false;
+    /** @type {ClientDatabaseSavePromise} */
+    this.userMessagePromise;
+    /** @type {ClientDatabaseSavePromise} */
+    this.responsePromise;
   }
 
   setOptions() {
@@ -69,6 +77,9 @@ class BaseClient {
       url = this.options.reverseProxyUrl;
     }
     logger.debug(`Making request to ${url}`);
+    if (typeof Bun !== 'undefined') {
+      return await fetch(url, init);
+    }
     return await fetch(url, init);
   }
 
@@ -81,19 +92,45 @@ class BaseClient {
     await stream.processTextStream(onProgress);
   }
 
+  /**
+   * @returns {[string|undefined, string|undefined]}
+   */
+  processOverideIds() {
+    /** @type {Record<string, string | undefined>} */
+    let { overrideConvoId, overrideUserMessageId } = this.options?.req?.body ?? {};
+    if (overrideConvoId) {
+      const [conversationId, index] = overrideConvoId.split(Constants.COMMON_DIVIDER);
+      overrideConvoId = conversationId;
+      if (index !== '0') {
+        this.skipSaveConvo = true;
+      }
+    }
+    if (overrideUserMessageId) {
+      const [userMessageId, index] = overrideUserMessageId.split(Constants.COMMON_DIVIDER);
+      overrideUserMessageId = userMessageId;
+      if (index !== '0') {
+        this.skipSaveUserMessage = true;
+      }
+    }
+
+    return [overrideConvoId, overrideUserMessageId];
+  }
+
   async setMessageOptions(opts = {}) {
     if (opts && opts.replaceOptions) {
       this.setOptions(opts);
     }
 
+    const [overrideConvoId, overrideUserMessageId] = this.processOverideIds();
     const { isEdited, isContinued } = opts;
     const user = opts.user ?? null;
     this.user = user;
     const saveOptions = this.getSaveOptions();
     this.abortController = opts.abortController ?? new AbortController();
-    const conversationId = opts.conversationId ?? crypto.randomUUID();
+    const conversationId = overrideConvoId ?? opts.conversationId ?? crypto.randomUUID();
     const parentMessageId = opts.parentMessageId ?? Constants.NO_PARENT;
-    const userMessageId = opts.overrideParentMessageId ?? crypto.randomUUID();
+    const userMessageId =
+      overrideUserMessageId ?? opts.overrideParentMessageId ?? crypto.randomUUID();
     let responseMessageId = opts.responseMessageId ?? crypto.randomUUID();
     let head = isEdited ? responseMessageId : parentMessageId;
     this.currentMessages = (await this.loadHistory(conversationId, head)) ?? [];
@@ -157,7 +194,7 @@ class BaseClient {
     }
 
     if (typeof opts?.onStart === 'function') {
-      opts.onStart(userMessage);
+      opts.onStart(userMessage, responseMessageId);
     }
 
     return {
@@ -447,8 +484,13 @@ class BaseClient {
       this.handleTokenCountMap(tokenCountMap);
     }
 
-    if (!isEdited) {
-      await this.saveMessageToDatabase(userMessage, saveOptions, user);
+    if (!isEdited && !this.skipSaveUserMessage) {
+      this.userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
+      if (typeof opts?.getReqData === 'function') {
+        opts.getReqData({
+          userMessagePromise: this.userMessagePromise,
+        });
+      }
     }
 
     if (
@@ -497,15 +539,11 @@ class BaseClient {
       const completionTokens = this.getTokenCount(completion);
       await this.recordTokenUsage({ promptTokens, completionTokens });
     }
-    await this.saveMessageToDatabase(responseMessage, saveOptions, user);
+    this.responsePromise = this.saveMessageToDatabase(responseMessage, saveOptions, user);
     delete responseMessage.tokenCount;
     return responseMessage;
   }
 
-  async getConversation(conversationId, user = null) {
-    return await getConvo(user, conversationId);
-  }
-
   async loadHistory(conversationId, parentMessageId = null) {
     logger.debug('[BaseClient] Loading history:', { conversationId, parentMessageId });
 
@@ -560,18 +598,24 @@ class BaseClient {
    * @param {string | null} user
    */
   async saveMessageToDatabase(message, endpointOptions, user = null) {
-    await saveMessage({
+    const savedMessage = await saveMessage({
       ...message,
       endpoint: this.options.endpoint,
       unfinished: false,
       user,
     });
-    await saveConvo(user, {
+
+    if (this.skipSaveConvo) {
+      return { message: savedMessage };
+    }
+    const conversation = await saveConvo(user, {
       conversationId: message.conversationId,
       endpoint: this.options.endpoint,
       endpointType: this.options.endpointType,
       ...endpointOptions,
     });
+
+    return { message: savedMessage, conversation };
   }
 
   async updateMessageInDatabase(message) {

api/app/clients/GoogleClient.js

@@ -16,10 +16,15 @@ const {
   AuthKeys,
 } = require('librechat-data-provider');
 const { encodeAndFormat } = require('~/server/services/Files/images');
-const { formatMessage, createContextHandlers } = require('./prompts');
 const { getModelMaxTokens } = require('~/utils');
-const BaseClient = require('./BaseClient');
 const { logger } = require('~/config');
+const {
+  formatMessage,
+  createContextHandlers,
+  titleInstruction,
+  truncateText,
+} = require('./prompts');
+const BaseClient = require('./BaseClient');
 
 const loc = 'us-central1';
 const publisher = 'google';
@@ -591,12 +596,16 @@ class GoogleClient extends BaseClient {
   createLLM(clientOptions) {
     const model = clientOptions.modelName ?? clientOptions.model;
     if (this.project_id && this.isTextModel) {
+      logger.debug('Creating Google VertexAI client');
       return new GoogleVertexAI(clientOptions);
     } else if (this.project_id && this.isChatModel) {
+      logger.debug('Creating Chat Google VertexAI client');
       return new ChatGoogleVertexAI(clientOptions);
     } else if (this.project_id) {
+      logger.debug('Creating VertexAI client');
       return new ChatVertexAI(clientOptions);
     } else if (model.includes('1.5')) {
+      logger.debug('Creating GenAI client');
       return new GenAI(this.apiKey).getGenerativeModel(
         {
           ...clientOptions,
@@ -606,6 +615,7 @@ class GoogleClient extends BaseClient {
       );
     }
 
+    logger.debug('Creating Chat Google Generative AI client');
     return new ChatGoogleGenerativeAI({ ...clientOptions, apiKey: this.apiKey });
   }
 
@@ -717,6 +727,123 @@ class GoogleClient extends BaseClient {
     return reply;
   }
 
+  /**
+   * Stripped-down logic for generating a title. This uses the non-streaming APIs, since the user does not see titles streaming
+   */
+  async titleChatCompletion(_payload, options = {}) {
+    const { abortController } = options;
+    const { parameters, instances } = _payload;
+    const { messages: _messages, examples: _examples } = instances?.[0] ?? {};
+
+    let clientOptions = { ...parameters, maxRetries: 2 };
+
+    logger.debug('Initialized title client options');
+
+    if (this.project_id) {
+      clientOptions['authOptions'] = {
+        credentials: {
+          ...this.serviceKey,
+        },
+        projectId: this.project_id,
+      };
+    }
+
+    if (!parameters) {
+      clientOptions = { ...clientOptions, ...this.modelOptions };
+    }
+
+    if (this.isGenerativeModel && !this.project_id) {
+      clientOptions.modelName = clientOptions.model;
+      delete clientOptions.model;
+    }
+
+    const model = this.createLLM(clientOptions);
+
+    let reply = '';
+    const messages = this.isTextModel ? _payload.trim() : _messages;
+
+    const modelName = clientOptions.modelName ?? clientOptions.model ?? '';
+    if (modelName?.includes('1.5') && !this.project_id) {
+      logger.debug('Identified titling model as 1.5 version');
+      /** @type {GenerativeModel} */
+      const client = model;
+      const requestOptions = {
+        contents: _payload,
+      };
+
+      if (this.options?.promptPrefix?.length) {
+        requestOptions.systemInstruction = {
+          parts: [
+            {
+              text: this.options.promptPrefix,
+            },
+          ],
+        };
+      }
+
+      const safetySettings = _payload.safetySettings;
+      requestOptions.safetySettings = safetySettings;
+
+      const result = await client.generateContent(requestOptions);
+
+      reply = result.response?.text();
+
+      return reply;
+    } else {
+      logger.debug('Beginning titling');
+      const safetySettings = _payload.safetySettings;
+
+      const titleResponse = await model.invoke(messages, {
+        signal: abortController.signal,
+        timeout: 7000,
+        safetySettings: safetySettings,
+      });
+
+      reply = titleResponse.content;
+
+      return reply;
+    }
+  }
+
+  async titleConvo({ text, responseText = '' }) {
+    let title = 'New Chat';
+    const convo = `||>User:
+"${truncateText(text)}"
+||>Response:
+"${JSON.stringify(truncateText(responseText))}"`;
+
+    let { prompt: payload } = await this.buildMessages([
+      {
+        text: `Please generate ${titleInstruction}
+
+    ${convo}
+    
+    ||>Title:`,
+        isCreatedByUser: true,
+        author: this.userLabel,
+      },
+    ]);
+
+    if (this.isVisionModel) {
+      logger.warn(
+        `Current vision model does not support titling without an attachment; falling back to default model ${settings.model.default}`,
+      );
+
+      payload.parameters = { ...payload.parameters, model: settings.model.default };
+    }
+
+    try {
+      title = await this.titleChatCompletion(payload, {
+        abortController: new AbortController(),
+        onProgress: () => {},
+      });
+    } catch (e) {
+      logger.error('[GoogleClient] There was an issue generating the title', e);
+    }
+    logger.debug(`Title response: ${title}`);
+    return title;
+  }
+
   getSaveOptions() {
     return {
       promptPrefix: this.options.promptPrefix,

api/app/clients/OpenAIClient.js

@@ -27,7 +27,6 @@ const {
   createContextHandlers,
 } = require('./prompts');
 const { encodeAndFormat } = require('~/server/services/Files/images/encode');
-const { updateTokenWebsocket } = require('~/server/services/Files/Audio');
 const { isEnabled, sleep } = require('~/server/utils');
 const { handleOpenAIErrors } = require('./tools/util');
 const spendTokens = require('~/models/spendTokens');
@@ -595,7 +594,6 @@ class OpenAIClient extends BaseClient {
         payload,
         (progressMessage) => {
           if (progressMessage === '[DONE]') {
-            updateTokenWebsocket('[DONE]');
             return;
           }
 

api/app/clients/PluginsClient.js

@@ -238,12 +238,23 @@ class PluginsClient extends OpenAIClient {
       await this.recordTokenUsage(responseMessage);
     }
 
-    await this.saveMessageToDatabase(responseMessage, saveOptions, user);
+    this.responsePromise = this.saveMessageToDatabase(responseMessage, saveOptions, user);
     delete responseMessage.tokenCount;
     return { ...responseMessage, ...result };
   }
 
   async sendMessage(message, opts = {}) {
+    /** @type {{ filteredTools: string[], includedTools: string[] }} */
+    const { filteredTools = [], includedTools = [] } = this.options.req.app.locals;
+
+    if (includedTools.length > 0) {
+      const tools = this.options.tools.filter((plugin) => includedTools.includes(plugin));
+      this.options.tools = tools;
+    } else {
+      const tools = this.options.tools.filter((plugin) => !filteredTools.includes(plugin));
+      this.options.tools = tools;
+    }
+
     // If a message is edited, no tools can be used.
     const completionMode = this.options.tools.length === 0 || opts.isEdited;
     if (completionMode) {
@@ -301,7 +312,15 @@ class PluginsClient extends OpenAIClient {
     if (payload) {
       this.currentMessages = payload;
     }
-    await this.saveMessageToDatabase(userMessage, saveOptions, user);
+
+    if (!this.skipSaveUserMessage) {
+      this.userMessagePromise = this.saveMessageToDatabase(userMessage, saveOptions, user);
+      if (typeof opts?.getReqData === 'function') {
+        opts.getReqData({
+          userMessagePromise: this.userMessagePromise,
+        });
+      }
+    }
 
     if (isEnabled(process.env.CHECK_BALANCE)) {
       await checkBalance({

api/app/clients/agents/CustomAgent/instructions.js

@@ -1,44 +1,3 @@
-/*
-module.exports = `You are ChatGPT, a Large Language model with useful tools.
-
-Talk to the human and provide meaningful answers when questions are asked.
-
-Use the tools when you need them, but use your own knowledge if you are confident of the answer. Keep answers short and concise.
-
-A tool is not usually needed for creative requests, so do your best to answer them without tools.
-
-Avoid repeating identical answers if it appears before. Only fulfill the human's requests, do not create extra steps beyond what the human has asked for.
-
-Your input for 'Action' should be the name of tool used only.
-
-Be honest. If you can't answer something, or a tool is not appropriate, say you don't know or answer to the best of your ability.
-
-Attempt to fulfill the human's requests in as few actions as possible`;
-*/
-
-// module.exports = `You are ChatGPT, a highly knowledgeable and versatile large language model.
-
-// Engage with the Human conversationally, providing concise and meaningful answers to questions. Utilize built-in tools when necessary, except for creative requests, where relying on your own knowledge is preferred. Aim for variety and avoid repetitive answers.
-
-// For your 'Action' input, state the name of the tool used only, and honor user requests without adding extra steps. Always be honest; if you cannot provide an appropriate answer or tool, admit that or do your best.
-
-// Strive to meet the user's needs efficiently with minimal actions.`;
-
-// import {
-//   BasePromptTemplate,
-//   BaseStringPromptTemplate,
-//   SerializedBasePromptTemplate,
-//   renderTemplate,
-// } from "langchain/prompts";
-
-// prefix: `You are ChatGPT, a highly knowledgeable and versatile large language model.
-// Your objective is to help users by understanding their intent and choosing the best action. Prioritize direct, specific responses. Use concise, varied answers and rely on your knowledge for creative tasks. Utilize tools when needed, and structure results for machine compatibility.
-// prefix: `Objective: to comprehend human intentions based on user input and available tools. Goal: identify the best action to directly address the human's query. In your subsequent steps, you will utilize the chosen action. You may select multiple actions and list them in a meaningful order. Prioritize actions that directly relate to the user's query over general ones. Ensure that the generated thought is highly specific and explicit to best match the user's expectations. Construct the result in a manner that an online open-API would most likely expect. Provide concise and meaningful answers to human queries. Utilize tools when necessary. Relying on your own knowledge is preferred for creative requests. Aim for variety and avoid repetitive answers.
-
-// # Available Actions & Tools:
-// N/A: no suitable action, use your own knowledge.`,
-// suffix: `Remember, all your responses MUST adhere to the described format and only respond if the format is followed. Output exactly with the requested format, avoiding any other text as this will be parsed by a machine. Following 'Action:', provide only one of the actions listed above. If a tool is not necessary, deduce this quickly and finish your response. Honor the human's requests without adding extra steps. Carry out tasks in the sequence written by the human. Always be honest; if you cannot provide an appropriate answer or tool, do your best with your own knowledge. Strive to meet the user's needs efficiently with minimal actions.`;
-
 module.exports = {
   'gpt3-v1': {
     prefix: `Objective: Understand human intentions using user input and available tools. Goal: Identify the most suitable actions to directly address user queries.

api/app/clients/prompts/createContextHandlers.js

@@ -8,8 +8,6 @@ In your response, remember to follow these guidelines:
 - If you don't know the answer, simply say that you don't know.
 - If you are unsure how to answer, ask for clarification.
 - Avoid mentioning that you obtained the information from the context.
-
-Answer appropriately in the user's language.
 `;
 
 function createContextHandlers(req, userMessageContent) {
@@ -94,37 +92,40 @@ function createContextHandlers(req, userMessageContent) {
 
       const resolvedQueries = await Promise.all(queryPromises);
 
-      const context = resolvedQueries
-        .map((queryResult, index) => {
-          const file = processedFiles[index];
-          let contextItems = queryResult.data;
+      const context =
+        resolvedQueries.length === 0
+          ? '\n\tThe semantic search did not return any results.'
+          : resolvedQueries
+            .map((queryResult, index) => {
+              const file = processedFiles[index];
+              let contextItems = queryResult.data;
 
-          const generateContext = (currentContext) =>
-            `
+              const generateContext = (currentContext) =>
+                `
           <file>
             <filename>${file.filename}</filename>
             <context>${currentContext}
             </context>
           </file>`;
 
-          if (useFullContext) {
-            return generateContext(`\n${contextItems}`);
-          }
+              if (useFullContext) {
+                return generateContext(`\n${contextItems}`);
+              }
 
-          contextItems = queryResult.data
-            .map((item) => {
-              const pageContent = item[0].page_content;
-              return `
+              contextItems = queryResult.data
+                .map((item) => {
+                  const pageContent = item[0].page_content;
+                  return `
             <contextItem>
               <![CDATA[${pageContent?.trim()}]]>
             </contextItem>`;
+                })
+                .join('');
+
+              return generateContext(contextItems);
             })
             .join('');
 
-          return generateContext(contextItems);
-        })
-        .join('');
-
       if (useFullContext) {
         const prompt = `${header}
           ${context}

api/app/clients/specs/BaseClient.test.js

@@ -576,7 +576,11 @@ describe('BaseClient', () => {
       const onStart = jest.fn();
       const opts = { onStart };
       await TestClient.sendMessage('Hello, world!', opts);
-      expect(onStart).toHaveBeenCalledWith(expect.objectContaining({ text: 'Hello, world!' }));
+
+      expect(onStart).toHaveBeenCalledWith(
+        expect.objectContaining({ text: 'Hello, world!' }),
+        expect.any(String),
+      );
     });
 
     test('saveMessageToDatabase is called with the correct arguments', async () => {

api/app/clients/specs/PluginsClient.test.js

@@ -194,6 +194,7 @@ describe('PluginsClient', () => {
       expect(client.getFunctionModelName('')).toBe('gpt-3.5-turbo');
     });
   });
+
   describe('Azure OpenAI tests specific to Plugins', () => {
     // TODO: add more tests for Azure OpenAI integration with Plugins
     // let client;
@@ -220,4 +221,94 @@ describe('PluginsClient', () => {
       spy.mockRestore();
     });
   });
+
+  describe('sendMessage with filtered tools', () => {
+    let TestAgent;
+    const apiKey = 'fake-api-key';
+    const mockTools = [{ name: 'tool1' }, { name: 'tool2' }, { name: 'tool3' }, { name: 'tool4' }];
+
+    beforeEach(() => {
+      TestAgent = new PluginsClient(apiKey, {
+        tools: mockTools,
+        modelOptions: {
+          model: 'gpt-3.5-turbo',
+          temperature: 0,
+          max_tokens: 2,
+        },
+        agentOptions: {
+          model: 'gpt-3.5-turbo',
+        },
+      });
+
+      TestAgent.options.req = {
+        app: {
+          locals: {},
+        },
+      };
+
+      TestAgent.sendMessage = jest.fn().mockImplementation(async () => {
+        const { filteredTools = [], includedTools = [] } = TestAgent.options.req.app.locals;
+
+        if (includedTools.length > 0) {
+          const tools = TestAgent.options.tools.filter((plugin) =>
+            includedTools.includes(plugin.name),
+          );
+          TestAgent.options.tools = tools;
+        } else {
+          const tools = TestAgent.options.tools.filter(
+            (plugin) => !filteredTools.includes(plugin.name),
+          );
+          TestAgent.options.tools = tools;
+        }
+
+        return {
+          text: 'Mocked response',
+          tools: TestAgent.options.tools,
+        };
+      });
+    });
+
+    test('should filter out tools when filteredTools is provided', async () => {
+      TestAgent.options.req.app.locals.filteredTools = ['tool1', 'tool3'];
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(2);
+      expect(response.tools).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: 'tool2' }),
+          expect.objectContaining({ name: 'tool4' }),
+        ]),
+      );
+    });
+
+    test('should only include specified tools when includedTools is provided', async () => {
+      TestAgent.options.req.app.locals.includedTools = ['tool2', 'tool4'];
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(2);
+      expect(response.tools).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: 'tool2' }),
+          expect.objectContaining({ name: 'tool4' }),
+        ]),
+      );
+    });
+
+    test('should prioritize includedTools over filteredTools', async () => {
+      TestAgent.options.req.app.locals.filteredTools = ['tool1', 'tool3'];
+      TestAgent.options.req.app.locals.includedTools = ['tool1', 'tool2'];
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(2);
+      expect(response.tools).toEqual(
+        expect.arrayContaining([
+          expect.objectContaining({ name: 'tool1' }),
+          expect.objectContaining({ name: 'tool2' }),
+        ]),
+      );
+    });
+
+    test('should not modify tools when no filters are provided', async () => {
+      const response = await TestAgent.sendMessage('Test message');
+      expect(response.tools).toHaveLength(4);
+      expect(response.tools).toEqual(expect.arrayContaining(mockTools));
+    });
+  });
 });

api/cache/getLogStores.js

@@ -25,6 +25,10 @@ const config = isEnabled(USE_REDIS)
   ? new Keyv({ store: keyvRedis })
   : new Keyv({ namespace: CacheKeys.CONFIG_STORE });
 
