Add NaCl Crypto Provider, User API Keys

[emrgnt-cmplxty]

Important

Add NaCl crypto provider and implement user API key management, updating authentication, database, and tests.

• Crypto Providers:
  • Add NaClCryptoProvider and NaClCryptoConfig in crypto/nacl.py.
  • Update BCryptCryptoProvider to crypto/bcrypt.py.
  • Update __init__.py to include new crypto providers.
• Authentication:
  • Modify R2RAuthProvider in auth/r2r_auth.py to support API key authentication.
  • Add methods for creating, listing, and deleting API keys.
• API Key Management:
  • Add API key models ApiKey and ApiKeyNoPriv in management/responses.py.
  • Implement API key CRUD operations in users_router.py.
• Database:
  • Update PostgresUserHandler in database/users.py to handle API keys.
  • Add API key table creation in create_tables().
• Testing:
  • Add integration tests for API key lifecycle in test_users.py.
  • Update existing tests to accommodate API key authentication.
• Miscellaneous:
  • Update pyproject.toml to include pynacl dependency.
  • Remove unused imports and fix minor issues in various files.

^{This description was created by for 95c47a9. It will automatically update as commits are pushed.}

[macropin]

up

What's up?

[ellipsis-dev]

👍 Looks good to me! Reviewed everything up to 69ef78e in 1 minute and 25 seconds

More details

• Looked at 2846 lines of code in 41 files
• Skipped 1 files when reviewing.
• Skipped posting 2 drafted comments based on config settings.

1. py/core/main/services/auth_service.py:184

• Draft comment:
  To prevent email enumeration attacks, consider returning a success message even if the user does not exist. This ensures that the response is consistent regardless of the email's existence.
• Reason this comment was not posted:
  Comment was not on a valid diff hunk.

2. py/core/base/providers/auth.py:125

• Draft comment:
  Ensure that both Bearer token and API key are not provided simultaneously. This is a security risk and should be handled explicitly.
• Reason this comment was not posted:
  Comment did not seem useful.

Workflow ID: wflow_7AtwZxd2EPPsUPS6

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.

[ellipsis-dev]

Skipped PR review on 0f1192e because no changed files had a supported extension. If you think this was in error, please contact us and we'll fix it right away.

[ellipsis-dev]

👍 Looks good to me! Incremental review on 95c47a9 in 23 seconds

More details

• Looked at 47 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 1 drafted comments based on config settings.

1. py/tests/integration/test_retrieval_advanced.py:136

• Draft comment:
  Commented-out tests should be addressed. If not needed, remove them. If needed, uncomment and fix them.
• Reason this comment was not posted:
  Confidence changes required: 50%
  The commented-out tests should be addressed. If they are not needed, they should be removed. If they are needed, they should be uncommented and fixed.

Workflow ID: wflow_ewzUWavtdfZc4bLP

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.