egregore/relay
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
API gateway service
5 commits 1 branch 0 tags 80 KiB
Find a file
Exact
egregore fd3802d749 Port relay service from Python to Rust + Rouille 
- PostgreSQL with chrono datetime support
- JWT authentication (jsonwebtoken crate)
- bcrypt API key hashing
- In-memory rate limiter (10 req/min for chat)
- HTTP proxy to reason/recall services
- ~3.8MB binary vs ~50MB Python

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-02 20:30:04 +00:00
src Port relay service from Python to Rust + Rouille 2026-02-02 20:30:04 +00:00
.gitignore Add .gitignore, remove pycache 2026-02-02 19:51:26 +00:00
api_keys.py Add PostgreSQL-backed API key storage 2026-02-02 19:54:40 +00:00
Cargo.lock Port relay service from Python to Rust + Rouille 2026-02-02 20:30:04 +00:00
Cargo.toml Port relay service from Python to Rust + Rouille 2026-02-02 20:30:04 +00:00
main.py Add PostgreSQL-backed API key storage 2026-02-02 19:54:40 +00:00
README.md Add README documentation 2026-02-02 19:58:27 +00:00
requirements.txt Add PostgreSQL-backed API key storage 2026-02-02 19:54:40 +00:00

README.md

Relay Service

API gateway for Egregore.

Purpose

Provides authenticated programmatic API access for external clients (mobile apps, integrations). Relays requests to backend services after validating JWT tokens.

Endpoints

Public

Endpoint Method Description
/health GET Health check with backend status
/auth/token POST Exchange API key for JWT

Protected (requires JWT)

Endpoint Method Description
/v1/chat POST Send message, get AI response
/v1/history GET Get message history
/v1/history/search GET Search messages
/v1/tools GET List available AI tools

Admin

Endpoint Method Description
/admin/clients GET/POST List or create API clients
/admin/clients/{id} GET/PATCH/DELETE Manage a client
/admin/clients/{id}/regenerate-key POST Regenerate API key

Authentication Flow

  1. Create API client via admin endpoint
  2. Client exchanges API key for JWT via /auth/token
  3. JWT used in Authorization: Bearer <token> header
  4. Tokens expire after 1 hour (configurable)

Configuration

Environment variables (from ~/.env):

Variable Description Default
JWT_SECRET Token signing secret Auto-generated
JWT_EXPIRY Token lifetime (seconds) 3600
DATABASE_URL PostgreSQL for API clients Standard connection

Running

# Activate venv
source ~/.venv/bin/activate

# Run directly
python main.py

# Or via systemd
sudo systemctl start relay
sudo systemctl status relay

Rate Limiting

  • General: 100 requests per client bucket
  • /v1/chat: 10/minute (Claude API costs)

Dependencies

  • FastAPI
  • PyJWT (token handling)
  • bcrypt (key hashing)
  • asyncpg (PostgreSQL)
  • slowapi (rate limiting)