+const roles = isEnabled(USE_REDIS)
+  ? new Keyv({ store: keyvRedis })
+  : new Keyv({ namespace: CacheKeys.ROLES });
+
 const audioRuns = isEnabled(USE_REDIS) // ttl: 30 minutes
   ? new Keyv({ store: keyvRedis, ttl: TEN_MINUTES })
   : new Keyv({ namespace: CacheKeys.AUDIO_RUNS, ttl: TEN_MINUTES });
@@ -46,6 +50,7 @@ const abortKeys = isEnabled(USE_REDIS)
   : new Keyv({ namespace: CacheKeys.ABORT_KEYS, ttl: 600000 });
 
 const namespaces = {
+  [CacheKeys.ROLES]: roles,
   [CacheKeys.CONFIG_STORE]: config,
   pending_req,
   [ViolationTypes.BAN]: new Keyv({ store: keyvMongo, namespace: CacheKeys.BANS, ttl: duration }),
@@ -63,6 +68,10 @@ const namespaces = {
   [ViolationTypes.TTS_LIMIT]: createViolationInstance(ViolationTypes.TTS_LIMIT),
   [ViolationTypes.STT_LIMIT]: createViolationInstance(ViolationTypes.STT_LIMIT),
   [ViolationTypes.FILE_UPLOAD_LIMIT]: createViolationInstance(ViolationTypes.FILE_UPLOAD_LIMIT),
+  [ViolationTypes.VERIFY_EMAIL_LIMIT]: createViolationInstance(ViolationTypes.VERIFY_EMAIL_LIMIT),
+  [ViolationTypes.RESET_PASSWORD_LIMIT]: createViolationInstance(
+    ViolationTypes.RESET_PASSWORD_LIMIT,
+  ),
   [ViolationTypes.ILLEGAL_MODEL_REQUEST]: createViolationInstance(
     ViolationTypes.ILLEGAL_MODEL_REQUEST,
   ),

api/cache/logViolation.js

@@ -1,6 +1,6 @@
+const { isEnabled } = require('~/server/utils');
 const getLogStores = require('./getLogStores');
 const banViolation = require('./banViolation');
-const { isEnabled } = require('../server/utils');
 
 /**
  * Logs the violation.

api/models/Categories.js

@@ -0,0 +1,61 @@
+const { logger } = require('~/config');
+// const { Categories } = require('./schema/categories');
+const options = [
+  {
+    label: '',
+    value: '',
+  },
+  {
+    label: 'idea',
+    value: 'idea',
+  },
+  {
+    label: 'travel',
+    value: 'travel',
+  },
+  {
+    label: 'teach_or_explain',
+    value: 'teach_or_explain',
+  },
+  {
+    label: 'write',
+    value: 'write',
+  },
+  {
+    label: 'shop',
+    value: 'shop',
+  },
+  {
+    label: 'code',
+    value: 'code',
+  },
+  {
+    label: 'misc',
+    value: 'misc',
+  },
+  {
+    label: 'roleplay',
+    value: 'roleplay',
+  },
+  {
+    label: 'finance',
+    value: 'finance',
+  },
+];
+
+module.exports = {
+  /**
+   * Retrieves the categories asynchronously.
+   * @returns {Promise<TGetCategoriesResponse>} An array of category objects.
+   * @throws {Error} If there is an error retrieving the categories.
+   */
+  getCategories: async () => {
+    try {
+      // const categories = await Categories.find();
+      return options;
+    } catch (error) {
+      logger.error('Error getting categories', error);
+      return [];
+    }
+  },
+};

api/models/Conversation.js

@@ -27,10 +27,12 @@ module.exports = {
         update.conversationId = newConversationId;
       }
 
-      return await Conversation.findOneAndUpdate({ conversationId: conversationId, user }, update, {
+      const conversation = await Conversation.findOneAndUpdate({ conversationId, user }, update, {
         new: true,
         upsert: true,
       });
+
+      return conversation.toObject();
     } catch (error) {
       logger.error('[saveConvo] Error saving conversation', error);
       return { message: 'Error saving conversation' };

api/models/File.js

@@ -97,8 +97,12 @@ const deleteFileByFilter = async (filter) => {
  * @param {Array<string>} file_ids - The unique identifiers of the files to delete.
  * @returns {Promise<Object>} A promise that resolves to the result of the deletion operation.
  */
-const deleteFiles = async (file_ids) => {
-  return await File.deleteMany({ file_id: { $in: file_ids } });
+const deleteFiles = async (file_ids, user) => {
+  let deleteQuery = { file_id: { $in: file_ids } };
+  if (user) {
+    deleteQuery = { user: user };
+  }
+  return await File.deleteMany(deleteQuery);
 };
 
 module.exports = {

api/models/Message.js

@@ -57,18 +57,13 @@ module.exports = {
       if (files) {
         update.files = files;
       }
-      // may also need to update the conversation here
-      await Message.findOneAndUpdate({ messageId }, update, { upsert: true, new: true });
 
-      return {
-        messageId,
-        conversationId,
-        parentMessageId,
-        sender,
-        text,
-        isCreatedByUser,
-        tokenCount,
-      };
+      const message = await Message.findOneAndUpdate({ messageId }, update, {
+        upsert: true,
+        new: true,
+      });
+
+      return message.toObject();
     } catch (err) {
       logger.error('Error saving message:', err);
       throw new Error('Failed to save message.');

api/models/Project.js

@@ -0,0 +1,90 @@
+const { model } = require('mongoose');
+const projectSchema = require('~/models/schema/projectSchema');
+
+const Project = model('Project', projectSchema);
+
+/**
+ * Retrieve a project by ID and convert the found project document to a plain object.
+ *
+ * @param {string} projectId - The ID of the project to find and return as a plain object.
+ * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
+ * @returns {Promise<MongoProject>} A plain object representing the project document, or `null` if no project is found.
+ */
+const getProjectById = async function (projectId, fieldsToSelect = null) {
+  const query = Project.findById(projectId);
+
+  if (fieldsToSelect) {
+    query.select(fieldsToSelect);
+  }
+
+  return await query.lean();
+};
+
+/**
+ * Retrieve a project by name and convert the found project document to a plain object.
+ * If the project with the given name doesn't exist and the name is "instance", create it and return the lean version.
+ *
+ * @param {string} projectName - The name of the project to find or create.
+ * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
+ * @returns {Promise<MongoProject>} A plain object representing the project document.
+ */
+const getProjectByName = async function (projectName, fieldsToSelect = null) {
+  const query = { name: projectName };
+  const update = { $setOnInsert: { name: projectName } };
+  const options = {
+    new: true,
+    upsert: projectName === 'instance',
+    lean: true,
+    select: fieldsToSelect,
+  };
+
+  return await Project.findOneAndUpdate(query, update, options);
+};
+
+/**
+ * Add an array of prompt group IDs to a project's promptGroupIds array, ensuring uniqueness.
+ *
+ * @param {string} projectId - The ID of the project to update.
+ * @param {string[]} promptGroupIds - The array of prompt group IDs to add to the project.
+ * @returns {Promise<MongoProject>} The updated project document.
+ */
+const addGroupIdsToProject = async function (projectId, promptGroupIds) {
+  return await Project.findByIdAndUpdate(
+    projectId,
+    { $addToSet: { promptGroupIds: { $each: promptGroupIds } } },
+    { new: true },
+  );
+};
+
+/**
+ * Remove an array of prompt group IDs from a project's promptGroupIds array.
+ *
+ * @param {string} projectId - The ID of the project to update.
+ * @param {string[]} promptGroupIds - The array of prompt group IDs to remove from the project.
+ * @returns {Promise<MongoProject>} The updated project document.
+ */
+const removeGroupIdsFromProject = async function (projectId, promptGroupIds) {
+  return await Project.findByIdAndUpdate(
+    projectId,
+    { $pull: { promptGroupIds: { $in: promptGroupIds } } },
+    { new: true },
+  );
+};
+
+/**
+ * Remove a prompt group ID from all projects.
+ *
+ * @param {string} promptGroupId - The ID of the prompt group to remove from projects.
+ * @returns {Promise<void>}
+ */
+const removeGroupFromAllProjects = async (promptGroupId) => {
+  await Project.updateMany({}, { $pull: { promptGroupIds: promptGroupId } });
+};
+
+module.exports = {
+  getProjectById,
+  getProjectByName,
+  addGroupIdsToProject,
+  removeGroupIdsFromProject,
+  removeGroupFromAllProjects,
+};

api/models/Prompt.js

@@ -1,52 +1,528 @@
-const mongoose = require('mongoose');
+const { ObjectId } = require('mongodb');
+const { SystemRoles, SystemCategories } = require('librechat-data-provider');
+const {
+  getProjectByName,
+  addGroupIdsToProject,
+  removeGroupIdsFromProject,
+  removeGroupFromAllProjects,
+} = require('./Project');
+const { Prompt, PromptGroup } = require('./schema/promptSchema');
 const { logger } = require('~/config');
 
-const promptSchema = mongoose.Schema(
-  {
-    title: {
-      type: String,
-      required: true,
+/**
+ * Create a pipeline for the aggregation to get prompt groups
+ * @param {Object} query
+ * @param {number} skip
+ * @param {number} limit
+ * @returns {[Object]} - The pipeline for the aggregation
+ */
+const createGroupPipeline = (query, skip, limit) => {
+  return [
+    { $match: query },
+    { $sort: { createdAt: -1 } },
+    { $skip: skip },
+    { $limit: limit },
+    {
+      $lookup: {
+        from: 'prompts',
+        localField: 'productionId',
+        foreignField: '_id',
+        as: 'productionPrompt',
+      },
     },
-    prompt: {
-      type: String,
-      required: true,
+    { $unwind: { path: '$productionPrompt', preserveNullAndEmptyArrays: true } },
+    {
+      $project: {
+        name: 1,
+        numberOfGenerations: 1,
+        oneliner: 1,
+        category: 1,
+        projectIds: 1,
+        productionId: 1,
+        author: 1,
+        authorName: 1,
+        createdAt: 1,
+        updatedAt: 1,
+        'productionPrompt.prompt': 1,
+        // 'productionPrompt._id': 1,
+        // 'productionPrompt.type': 1,
+      },
     },
-    category: {
-      type: String,
-    },
-  },
-  { timestamps: true },
-);
+  ];
+};
 
-const Prompt = mongoose.models.Prompt || mongoose.model('Prompt', promptSchema);
+/**
+ * Create a pipeline for the aggregation to get all prompt groups
+ * @param {Object} query
+ * @param {Partial<MongoPromptGroup>} $project
+ * @returns {[Object]} - The pipeline for the aggregation
+ */
+const createAllGroupsPipeline = (
+  query,
+  $project = {
+    name: 1,
+    oneliner: 1,
+    category: 1,
+    author: 1,
+    authorName: 1,
+    createdAt: 1,
+    updatedAt: 1,
+    command: 1,
+    'productionPrompt.prompt': 1,
+  },
+) => {
+  return [
+    { $match: query },
+    { $sort: { createdAt: -1 } },
+    {
+      $lookup: {
+        from: 'prompts',
+        localField: 'productionId',
+        foreignField: '_id',
+        as: 'productionPrompt',
+      },
+    },
+    { $unwind: { path: '$productionPrompt', preserveNullAndEmptyArrays: true } },
+    {
+      $project,
+    },
+  ];
+};
+
+/**
+ * Get all prompt groups with filters
+ * @param {Object} req
+ * @param {TPromptGroupsWithFilterRequest} filter
+ * @returns {Promise<PromptGroupListResponse>}
+ */
+const getAllPromptGroups = async (req, filter) => {
+  try {
+    const { name, ...query } = filter;
+
+    if (!query.author) {
+      throw new Error('Author is required');
+    }
+
+    let searchShared = true;
+    let searchSharedOnly = false;
+    if (name) {
+      query.name = new RegExp(name, 'i');
+    }
+    if (!query.category) {
+      delete query.category;
+    } else if (query.category === SystemCategories.MY_PROMPTS) {
+      searchShared = false;
+      delete query.category;
+    } else if (query.category === SystemCategories.NO_CATEGORY) {
+      query.category = '';
+    } else if (query.category === SystemCategories.SHARED_PROMPTS) {
+      searchSharedOnly = true;
+      delete query.category;
+    }
+
+    let combinedQuery = query;
+
+    if (searchShared) {
+      const project = await getProjectByName('instance', 'promptGroupIds');
+      if (project && project.promptGroupIds.length > 0) {
+        const projectQuery = { _id: { $in: project.promptGroupIds }, ...query };
+        delete projectQuery.author;
+        combinedQuery = searchSharedOnly ? projectQuery : { $or: [projectQuery, query] };
+      }
+    }
+
+    const promptGroupsPipeline = createAllGroupsPipeline(combinedQuery);
+    return await PromptGroup.aggregate(promptGroupsPipeline).exec();
+  } catch (error) {
+    console.error('Error getting all prompt groups', error);
+    return { message: 'Error getting all prompt groups' };
+  }
+};
+
+/**
+ * Get prompt groups with filters
+ * @param {Object} req
+ * @param {TPromptGroupsWithFilterRequest} filter
+ * @returns {Promise<PromptGroupListResponse>}
+ */
+const getPromptGroups = async (req, filter) => {
+  try {
+    const { pageNumber = 1, pageSize = 10, name, ...query } = filter;
+
+    const validatedPageNumber = Math.max(parseInt(pageNumber, 10), 1);
+    const validatedPageSize = Math.max(parseInt(pageSize, 10), 1);
+
+    if (!query.author) {
+      throw new Error('Author is required');
+    }
+
+    let searchShared = true;
+    let searchSharedOnly = false;
+    if (name) {
+      query.name = new RegExp(name, 'i');
+    }
+    if (!query.category) {
+      delete query.category;
+    } else if (query.category === SystemCategories.MY_PROMPTS) {
+      searchShared = false;
+      delete query.category;
+    } else if (query.category === SystemCategories.NO_CATEGORY) {
+      query.category = '';
+    } else if (query.category === SystemCategories.SHARED_PROMPTS) {
+      searchSharedOnly = true;
+      delete query.category;
+    }
+
+    let combinedQuery = query;
+
+    if (searchShared) {
+      // const projects = req.user.projects || []; // TODO: handle multiple projects
+      const project = await getProjectByName('instance', 'promptGroupIds');
+      if (project && project.promptGroupIds.length > 0) {
+        const projectQuery = { _id: { $in: project.promptGroupIds }, ...query };
+        delete projectQuery.author;
+        combinedQuery = searchSharedOnly ? projectQuery : { $or: [projectQuery, query] };
+      }
+    }
+
+    const skip = (validatedPageNumber - 1) * validatedPageSize;
+    const limit = validatedPageSize;
+
+    const promptGroupsPipeline = createGroupPipeline(combinedQuery, skip, limit);
+    const totalPromptGroupsPipeline = [{ $match: combinedQuery }, { $count: 'total' }];
+
+    const [promptGroupsResults, totalPromptGroupsResults] = await Promise.all([
+      PromptGroup.aggregate(promptGroupsPipeline).exec(),
+      PromptGroup.aggregate(totalPromptGroupsPipeline).exec(),
+    ]);
+
+    const promptGroups = promptGroupsResults;
+    const totalPromptGroups =
+      totalPromptGroupsResults.length > 0 ? totalPromptGroupsResults[0].total : 0;
+
+    return {
+      promptGroups,
+      pageNumber: validatedPageNumber.toString(),
+      pageSize: validatedPageSize.toString(),
+      pages: Math.ceil(totalPromptGroups / validatedPageSize).toString(),
+    };
+  } catch (error) {
+    console.error('Error getting prompt groups', error);
+    return { message: 'Error getting prompt groups' };
+  }
+};
 
