Merge remote-tracking branch 'origin/dev' into remove-jcloud

docs/docs/guidelines/api.mdx

@@ -0,0 +1,147 @@
+import useBaseUrl from "@docusaurus/useBaseUrl";
+import ZoomableImage from "/src/theme/ZoomableImage.js";
+
+# API Keys
+
+## Introduction
+
+Langflow offers an API Key functionality that allows users to access their individual components and flows without going through traditional login authentication. The API Key is a user-specific token that can be included in the request's header or query parameter to authenticate API calls. The following documentation outlines how to generate, use, and manage these API Keys in Langflow.
+
+## Generating an API Key
+
+### Through Langflow UI
+
+{/* add image img/api-key.png */}
+
+<ZoomableImage
+  alt="Docusaurus themed image"
+  sources={{
+    light: useBaseUrl("img/api-key.png"),
+  }}
+  style={{ width: "50%", maxWidth: "600px", margin: "0 auto" }}
+/>
+
+1. Click on the "API Key" icon.
+2. Click on "Create new secret key".
+3. Give it an optional name.
+4. Click on "Create secret key".
+5. Copy the API key and store it in a secure location.
+
+## Using the API Key
+
+### Using the `x-api-key` Header
+
+Include the `x-api-key` in the HTTP header when making API requests:
+
+```bash
+curl -X POST \
+  http://localhost:3000/api/v1/process/<your_flow_id> \
+  -H 'Content-Type: application/json'\
+  -H 'x-api-key: <your api key>'\
+  -d '{"inputs": {"text":""}, "tweaks": {}}'
+```
+
+With Python using `requests`:
+
+```python
+import requests
+from typing import Optional
+
+BASE_API_URL = "http://localhost:3001/api/v1/process"
+FLOW_ID = "4441b773-0724-434e-9cee-19d995d8f2df"
+# You can tweak the flow by adding a tweaks dictionary
+# e.g {"OpenAI-XXXXX": {"model_name": "gpt-4"}}
+TWEAKS = {}
+
+def run_flow(inputs: dict,
+            flow_id: str,
+            tweaks: Optional[dict] = None,
+            apiKey: Optional[str] = None) -> dict:
+    """
+    Run a flow with a given message and optional tweaks.
+
+    :param message: The message to send to the flow
+    :param flow_id: The ID of the flow to run
+    :param tweaks: Optional tweaks to customize the flow
+    :return: The JSON response from the flow
+    """
+    api_url = f"{BASE_API_URL}/{flow_id}"
+
+    payload = {"inputs": inputs}
+    headers = {}
+
+    if tweaks:
+        payload["tweaks"] = tweaks
+    if apiKey:
+        headers = {"x-api-key": apiKey}
+
+    response = requests.post(api_url, json=payload, headers=headers)
+    return response.json()
+
+# Setup any tweaks you want to apply to the flow
+inputs = {"text":""}
+api_key = "<your api key>"
+print(run_flow(inputs, flow_id=FLOW_ID, tweaks=TWEAKS, apiKey=api_key))
+```
+
+### Using the Query Parameter
+
+Alternatively, you can include the API key as a query parameter in the URL:
+
+```bash
+curl -X POST \
+  http://localhost:3000/api/v1/process/<your_flow_id>?x-api-key=<your_api_key> \
+  -H 'Content-Type: application/json'\
+  -d '{"inputs": {"text":""}, "tweaks": {}}'
+```
+
+Or with Python:
+
+```python
+import requests
+
+BASE_API_URL = "http://localhost:3001/api/v1/process"
+FLOW_ID = "4441b773-0724-434e-9cee-19d995d8f2df"
+# You can tweak the flow by adding a tweaks dictionary
+# e.g {"OpenAI-XXXXX": {"model_name": "gpt-4"}}
+TWEAKS = {}
+
+def run_flow(inputs: dict,
+            flow_id: str,
+            tweaks: Optional[dict] = None,
+            apiKey: Optional[str] = None) -> dict:
+    """
+    Run a flow with a given message and optional tweaks.
+
+    :param message: The message to send to the flow
+    :param flow_id: The ID of the flow to run
+    :param tweaks: Optional tweaks to customize the flow
+    :return: The JSON response from the flow
+    """
+    api_url = f"{BASE_API_URL}/{flow_id}"
+
+    payload = {"inputs": inputs}
+    headers = {}
+
+    if tweaks:
+        payload["tweaks"] = tweaks
+    if apiKey:
+        api_url += f"?x-api-key={apiKey}"
+
+    response = requests.post(api_url, json=payload, headers=headers)
+    return response.json()
+
+# Setup any tweaks you want to apply to the flow
+inputs = {"text":""}
+api_key = "<your api key>"
+print(run_flow(inputs, flow_id=FLOW_ID, tweaks=TWEAKS, apiKey=api_key))
+```
+
+## Security Considerations
+
+- **Visibility**: The API key won't be retrievable again through the UI for security reasons.
+- **Scope**: The key only allows access to the flows and components of the specific user to whom it was issued.
+
+## Revoking an API Key
+
+To revoke an API key, simply delete it from the UI. This will immediately invalidate the key and prevent it from being used again.