 module.exports = {
-  savePrompt: async ({ title, prompt }) => {
+  getPromptGroups,
+  getAllPromptGroups,
+  /**
+   * Create a prompt and its respective group
+   * @param {TCreatePromptRecord} saveData
+   * @returns {Promise<TCreatePromptResponse>}
+   */
+  createPromptGroup: async (saveData) => {
     try {
-      await Prompt.create({
-        title,
-        prompt,
-      });
-      return { title, prompt };
+      const { prompt, group, author, authorName } = saveData;
+
+      let newPromptGroup = await PromptGroup.findOneAndUpdate(
+        { ...group, author, authorName, productionId: null },
+        { $setOnInsert: { ...group, author, authorName, productionId: null } },
+        { new: true, upsert: true },
+      )
+        .lean()
+        .select('-__v')
+        .exec();
+
+      const newPrompt = await Prompt.findOneAndUpdate(
+        { ...prompt, author, groupId: newPromptGroup._id },
+        { $setOnInsert: { ...prompt, author, groupId: newPromptGroup._id } },
+        { new: true, upsert: true },
+      )
+        .lean()
+        .select('-__v')
+        .exec();
+
+      newPromptGroup = await PromptGroup.findByIdAndUpdate(
+        newPromptGroup._id,
+        { productionId: newPrompt._id },
+        { new: true },
+      )
+        .lean()
+        .select('-__v')
+        .exec();
+
+      return {
+        prompt: newPrompt,
+        group: {
+          ...newPromptGroup,
+          productionPrompt: { prompt: newPrompt.prompt },
+        },
+      };
+    } catch (error) {
+      logger.error('Error saving prompt group', error);
+      throw new Error('Error saving prompt group');
+    }
+  },
+  /**
+   * Save a prompt
+   * @param {TCreatePromptRecord} saveData
+   * @returns {Promise<TCreatePromptResponse>}
+   */
+  savePrompt: async (saveData) => {
+    try {
+      const { prompt, author } = saveData;
+      const newPromptData = {
+        ...prompt,
+        author,
+      };
+
+      /** @type {TPrompt} */
+      let newPrompt;
+      try {
+        newPrompt = await Prompt.create(newPromptData);
+      } catch (error) {
+        if (error?.message?.includes('groupId_1_version_1')) {
+          await Prompt.db.collection('prompts').dropIndex('groupId_1_version_1');
+        } else {
+          throw error;
+        }
+        newPrompt = await Prompt.create(newPromptData);
+      }
+
+      return { prompt: newPrompt };
     } catch (error) {
       logger.error('Error saving prompt', error);
-      return { prompt: 'Error saving prompt' };
+      return { message: 'Error saving prompt' };
     }
   },
   getPrompts: async (filter) => {
     try {
-      return await Prompt.find(filter).lean();
+      return await Prompt.find(filter).sort({ createdAt: -1 }).lean();
     } catch (error) {
       logger.error('Error getting prompts', error);
-      return { prompt: 'Error getting prompts' };
+      return { message: 'Error getting prompts' };
     }
   },
-  deletePrompts: async (filter) => {
+  getPrompt: async (filter) => {
     try {
-      return await Prompt.deleteMany(filter);
+      if (filter.groupId) {
+        filter.groupId = new ObjectId(filter.groupId);
+      }
+      return await Prompt.findOne(filter).lean();
     } catch (error) {
-      logger.error('Error deleting prompts', error);
-      return { prompt: 'Error deleting prompts' };
+      logger.error('Error getting prompt', error);
+      return { message: 'Error getting prompt' };
+    }
+  },
+  /**
+   * Get prompt groups with filters
+   * @param {TGetRandomPromptsRequest} filter
+   * @returns {Promise<TGetRandomPromptsResponse>}
+   */
+  getRandomPromptGroups: async (filter) => {
+    try {
+      const result = await PromptGroup.aggregate([
+        {
+          $match: {
+            category: { $ne: '' },
+          },
+        },
+        {
+          $group: {
+            _id: '$category',
+            promptGroup: { $first: '$$ROOT' },
+          },
+        },
+        {
+          $replaceRoot: { newRoot: '$promptGroup' },
+        },
+        {
+          $sample: { size: +filter.limit + +filter.skip },
+        },
+        {
+          $skip: +filter.skip,
+        },
+        {
+          $limit: +filter.limit,
+        },
+      ]);
+      return { prompts: result };
+    } catch (error) {
+      logger.error('Error getting prompt groups', error);
+      return { message: 'Error getting prompt groups' };
+    }
+  },
+  getPromptGroupsWithPrompts: async (filter) => {
+    try {
+      return await PromptGroup.findOne(filter)
+        .populate({
+          path: 'prompts',
+          select: '-_id -__v -user',
+        })
+        .select('-_id -__v -user')
+        .lean();
+    } catch (error) {
+      logger.error('Error getting prompt groups', error);
+      return { message: 'Error getting prompt groups' };
+    }
+  },
+  getPromptGroup: async (filter) => {
+    try {
+      return await PromptGroup.findOne(filter).lean();
+    } catch (error) {
+      logger.error('Error getting prompt group', error);
+      return { message: 'Error getting prompt group' };
+    }
+  },
+  /**
+   * Deletes a prompt and its corresponding prompt group if it is the last prompt in the group.
+   *
+   * @param {Object} options - The options for deleting the prompt.
+   * @param {ObjectId|string} options.promptId - The ID of the prompt to delete.
+   * @param {ObjectId|string} options.groupId - The ID of the prompt's group.
+   * @param {ObjectId|string} options.author - The ID of the prompt's author.
+   * @param {string} options.role - The role of the prompt's author.
+   * @return {Promise<TDeletePromptResponse>} An object containing the result of the deletion.
+   * If the prompt was deleted successfully, the object will have a property 'prompt' with the value 'Prompt deleted successfully'.
+   * If the prompt group was deleted successfully, the object will have a property 'promptGroup' with the message 'Prompt group deleted successfully' and id of the deleted group.
+   * If there was an error deleting the prompt, the object will have a property 'message' with the value 'Error deleting prompt'.
+   */
+  deletePrompt: async ({ promptId, groupId, author, role }) => {
+    const query = { _id: promptId, groupId, author };
+    if (role === SystemRoles.ADMIN) {
+      delete query.author;
+    }
+    const { deletedCount } = await Prompt.deleteOne(query);
+    if (deletedCount === 0) {
+      throw new Error('Failed to delete the prompt');
+    }
+
+    const remainingPrompts = await Prompt.find({ groupId })
+      .select('_id')
+      .sort({ createdAt: 1 })
+      .lean();
+
+    if (remainingPrompts.length === 0) {
+      await PromptGroup.deleteOne({ _id: groupId });
+      await removeGroupFromAllProjects(groupId);
+
+      return {
+        prompt: 'Prompt deleted successfully',
+        promptGroup: {
+          message: 'Prompt group deleted successfully',
+          id: groupId,
+        },
+      };
+    } else {
+      const promptGroup = await PromptGroup.findById(groupId).lean();
+      if (promptGroup.productionId.toString() === promptId.toString()) {
+        await PromptGroup.updateOne(
+          { _id: groupId },
+          { productionId: remainingPrompts[remainingPrompts.length - 1]._id },
+        );
+      }
+
+      return { prompt: 'Prompt deleted successfully' };
+    }
+  },
+  /**
+   * Update prompt group
+   * @param {Partial<MongoPromptGroup>} filter - Filter to find prompt group
+   * @param {Partial<MongoPromptGroup>} data - Data to update
+   * @returns {Promise<TUpdatePromptGroupResponse>}
+   */
+  updatePromptGroup: async (filter, data) => {
+    try {
+      const updateOps = {};
+      if (data.removeProjectIds) {
+        for (const projectId of data.removeProjectIds) {
+          await removeGroupIdsFromProject(projectId, [filter._id]);
+        }
+
+        updateOps.$pull = { projectIds: { $in: data.removeProjectIds } };
+        delete data.removeProjectIds;
+      }
+
+      if (data.projectIds) {
+        for (const projectId of data.projectIds) {
+          await addGroupIdsToProject(projectId, [filter._id]);
+        }
+
+        updateOps.$addToSet = { projectIds: { $each: data.projectIds } };
+        delete data.projectIds;
+      }
+
+      const updateData = { ...data, ...updateOps };
+      const updatedDoc = await PromptGroup.findOneAndUpdate(filter, updateData, {
+        new: true,
+        upsert: false,
+      });
+
+      if (!updatedDoc) {
+        throw new Error('Prompt group not found');
+      }
+
+      return updatedDoc;
+    } catch (error) {
+      logger.error('Error updating prompt group', error);
+      return { message: 'Error updating prompt group' };
+    }
+  },
+  /**
+   * Function to make a prompt production based on its ID.
+   * @param {String} promptId - The ID of the prompt to make production.
+   * @returns {Object} The result of the production operation.
+   */
+  makePromptProduction: async (promptId) => {
+    try {
+      const prompt = await Prompt.findById(promptId).lean();
+
+      if (!prompt) {
+        throw new Error('Prompt not found');
+      }
+
+      await PromptGroup.findByIdAndUpdate(
+        prompt.groupId,
+        { productionId: prompt._id },
+        { new: true },
+      )
+        .lean()
+        .exec();
+
+      return {
+        message: 'Prompt production made successfully',
+      };
+    } catch (error) {
+      logger.error('Error making prompt production', error);
+      return { message: 'Error making prompt production' };
+    }
+  },
+  updatePromptLabels: async (_id, labels) => {
+    try {
+      const response = await Prompt.updateOne({ _id }, { $set: { labels } });
+      if (response.matchedCount === 0) {
+        return { message: 'Prompt not found' };
+      }
+      return { message: 'Prompt labels updated successfully' };
+    } catch (error) {
+      logger.error('Error updating prompt labels', error);
+      return { message: 'Error updating prompt labels' };
+    }
+  },
+  deletePromptGroup: async (_id) => {
+    try {
+      const response = await PromptGroup.deleteOne({ _id });
+
+      if (response.deletedCount === 0) {
+        return { promptGroup: 'Prompt group not found' };
+      }
+
+      await Prompt.deleteMany({ groupId: new ObjectId(_id) });
+      await removeGroupFromAllProjects(_id);
+      return { promptGroup: 'Prompt group deleted successfully' };
+    } catch (error) {
+      logger.error('Error deleting prompt group', error);
+      return { message: 'Error deleting prompt group' };
     }
   },
 };

api/models/Role.js

@@ -0,0 +1,86 @@
+const { SystemRoles, CacheKeys, roleDefaults } = require('librechat-data-provider');
+const getLogStores = require('~/cache/getLogStores');
+const Role = require('~/models/schema/roleSchema');
+
+/**
+ * Retrieve a role by name and convert the found role document to a plain object.
+ * If the role with the given name doesn't exist and the name is a system defined role, create it and return the lean version.
+ *
+ * @param {string} roleName - The name of the role to find or create.
+ * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
+ * @returns {Promise<Object>} A plain object representing the role document.
+ */
+const getRoleByName = async function (roleName, fieldsToSelect = null) {
+  try {
+    const cache = getLogStores(CacheKeys.ROLES);
+    const cachedRole = await cache.get(roleName);
+    if (cachedRole) {
+      return cachedRole;
+    }
+    let query = Role.findOne({ name: roleName });
+    if (fieldsToSelect) {
+      query = query.select(fieldsToSelect);
+    }
+    let role = await query.lean().exec();
+
+    if (!role && SystemRoles[roleName]) {
+      role = roleDefaults[roleName];
+      role = await new Role(role).save();
+      await cache.set(roleName, role);
+      return role.toObject();
+    }
+    await cache.set(roleName, role);
+    return role;
+  } catch (error) {
+    throw new Error(`Failed to retrieve or create role: ${error.message}`);
+  }
+};
+
+/**
+ * Update role values by name.
+ *
+ * @param {string} roleName - The name of the role to update.
+ * @param {Partial<TRole>} updates - The fields to update.
+ * @returns {Promise<TRole>} Updated role document.
+ */
+const updateRoleByName = async function (roleName, updates) {
+  try {
+    const cache = getLogStores(CacheKeys.ROLES);
+    const role = await Role.findOneAndUpdate(
+      { name: roleName },
+      { $set: updates },
+      { new: true, lean: true },
+    )
+      .select('-__v')
+      .lean()
+      .exec();
+    await cache.set(roleName, role);
+    return role;
+  } catch (error) {
+    throw new Error(`Failed to update role: ${error.message}`);
+  }
+};
+
+/**
+ * Initialize default roles in the system.
+ * Creates the default roles (ADMIN, USER) if they don't exist in the database.
+ *
+ * @returns {Promise<void>}
+ */
+const initializeRoles = async function () {
+  const defaultRoles = [SystemRoles.ADMIN, SystemRoles.USER];
+
+  for (const roleName of defaultRoles) {
+    let role = await Role.findOne({ name: roleName }).select('name').lean();
+    if (!role) {
+      role = new Role(roleDefaults[roleName]);
+      await role.save();
+    }
+  }
+};
+
+module.exports = {
+  getRoleByName,
+  initializeRoles,
+  updateRoleByName,
+};

api/models/Share.js

@@ -22,7 +22,7 @@ module.exports = {
       return share;
     } catch (error) {
       logger.error('[getShare] Error getting share link', error);
-      return { message: 'Error getting share link' };
+      throw new Error('Error getting share link');
     }
   },
 
@@ -41,17 +41,17 @@ module.exports = {
       return { sharedLinks: shares, pages: totalPages, pageNumber, pageSize };
     } catch (error) {
       logger.error('[getShareByPage] Error getting shares', error);
-      return { message: 'Error getting shares' };
+      throw new Error('Error getting shares');
     }
   },
 
   createSharedLink: async (user, { conversationId, ...shareData }) => {
-    const share = await SharedLink.findOne({ conversationId }).select('-_id -__v -user').lean();
-    if (share) {
-      return share;
-    }
-
     try {
+      const share = await SharedLink.findOne({ conversationId }).select('-_id -__v -user').lean();
+      if (share) {
+        return share;
+      }
+
       const shareId = crypto.randomUUID();
       const messages = await getMessages({ conversationId });
       const update = { ...shareData, shareId, messages, user };
@@ -60,30 +60,58 @@ module.exports = {
         upsert: true,
       });
     } catch (error) {
-      logger.error('[saveShareMessage] Error saving conversation', error);
-      return { message: 'Error saving conversation' };
+      logger.error('[createSharedLink] Error creating shared link', error);
+      throw new Error('Error creating shared link');
     }
   },
 
   updateSharedLink: async (user, { conversationId, ...shareData }) => {
-    const share = await SharedLink.findOne({ conversationId }).select('-_id -__v -user').lean();
-    if (!share) {
-      return { message: 'Share not found' };
+    try {
+      const share = await SharedLink.findOne({ conversationId }).select('-_id -__v -user').lean();
+      if (!share) {
+        return { message: 'Share not found' };
+      }
+
+      // update messages to the latest
+      const messages = await getMessages({ conversationId });
+      const update = { ...shareData, messages, user };
+      return await SharedLink.findOneAndUpdate({ conversationId: conversationId, user }, update, {
+        new: true,
+        upsert: false,
+      });
+    } catch (error) {
+      logger.error('[updateSharedLink] Error updating shared link', error);
+      throw new Error('Error updating shared link');
     }
-    // update messages to the latest
-    const messages = await getMessages({ conversationId });
-    const update = { ...shareData, messages, user };
-    return await SharedLink.findOneAndUpdate({ conversationId: conversationId, user }, update, {
-      new: true,
-      upsert: false,
-    });
   },
 
   deleteSharedLink: async (user, { shareId }) => {
-    const share = await SharedLink.findOne({ shareId, user });
-    if (!share) {
-      return { message: 'Share not found' };
+    try {
+      const share = await SharedLink.findOne({ shareId, user });
+      if (!share) {
+        return { message: 'Share not found' };
+      }
+      return await SharedLink.findOneAndDelete({ shareId, user });
+    } catch (error) {
+      logger.error('[deleteSharedLink] Error deleting shared link', error);
+      throw new Error('Error deleting shared link');
+    }
+  },
+  /**
+   * Deletes all shared links for a specific user.
+   * @param {string} user - The user ID.
+   * @returns {Promise<{ message: string, deletedCount?: number }>} A result object indicating success or error message.
+   */
+  deleteAllSharedLinks: async (user) => {
+    try {
+      const result = await SharedLink.deleteMany({ user });
+      return {
+        message: 'All shared links have been deleted successfully',
+        deletedCount: result.deletedCount,
+      };
+    } catch (error) {
+      logger.error('[deleteAllSharedLinks] Error deleting shared links', error);
+      throw new Error('Error deleting shared links');
     }
-    return await SharedLink.findOneAndDelete({ shareId, user });
   },
 };

api/models/User.js

@@ -1,61 +1,5 @@
 const mongoose = require('mongoose');
-const bcrypt = require('bcryptjs');
-const signPayload = require('../server/services/signPayload');
-const userSchema = require('./schema/userSchema.js');
-const { SESSION_EXPIRY } = process.env ?? {};
-const expires = eval(SESSION_EXPIRY) ?? 1000 * 60 * 15;
-
-userSchema.methods.toJSON = function () {
-  return {
-    id: this._id,
-    provider: this.provider,
-    email: this.email,
-    name: this.name,
-    username: this.username,
-    avatar: this.avatar,
-    role: this.role,
-    emailVerified: this.emailVerified,
-    plugins: this.plugins,
-    createdAt: this.createdAt,
-    updatedAt: this.updatedAt,
-  };
-};
-
-userSchema.methods.generateToken = async function () {
-  return await signPayload({
-    payload: {
-      id: this._id,
-      username: this.username,
-      provider: this.provider,
-      email: this.email,
-    },
-    secret: process.env.JWT_SECRET,
-    expirationTime: expires / 1000,
-  });
-};
-
-userSchema.methods.comparePassword = function (candidatePassword, callback) {
-  bcrypt.compare(candidatePassword, this.password, (err, isMatch) => {
-    if (err) {
-      return callback(err);
-    }
-    callback(null, isMatch);
-  });
-};
-
-module.exports.hashPassword = async (password) => {
-  const hashedPassword = await new Promise((resolve, reject) => {
-    bcrypt.hash(password, 10, function (err, hash) {
-      if (err) {
-        reject(err);
-      } else {
-        resolve(hash);
-      }
-    });
-  });
-
-  return hashedPassword;
-};
+const userSchema = require('~/models/schema/userSchema');
 
 const User = mongoose.model('User', userSchema);
 

api/models/index.js

@@ -6,9 +6,18 @@ const {
   deleteMessagesSince,
   deleteMessages,
 } = require('./Message');
+const {
+  comparePassword,
+  deleteUserById,
+  generateToken,
+  getUserById,
+  updateUser,
+  createUser,
+  countUsers,
+  findUser,
+} = require('./userMethods');
 const { getConvoTitle, getConvo, saveConvo, deleteConvos } = require('./Conversation');
 const { getPreset, getPresets, savePreset, deletePresets } = require('./Preset');
-const { hashPassword, getUser, updateUser } = require('./userMethods');
 const {
   findFileById,
   createFile,
@@ -29,9 +38,14 @@ module.exports = {
   Session,
   Balance,
 
-  hashPassword,
+  comparePassword,
+  deleteUserById,
+  generateToken,
+  getUserById,
+  countUsers,
+  createUser,
   updateUser,
-  getUser,
+  findUser,
 
   getMessages,
   saveMessage,

api/models/schema/categories.js

@@ -0,0 +1,19 @@
+const mongoose = require('mongoose');
+const Schema = mongoose.Schema;
+
+const categoriesSchema = new Schema({
+  label: {
+    type: String,
+    required: true,
+    unique: true,
+  },
+  value: {
+    type: String,
+    required: true,
+    unique: true,
+  },
+});
+
+const categories = mongoose.model('categories', categoriesSchema);
+
+module.exports = { Categories: categories };

api/models/schema/fileSchema.js

@@ -3,9 +3,9 @@ const mongoose = require('mongoose');
 
 /**
  * @typedef {Object} MongoFile
- * @property {mongoose.Schema.Types.ObjectId} [_id] - MongoDB Document ID
+ * @property {ObjectId} [_id] - MongoDB Document ID
  * @property {number} [__v] - MongoDB Version Key
- * @property {mongoose.Schema.Types.ObjectId} user - User ID
+ * @property {ObjectId} user - User ID
  * @property {string} [conversationId] - Optional conversation ID
  * @property {string} file_id - File identifier
  * @property {string} [temp_file_id] - Temporary File identifier
@@ -14,17 +14,19 @@ const mongoose = require('mongoose');
  * @property {string} filepath - Location of the file
  * @property {'file'} object - Type of object, always 'file'
  * @property {string} type - Type of file
- * @property {number} usage - Number of uses of the file
+ * @property {number} [usage=0] - Number of uses of the file
  * @property {string} [context] - Context of the file origin
- * @property {boolean} [embedded] - Whether or not the file is embedded in vector db
+ * @property {boolean} [embedded=false] - Whether or not the file is embedded in vector db
  * @property {string} [model] - The model to identify the group region of the file (for Azure OpenAI hosting)
- * @property {string} [source] - The source of the file
+ * @property {string} [source] - The source of the file (e.g., from FileSources)
  * @property {number} [width] - Optional width of the file
  * @property {number} [height] - Optional height of the file
- * @property {Date} [expiresAt] - Optional height of the file
+ * @property {Date} [expiresAt] - Optional expiration date of the file
  * @property {Date} [createdAt] - Date when the file was created
  * @property {Date} [updatedAt] - Date when the file was updated
  */
+
+/** @type {MongooseSchema<MongoFile>} */
 const fileSchema = mongoose.Schema(
   {
     user: {
@@ -91,7 +93,7 @@ const fileSchema = mongoose.Schema(
     height: Number,
     expiresAt: {
       type: Date,
-      expires: 3600,
+      expires: 3600, // 1 hour in seconds
     },
   },
   {

api/models/schema/messageSchema.js

@@ -11,6 +11,7 @@ const messageSchema = mongoose.Schema(
     },
     conversationId: {
       type: String,
+      index: true,
       required: true,
       meiliIndex: true,
     },

api/models/schema/projectSchema.js

@@ -0,0 +1,30 @@
+const { Schema } = require('mongoose');
+
+/**
+ * @typedef {Object} MongoProject
+ * @property {ObjectId} [_id] - MongoDB Document ID
+ * @property {string} name - The name of the project
+ * @property {ObjectId[]} promptGroupIds - Array of PromptGroup IDs associated with the project
+ * @property {Date} [createdAt] - Date when the project was created (added by timestamps)
+ * @property {Date} [updatedAt] - Date when the project was last updated (added by timestamps)
+ */
+
+const projectSchema = new Schema(
+  {
+    name: {
+      type: String,
+      required: true,
+      index: true,
+    },
+    promptGroupIds: {
+      type: [Schema.Types.ObjectId],
+      ref: 'PromptGroup',
+      default: [],
+    },
+  },
+  {
+    timestamps: true,
+  },
+);
+
+module.exports = projectSchema;

api/models/schema/promptSchema.js

@@ -0,0 +1,118 @@
+const mongoose = require('mongoose');
+const { Constants } = require('librechat-data-provider');
+const Schema = mongoose.Schema;
+
+/**
+ * @typedef {Object} MongoPromptGroup
+ * @property {ObjectId} [_id] - MongoDB Document ID
+ * @property {string} name - The name of the prompt group
+ * @property {ObjectId} author - The author of the prompt group
+ * @property {ObjectId} [projectId=null] - The project ID of the prompt group
+ * @property {ObjectId} [productionId=null] - The project ID of the prompt group
+ * @property {string} authorName - The name of the author of the prompt group
+ * @property {number} [numberOfGenerations=0] - Number of generations the prompt group has
+ * @property {string} [oneliner=''] - Oneliner description of the prompt group
+ * @property {string} [category=''] - Category of the prompt group
+ * @property {string} [command] - Command for the prompt group
+ * @property {Date} [createdAt] - Date when the prompt group was created (added by timestamps)
+ * @property {Date} [updatedAt] - Date when the prompt group was last updated (added by timestamps)
+ */
+
+const promptGroupSchema = new Schema(
+  {
+    name: {
+      type: String,
+      required: true,
+      index: true,
+    },
+    numberOfGenerations: {
+      type: Number,
+      default: 0,
+    },
+    oneliner: {
+      type: String,
+      default: '',
+    },
+    category: {
+      type: String,
+      default: '',
+      index: true,
+    },
+    projectIds: {
+      type: [Schema.Types.ObjectId],
+      ref: 'Project',
+      index: true,
+    },
+    productionId: {
+      type: Schema.Types.ObjectId,
+      ref: 'Prompt',
+      required: true,
+      index: true,
+    },
+    author: {
+      type: Schema.Types.ObjectId,
+      ref: 'User',
+      required: true,
+      index: true,
+    },
+    authorName: {
+      type: String,
+      required: true,
+    },
+    command: {
+      type: String,
+      index: true,
+      validate: {
+        validator: function (v) {
+          return v === undefined || v === null || v === '' || /^[a-z0-9-]+$/.test(v);
+        },
+        message: (props) =>
+          `${props.value} is not a valid command. Only lowercase alphanumeric characters and highfins (') are allowed.`,
+      },
+      maxlength: [
+        Constants.COMMANDS_MAX_LENGTH,
+        `Command cannot be longer than ${Constants.COMMANDS_MAX_LENGTH} characters`,
+      ],
+    },
+  },
+  {
+    timestamps: true,
+  },
+);
+
+const PromptGroup = mongoose.model('PromptGroup', promptGroupSchema);
+
+const promptSchema = new Schema(
+  {
+    groupId: {
+      type: Schema.Types.ObjectId,
+      ref: 'PromptGroup',
+      required: true,
+      index: true,
+    },
+    author: {
+      type: Schema.Types.ObjectId,
+      ref: 'User',
+      required: true,
+    },
+    prompt: {
+      type: String,
+      required: true,
+    },
+    type: {
+      type: String,
+      enum: ['text', 'chat'],
+      required: true,
+    },
+  },
+  {
+    timestamps: true,
+  },
+);
+
+const Prompt = mongoose.model('Prompt', promptSchema);
+
+promptSchema.index({ createdAt: 1, updatedAt: 1 });
+promptGroupSchema.index({ createdAt: 1, updatedAt: 1 });
+
+module.exports = { Prompt, PromptGroup };

api/models/schema/roleSchema.js

@@ -0,0 +1,29 @@
+const { PermissionTypes, Permissions } = require('librechat-data-provider');
+const mongoose = require('mongoose');
+
+const roleSchema = new mongoose.Schema({
+  name: {
+    type: String,
+    required: true,
+    unique: true,
+    index: true,
+  },
+  [PermissionTypes.PROMPTS]: {
+    [Permissions.SHARED_GLOBAL]: {
+      type: Boolean,
+      default: false,
+    },
+    [Permissions.USE]: {
+      type: Boolean,
+      default: true,
+    },
+    [Permissions.CREATE]: {
+      type: Boolean,
+      default: true,
+    },
+  },
+});
+
+const Role = mongoose.model('Role', roleSchema);
+
+module.exports = Role;

api/models/schema/tokenSchema.js

@@ -7,6 +7,9 @@ const tokenSchema = new Schema({
     required: true,
     ref: 'user',
   },
+  email: {
+    type: String,
+  },
   token: {
     type: String,
     required: true,

api/models/schema/userSchema.js

@@ -1,5 +1,36 @@
 const mongoose = require('mongoose');
+const { SystemRoles } = require('librechat-data-provider');
 
+/**
+ * @typedef {Object} MongoSession
+ * @property {string} [refreshToken] - The refresh token
+ */
+
+/**
+ * @typedef {Object} MongoUser
+ * @property {ObjectId} [_id] - MongoDB Document ID
+ * @property {string} [name] - The user's name
+ * @property {string} [username] - The user's username, in lowercase
+ * @property {string} email - The user's email address
+ * @property {boolean} emailVerified - Whether the user's email is verified
+ * @property {string} [password] - The user's password, trimmed with 8-128 characters
+ * @property {string} [avatar] - The URL of the user's avatar
+ * @property {string} provider - The provider of the user's account (e.g., 'local', 'google')
+ * @property {string} [role='USER'] - The role of the user
+ * @property {string} [googleId] - Optional Google ID for the user
+ * @property {string} [facebookId] - Optional Facebook ID for the user
+ * @property {string} [openidId] - Optional OpenID ID for the user
+ * @property {string} [ldapId] - Optional LDAP ID for the user
+ * @property {string} [githubId] - Optional GitHub ID for the user
+ * @property {string} [discordId] - Optional Discord ID for the user
+ * @property {Array} [plugins=[]] - List of plugins used by the user
+ * @property {Array.<MongoSession>} [refreshToken] - List of sessions with refresh tokens
+ * @property {Date} [expiresAt] - Optional expiration date of the file
+ * @property {Date} [createdAt] - Date when the user was created (added by timestamps)
+ * @property {Date} [updatedAt] - Date when the user was last updated (added by timestamps)
+ */
+
+/** @type {MongooseSchema<MongoSession>} */
 const Session = mongoose.Schema({
   refreshToken: {
     type: String,
@@ -7,6 +38,7 @@ const Session = mongoose.Schema({
   },
 });
 
+/** @type {MongooseSchema<MongoUser>} */
 const userSchema = mongoose.Schema(
   {
     name: {
@@ -47,7 +79,7 @@ const userSchema = mongoose.Schema(
     },
     role: {
       type: String,
-      default: 'USER',
+      default: SystemRoles.USER,
     },
     googleId: {
       type: String,
@@ -86,6 +118,10 @@ const userSchema = mongoose.Schema(
     refreshToken: {
       type: [Session],
     },
+    expiresAt: {
+      type: Date,
+      expires: 604800, // 7 days in seconds
+    },
   },
   { timestamps: true },
 );

api/models/tx.js

@@ -17,6 +17,7 @@ const tokenValues = {
   'gpt-3.5-turbo-0125': { prompt: 0.5, completion: 1.5 },
   'claude-3-opus': { prompt: 15, completion: 75 },
   'claude-3-sonnet': { prompt: 3, completion: 15 },
+  'claude-3-5-sonnet': { prompt: 3, completion: 15 },
   'claude-3-haiku': { prompt: 0.25, completion: 1.25 },
   'claude-2.1': { prompt: 8, completion: 24 },
   'claude-2': { prompt: 8, completion: 24 },

api/models/tx.spec.js

@@ -48,6 +48,13 @@ describe('getValueKey', () => {
     expect(getValueKey('gpt-4o-turbo')).toBe('gpt-4o');
     expect(getValueKey('gpt-4o-0125')).toBe('gpt-4o');
   });
+
+  it('should return "claude-3-5-sonnet" for model type of "claude-3-5-sonnet-"', () => {
+    expect(getValueKey('claude-3-5-sonnet-20240620')).toBe('claude-3-5-sonnet');
+    expect(getValueKey('anthropic/claude-3-5-sonnet')).toBe('claude-3-5-sonnet');
+    expect(getValueKey('claude-3-5-sonnet-turbo')).toBe('claude-3-5-sonnet');
+    expect(getValueKey('claude-3-5-sonnet-0125')).toBe('claude-3-5-sonnet');
+  });
 });
 
 describe('getMultiplier', () => {

api/models/userMethods.js

@@ -1,28 +1,37 @@
 const bcrypt = require('bcryptjs');
+const signPayload = require('~/server/services/signPayload');
 const User = require('./User');
 
-const hashPassword = async (password) => {
-  const hashedPassword = await new Promise((resolve, reject) => {
-    bcrypt.hash(password, 10, function (err, hash) {
-      if (err) {
-        reject(err);
-      } else {
-        resolve(hash);
-      }
-    });
-  });
-
-  return hashedPassword;
-};
-
 /**
  * Retrieve a user by ID and convert the found user document to a plain object.
  *
  * @param {string} userId - The ID of the user to find and return as a plain object.
- * @returns {Promise<Object>} A plain object representing the user document, or `null` if no user is found.
+ * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
+ * @returns {Promise<MongoUser>} A plain object representing the user document, or `null` if no user is found.
  */
-const getUser = async function (userId) {
-  return await User.findById(userId).lean();
+const getUserById = async function (userId, fieldsToSelect = null) {
+  const query = User.findById(userId);
+
+  if (fieldsToSelect) {
+    query.select(fieldsToSelect);
+  }
+
+  return await query.lean();
+};
+
+/**
+ * Search for a single user based on partial data and return matching user document as plain object.
+ * @param {Partial<MongoUser>} searchCriteria - The partial data to use for searching the user.
+ * @param {string|string[]} [fieldsToSelect] - The fields to include or exclude in the returned document.
+ * @returns {Promise<MongoUser>} A plain object representing the user document, or `null` if no user is found.
+ */
+const findUser = async function (searchCriteria, fieldsToSelect = null) {
+  const query = User.findOne(searchCriteria);
+  if (fieldsToSelect) {
+    query.select(fieldsToSelect);
+  }
+
+  return await query.lean();
 };
 
 /**
@@ -30,17 +39,127 @@ const getUser = async function (userId) {
  *
  * @param {string} userId - The ID of the user to update.
  * @param {Object} updateData - An object containing the properties to update.
- * @returns {Promise<Object>} The updated user document as a plain object, or `null` if no user is found.
+ * @returns {Promise<MongoUser>} The updated user document as a plain object, or `null` if no user is found.
  */
 const updateUser = async function (userId, updateData) {
-  return await User.findByIdAndUpdate(userId, updateData, {
+  const updateOperation = {
+    $set: updateData,
+    $unset: { expiresAt: '' }, // Remove the expiresAt field to prevent TTL
+  };
+  return await User.findByIdAndUpdate(userId, updateOperation, {
     new: true,
     runValidators: true,
   }).lean();
 };
 
-module.exports = {
-  hashPassword,
-  updateUser,
-  getUser,
+/**
+ * Creates a new user, optionally with a TTL of 1 week.
+ * @param {MongoUser} data - The user data to be created, must contain user_id.
+ * @param {boolean} [disableTTL=true] - Whether to disable the TTL. Defaults to `true`.
+ * @param {boolean} [returnUser=false] - Whether to disable the TTL. Defaults to `true`.
+ * @returns {Promise<ObjectId>} A promise that resolves to the created user document ID.
+ * @throws {Error} If a user with the same user_id already exists.
+ */
+const createUser = async (data, disableTTL = true, returnUser = false) => {
+  const userData = {
+    ...data,
+    expiresAt: disableTTL ? null : new Date(Date.now() + 604800 * 1000), // 1 week in milliseconds
+  };
+
+  if (disableTTL) {
+    delete userData.expiresAt;
+  }
+
+  const user = await User.create(userData);
+  if (returnUser) {
+    return user.toObject();
+  }
+  return user._id;
+};
+
+/**
+ * Count the number of user documents in the collection based on the provided filter.
+ *
+ * @param {Object} [filter={}] - The filter to apply when counting the documents.
+ * @returns {Promise<number>} The count of documents that match the filter.
+ */
+const countUsers = async function (filter = {}) {
+  return await User.countDocuments(filter);
+};
+
+/**
+ * Delete a user by their unique ID.
+ *
+ * @param {string} userId - The ID of the user to delete.
+ * @returns {Promise<{ deletedCount: number }>} An object indicating the number of deleted documents.
+ */
+const deleteUserById = async function (userId) {
+  try {
+    const result = await User.deleteOne({ _id: userId });
+    if (result.deletedCount === 0) {
+      return { deletedCount: 0, message: 'No user found with that ID.' };
+    }
+    return { deletedCount: result.deletedCount, message: 'User was deleted successfully.' };
+  } catch (error) {
+    throw new Error('Error deleting user: ' + error.message);
+  }
+};
+
+const { SESSION_EXPIRY } = process.env ?? {};
+const expires = eval(SESSION_EXPIRY) ?? 1000 * 60 * 15;
+
+/**
+ * Generates a JWT token for a given user.
+ *
+ * @param {MongoUser} user - ID of the user for whom the token is being generated.
+ * @returns {Promise<string>} A promise that resolves to a JWT token.
+ */
+const generateToken = async (user) => {
+  if (!user) {
+    throw new Error('No user provided');
+  }
+
+  return await signPayload({
+    payload: {
+      id: user._id,
+      username: user.username,
+      provider: user.provider,
+      email: user.email,
+    },
+    secret: process.env.JWT_SECRET,
+    expirationTime: expires / 1000,
+  });
+};
+
+/**
+ * Compares the provided password with the user's password.
+ *
+ * @param {MongoUser} user - the user to compare password for.
+ * @param {string} candidatePassword - The password to test against the user's password.
+ * @returns {Promise<boolean>} A promise that resolves to a boolean indicating if the password matches.
+ */
+const comparePassword = async (user, candidatePassword) => {
+  if (!user) {
+    throw new Error('No user provided');
+  }
+
+  return new Promise((resolve, reject) => {
+    bcrypt.compare(candidatePassword, user.password, (err, isMatch) => {
+      if (err) {
+        reject(err);
+      }
+      resolve(isMatch);
+    });
+  });
+};
+
+module.exports = {
+  comparePassword,
+  deleteUserById,
+  generateToken,
+  getUserById,
+  countUsers,
+  createUser,
+  updateUser,
+  findUser,
 };

api/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@librechat/backend",
-  "version": "0.7.2",
+  "version": "0.7.4-rc1",
   "description": "",
   "scripts": {
     "start": "echo 'please run this from the root directory'",
@@ -41,7 +41,6 @@
     "@langchain/community": "^0.0.46",
     "@langchain/google-genai": "^0.0.11",
     "@langchain/google-vertexai": "^0.0.17",
-    "agenda": "^5.0.0",
     "axios": "^1.3.4",
     "bcryptjs": "^2.4.3",
     "cheerio": "^1.0.0-rc.12",

api/server/controllers/AskController.js

@@ -2,7 +2,7 @@ const throttle = require('lodash/throttle');
 const { getResponseSender, Constants, EModelEndpoint } = require('librechat-data-provider');
 const { createAbortController, handleAbortError } = require('~/server/middleware');
 const { sendMessage, createOnProgress } = require('~/server/utils');
-const { saveMessage, getConvo } = require('~/models');
+const { saveMessage } = require('~/models');
 const { logger } = require('~/config');
 
 const AskController = async (req, res, next, initializeClient, addTitle) => {
@@ -18,6 +18,7 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
   logger.debug('[AskController]', { text, conversationId, ...endpointOption });
 
   let userMessage;
+  let userMessagePromise;
   let promptTokens;
   let userMessageId;
   let responseMessageId;
@@ -34,6 +35,8 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
       if (key === 'userMessage') {
         userMessage = data[key];
         userMessageId = data[key].messageId;
+      } else if (key === 'userMessagePromise') {
+        userMessagePromise = data[key];
       } else if (key === 'responseMessageId') {
         responseMessageId = data[key];
       } else if (key === 'promptTokens') {
@@ -74,6 +77,7 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
     const getAbortData = () => ({
       sender,
       conversationId,
+      userMessagePromise,
       messageId: responseMessageId,
       parentMessageId: overrideParentMessageId ?? userMessageId,
       text: getPartialText(),
@@ -81,7 +85,7 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
       promptTokens,
     });
 
-    const { abortController, onStart } = createAbortController(req, res, getAbortData);
+    const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
 
     res.on('close', () => {
       logger.debug('[AskController] Request closed');
@@ -121,7 +125,7 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
 
     response.endpoint = endpointOption.endpoint;
 
-    const conversation = await getConvo(user, conversationId);
+    const { conversation = {} } = await client.responsePromise;
     conversation.title =
       conversation && !conversation.title ? null : conversation?.title || 'New Chat';
 
@@ -144,7 +148,9 @@ const AskController = async (req, res, next, initializeClient, addTitle) => {
       await saveMessage({ ...response, user });
     }
 
-    await saveMessage(userMessage);
+    if (!client.skipSaveUserMessage) {
+      await saveMessage(userMessage);
+    }
 
     if (addTitle && parentMessageId === Constants.NO_PARENT && newConvo) {
       addTitle(req, {

api/server/controllers/AuthController.js

@@ -1,45 +1,29 @@
 const crypto = require('crypto');
 const cookies = require('cookie');
 const jwt = require('jsonwebtoken');
-const { Session, User } = require('~/models');
 const {
   registerUser,
   resetPassword,
   setAuthTokens,
   requestPasswordReset,
 } = require('~/server/services/AuthService');
+const { Session, getUserById } = require('~/models');
 const { logger } = require('~/config');
 
 const registrationController = async (req, res) => {
   try {
     const response = await registerUser(req.body);
-    if (response.status === 200) {
-      const { status, user } = response;
-      let newUser = await User.findOne({ _id: user._id });
-      if (!newUser) {
-        newUser = new User(user);
-        await newUser.save();
-      }
-      const token = await setAuthTokens(user._id, res);
-      res.setHeader('Authorization', `Bearer ${token}`);
-      res.status(status).send({ user });
-    } else {
-      const { status, message } = response;
-      res.status(status).send({ message });
-    }
+    const { status, message } = response;
+    res.status(status).send({ message });
   } catch (err) {
     logger.error('[registrationController]', err);
     return res.status(500).json({ message: err.message });
   }
 };
 
-const getUserController = async (req, res) => {
-  return res.status(200).send(req.user);
-};
-
 const resetPasswordRequestController = async (req, res) => {
   try {
-    const resetService = await requestPasswordReset(req.body.email);
+    const resetService = await requestPasswordReset(req);
     if (resetService instanceof Error) {
       return res.status(400).json(resetService);
     } else {
@@ -77,7 +61,7 @@ const refreshController = async (req, res) => {
 
   try {
     const payload = jwt.verify(refreshToken, process.env.JWT_REFRESH_SECRET);
-    const user = await User.findOne({ _id: payload.id });
+    const user = await getUserById(payload.id, '-password -__v');
     if (!user) {
       return res.status(401).redirect('/login');
     }
@@ -86,8 +70,7 @@ const refreshController = async (req, res) => {
 
     if (process.env.NODE_ENV === 'CI') {
       const token = await setAuthTokens(userId, res);
-      const userObj = user.toJSON();
-      return res.status(200).send({ token, user: userObj });
+      return res.status(200).send({ token, user });
     }
 
     // Hash the refresh token
@@ -98,8 +81,7 @@ const refreshController = async (req, res) => {
     const session = await Session.findOne({ user: userId, refreshTokenHash: hashedToken });
     if (session && session.expiration > new Date()) {
       const token = await setAuthTokens(userId, res, session._id);
-      const userObj = user.toJSON();
-      res.status(200).send({ token, user: userObj });
+      res.status(200).send({ token, user });
     } else if (req?.query?.retry) {
       // Retrying from a refresh token request that failed (401)
       res.status(403).send('No session found');
@@ -115,7 +97,6 @@ const refreshController = async (req, res) => {
 };
 
 module.exports = {
-  getUserController,
   refreshController,
   registrationController,
   resetPasswordController,

api/server/controllers/EditController.js

@@ -2,7 +2,7 @@ const throttle = require('lodash/throttle');
 const { getResponseSender, EModelEndpoint } = require('librechat-data-provider');
 const { createAbortController, handleAbortError } = require('~/server/middleware');
 const { sendMessage, createOnProgress } = require('~/server/utils');
-const { saveMessage, getConvo } = require('~/models');
+const { saveMessage } = require('~/models');
 const { logger } = require('~/config');
 
 const EditController = async (req, res, next, initializeClient) => {
@@ -27,6 +27,7 @@ const EditController = async (req, res, next, initializeClient) => {
   });
 
   let userMessage;
+  let userMessagePromise;
   let promptTokens;
   const sender = getResponseSender({
     ...endpointOption,
@@ -40,6 +41,8 @@ const EditController = async (req, res, next, initializeClient) => {
     for (let key in data) {
       if (key === 'userMessage') {
         userMessage = data[key];
+      } else if (key === 'userMessagePromise') {
+        userMessagePromise = data[key];
       } else if (key === 'responseMessageId') {
         responseMessageId = data[key];
       } else if (key === 'promptTokens') {
@@ -73,6 +76,7 @@ const EditController = async (req, res, next, initializeClient) => {
 
   const getAbortData = () => ({
     conversationId,
+    userMessagePromise,
     messageId: responseMessageId,
     sender,
     parentMessageId: overrideParentMessageId ?? userMessageId,
@@ -81,7 +85,7 @@ const EditController = async (req, res, next, initializeClient) => {
     promptTokens,
   });
 
-  const { abortController, onStart } = createAbortController(req, res, getAbortData);
+  const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
 
   res.on('close', () => {
     logger.debug('[EditController] Request closed');
@@ -120,7 +124,7 @@ const EditController = async (req, res, next, initializeClient) => {
       },
     });
 