docs/docs/guidelines/login.mdx

@@ -0,0 +1,128 @@
+import ThemedImage from "@theme/ThemedImage";
+import useBaseUrl from "@docusaurus/useBaseUrl";
+import ZoomableImage from "/src/theme/ZoomableImage.js";
+import ReactPlayer from "react-player";
+import Admonition from "@theme/Admonition";
+
+# Sign up and Sign in
+
+## Introduction
+
+The login functionality in Langflow serves to authenticate users and protect sensitive routes in the application. Starting from version 0.5, Langflow introduces an enhanced login mechanism that is governed by a few environment variables. This allows new secure features.
+
+## Environment Variables
+
+The following environment variables are crucial in configuring the login settings:
+
+- _`LANGFLOW_AUTO_LOGIN`_: Determines whether Langflow should automatically log users in. Default is `True`.
+- _`LANGFLOW_SUPERUSER`_: The username of the superuser.
+- _`LANGFLOW_SUPERUSER_PASSWORD`_: The password for the superuser.
+- _`LANGFLOW_SECRET_KEY`_: A key used for encrypting the superuser's password.
+- _`LANGFLOW_NEW_USER_IS_ACTIVE`_: Determines whether new users are automatically activated. Default is `False`.
+
+All of these variables can be passed to the CLI command _`langflow run`_ through the _`--env-file`_ option. For example:
+
+```bash
+langflow run --env-file .env
+```
+
+<Admonition type="info">
+  It is critical not to expose these environment variables in your code
+  repository. Always set them securely in your deployment environment, for
+  example, using Docker secrets, Kubernetes ConfigMaps/Secrets, or dedicated
+  secure environment configuration systems like AWS Secrets Manager.
+</Admonition>
+
+### _`LANGFLOW_AUTO_LOGIN`_
+
+By default, this variable is set to `True`. When enabled (`True`), Langflow operates as it did in versions prior to 0.5—automatic login without requiring explicit user authentication.
+
+To disable automatic login and enforce user authentication:
+
+```bash
+export LANGFLOW_AUTO_LOGIN=False
+```
+
+### _`LANGFLOW_SUPERUSER`_ and _`LANGFLOW_SUPERUSER_PASSWORD`_
+
+These environment variables are only relevant when `LANGFLOW_AUTO_LOGIN` is set to `False`. They specify the username and password for the superuser, which is essential for administrative tasks.
+
+To create a superuser manually:
+
+```bash
+export LANGFLOW_SUPERUSER=admin
+export LANGFLOW_SUPERUSER_PASSWORD=securepassword
+```
+
+You can also use the CLI command `langflow superuser` to set up a superuser interactively.
+
+### _`LANGFLOW_SECRET_KEY`_
+
+This environment variable holds a secret key used for encrypting the superuser's password. Make sure to set this to a secure, randomly generated string.
+
+```bash
+export LANGFLOW_SECRET_KEY=randomly_generated_secure_key
+```
+
+### _`LANGFLOW_NEW_USER_IS_ACTIVE`_
+
+By default, this variable is set to `False`. When enabled (`True`), new users are automatically activated and can log in without requiring explicit activation by the superuser.
+
+## Command-Line Interface
+
+Langflow provides a command-line utility for managing superusers:
+
+```bash
+langflow superuser
+```
+
+This command prompts you to enter the username and password for the superuser, unless they are already set using environment variables.
+
+## Sign-up
+
+With _`LANGFLOW_AUTO_LOGIN`_ set to _`False`_, Langflow requires users to sign up before they can log in. The sign-up page is the default landing page when a user visits Langflow for the first time.
+
+<ZoomableImage
+  alt="Docusaurus themed image"
+  sources={{
+    light: useBaseUrl("img/sign-up.png"),
+  }}
+  style={{ width: "50%", maxWidth: "600px", margin: "0 auto" }}
+/>
+
+## Profile settings
+
+Users can change their profile settings by clicking on the profile icon in the top right corner of the application. This opens a dropdown menu with the following options:
+
+- **Admin Page**: Opens the admin page, which is only accessible to the superuser.
+- **Profile Settings**: Opens the profile settings page.
+- **Sign Out**: Logs the user out.
+
+<ZoomableImage
+  alt="Docusaurus themed image"
+  sources={{
+    light: useBaseUrl("img/my-account.png"),
+  }}
+  style={{ width: "50%", maxWidth: "600px", margin: "0 auto" }}
+/>
+
+By clicking on **Profile Settings**, the user is taken to the profile settings page, where they can change their password and their profile picture.
+
+<ZoomableImage
+  alt="Docusaurus themed image"
+  sources={{
+    light: useBaseUrl("img/profile-settings.png"),
+  }}
+  style={{ maxWidth: "600px", margin: "0 auto" }}
+/>
+
+By clicking on **Admin Page**, the superuser is taken to the admin page, where they can manage users and groups.
+
+<ZoomableImage
+  alt="Docusaurus themed image"
+  sources={{
+    light: useBaseUrl("img/admin-page.png"),
+  }}
+  style={{ maxWidth: "600px", margin: "0 auto" }}
+
+/>

docs/docs/guides/superuser.mdx

@@ -0,0 +1,7 @@
+import ThemedImage from "@theme/ThemedImage";
+import useBaseUrl from "@docusaurus/useBaseUrl";
+import ZoomableImage from "/src/theme/ZoomableImage.js";
+import ReactPlayer from "react-player";
+
+Now, we need to explain what are the permissions the superuser gets. Once logged in, they can activate new users,
+edit them,