-    const conversation = await getConvo(user, conversationId);
+    const { conversation = {} } = await client.responsePromise;
     conversation.title =
       conversation && !conversation.title ? null : conversation?.title || 'New Chat';
 

api/server/controllers/UserController.js

@@ -1,11 +1,37 @@
-const { updateUserPluginsService } = require('~/server/services/UserService');
+const {
+  Session,
+  Balance,
+  getFiles,
+  deleteFiles,
+  deleteConvos,
+  deletePresets,
+  deleteMessages,
+  deleteUserById,
+} = require('~/models');
 const { updateUserPluginAuth, deleteUserPluginAuth } = require('~/server/services/PluginService');
+const { updateUserPluginsService, deleteUserKey } = require('~/server/services/UserService');
+const { verifyEmail, resendVerificationEmail } = require('~/server/services/AuthService');
+const { processDeleteRequest } = require('~/server/services/Files/process');
+const { deleteAllSharedLinks } = require('~/models/Share');
+const { Transaction } = require('~/models/Transaction');
 const { logger } = require('~/config');
 
 const getUserController = async (req, res) => {
   res.status(200).send(req.user);
 };
 
+const deleteUserFiles = async (req) => {
+  try {
+    const userFiles = await getFiles({ user: req.user.id });
+    await processDeleteRequest({
+      req,
+      files: userFiles,
+    });
+  } catch (error) {
+    logger.error('[deleteUserFiles]', error);
+  }
+};
+
 const updateUserPluginsController = async (req, res) => {
   const { user } = req;
   const { pluginKey, action, auth, isAssistantTool } = req.body;
@@ -49,11 +75,68 @@ const updateUserPluginsController = async (req, res) => {
     res.status(200).send();
   } catch (err) {
     logger.error('[updateUserPluginsController]', err);
-    res.status(500).json({ message: err.message });
+    return res.status(500).json({ message: 'Something went wrong.' });
+  }
+};
+
+const deleteUserController = async (req, res) => {
+  const { user } = req;
+
+  try {
+    await deleteMessages({ user: user.id }); // delete user messages
+    await Session.deleteMany({ user: user.id }); // delete user sessions
+    await Transaction.deleteMany({ user: user.id }); // delete user transactions
+    await deleteUserKey({ userId: user.id, all: true }); // delete user keys
+    await Balance.deleteMany({ user: user._id }); // delete user balances
+    await deletePresets(user.id); // delete user presets
+    /* TODO: Delete Assistant Threads */
+    await deleteConvos(user.id); // delete user convos
+    await deleteUserPluginAuth(user.id, null, true); // delete user plugin auth
+    await deleteUserById(user.id); // delete user
+    await deleteAllSharedLinks(user.id); // delete user shared links
+    await deleteUserFiles(req); // delete user files
+    await deleteFiles(null, user.id); // delete database files in case of orphaned files from previous steps
+    /* TODO: queue job for cleaning actions and assistants of non-existant users */
+    logger.info(`User deleted account. Email: ${user.email} ID: ${user.id}`);
+    res.status(200).send({ message: 'User deleted' });
+  } catch (err) {
+    logger.error('[deleteUserController]', err);
+    return res.status(500).json({ message: 'Something went wrong.' });
+  }
+};
+
+const verifyEmailController = async (req, res) => {
+  try {
+    const verifyEmailService = await verifyEmail(req);
+    if (verifyEmailService instanceof Error) {
+      return res.status(400).json(verifyEmailService);
+    } else {
+      return res.status(200).json(verifyEmailService);
+    }
+  } catch (e) {
+    logger.error('[verifyEmailController]', e);
+    return res.status(500).json({ message: 'Something went wrong.' });
+  }
+};
+
+const resendVerificationController = async (req, res) => {
+  try {
+    const result = await resendVerificationEmail(req);
+    if (result instanceof Error) {
+      return res.status(400).json(result);
+    } else {
+      return res.status(200).json(result);
+    }
+  } catch (e) {
+    logger.error('[verifyEmailController]', e);
+    return res.status(500).json({ message: 'Something went wrong.' });
   }
 };
 
 module.exports = {
   getUserController,
+  deleteUserController,
+  verifyEmailController,
   updateUserPluginsController,
+  resendVerificationController,
 };

api/server/controllers/assistants/helpers.js

@@ -1,8 +1,9 @@
 const {
-  EModelEndpoint,
   CacheKeys,
-  defaultAssistantsVersion,
+  SystemRoles,
+  EModelEndpoint,
   defaultOrderQuery,
+  defaultAssistantsVersion,
 } = require('librechat-data-provider');
 const {
   initializeClient: initAzureClient,
@@ -227,7 +228,7 @@ const fetchAssistants = async ({ req, res, overrideEndpoint }) => {
     body = await listAssistantsForAzure({ req, res, version, azureConfig, query });
   }
 
-  if (req.user.role === 'ADMIN') {
+  if (req.user.role === SystemRoles.ADMIN) {
     return body;
   } else if (!req.app.locals[endpoint]) {
     return body;

api/server/controllers/auth/LoginController.js

@@ -1,26 +1,22 @@
-const User = require('~/models/User');
 const { setAuthTokens } = require('~/server/services/AuthService');
 const { logger } = require('~/config');
 
 const loginController = async (req, res) => {
   try {
-    const user = await User.findById(req.user._id);
-
-    // If user doesn't exist, return error
-    if (!user) {
-      // typeof user !== User) { // this doesn't seem to resolve the User type ??
+    if (!req.user) {
       return res.status(400).json({ message: 'Invalid credentials' });
     }
 
-    const token = await setAuthTokens(user._id, res);
+    const { password: _, __v, ...user } = req.user;
+    user.id = user._id.toString();
+
+    const token = await setAuthTokens(req.user._id, res);
 
     return res.status(200).send({ token, user });
   } catch (err) {
     logger.error('[loginController]', err);
+    return res.status(500).json({ message: 'Something went wrong' });
   }
-
-  // Generic error messages are safer
-  return res.status(500).json({ message: 'Something went wrong' });
 };
 
 module.exports = {

api/server/index.js

@@ -6,16 +6,16 @@ const axios = require('axios');
 const express = require('express');
 const passport = require('passport');
 const mongoSanitize = require('express-mongo-sanitize');
+const { jwtLogin, passportLogin } = require('~/strategies');
+const { connectDb, indexSync } = require('~/lib/db');
+const { isEnabled } = require('~/server/utils');
+const { ldapLogin } = require('~/strategies');
+const { logger } = require('~/config');
 const validateImageRequest = require('./middleware/validateImageRequest');
 const errorController = require('./controllers/ErrorController');
-const { jwtLogin, passportLogin } = require('~/strategies');
 const configureSocialLogins = require('./socialLogins');
-const { connectDb, indexSync } = require('~/lib/db');
 const AppService = require('./services/AppService');
 const noIndex = require('./middleware/noIndex');
-const { isEnabled } = require('~/server/utils');
-const { logger } = require('~/config');
-const { ldapLogin } = require('~/strategies');
 const routes = require('./routes');
 
 const { PORT, HOST, ALLOW_SOCIAL_LOGIN } = process.env ?? {};
@@ -61,7 +61,7 @@ const startServer = async () => {
   passport.use(passportLogin());
 
   // LDAP Auth
-  if (process.env.LDAP_URL && process.env.LDAP_BIND_DN && process.env.LDAP_USER_SEARCH_BASE) {
+  if (process.env.LDAP_URL && process.env.LDAP_USER_SEARCH_BASE) {
     passport.use(ldapLogin);
   }
 
@@ -81,6 +81,7 @@ const startServer = async () => {
   app.use('/api/convos', routes.convos);
   app.use('/api/presets', routes.presets);
   app.use('/api/prompts', routes.prompts);
+  app.use('/api/categories', routes.categories);
   app.use('/api/tokenizer', routes.tokenizer);
   app.use('/api/endpoints', routes.endpoints);
   app.use('/api/balance', routes.balance);
@@ -91,9 +92,10 @@ const startServer = async () => {
   app.use('/api/files', await routes.files.initialize());
   app.use('/images/', validateImageRequest, routes.staticRoute);
   app.use('/api/share', routes.share);
+  app.use('/api/roles', routes.roles);
 
   app.use((req, res) => {
-    res.status(404).sendFile(path.join(app.locals.paths.dist, 'index.html'));
+    res.sendFile(path.join(app.locals.paths.dist, 'index.html'));
   });
 
   app.listen(port, host, () => {

api/server/middleware/abortMiddleware.js

@@ -1,31 +1,36 @@
 const { isAssistantsEndpoint } = require('librechat-data-provider');
 const { sendMessage, sendError, countTokens, isEnabled } = require('~/server/utils');
 const { truncateText, smartTruncateText } = require('~/app/clients/prompts');
-const { saveMessage, getConvo, getConvoTitle } = require('~/models');
 const clearPendingReq = require('~/cache/clearPendingReq');
 const abortControllers = require('./abortControllers');
+const { saveMessage, getConvo } = require('~/models');
 const spendTokens = require('~/models/spendTokens');
 const { abortRun } = require('./abortRun');
 const { logger } = require('~/config');
 
 async function abortMessage(req, res) {
-  let { abortKey, conversationId, endpoint } = req.body;
-
-  if (!abortKey && conversationId) {
-    abortKey = conversationId;
-  }
+  let { abortKey, endpoint } = req.body;
 
   if (isAssistantsEndpoint(endpoint)) {
     return await abortRun(req, res);
   }
 
+  const conversationId = abortKey?.split(':')?.[0] ?? req.user.id;
+
+  if (!abortControllers.has(abortKey) && abortControllers.has(conversationId)) {
+    abortKey = conversationId;
+  }
+
   if (!abortControllers.has(abortKey) && !res.headersSent) {
     return res.status(204).send({ message: 'Request not found' });
   }
 
-  const { abortController } = abortControllers.get(abortKey);
+  const { abortController } = abortControllers.get(abortKey) ?? {};
+  if (!abortController) {
+    return res.status(204).send({ message: 'Request not found' });
+  }
   const finalEvent = await abortController.abortCompletion();
-  logger.debug('[abortMessage] Aborted request', { abortKey });
+  logger.info('[abortMessage] Aborted request', { abortKey });
   abortControllers.delete(abortKey);
 
   if (res.headersSent && finalEvent) {
@@ -50,12 +55,32 @@ const handleAbort = () => {
   };
 };
 
-const createAbortController = (req, res, getAbortData) => {
+const createAbortController = (req, res, getAbortData, getReqData) => {
   const abortController = new AbortController();
   const { endpointOption } = req.body;
-  const onStart = (userMessage) => {
+
+  abortController.getAbortData = function () {
+    return getAbortData();
+  };
+
+  /**
+   * @param {TMessage} userMessage
+   * @param {string} responseMessageId
+   */
+  const onStart = (userMessage, responseMessageId) => {
     sendMessage(res, { message: userMessage, created: true });
     const abortKey = userMessage?.conversationId ?? req.user.id;
+    const prevRequest = abortControllers.get(abortKey);
+    if (prevRequest && prevRequest?.abortController) {
+      const data = prevRequest.abortController.getAbortData();
+      getReqData({ userMessage: data?.userMessage });
+      const addedAbortKey = `${abortKey}:${responseMessageId}`;
+      abortControllers.set(addedAbortKey, { abortController, ...endpointOption });
+      res.on('finish', function () {
+        abortControllers.delete(addedAbortKey);
+      });
+      return;
+    }
     abortControllers.set(abortKey, { abortController, ...endpointOption });
 
     res.on('finish', function () {
@@ -65,7 +90,8 @@ const createAbortController = (req, res, getAbortData) => {
 
   abortController.abortCompletion = async function () {
     abortController.abort();
-    const { conversationId, userMessage, promptTokens, ...responseData } = getAbortData();
+    const { conversationId, userMessage, userMessagePromise, promptTokens, ...responseData } =
+      getAbortData();
     const completionTokens = await countTokens(responseData?.text ?? '');
     const user = req.user.id;
 
@@ -89,10 +115,20 @@ const createAbortController = (req, res, getAbortData) => {
 
     saveMessage({ ...responseMessage, user });
 
+    let conversation;
+    if (userMessagePromise) {
+      const resolved = await userMessagePromise;
+      conversation = resolved?.conversation;
+    }
+
+    if (!conversation) {
+      conversation = await getConvo(req.user.id, conversationId);
+    }
+
     return {
-      title: await getConvoTitle(user, conversationId),
+      title: conversation && !conversation.title ? null : conversation?.title || 'New Chat',
       final: true,
-      conversation: await getConvo(user, conversationId),
+      conversation,
       requestMessage: userMessage,
       responseMessage: responseMessage,
     };

api/server/middleware/assistants/validateAuthor.js

@@ -1,3 +1,4 @@
+const { SystemRoles } = require('librechat-data-provider');
 const { getAssistant } = require('~/models/Assistant');
 
 /**
@@ -11,7 +12,7 @@ const { getAssistant } = require('~/models/Assistant');
  * @returns {Promise<void>}
  */
 const validateAuthor = async ({ req, openai, overrideEndpoint, overrideAssistantId }) => {
-  if (req.user.role === 'ADMIN') {
+  if (req.user.role === SystemRoles.ADMIN) {
     return;
   }
 

api/server/middleware/canDeleteAccount.js

@@ -0,0 +1,28 @@
+const { SystemRoles } = require('librechat-data-provider');
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
+
+/**
+ * Checks if the user can delete their account
+ *
+ * @async
+ * @function
+ * @param {Object} req - Express request object
+ * @param {Object} res - Express response object
+ * @param {Function} next - Next middleware function
+ *
+ * @returns {Promise<function|Object>} - Returns a Promise which when resolved calls next middleware if the user can delete their account
+ */
+
+const canDeleteAccount = async (req, res, next = () => {}) => {
+  const { user } = req;
+  const { ALLOW_ACCOUNT_DELETION = true } = process.env;
+  if (user?.role === SystemRoles.ADMIN || isEnabled(ALLOW_ACCOUNT_DELETION)) {
+    return next();
+  } else {
+    logger.error(`[User] [Delete Account] [User cannot delete account] [User: ${user?.id}]`);
+    return res.status(403).send({ message: 'You do not have permission to delete this account' });
+  }
+};
+
+module.exports = canDeleteAccount;

api/server/middleware/checkBan.js

@@ -1,11 +1,11 @@
 const Keyv = require('keyv');
 const uap = require('ua-parser-js');
 const { ViolationTypes } = require('librechat-data-provider');
-const { isEnabled, removePorts } = require('../utils');
+const { isEnabled, removePorts } = require('~/server/utils');
 const keyvMongo = require('~/cache/keyvMongo');
 const denyRequest = require('./denyRequest');
 const { getLogStores } = require('~/cache');
-const User = require('~/models/User');
+const { findUser } = require('~/models');
 
 const banCache = new Keyv({ store: keyvMongo, namespace: ViolationTypes.BAN, ttl: 0 });
 const message = 'Your account has been temporarily banned due to violations of our service.';
@@ -55,7 +55,7 @@ const checkBan = async (req, res, next = () => {}) => {
   let userId = req.user?.id ?? req.user?._id ?? null;
 
   if (!userId && req?.body?.email) {
-    const user = await User.findOne({ email: req.body.email }, '_id').lean();
+    const user = await findUser({ email: req.body.email }, '_id');
     userId = user?._id ? user._id.toString() : userId;
   }
 

api/server/middleware/index.js

@@ -1,47 +1,45 @@
-const abortMiddleware = require('./abortMiddleware');
-const checkBan = require('./checkBan');
-const checkDomainAllowed = require('./checkDomainAllowed');
-const uaParser = require('./uaParser');
-const setHeaders = require('./setHeaders');
-const loginLimiter = require('./loginLimiter');
-const validateModel = require('./validateModel');
-const requireJwtAuth = require('./requireJwtAuth');
-const requireLdapAuth = require('./requireLdapAuth');
-const uploadLimiters = require('./uploadLimiters');
-const registerLimiter = require('./registerLimiter');
-const messageLimiters = require('./messageLimiters');
-const requireLocalAuth = require('./requireLocalAuth');
-const validateEndpoint = require('./validateEndpoint');
-const concurrentLimiter = require('./concurrentLimiter');
-const validateMessageReq = require('./validateMessageReq');
-const buildEndpointOption = require('./buildEndpointOption');
+const validatePasswordReset = require('./validatePasswordReset');
 const validateRegistration = require('./validateRegistration');
 const validateImageRequest = require('./validateImageRequest');
+const buildEndpointOption = require('./buildEndpointOption');
+const validateMessageReq = require('./validateMessageReq');
+const checkDomainAllowed = require('./checkDomainAllowed');
+const concurrentLimiter = require('./concurrentLimiter');
+const validateEndpoint = require('./validateEndpoint');
+const requireLocalAuth = require('./requireLocalAuth');
+const canDeleteAccount = require('./canDeleteAccount');
+const requireLdapAuth = require('./requireLdapAuth');
+const abortMiddleware = require('./abortMiddleware');
+const requireJwtAuth = require('./requireJwtAuth');
+const validateModel = require('./validateModel');
 const moderateText = require('./moderateText');
+const setHeaders = require('./setHeaders');
+const limiters = require('./limiters');
+const uaParser = require('./uaParser');
+const checkBan = require('./checkBan');
 const noIndex = require('./noIndex');
-const importLimiters = require('./importLimiters');
+const roles = require('./roles');
 
 module.exports = {
-  ...uploadLimiters,
   ...abortMiddleware,
-  ...messageLimiters,
+  ...limiters,
+  ...roles,
+  noIndex,
   checkBan,
   uaParser,
   setHeaders,
-  loginLimiter,
+  moderateText,
+  validateModel,
   requireJwtAuth,
   requireLdapAuth,
-  registerLimiter,
   requireLocalAuth,
+  canDeleteAccount,
   validateEndpoint,
   concurrentLimiter,
+  checkDomainAllowed,
   validateMessageReq,
   buildEndpointOption,
   validateRegistration,
   validateImageRequest,
-  validateModel,
-  moderateText,
-  noIndex,
-  ...importLimiters,
-  checkDomainAllowed,
+  validatePasswordReset,
 };

api/server/middleware/limiters/index.js

@@ -0,0 +1,22 @@
+const createTTSLimiters = require('./ttsLimiters');
+const createSTTLimiters = require('./sttLimiters');
+
+const loginLimiter = require('./loginLimiter');
+const importLimiters = require('./importLimiters');
+const uploadLimiters = require('./uploadLimiters');
+const registerLimiter = require('./registerLimiter');
+const messageLimiters = require('./messageLimiters');
+const verifyEmailLimiter = require('./verifyEmailLimiter');
+const resetPasswordLimiter = require('./resetPasswordLimiter');
+
+module.exports = {
+  ...uploadLimiters,
+  ...importLimiters,
+  ...messageLimiters,
+  loginLimiter,
+  registerLimiter,
+  createTTSLimiters,
+  createSTTLimiters,
+  verifyEmailLimiter,
+  resetPasswordLimiter,
+};

api/server/middleware/limiters/loginLimiter.js

@@ -1,6 +1,6 @@
 const rateLimit = require('express-rate-limit');
-const { logViolation } = require('../../cache');
-const { removePorts } = require('../utils');
+const { removePorts } = require('~/server/utils');
+const { logViolation } = require('~/cache');
 
 const { LOGIN_WINDOW = 5, LOGIN_MAX = 7, LOGIN_VIOLATION_SCORE: score } = process.env;
 const windowMs = LOGIN_WINDOW * 60 * 1000;

api/server/middleware/limiters/messageLimiters.js

@@ -1,6 +1,6 @@
 const rateLimit = require('express-rate-limit');
-const { logViolation } = require('../../cache');
-const denyRequest = require('./denyRequest');
+const denyRequest = require('~/server/middleware/denyRequest');
+const { logViolation } = require('~/cache');
 
 const {
   MESSAGE_IP_MAX = 40,

api/server/middleware/limiters/registerLimiter.js

@@ -1,6 +1,6 @@
 const rateLimit = require('express-rate-limit');
-const { logViolation } = require('../../cache');
-const { removePorts } = require('../utils');
+const { removePorts } = require('~/server/utils');
+const { logViolation } = require('~/cache');
 
 const { REGISTER_WINDOW = 60, REGISTER_MAX = 5, REGISTRATION_VIOLATION_SCORE: score } = process.env;
 const windowMs = REGISTER_WINDOW * 60 * 1000;

api/server/middleware/limiters/resetPasswordLimiter.js

@@ -0,0 +1,35 @@
+const rateLimit = require('express-rate-limit');
+const { ViolationTypes } = require('librechat-data-provider');
+const { removePorts } = require('~/server/utils');
+const { logViolation } = require('~/cache');
+
+const {
+  RESET_PASSWORD_WINDOW = 2,
+  RESET_PASSWORD_MAX = 2,
+  RESET_PASSWORD_VIOLATION_SCORE: score,
+} = process.env;
+const windowMs = RESET_PASSWORD_WINDOW * 60 * 1000;
+const max = RESET_PASSWORD_MAX;
+const windowInMinutes = windowMs / 60000;
+const message = `Too many attempts, please try again after ${windowInMinutes} minute(s)`;
+
+const handler = async (req, res) => {
+  const type = ViolationTypes.RESET_PASSWORD_LIMIT;
+  const errorMessage = {
+    type,
+    max,
+    windowInMinutes,
+  };
+
+  await logViolation(req, res, type, errorMessage, score);
+  return res.status(429).json({ message });
+};
+
+const resetPasswordLimiter = rateLimit({
+  windowMs,
+  max,
+  handler,
+  keyGenerator: removePorts,
+});
+
+module.exports = resetPasswordLimiter;

api/server/middleware/limiters/verifyEmailLimiter.js

@@ -0,0 +1,35 @@
+const rateLimit = require('express-rate-limit');
+const { ViolationTypes } = require('librechat-data-provider');
+const { removePorts } = require('~/server/utils');
+const { logViolation } = require('~/cache');
+
+const {
+  VERIFY_EMAIL_WINDOW = 2,
+  VERIFY_EMAIL_MAX = 2,
+  VERIFY_EMAIL_VIOLATION_SCORE: score,
+} = process.env;
+const windowMs = VERIFY_EMAIL_WINDOW * 60 * 1000;
+const max = VERIFY_EMAIL_MAX;
+const windowInMinutes = windowMs / 60000;
+const message = `Too many attempts, please try again after ${windowInMinutes} minute(s)`;
+
+const handler = async (req, res) => {
+  const type = ViolationTypes.VERIFY_EMAIL_LIMIT;
+  const errorMessage = {
+    type,
+    max,
+    windowInMinutes,
+  };
+
+  await logViolation(req, res, type, errorMessage, score);
+  return res.status(429).json({ message });
+};
+
+const verifyEmailLimiter = rateLimit({
+  windowMs,
+  max,
+  handler,
+  keyGenerator: removePorts,
+});
+
+module.exports = verifyEmailLimiter;

api/server/middleware/requireLdapAuth.js

@@ -13,7 +13,7 @@ const requireLdapAuth = (req, res, next) => {
       console.log({
         title: '(requireLdapAuth) Error: No user',
       });
-      return res.status(422).send(info);
+      return res.status(404).send(info);
     }
     req.user = user;
     next();

api/server/middleware/requireLocalAuth.js

@@ -21,7 +21,13 @@ const requireLocalAuth = (req, res, next) => {
       log({
         title: '(requireLocalAuth) Error: No user',
       });
-      return res.status(422).send(info);
+      return res.status(404).send(info);
+    }
+    if (info && info.message) {
+      log({
+        title: '(requireLocalAuth) Error: ' + info.message,
+      });
+      return res.status(422).send({ message: info.message });
     }
     req.user = user;
     next();

api/server/middleware/roles/checkAdmin.js

@@ -0,0 +1,14 @@
+const { SystemRoles } = require('librechat-data-provider');
+
+function checkAdmin(req, res, next) {
+  try {
+    if (req.user.role !== SystemRoles.ADMIN) {
+      return res.status(403).json({ message: 'Forbidden' });
+    }
+    next();
+  } catch (error) {
+    res.status(500).json({ message: 'Internal Server Error' });
+  }
+}
+
+module.exports = checkAdmin;

api/server/middleware/roles/generateCheckAccess.js

@@ -0,0 +1,52 @@
+const { SystemRoles } = require('librechat-data-provider');
+const { getRoleByName } = require('~/models/Role');
+
+/**
+ * Middleware to check if a user has one or more required permissions, optionally based on `req.body` properties.
+ *
+ * @param {PermissionTypes} permissionType - The type of permission to check.
+ * @param {Permissions[]} permissions - The list of specific permissions to check.
+ * @param {Record<Permissions, string[]>} [bodyProps] - An optional object where keys are permissions and values are arrays of `req.body` properties to check.
+ * @returns {Function} Express middleware function.
+ */
+const generateCheckAccess = (permissionType, permissions, bodyProps = {}) => {
+  return async (req, res, next) => {
+    try {
+      const { user } = req;
+      if (!user) {
+        return res.status(401).json({ message: 'Authorization required' });
+      }
+
+      if (user.role === SystemRoles.ADMIN) {
+        return next();
+      }
+
+      const role = await getRoleByName(user.role);
+      if (role && role[permissionType]) {
+        const hasAnyPermission = permissions.some((permission) => {
+          if (role[permissionType][permission]) {
+            return true;
+          }
+
+          if (bodyProps[permission] && req.body) {
+            return bodyProps[permission].some((prop) =>
+              Object.prototype.hasOwnProperty.call(req.body, prop),
+            );
+          }
+
+          return false;
+        });
+
+        if (hasAnyPermission) {
+          return next();
+        }
+      }
+
+      return res.status(403).json({ message: 'Forbidden: Insufficient permissions' });
+    } catch (error) {
+      return res.status(500).json({ message: `Server error: ${error.message}` });
+    }
+  };
+};
+
+module.exports = generateCheckAccess;

api/server/middleware/roles/index.js

@@ -0,0 +1,7 @@
+const checkAdmin = require('./checkAdmin');
+const generateCheckAccess = require('./generateCheckAccess');
+
+module.exports = {
+  checkAdmin,
+  generateCheckAccess,
+};

api/server/middleware/speech/index.js

@@ -1,7 +0,0 @@
-const createTTSLimiters = require('./ttsLimiters');
-const createSTTLimiters = require('./sttLimiters');
-
-module.exports = {
-  createTTSLimiters,
-  createSTTLimiters,
-};

api/server/middleware/validateMessageReq.js

@@ -1,4 +1,4 @@
-const { getConvo } = require('../../models');
+const { getConvo } = require('~/models');
 
 // Middleware to validate conversationId and user relationship
 const validateMessageReq = async (req, res, next) => {

api/server/middleware/validatePasswordReset.js

@@ -0,0 +1,13 @@
+const { isEnabled } = require('~/server/utils');
+const { logger } = require('~/config');
+
+function validatePasswordReset(req, res, next) {
+  if (isEnabled(process.env.ALLOW_PASSWORD_RESET)) {
+    next();
+  } else {
+    logger.warn(`Password reset attempt while not allowed. IP: ${req.ip}`);
+    res.status(403).send('Password reset is not allowed.');
+  }
+}
+
+module.exports = validatePasswordReset;

api/server/middleware/validateRegistration.js

@@ -1,6 +1,7 @@
+const { isEnabled } = require('~/server/utils');
+
 function validateRegistration(req, res, next) {
-  const setting = process.env.ALLOW_REGISTRATION?.toLowerCase();
-  if (setting === 'true') {
+  if (isEnabled(process.env.ALLOW_REGISTRATION)) {
     next();
   } else {
     res.status(403).send('Registration is not allowed.');

api/server/routes/__tests__/config.spec.js

@@ -25,6 +25,7 @@ afterEach(() => {
   delete process.env.DOMAIN_SERVER;
   delete process.env.ALLOW_REGISTRATION;
   delete process.env.ALLOW_SOCIAL_LOGIN;
+  delete process.env.ALLOW_PASSWORD_RESET;
   delete process.env.LDAP_URL;
   delete process.env.LDAP_BIND_DN;
   delete process.env.LDAP_BIND_CREDENTIALS;
@@ -55,6 +56,7 @@ describe.skip('GET /', () => {
     process.env.DOMAIN_SERVER = 'http://test-server.com';
     process.env.ALLOW_REGISTRATION = 'true';
     process.env.ALLOW_SOCIAL_LOGIN = 'true';
+    process.env.ALLOW_PASSWORD_RESET = 'true';
     process.env.LDAP_URL = 'Test LDAP URL';
     process.env.LDAP_BIND_DN = 'Test LDAP Bind DN';
     process.env.LDAP_BIND_CREDENTIALS = 'Test LDAP Bind Credentials';
@@ -78,6 +80,7 @@ describe.skip('GET /', () => {
       serverDomain: 'http://test-server.com',
       emailLoginEnabled: 'true',
       registrationEnabled: 'true',
+      passwordResetEnabled: 'true',
       socialLoginEnabled: 'true',
     });
   });

api/server/routes/ask/google.js

@@ -1,6 +1,6 @@
 const express = require('express');
 const AskController = require('~/server/controllers/AskController');
-const { initializeClient } = require('~/server/services/Endpoints/google');
+const { initializeClient, addTitle } = require('~/server/services/Endpoints/google');
 const {
   setHeaders,
   handleAbort,
@@ -20,7 +20,7 @@ router.post(
   buildEndpointOption,
   setHeaders,
   async (req, res, next) => {
-    await AskController(req, res, next, initializeClient);
+    await AskController(req, res, next, initializeClient, addTitle);
   },
 );
 

api/server/routes/ask/gptPlugins.js

@@ -2,9 +2,9 @@ const express = require('express');
 const throttle = require('lodash/throttle');
 const { getResponseSender, Constants } = require('librechat-data-provider');
 const { initializeClient } = require('~/server/services/Endpoints/gptPlugins');
-const { saveMessage, getConvoTitle, getConvo } = require('~/models');
 const { sendMessage, createOnProgress } = require('~/server/utils');
 const { addTitle } = require('~/server/services/Endpoints/openAI');
+const { saveMessage } = require('~/models');
 const {
   handleAbort,
   createAbortController,
@@ -41,6 +41,7 @@ router.post(
     logger.debug('[/ask/gptPlugins]', { text, conversationId, ...endpointOption });
 
     let userMessage;
+    let userMessagePromise;
     let promptTokens;
     let userMessageId;
     let responseMessageId;
@@ -58,6 +59,8 @@ router.post(
         if (key === 'userMessage') {
           userMessage = data[key];
           userMessageId = data[key].messageId;
+        } else if (key === 'userMessagePromise') {
+          userMessagePromise = data[key];
         } else if (key === 'responseMessageId') {
           responseMessageId = data[key];
         } else if (key === 'promptTokens') {
@@ -148,18 +151,10 @@ router.post(
       }
     };
 
-    const onChainEnd = () => {
-      saveMessage({ ...userMessage, user });
-      sendIntermediateMessage(res, {
-        plugins,
-        parentMessageId: userMessage.messageId,
-        messageId: responseMessageId,
-      });
-    };
-
     const getAbortData = () => ({
       sender,
       conversationId,
+      userMessagePromise,
       messageId: responseMessageId,
       parentMessageId: overrideParentMessageId ?? userMessageId,
       text: getPartialText(),
@@ -167,12 +162,23 @@ router.post(
       userMessage,
       promptTokens,
     });
-    const { abortController, onStart } = createAbortController(req, res, getAbortData);
+    const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
 
     try {
       endpointOption.tools = await validateTools(user, endpointOption.tools);
       const { client } = await initializeClient({ req, res, endpointOption });
 
+      const onChainEnd = () => {
+        if (!client.skipSaveUserMessage) {
+          saveMessage({ ...userMessage, user });
+        }
+        sendIntermediateMessage(res, {
+          plugins,
+          parentMessageId: userMessage.messageId,
+          messageId: responseMessageId,
+        });
+      };
+
       let response = await client.sendMessage(text, {
         user,
         conversationId,
@@ -205,10 +211,14 @@ router.post(
       response.plugins = plugins.map((p) => ({ ...p, loading: false }));
       await saveMessage({ ...response, user });
 
+      const { conversation = {} } = await client.responsePromise;
+      conversation.title =
+        conversation && !conversation.title ? null : conversation?.title || 'New Chat';
+
       sendMessage(res, {
-        title: await getConvoTitle(user, conversationId),
+        title: conversation.title,
         final: true,
-        conversation: await getConvo(user, conversationId),
+        conversation,
         requestMessage: userMessage,
         responseMessage: response,
       });

api/server/routes/auth.js

@@ -1,26 +1,27 @@
 const express = require('express');
 const {
-  resetPasswordRequestController,
-  resetPasswordController,
   refreshController,
   registrationController,
-} = require('../controllers/AuthController');
-const { loginController } = require('../controllers/auth/LoginController');
-const { logoutController } = require('../controllers/auth/LogoutController');
+  resetPasswordController,
+  resetPasswordRequestController,
+} = require('~/server/controllers/AuthController');
+const { loginController } = require('~/server/controllers/auth/LoginController');
+const { logoutController } = require('~/server/controllers/auth/LogoutController');
 const {
   checkBan,
   loginLimiter,
-  registerLimiter,
   requireJwtAuth,
+  registerLimiter,
   requireLdapAuth,
   requireLocalAuth,
+  resetPasswordLimiter,
   validateRegistration,
-} = require('../middleware');
+  validatePasswordReset,
+} = require('~/server/middleware');
 
 const router = express.Router();
 
-const ldapAuth =
-  !!process.env.LDAP_URL && !!process.env.LDAP_BIND_DN && !!process.env.LDAP_USER_SEARCH_BASE;
+const ldapAuth = !!process.env.LDAP_URL && !!process.env.LDAP_USER_SEARCH_BASE;
 //Local
 router.post('/logout', requireJwtAuth, logoutController);
 router.post(
@@ -32,7 +33,13 @@ router.post(
 );
 router.post('/refresh', refreshController);
 router.post('/register', registerLimiter, checkBan, validateRegistration, registrationController);
-router.post('/requestPasswordReset', resetPasswordRequestController);
-router.post('/resetPassword', resetPasswordController);
+router.post(
+  '/requestPasswordReset',
+  resetPasswordLimiter,
+  checkBan,
+  validatePasswordReset,
+  resetPasswordRequestController,
+);
+router.post('/resetPassword', checkBan, validatePasswordReset, resetPasswordController);
 
 module.exports = router;

api/server/routes/categories.js

@@ -0,0 +1,15 @@
+const express = require('express');
+const router = express.Router();
+const { requireJwtAuth } = require('~/server/middleware');
+const { getCategories } = require('~/models/Categories');
+
+router.get('/', requireJwtAuth, async (req, res) => {
+  try {
+    const categories = await getCategories();
+    res.status(200).send(categories);
+  } catch (error) {
+    res.status(500).send({ message: 'Failed to retrieve categories', error: error.message });
+  }
+});
+
+module.exports = router;

api/server/routes/config.js

@@ -1,20 +1,39 @@
 const express = require('express');
-const { defaultSocialLogins } = require('librechat-data-provider');
+const { CacheKeys, defaultSocialLogins } = require('librechat-data-provider');
+const { getProjectByName } = require('~/models/Project');
 const { isEnabled } = require('~/server/utils');
+const { getLogStores } = require('~/cache');
 const { logger } = require('~/config');
 
 const router = express.Router();
 const emailLoginEnabled =
   process.env.ALLOW_EMAIL_LOGIN === undefined || isEnabled(process.env.ALLOW_EMAIL_LOGIN);
+const passwordResetEnabled = isEnabled(process.env.ALLOW_PASSWORD_RESET);
+
+const sharedLinksEnabled =
+  process.env.ALLOW_SHARED_LINKS === undefined || isEnabled(process.env.ALLOW_SHARED_LINKS);
+
+const publicSharedLinksEnabled =
+  sharedLinksEnabled &&
+  (process.env.ALLOW_SHARED_LINKS_PUBLIC === undefined ||
+    isEnabled(process.env.ALLOW_SHARED_LINKS_PUBLIC));
 
 router.get('/', async function (req, res) {
+  const cache = getLogStores(CacheKeys.CONFIG_STORE);
+  const cachedStartupConfig = await cache.get(CacheKeys.STARTUP_CONFIG);
+  if (cachedStartupConfig) {
+    res.send(cachedStartupConfig);
+    return;
+  }
+
   const isBirthday = () => {
     const today = new Date();
     return today.getMonth() === 1 && today.getDate() === 11;
   };
 
-  const ldapLoginEnabled =
-    !!process.env.LDAP_URL && !!process.env.LDAP_BIND_DN && !!process.env.LDAP_USER_SEARCH_BASE;
+  const instanceProject = await getProjectByName('instance', '_id');
+
+  const ldapLoginEnabled = !!process.env.LDAP_URL && !!process.env.LDAP_USER_SEARCH_BASE;
   try {
     /** @type {TStartupConfig} */
     const payload = {
@@ -42,6 +61,7 @@ router.get('/', async function (req, res) {
         !!process.env.EMAIL_USERNAME &&
         !!process.env.EMAIL_PASSWORD &&
         !!process.env.EMAIL_FROM,
+      passwordResetEnabled,
       checkBalance: isEnabled(process.env.CHECK_BALANCE),
       showBirthdayIcon:
         isBirthday() ||
@@ -50,12 +70,17 @@ router.get('/', async function (req, res) {
       helpAndFaqURL: process.env.HELP_AND_FAQ_URL || 'https://librechat.ai',
       interface: req.app.locals.interfaceConfig,
       modelSpecs: req.app.locals.modelSpecs,
+      sharedLinksEnabled,
+      publicSharedLinksEnabled,
+      analyticsGtmId: process.env.ANALYTICS_GTM_ID,
+      instanceProjectId: instanceProject._id.toString(),
     };
 
     if (typeof process.env.CUSTOM_FOOTER === 'string') {
       payload.customFooter = process.env.CUSTOM_FOOTER;
     }
 
+    await cache.set(CacheKeys.STARTUP_CONFIG, payload);
     return res.status(200).send(payload);
   } catch (err) {
     logger.error('Error in startup config', err);

api/server/routes/convos.js

@@ -3,12 +3,11 @@ const express = require('express');
 const { CacheKeys } = require('librechat-data-provider');
 const { initializeClient } = require('~/server/services/Endpoints/assistants');
 const { getConvosByPage, deleteConvos, getConvo, saveConvo } = require('~/models/Conversation');
-const { IMPORT_CONVERSATION_JOB_NAME } = require('~/server/utils/import/jobDefinition');
 const { storage, importFileFilter } = require('~/server/routes/files/multer');
 const requireJwtAuth = require('~/server/middleware/requireJwtAuth');
 const { forkConversation } = require('~/server/utils/import/fork');
+const { importConversations } = require('~/server/utils/import');
 const { createImportLimiters } = require('~/server/middleware');
-const jobScheduler = require('~/server/utils/jobScheduler');
 const getLogStores = require('~/cache/getLogStores');
 const { sleep } = require('~/server/utils');
 const { logger } = require('~/config');
@@ -129,10 +128,9 @@ router.post(
   upload.single('file'),
   async (req, res) => {
     try {
-      const filepath = req.file.path;
-      const job = await jobScheduler.now(IMPORT_CONVERSATION_JOB_NAME, filepath, req.user.id);
-
-      res.status(201).json({ message: 'Import started', jobId: job.id });
+      /* TODO: optimize to return imported conversations and add manually */
+      await importConversations({ filepath: req.file.path, requestUserId: req.user.id });
+      res.status(201).json({ message: 'Conversation(s) imported successfully' });
     } catch (error) {
       logger.error('Error processing file', error);
       res.status(500).send('Error processing file');
@@ -169,24 +167,4 @@ router.post('/fork', async (req, res) => {
   }
 });
 
-// Get the status of an import job for polling
-router.get('/import/jobs/:jobId', async (req, res) => {
-  try {
-    const { jobId } = req.params;
-    const { userId, ...jobStatus } = await jobScheduler.getJobStatus(jobId);
-    if (!jobStatus) {
-      return res.status(404).json({ message: 'Job not found.' });
-    }
-
-    if (userId !== req.user.id) {
-      return res.status(403).json({ message: 'Unauthorized' });
-    }
-
-    res.json(jobStatus);
-  } catch (error) {
-    logger.error('Error getting job details', error);
-    res.status(500).send('Error getting job details');
-  }
-});
-
 module.exports = router;

api/server/routes/edit/gptPlugins.js

@@ -13,7 +13,7 @@ const {
 } = require('~/server/middleware');
 const { sendMessage, createOnProgress, formatSteps, formatAction } = require('~/server/utils');
 const { initializeClient } = require('~/server/services/Endpoints/gptPlugins');
-const { saveMessage, getConvoTitle, getConvo } = require('~/models');
+const { saveMessage } = require('~/models');
 const { validateTools } = require('~/app');
 const { logger } = require('~/config');
 
@@ -49,6 +49,7 @@ router.post(
     });
 
     let userMessage;
+    let userMessagePromise;
     let promptTokens;
     const sender = getResponseSender({
       ...endpointOption,
@@ -68,6 +69,8 @@ router.post(
       for (let key in data) {
         if (key === 'userMessage') {
           userMessage = data[key];
+        } else if (key === 'userMessagePromise') {
+          userMessagePromise = data[key];
         } else if (key === 'responseMessageId') {
           responseMessageId = data[key];
         } else if (key === 'promptTokens') {
@@ -103,21 +106,6 @@ router.post(
       },
     });
 
-    const onAgentAction = (action, start = false) => {
-      const formattedAction = formatAction(action);
-      plugin.inputs.push(formattedAction);
-      plugin.latest = formattedAction.plugin;
-      if (!start) {
-        saveMessage({ ...userMessage, user });
-      }
-      sendIntermediateMessage(res, {
-        plugin,
-        parentMessageId: userMessage.messageId,
-        messageId: responseMessageId,
-      });
-      // logger.debug('PLUGIN ACTION', formattedAction);
-    };
-
     const onChainEnd = (data) => {
       let { intermediateSteps: steps } = data;
       plugin.outputs = steps && steps[0].action ? formatSteps(steps) : 'An error occurred.';
@@ -134,6 +122,7 @@ router.post(
     const getAbortData = () => ({
       sender,
       conversationId,
+      userMessagePromise,
       messageId: responseMessageId,
       parentMessageId: overrideParentMessageId ?? userMessageId,
       text: getPartialText(),
@@ -141,12 +130,27 @@ router.post(
       userMessage,
       promptTokens,
     });
-    const { abortController, onStart } = createAbortController(req, res, getAbortData);
+    const { abortController, onStart } = createAbortController(req, res, getAbortData, getReqData);
 
     try {
       endpointOption.tools = await validateTools(user, endpointOption.tools);
       const { client } = await initializeClient({ req, res, endpointOption });
 
+      const onAgentAction = (action, start = false) => {
+        const formattedAction = formatAction(action);
+        plugin.inputs.push(formattedAction);
+        plugin.latest = formattedAction.plugin;
+        if (!start && !client.skipSaveUserMessage) {
+          saveMessage({ ...userMessage, user });
+        }
+        sendIntermediateMessage(res, {
+          plugin,
+          parentMessageId: userMessage.messageId,
+          messageId: responseMessageId,
+        });
+        // logger.debug('PLUGIN ACTION', formattedAction);
+      };
+
       let response = await client.sendMessage(text, {
         user,
         generation,
@@ -179,10 +183,14 @@ router.post(
       response.plugin = { ...plugin, loading: false };
       await saveMessage({ ...response, user });
 
+      const { conversation = {} } = await client.responsePromise;
+      conversation.title =
+        conversation && !conversation.title ? null : conversation?.title || 'New Chat';
+
       sendMessage(res, {
-        title: await getConvoTitle(user, conversationId),
+        title: conversation.title,
         final: true,
-        conversation: await getConvo(user, conversationId),
+        conversation,
         requestMessage: userMessage,
         responseMessage: response,
       });

api/server/routes/files/index.js

@@ -1,13 +1,11 @@
 const express = require('express');
 const { uaParser, checkBan, requireJwtAuth, createFileLimiters } = require('~/server/middleware');
-const { createTTSLimiters, createSTTLimiters } = require('~/server/middleware/speech');
 const { createMulterInstance } = require('./multer');
 
 const files = require('./files');
 const images = require('./images');
 const avatar = require('./avatar');
-const stt = require('./stt');
-const tts = require('./tts');
+const speech = require('./speech');
 
 const initialize = async () => {
   const router = express.Router();
@@ -15,11 +13,8 @@ const initialize = async () => {
   router.use(checkBan);
   router.use(uaParser);
 
-  /* Important: stt/tts routes must be added before the upload limiters */
-  const { sttIpLimiter, sttUserLimiter } = createSTTLimiters();
-  const { ttsIpLimiter, ttsUserLimiter } = createTTSLimiters();
-  router.use('/stt', sttIpLimiter, sttUserLimiter, stt);
-  router.use('/tts', ttsIpLimiter, ttsUserLimiter, tts);
+  /* Important: speech route must be added before the upload limiters */
+  router.use('/speech', speech);
 
   const upload = await createMulterInstance();
   const { fileUploadIpLimiter, fileUploadUserLimiter } = createFileLimiters();

api/server/routes/files/speech/customConfigSpeech.js

@@ -0,0 +1,10 @@
+const express = require('express');
+const router = express.Router();
+
+const { getCustomConfigSpeech } = require('~/server/services/Files/Audio');
+
+router.get('/get', async (req, res) => {
+  await getCustomConfigSpeech(req, res);
+});
+
+module.exports = router;

api/server/routes/files/speech/index.js

@@ -0,0 +1,17 @@
+const express = require('express');
+const { createTTSLimiters, createSTTLimiters } = require('~/server/middleware');
+
+const stt = require('./stt');
+const tts = require('./tts');
+const customConfigSpeech = require('./customConfigSpeech');
+
+const router = express.Router();
+
+const { sttIpLimiter, sttUserLimiter } = createSTTLimiters();
+const { ttsIpLimiter, ttsUserLimiter } = createTTSLimiters();
+router.use('/stt', sttIpLimiter, sttUserLimiter, stt);
+router.use('/tts', ttsIpLimiter, ttsUserLimiter, tts);
+
+router.use('/config', customConfigSpeech);
+
+module.exports = router;

api/server/routes/index.js

@@ -19,6 +19,8 @@ const assistants = require('./assistants');
 const files = require('./files');
 const staticRoute = require('./static');
 const share = require('./share');
+const categories = require('./categories');
+const roles = require('./roles');
 
 module.exports = {
   search,
@@ -42,4 +44,6 @@ module.exports = {
   files,
   staticRoute,
   share,
+  categories,
+  roles,
 };

api/server/routes/oauth.js

@@ -1,12 +1,12 @@
 // file deepcode ignore NoRateLimitingForLogin: Rate limiting is handled by the `loginLimiter` middleware
-
-const passport = require('passport');
 const express = require('express');
-const router = express.Router();
-const { setAuthTokens } = require('~/server/services/AuthService');
+const passport = require('passport');
 const { loginLimiter, checkBan, checkDomainAllowed } = require('~/server/middleware');
+const { setAuthTokens } = require('~/server/services/AuthService');
 const { logger } = require('~/config');
 
+const router = express.Router();
+
 const domains = {
   client: process.env.DOMAIN_CLIENT,
   server: process.env.DOMAIN_SERVER,

api/server/routes/prompts.js

@@ -1,14 +1,235 @@
 const express = require('express');
+const { PermissionTypes, Permissions, SystemRoles } = require('librechat-data-provider');
+const {
+  getPrompt,
+  getPrompts,
+  savePrompt,
+  deletePrompt,
+  getPromptGroup,
+  getPromptGroups,
+  updatePromptGroup,
+  deletePromptGroup,
+  createPromptGroup,
+  getAllPromptGroups,
+  // updatePromptLabels,
+  makePromptProduction,
+} = require('~/models/Prompt');
+const { requireJwtAuth, generateCheckAccess } = require('~/server/middleware');
+const { logger } = require('~/config');
+
 const router = express.Router();
-const { getPrompts } = require('../../models/Prompt');
+
+const checkPromptAccess = generateCheckAccess(PermissionTypes.PROMPTS, [Permissions.USE]);
+const checkPromptCreate = generateCheckAccess(PermissionTypes.PROMPTS, [
+  Permissions.USE,
+  Permissions.CREATE,
+]);
+const checkGlobalPromptShare = generateCheckAccess(
+  PermissionTypes.PROMPTS,
+  [Permissions.USE, Permissions.CREATE],
+  {
+    [Permissions.SHARED_GLOBAL]: ['projectIds', 'removeProjectIds'],
+  },
+);
+
+router.use(requireJwtAuth);
+router.use(checkPromptAccess);
+
+/**
+ * Route to get single prompt group by its ID
+ * GET /groups/:groupId
+ */
+router.get('/groups/:groupId', async (req, res) => {
+  let groupId = req.params.groupId;
+  const author = req.user.id;
+
+  const query = {
+    _id: groupId,
+    $or: [{ projectIds: { $exists: true, $ne: [], $not: { $size: 0 } } }, { author }],
+  };
+
+  if (req.user.role === SystemRoles.ADMIN) {
+    delete query.$or;
+  }
+
+  try {
+    const group = await getPromptGroup(query);
+
+    if (!group) {
+      return res.status(404).send({ message: 'Prompt group not found' });
+    }
+
+    res.status(200).send(group);
+  } catch (error) {
+    logger.error('Error getting prompt group', error);
+    res.status(500).send({ message: 'Error getting prompt group' });
+  }
+});
+
+/**
+ * Route to fetch all prompt groups
+ * GET /groups
+ */
+router.get('/all', async (req, res) => {
+  try {
+    const groups = await getAllPromptGroups(req, {
+      author: req.user._id,
+    });
+    res.status(200).send(groups);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error getting prompt groups' });
+  }
+});
+
+/**
+ * Route to fetch paginated prompt groups with filters
+ * GET /groups
+ */
+router.get('/groups', async (req, res) => {
+  try {
+    const filter = req.query;
+    /* Note: The aggregation requires an ObjectId */
+    filter.author = req.user._id;
+    const groups = await getPromptGroups(req, filter);
+    res.status(200).send(groups);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error getting prompt groups' });
+  }
+});
+
+/**
+ * Updates or creates a prompt + promptGroup
+ * @param {object} req
+ * @param {TCreatePrompt} req.body
+ * @param {Express.Response} res
+ */
+const createPrompt = async (req, res) => {
+  try {
+    const { prompt, group } = req.body;
+    if (!prompt) {
+      return res.status(400).send({ error: 'Prompt is required' });
+    }
+
+    const saveData = {
+      prompt,
+      group,
+      author: req.user.id,
+      authorName: req.user.name,
+    };
+
+    /** @type {TCreatePromptResponse} */
+    let result;
+    if (group && group.name) {
+      result = await createPromptGroup(saveData);
+    } else {
+      result = await savePrompt(saveData);
+    }
+    res.status(200).send(result);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error saving prompt' });
+  }
+};
+
+router.post('/', createPrompt);
+
+/**
+ * Updates a prompt group
+ * @param {object} req
+ * @param {object} req.params - The request parameters
+ * @param {string} req.params.groupId - The group ID
+ * @param {TUpdatePromptGroupPayload} req.body - The request body
+ * @param {Express.Response} res
+ */
+const patchPromptGroup = async (req, res) => {
+  try {
+    const { groupId } = req.params;
+    const author = req.user.id;
+    const filter = { _id: groupId, author };
+    if (req.user.role === SystemRoles.ADMIN) {
+      delete filter.author;
+    }
+    const promptGroup = await updatePromptGroup(filter, req.body);
+    res.status(200).send(promptGroup);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error updating prompt group' });
+  }
+};
+
+router.patch('/groups/:groupId', checkGlobalPromptShare, patchPromptGroup);
+
+router.patch('/:promptId/tags/production', checkPromptCreate, async (req, res) => {
+  try {
+    const { promptId } = req.params;
+    const result = await makePromptProduction(promptId);
+    res.status(200).send(result);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error updating prompt production' });
+  }
+});
+
+router.get('/:promptId', async (req, res) => {
+  const { promptId } = req.params;
+  const author = req.user.id;
+  const query = { _id: promptId, author };
+  if (req.user.role === SystemRoles.ADMIN) {
+    delete query.author;
+  }
+  const prompt = await getPrompt(query);
+  res.status(200).send(prompt);
+});
 
 router.get('/', async (req, res) => {
-  let filter = {};
-  // const { search } = req.body.arg;
-  // if (!!search) {
-  //   filter = { conversationId };
-  // }
-  res.status(200).send(await getPrompts(filter));
+  try {
+    const author = req.user.id;
+    const { groupId } = req.query;
+    const query = { groupId, author };
+    if (req.user.role === SystemRoles.ADMIN) {
+      delete query.author;
+    }
+    const prompts = await getPrompts(query);
+    res.status(200).send(prompts);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error getting prompts' });
+  }
+});
+
+/**
+ * Deletes a prompt
+ *
+ * @param {Express.Request} req - The request object.
+ * @param {TDeletePromptVariables} req.params - The request parameters
+ * @param {import('mongoose').ObjectId} req.params.promptId - The prompt ID
+ * @param {Express.Response} res - The response object.
+ * @return {TDeletePromptResponse} A promise that resolves when the prompt is deleted.
+ */
+const deletePromptController = async (req, res) => {
+  try {
+    const { promptId } = req.params;
+    const { groupId } = req.query;
+    const author = req.user.id;
+    const query = { promptId, groupId, author, role: req.user.role };
+    if (req.user.role === SystemRoles.ADMIN) {
+      delete query.author;
+    }
+    const result = await deletePrompt(query);
+    res.status(200).send(result);
+  } catch (error) {
+    logger.error(error);
+    res.status(500).send({ error: 'Error deleting prompt' });
+  }
+};
+
+router.delete('/:promptId', checkPromptCreate, deletePromptController);
+
+router.delete('/groups/:groupId', checkPromptCreate, async (req, res) => {
+  const { groupId } = req.params;
+  res.status(200).send(await deletePromptGroup(groupId));
 });
 
 module.exports = router;

api/server/routes/roles.js

@@ -0,0 +1,72 @@
+const express = require('express');
+const {
+  promptPermissionsSchema,
+  PermissionTypes,
+  roleDefaults,
+  SystemRoles,
+} = require('librechat-data-provider');
+const { checkAdmin, requireJwtAuth } = require('~/server/middleware');
+const { updateRoleByName, getRoleByName } = require('~/models/Role');
+
+const router = express.Router();
+router.use(requireJwtAuth);
+
+/**
+ * GET /api/roles/:roleName
+ * Get a specific role by name
+ */
+router.get('/:roleName', async (req, res) => {
+  const { roleName: _r } = req.params;
+  // TODO: TEMP, use a better parsing for roleName
+  const roleName = _r.toUpperCase();
+
+  if (req.user.role !== SystemRoles.ADMIN && !roleDefaults[roleName]) {
+    return res.status(403).send({ message: 'Unauthorized' });
+  }
+
+  try {
+    const role = await getRoleByName(roleName, '-_id -__v');
+    if (!role) {
+      return res.status(404).send({ message: 'Role not found' });
+    }
+
+    res.status(200).send(role);
+  } catch (error) {
+    return res.status(500).send({ message: 'Failed to retrieve role', error: error.message });
+  }
+});
+
+/**
+ * PUT /api/roles/:roleName/prompts
+ * Update prompt permissions for a specific role
+ */
+router.put('/:roleName/prompts', checkAdmin, async (req, res) => {
+  const { roleName: _r } = req.params;
+  // TODO: TEMP, use a better parsing for roleName
+  const roleName = _r.toUpperCase();
+  /** @type {TRole['PROMPTS']} */
+  const updates = req.body;
+
+  try {
+    const parsedUpdates = promptPermissionsSchema.partial().parse(updates);
+
+    const role = await getRoleByName(roleName);
+    if (!role) {
+      return res.status(404).send({ message: 'Role not found' });
+    }
+
+    const mergedUpdates = {
+      [PermissionTypes.PROMPTS]: {
+        ...role[PermissionTypes.PROMPTS],
+        ...parsedUpdates,
+      },
+    };
+
+    const updatedRole = await updateRoleByName(roleName, mergedUpdates);
+    res.status(200).send(updatedRole);
+  } catch (error) {
+    return res.status(400).send({ message: 'Invalid prompt permissions.', error: error.errors });
+  }
+});
+
+module.exports = router;

api/server/routes/share.js

@@ -8,67 +8,99 @@ const {
   deleteSharedLink,
 } = require('~/models/Share');
 const requireJwtAuth = require('~/server/middleware/requireJwtAuth');
+const { isEnabled } = require('~/server/utils');
 const router = express.Router();
 
 /**
  * Shared messages
- * this route does not require authentication
  */
-router.get('/:shareId', async (req, res) => {
-  const share = await getSharedMessages(req.params.shareId);
+const allowSharedLinks =
+  process.env.ALLOW_SHARED_LINKS === undefined || isEnabled(process.env.ALLOW_SHARED_LINKS);
 
-  if (share) {
-    res.status(200).json(share);
-  } else {
-    res.status(404).end();
-  }
-});
+if (allowSharedLinks) {
+  const allowSharedLinksPublic =
+    process.env.ALLOW_SHARED_LINKS_PUBLIC === undefined ||
+    isEnabled(process.env.ALLOW_SHARED_LINKS_PUBLIC);
+  router.get(
+    '/:shareId',
+    allowSharedLinksPublic ? (req, res, next) => next() : requireJwtAuth,
+    async (req, res) => {
+      try {
+        const share = await getSharedMessages(req.params.shareId);
+
+        if (share) {
+          res.status(200).json(share);
+        } else {
+          res.status(404).end();
+        }
+      } catch (error) {
+        res.status(500).json({ message: 'Error getting shared messages' });
+      }
+    },
+  );
+}
 
 /**
  * Shared links
  */
 router.get('/', requireJwtAuth, async (req, res) => {
-  let pageNumber = req.query.pageNumber || 1;
-  pageNumber = parseInt(pageNumber, 10);
+  try {
+    let pageNumber = req.query.pageNumber || 1;
+    pageNumber = parseInt(pageNumber, 10);
 
-  if (isNaN(pageNumber) || pageNumber < 1) {
-    return res.status(400).json({ error: 'Invalid page number' });
+    if (isNaN(pageNumber) || pageNumber < 1) {
+      return res.status(400).json({ error: 'Invalid page number' });
+    }
+
+    let pageSize = req.query.pageSize || 25;
+    pageSize = parseInt(pageSize, 10);
+
+    if (isNaN(pageSize) || pageSize < 1) {
+      return res.status(400).json({ error: 'Invalid page size' });
+    }
+    const isPublic = req.query.isPublic === 'true';
+    res.status(200).send(await getSharedLinks(req.user.id, pageNumber, pageSize, isPublic));
+  } catch (error) {
+    res.status(500).json({ message: 'Error getting shared links' });
   }
-
-  let pageSize = req.query.pageSize || 25;
-  pageSize = parseInt(pageSize, 10);
-
-  if (isNaN(pageSize) || pageSize < 1) {
-    return res.status(400).json({ error: 'Invalid page size' });
-  }
-  const isPublic = req.query.isPublic === 'true';
-  res.status(200).send(await getSharedLinks(req.user.id, pageNumber, pageSize, isPublic));
 });
 
 router.post('/', requireJwtAuth, async (req, res) => {
-  const created = await createSharedLink(req.user.id, req.body);
-  if (created) {
-    res.status(200).json(created);
-  } else {
-    res.status(404).end();
+  try {
+    const created = await createSharedLink(req.user.id, req.body);
+    if (created) {
+      res.status(200).json(created);
+    } else {
+      res.status(404).end();
+    }
+  } catch (error) {
+    res.status(500).json({ message: 'Error creating shared link' });
   }
 });
 
 router.patch('/', requireJwtAuth, async (req, res) => {
-  const updated = await updateSharedLink(req.user.id, req.body);
-  if (updated) {
-    res.status(200).json(updated);
-  } else {
-    res.status(404).end();
+  try {
+    const updated = await updateSharedLink(req.user.id, req.body);
+    if (updated) {
+      res.status(200).json(updated);
+    } else {
+      res.status(404).end();
+    }
+  } catch (error) {
+    res.status(500).json({ message: 'Error updating shared link' });
   }
 });
 
 router.delete('/:shareId', requireJwtAuth, async (req, res) => {
-  const deleted = await deleteSharedLink(req.user.id, { shareId: req.params.shareId });
-  if (deleted) {
-    res.status(200).json(deleted);
-  } else {
-    res.status(404).end();
+  try {
+    const deleted = await deleteSharedLink(req.user.id, { shareId: req.params.shareId });
+    if (deleted) {
+      res.status(200).json(deleted);
+    } else {
+      res.status(404).end();
+    }
+  } catch (error) {
+    res.status(500).json({ message: 'Error deleting shared link' });
   }
 });
 

api/server/routes/user.js

@@ -1,10 +1,19 @@
 const express = require('express');
-const requireJwtAuth = require('../middleware/requireJwtAuth');
-const { getUserController, updateUserPluginsController } = require('../controllers/UserController');
+const { requireJwtAuth, canDeleteAccount, verifyEmailLimiter } = require('~/server/middleware');
+const {
+  getUserController,
+  deleteUserController,
+  verifyEmailController,
+  updateUserPluginsController,
+  resendVerificationController,
+} = require('~/server/controllers/UserController');
 
 const router = express.Router();
 
 router.get('/', requireJwtAuth, getUserController);
 router.post('/plugins', requireJwtAuth, updateUserPluginsController);
+router.delete('/delete', requireJwtAuth, canDeleteAccount, deleteUserController);
+router.post('/verify', verifyEmailController);
+router.post('/verify/resend', verifyEmailLimiter, resendVerificationController);
 
 module.exports = router;

api/server/services/AppService.js

@@ -7,6 +7,7 @@ const handleRateLimits = require('./Config/handleRateLimits');
 const { loadDefaultInterface } = require('./start/interface');
 const { azureConfigSetup } = require('./start/azureOpenAI');
 const { loadAndFormatTools } = require('./ToolService');
+const { initializeRoles } = require('~/models/Role');
 const paths = require('~/config/paths');
 
 /**
@@ -16,6 +17,7 @@ const paths = require('~/config/paths');
  * @param {Express.Application} app - The Express application object.
  */
 const AppService = async (app) => {
+  await initializeRoles();
   /** @type {TCustomConfig}*/
   const config = (await loadCustomConfig()) ?? {};
   const configDefaults = getConfigDefaults();

api/server/services/AppService.spec.js

@@ -21,6 +21,9 @@ jest.mock('./Config/loadCustomConfig', () => {
 jest.mock('./Files/Firebase/initialize', () => ({
   initializeFirebase: jest.fn(),
 }));
+jest.mock('~/models/Role', () => ({
+  initializeRoles: jest.fn(),
+}));
 jest.mock('./ToolService', () => ({
   loadAndFormatTools: jest.fn().mockReturnValue({
     ExampleTool: {

api/server/services/AuthService.js

@@ -1,13 +1,21 @@
 const crypto = require('crypto');
 const bcrypt = require('bcryptjs');
-const { errorsToString } = require('librechat-data-provider');
+const { SystemRoles, errorsToString } = require('librechat-data-provider');
+const {
+  findUser,
+  countUsers,
+  createUser,
+  updateUser,
+  getUserById,
+  generateToken,
+  deleteUserById,
+} = require('~/models/userMethods');
+const { sendEmail, checkEmailConfig } = require('~/server/utils');
 const { registerSchema } = require('~/strategies/validators');
 const isDomainAllowed = require('./isDomainAllowed');
 const Token = require('~/models/schema/tokenSchema');
-const { sendEmail } = require('~/server/utils');
 const Session = require('~/models/Session');
 const { logger } = require('~/config');
-const User = require('~/models/User');
 
 const domains = {
   client: process.env.DOMAIN_CLIENT,
@@ -15,6 +23,7 @@ const domains = {
 };
 
 const isProduction = process.env.NODE_ENV === 'production';
+const genericVerificationMessage = 'Please check your email to verify your email address.';
 
 /**
  * Logout user
@@ -45,12 +54,77 @@ const logoutUser = async (userId, refreshToken) => {
 };
 
 /**
- * Register a new user
- *
- * @param {Object} user <email, password, name, username>
- * @returns
+ * Send Verification Email
+ * @param {Partial<MongoUser> & { _id: ObjectId, email: string, name: string}} user
+ * @returns {Promise<void>}
  */
-const registerUser = async (user) => {
+const sendVerificationEmail = async (user) => {
+  let verifyToken = crypto.randomBytes(32).toString('hex');
+  const hash = bcrypt.hashSync(verifyToken, 10);
+
+  const verificationLink = `${
+    domains.client
+  }/verify?token=${verifyToken}&email=${encodeURIComponent(user.email)}`;
+  await sendEmail({
+    email: user.email,
+    subject: 'Verify your email',
+    payload: {
+      appName: process.env.APP_TITLE || 'LibreChat',
+      name: user.name,
+      verificationLink: verificationLink,
+      year: new Date().getFullYear(),
+    },
+    template: 'verifyEmail.handlebars',
+  });
+
+  await new Token({
+    userId: user._id,
+    email: user.email,
+    token: hash,
+    createdAt: Date.now(),
+  }).save();
+
+  logger.info(`[sendVerificationEmail] Verification link issued. [Email: ${user.email}]`);
+};
+
+/**
+ * Verify Email
+ * @param {Express.Request} req
+ */
+const verifyEmail = async (req) => {
+  const { email, token } = req.body;
+  let emailVerificationData = await Token.findOne({ email: decodeURIComponent(email) });
+
+  if (!emailVerificationData) {
+    logger.warn(`[verifyEmail] [No email verification data found] [Email: ${email}]`);
+    return new Error('Invalid or expired password reset token');
+  }
+
+  const isValid = bcrypt.compareSync(token, emailVerificationData.token);
+
+  if (!isValid) {
+    logger.warn(`[verifyEmail] [Invalid or expired email verification token] [Email: ${email}]`);
+    return new Error('Invalid or expired email verification token');
+  }
+
+  const updatedUser = await updateUser(emailVerificationData.userId, { emailVerified: true });
+  if (!updatedUser) {
+    logger.warn(`[verifyEmail] [User not found] [Email: ${email}]`);
+    return new Error('User not found');
+  }
+
+  await emailVerificationData.deleteOne();
+  logger.info(`[verifyEmail] Email verification successful. [Email: ${email}]`);
+  return { message: 'Email verification was successful' };
+};
+
+/**
+ * Register a new user.
+ * @param {MongoUser} user <email, password, name, username>
+ * @param {Partial<MongoUser>} [additionalData={}]
+ * @returns {Promise<{status: number, message: string, user?: MongoUser}>}
+ */
+const registerUser = async (user, additionalData = {}) => {
   const { error } = registerSchema.safeParse(user);
   if (error) {
     const errorMessage = errorsToString(error.errors);
@@ -60,13 +134,14 @@ const registerUser = async (user) => {
       { name: 'Validation error:', value: errorMessage },
     );
 
-    return { status: 422, message: errorMessage };
+    return { status: 404, message: errorMessage };
   }
 
   const { email, password, name, username } = user;
 
+  let newUserId;
   try {
-    const existingUser = await User.findOne({ email }).lean();
+    const existingUser = await findUser({ email }, 'email _id');
 
     if (existingUser) {
       logger.info(
@@ -77,51 +152,73 @@ const registerUser = async (user) => {
 
       // Sleep for 1 second
       await new Promise((resolve) => setTimeout(resolve, 1000));
-
-      // TODO: We should change the process to always email and be generic is signup works or fails (user enum)
-      return { status: 500, message: 'Something went wrong' };
+      return { status: 200, message: genericVerificationMessage };
     }
 
     if (!(await isDomainAllowed(email))) {
-      const errorMessage = 'Registration from this domain is not allowed.';
+      const errorMessage =
+        'The email address provided cannot be used. Please use a different email address.';
       logger.error(`[registerUser] [Registration not allowed] [Email: ${user.email}]`);
       return { status: 403, message: errorMessage };
     }
 
     //determine if this is the first registered user (not counting anonymous_user)
-    const isFirstRegisteredUser = (await User.countDocuments({})) === 0;
+    const isFirstRegisteredUser = (await countUsers()) === 0;
 
-    const newUser = await new User({
+    const salt = bcrypt.genSaltSync(10);
+    const newUserData = {
       provider: 'local',
       email,
-      password,
       username,
       name,
       avatar: null,
-      role: isFirstRegisteredUser ? 'ADMIN' : 'USER',
-    });
+      role: isFirstRegisteredUser ? SystemRoles.ADMIN : SystemRoles.USER,
+      password: bcrypt.hashSync(password, salt),
+      ...additionalData,
+    };
 
-    const salt = bcrypt.genSaltSync(10);
-    const hash = bcrypt.hashSync(newUser.password, salt);
-    newUser.password = hash;
-    await newUser.save();
+    const emailEnabled = checkEmailConfig();
+    const newUser = await createUser(newUserData, false, true);
+    newUserId = newUser._id;
+    if (emailEnabled && !newUser.emailVerified) {
+      await sendVerificationEmail({
+        _id: newUserId,
+        email,
+        name,
+      });
+    } else {
+      await updateUser(newUserId, { emailVerified: true });
+    }
 
-    return { status: 200, user: newUser };
+    return { status: 200, message: genericVerificationMessage };
   } catch (err) {
-    return { status: 500, message: err?.message || 'Something went wrong' };
+    logger.error('[registerUser] Error in registering user:', err);
+    if (newUserId) {
+      const result = await deleteUserById(newUserId);
+      logger.warn(
+        `[registerUser] [Email: ${email}] [Temporary User deleted: ${JSON.stringify(result)}]`,
+      );
+    }
+    return { status: 500, message: 'Something went wrong' };
   }
 };
 
 /**
  * Request password reset
- *
- * @param {String} email
- * @returns
+ * @param {Express.Request} req
  */
-const requestPasswordReset = async (email) => {
-  const user = await User.findOne({ email }).lean();
+const requestPasswordReset = async (req) => {
+  const { email } = req.body;
+  const user = await findUser({ email }, 'email _id');
+  const emailEnabled = checkEmailConfig();
+
+  logger.warn(`[requestPasswordReset] [Password reset request initiated] [Email: ${email}]`);
+
   if (!user) {
-    return new Error('Email does not exist');
+    logger.warn(`[requestPasswordReset] [No user found] [Email: ${email}] [IP: ${req.ip}]`);
+    return {
+      message: 'If an account with that email exists, a password reset link has been sent to it.',
+    };
   }
 
   let token = await Token.findOne({ userId: user._id });
@@ -140,28 +237,31 @@ const requestPasswordReset = async (email) => {
 
   const link = `${domains.client}/reset-password?token=${resetToken}&userId=${user._id}`;
 
-  const emailEnabled =
-    (!!process.env.EMAIL_SERVICE || !!process.env.EMAIL_HOST) &&
-    !!process.env.EMAIL_USERNAME &&
-    !!process.env.EMAIL_PASSWORD &&
-    !!process.env.EMAIL_FROM;
-
   if (emailEnabled) {
-    sendEmail(
-      user.email,
-      'Password Reset Request',
-      {
+    await sendEmail({
+      email: user.email,
+      subject: 'Password Reset Request',
+      payload: {
         appName: process.env.APP_TITLE || 'LibreChat',
         name: user.name,
         link: link,
         year: new Date().getFullYear(),
       },
-      'requestPasswordReset.handlebars',
+      template: 'requestPasswordReset.handlebars',
+    });
+    logger.info(
+      `[requestPasswordReset] Link emailed. [Email: ${email}] [ID: ${user._id}] [IP: ${req.ip}]`,
     );
-    return { link: '' };
   } else {
+    logger.info(
+      `[requestPasswordReset] Link issued. [Email: ${email}] [ID: ${user._id}] [IP: ${req.ip}]`,
+    );
     return { link };
   }
+
+  return {
+    message: 'If an account with that email exists, a password reset link has been sent to it.',
+  };
 };
 
 /**
@@ -186,39 +286,38 @@ const resetPassword = async (userId, token, password) => {
   }
 
   const hash = bcrypt.hashSync(password, 10);
+  const user = await updateUser(userId, { password: hash });
 
-  await User.updateOne({ _id: userId }, { $set: { password: hash } }, { new: true });
-
-  const user = await User.findById({ _id: userId });
-
-  sendEmail(
-    user.email,
-    'Password Reset Successfully',
-    {
-      appName: process.env.APP_TITLE || 'LibreChat',
-      name: user.name,
-      year: new Date().getFullYear(),
-    },
-    'passwordReset.handlebars',
-  );
+  if (checkEmailConfig()) {
+    await sendEmail({
+      email: user.email,
+      subject: 'Password Reset Successfully',
+      payload: {
+        appName: process.env.APP_TITLE || 'LibreChat',
+        name: user.name,
+        year: new Date().getFullYear(),
+      },
+      template: 'passwordReset.handlebars',
+    });
+  }
 
   await passwordResetToken.deleteOne();
-
+  logger.info(`[resetPassword] Password reset successful. [Email: ${user.email}]`);
   return { message: 'Password reset was successful' };
 };
 
 /**
  * Set Auth Tokens
  *
- * @param {String} userId
+ * @param {String | ObjectId} userId
  * @param {Object} res
  * @param {String} sessionId
  * @returns
  */
 const setAuthTokens = async (userId, res, sessionId = null) => {
   try {
-    const user = await User.findOne({ _id: userId });
-    const token = await user.generateToken();
+    const user = await getUserById(userId);
+    const token = await generateToken(user);
 
     let session;
     let refreshTokenExpires;
@@ -248,11 +347,72 @@ const setAuthTokens = async (userId, res, sessionId = null) => {
   }
 };
 
+/**
+ * Resend Verification Email
+ * @param {Object} req
+ * @param {Object} req.body
+ * @param {String} req.body.email
+ * @returns {Promise<{status: number, message: string}>}
+ */
+const resendVerificationEmail = async (req) => {
+  try {
+    const { email } = req.body;
+    await Token.deleteMany({ email });
+    const user = await findUser({ email }, 'email _id name');
+
+    if (!user) {
+      logger.warn(`[resendVerificationEmail] [No user found] [Email: ${email}]`);
+      return { status: 200, message: genericVerificationMessage };
+    }
+
+    let verifyToken = crypto.randomBytes(32).toString('hex');
+    const hash = bcrypt.hashSync(verifyToken, 10);
+
+    const verificationLink = `${
+      domains.client
+    }/verify?token=${verifyToken}&email=${encodeURIComponent(user.email)}`;
+
+    await sendEmail({
+      email: user.email,
+      subject: 'Verify your email',
+      payload: {
+        appName: process.env.APP_TITLE || 'LibreChat',
+        name: user.name,
+        verificationLink: verificationLink,
+        year: new Date().getFullYear(),
+      },
+      template: 'verifyEmail.handlebars',
+    });
+
+    await new Token({
+      userId: user._id,
+      email: user.email,
+      token: hash,
+      createdAt: Date.now(),
+    }).save();
+
+    logger.info(`[resendVerificationEmail] Verification link issued. [Email: ${user.email}]`);
+
+    return {
+      status: 200,
+      message: genericVerificationMessage,
+    };
+  } catch (error) {
+    logger.error(`[resendVerificationEmail] Error resending verification email: ${error.message}`);
+    return {
+      status: 500,
+      message: 'Something went wrong.',
+    };
+  }
+};
+
 module.exports = {
-  registerUser,
   logoutUser,
+  verifyEmail,
+  registerUser,
+  setAuthTokens,
+  resetPassword,
   isDomainAllowed,
   requestPasswordReset,
-  resetPassword,
-  setAuthTokens,
+  resendVerificationEmail,
 };

api/server/services/Config/loadCustomConfig.js

@@ -76,8 +76,28 @@ Please specify a correct \`imageOutputType\` value (case-sensitive).
     );
   }
   if (!result.success) {
-    i === 0 && logger.error(`Invalid custom config file at ${configPath}`, result.error);
-    i === 0 && i++;
+    let errorMessage = `Invalid custom config file at ${configPath}:
+${JSON.stringify(result.error, null, 2)}`;
+
+    if (i === 0) {
+      logger.error(errorMessage);
+      const speechError = result.error.errors.find(
+        (err) =>
+          err.code === 'unrecognized_keys' &&
+          (err.message?.includes('stt') || err.message?.includes('tts')),
+      );
+
+      if (speechError) {
+        logger.warn(`
+The Speech-to-text and Text-to-speech configuration format has recently changed.
+If you're getting this error, please refer to the latest documentation:
+
+https://www.librechat.ai/docs/configuration/stt_tts`);
+      }
+
+      i++;
+    }
+
     return null;
   } else {
     logger.info('Custom config file loaded:');

api/server/services/Endpoints/google/addTitle.js

@@ -0,0 +1,58 @@
+const { CacheKeys, Constants } = require('librechat-data-provider');
+const getLogStores = require('~/cache/getLogStores');
+const { isEnabled } = require('~/server/utils');
+const { saveConvo } = require('~/models');
+const { logger } = require('~/config');
+const initializeClient = require('./initializeClient');
+
+const addTitle = async (req, { text, response, client }) => {
+  const { TITLE_CONVO = 'true' } = process.env ?? {};
+  if (!isEnabled(TITLE_CONVO)) {
+    return;
+  }
+
+  if (client.options.titleConvo === false) {
+    return;
+  }
+
+  const DEFAULT_TITLE_MODEL = 'gemini-pro';
+  const { GOOGLE_TITLE_MODEL } = process.env ?? {};
+
+  let model = GOOGLE_TITLE_MODEL ?? DEFAULT_TITLE_MODEL;
+
+  if (GOOGLE_TITLE_MODEL === Constants.CURRENT_MODEL) {
+    model = client.options?.modelOptions.model;
+
+    if (client.isVisionModel) {
+      logger.warn(
+        `current_model was specified for Google title request, but the model ${model} cannot process a text-only conversation. Falling back to ${DEFAULT_TITLE_MODEL}`,
+      );
+
+      model = DEFAULT_TITLE_MODEL;
+    }
+  }
+
+  const titleEndpointOptions = {
+    ...client.options,
+    modelOptions: { ...client.options?.modelOptions, model: model },
+    attachments: undefined, // After a response, this is set to an empty array which results in an error during setOptions
+  };
+
+  const { client: titleClient } = await initializeClient({
+    req,
+    res: response,
+    endpointOption: titleEndpointOptions,
+  });
+
+  const titleCache = getLogStores(CacheKeys.GEN_TITLE);
+  const key = `${req.user.id}-${response.conversationId}`;
+
+  const title = await titleClient.titleConvo({ text, responseText: response?.text });
+  await titleCache.set(key, title, 120000);
+  await saveConvo(req.user.id, {
+    conversationId: response.conversationId,
+    title,
+  });
+};
+
+module.exports = addTitle;

api/server/services/Endpoints/google/index.js

@@ -1,8 +1,9 @@
+const addTitle = require('./addTitle');
 const buildOptions = require('./buildOptions');
 const initializeClient = require('./initializeClient');
 
 module.exports = {
-  // addTitle, // todo
+  addTitle,
   buildOptions,
   initializeClient,
 };

api/server/services/Files/Audio/getCustomConfigSpeech.js

@@ -0,0 +1,50 @@
+const getCustomConfig = require('~/server/services/Config/getCustomConfig');
+
+/**
+ * This function retrieves the speechTab settings from the custom configuration
+ * It first fetches the custom configuration
+ * Then, it checks if the custom configuration and the speechTab schema exist
+ * If they do, it sends the speechTab settings as a JSON response
+ * If they don't, it throws an error
+ *
+ * @param {Object} req - The request object
+ * @param {Object} res - The response object
+ * @returns {Promise<void>}
+ * @throws {Error} - If the custom configuration or the speechTab schema is missing, an error is thrown
+ */
+async function getCustomConfigSpeech(req, res) {
+  try {
+    const customConfig = await getCustomConfig();
+
+    if (!customConfig || !customConfig.speech?.speechTab) {
+      throw new Error('Configuration or speechTab schema is missing');
+    }
+
+    const ttsSchema = customConfig.speech?.speechTab;
+    let settings = {};
+
+    if (ttsSchema.advancedMode !== undefined) {
+      settings.advancedMode = ttsSchema.advancedMode;
+    }
+    if (ttsSchema.speechToText) {
+      for (const key in ttsSchema.speechToText) {
+        if (ttsSchema.speechToText[key] !== undefined) {
+          settings[key] = ttsSchema.speechToText[key];
+        }
+      }
+    }
+    if (ttsSchema.textToSpeech) {
+      for (const key in ttsSchema.textToSpeech) {
+        if (ttsSchema.textToSpeech[key] !== undefined) {
+          settings[key] = ttsSchema.textToSpeech[key];
+        }
+      }
+    }
+
+    res.json(settings);
+  } catch (error) {
+    res.status(200).send();
+  }
+}
+
+module.exports = getCustomConfigSpeech;

api/server/services/Files/Audio/getVoices.js

@@ -1,4 +1,3 @@
-const { logger } = require('~/config');
 const getCustomConfig = require('~/server/services/Config/getCustomConfig');
 const { getProvider } = require('./textToSpeech');
 
@@ -16,11 +15,11 @@ async function getVoices(req, res) {
   try {
     const customConfig = await getCustomConfig();
 
-    if (!customConfig || !customConfig?.tts) {
+    if (!customConfig || !customConfig?.speech?.tts) {
       throw new Error('Configuration or TTS schema is missing');
     }
 
-    const ttsSchema = customConfig?.tts;
+    const ttsSchema = customConfig?.speech?.tts;
     const provider = getProvider(ttsSchema);
     let voices;
 
@@ -40,8 +39,7 @@ async function getVoices(req, res) {
 
     res.json(voices);
   } catch (error) {
-    logger.error(`Failed to get voices: ${error.message}`);
-    res.status(500).json({ error: 'Failed to get voices' });
+    res.status(500).json({ error: `Failed to get voices: ${error.message}` });
   }
 }