fix: allow for image deletion (by leaving blank url)

allows unauthenticated users to select a category for random draw

.gitignore

@@ -417,3 +417,6 @@ FodyWeavers.xsd
 # ----------
 # Files storing credentials
 appsettings.json
+
+# User uploads
+wwwroot/uploads/images

Controllers/CategoryController.cs

@@ -80,20 +80,21 @@ public class CategoryController : ControllerBase
 
     // GET /api/v1/categories
     /// <summary>
-    /// [AUTHED] Get every category
+    /// Get every category
     /// </summary>
     /// <remarks>
-    /// Can (and will) return an empty list if no categories are found in DB. <br/>
-    /// Unlike GET /api/v1/categories/page/..., requires authorization with a JWT.
+    /// Can (and will) return an empty list if no categories are found in DB. <br/><br/>
+    /// <s>Unlike GET /api/v1/categories/page/..., requires authorization with a JWT.</s>
+    /// Not the case anymore, as choosing a quote from a category requires the user to know
+    /// of existing categories.<br/><br/>
     /// Has CORS set.
     /// </remarks>
     /// <response code="200">Returned on valid request</response>
     // /// <response code="404">Returned when there are no categories to list</response>
     [HttpGet]
-    [Authorize]
     [EnableCors]
     [ProducesResponseType(typeof(List<CategoryShortDTO>), 200)]
-    public async Task<IActionResult> GetQuotePage()
+    public async Task<IActionResult> GetEveryCategory()
     {
         // The following seems to be a bad idea, so I leave it as is. ~eee4
         // 

Controllers/GeneralUseHelperFunctions.cs

@@ -1,5 +1,7 @@
 using Microsoft.EntityFrameworkCore;
 using Microsoft.IdentityModel.Tokens;
+using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using QuotifyBE.Data;
 using QuotifyBE.Entities;
 using System.IdentityModel.Tokens.Jwt;
@@ -132,4 +134,113 @@ public class GeneralUseHelpers(ApplicationDbContext db, IConfiguration appsettin
 
         return new JwtSecurityTokenHandler().WriteToken(token);
     }
+
+    public async Task<JObject?> GenerateLLMResponse(string? prompt, string? model, float? temp, int? includedCategory, bool? includeCategorySample)
+    {
+
+        string           _model = model ?? _appsettings.GetSection("LlmIntegration")["DefaultModel"] ?? "deepclaude";
+        float             _temp = temp ?? 0.8f; // sane default
+        string _included_sample = string.Empty;
+        string          _prompt = prompt ?? _appsettings.GetSection("LlmIntegration")["DefaultPrompt"] ??
+                                    "Cześć, czy jesteś w stanie wymyślić i stworzyć jeden oryginalny cytat? " +
+                                    "Zastanów się nad jego puentą, a kiedy będziesz gotów - zwróć sam cytat. " +
+                                    "Nie pytaj mnie co o nim sądzę, ani nie używaj emotikonów (emoji). " +
+                                    "Pamiętaj, że dobre cytaty są krótkie, zwięzłe.";
+
+        if (includedCategory != null)
+        {
+            // Check if category to be included is present.
+            Category? cat = await _db.Categories.FirstOrDefaultAsync(c => c.Id == includedCategory.Value);
+            // It isn't?
+            if (cat == null) return null;
+            // It is?
+            _prompt += $" Niech należy on do kategorii o nazwie \"{cat.Name}\" ({cat.Description}).";
+        }
+
+        // Sanity check
+        if (includeCategorySample != null && includeCategorySample == true)
+        {
+            if (includedCategory == null)
+            {
+                // Can't append something that we're not given.
+                return null;
+            }
+            else
+            {
+                // Try to find the category in question.
+                Category? cat = await _db.Categories.FirstOrDefaultAsync(c => c.Id == includedCategory.Value);
+                // Failed?
+                if (cat == null)
+                {
+                    return null;
+                }
+                else
+                {
+                    IQueryable<Quote> query = _db.Quotes
+                                        .Include(q => q.QuoteCategories!)
+                                        .Where(q => q.QuoteCategories
+                                            .Any(qc => qc.Category == cat)
+                                        );
+                    int totalQuotes = await query.CountAsync();
+                    if (totalQuotes > 0) {
+
+                        Random random = new();
+                        int skip = random.Next(0, totalQuotes);
+
+                        Quote? quote = await query
+                            .Skip(skip)
+                            .Take(1)
+                            .FirstOrDefaultAsync();
+
+                        if (quote != null) {
+                            _prompt += $" Przykładowy cytat z tej kategorii brzmi: \"{quote.Text} ~ {quote.Author}\".\n";
+                        }
+                    }
+                }
+            }
+        }
+
+        List<Dictionary<string, string>> promptMessages = 
+        [
+            new() { { "role", "user" }, {"content", _prompt } }
+        ];
+
+        // Will throw error if not present
+        string apiUrl = _appsettings.GetSection("LlmIntegration")["ApiUrl"] + "/chat/completions"
+            ?? throw new MissingFieldException("API URL missing in LlmIntegration section of appsettings.json!");
+        string apiKey = _appsettings.GetSection("LlmIntegration")["ApiKey"]
+            ?? throw new MissingFieldException("API key missing in LlmIntegration section of appsettings.json!");
+
+        using (var client = new HttpClient())
+        {
+            // Not the best practice if we want reusable connections
+            // https://stackoverflow.com/a/40707446
+            client.DefaultRequestHeaders.Add("Authorization", $"Bearer {apiKey}");
+            var json = JsonConvert.SerializeObject(new
+            {
+                model = _model,
+                temperature = _temp,
+                max_tokens = (includeCategorySample ?? false) ? 2000 : 1000,
+                messages = promptMessages
+            });
+            var content = new StringContent(json, Encoding.UTF8, "application/json");
+            var response = await client.PostAsync(apiUrl, content);
+            if (response.IsSuccessStatusCode)
+            {
+                string receivedResponse = await response.Content.ReadAsStringAsync();
+                return JObject.Parse(receivedResponse);
+            }
+            else
+            {
+                // Handle the error
+                JObject error = JObject.Parse(await response.Content.ReadAsStringAsync());
+                Console.WriteLine($"[QuotifyBE] Error: response status code from API was {response.StatusCode}.");
+                if (error != null && error["error"] != null && error["error"]!["message"] != null)
+                {
+                    Console.WriteLine($"            Error message: {error["error"]!["message"]}");
+                }
+                return null;
+            }
+        }
+    }
 }

Controllers/QuoteController.cs

@@ -2,6 +2,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
+using Newtonsoft.Json.Linq;
 using QuotifyBE.Data;
 using QuotifyBE.DTOs;
 using QuotifyBE.Entities;
@@ -19,11 +20,13 @@ public class QuotesController : ControllerBase
 
     private readonly ApplicationDbContext _db;
     private readonly GeneralUseHelpers guhf;
+    private readonly IConfiguration _appsettings;
 
-    public QuotesController(ApplicationDbContext db, GeneralUseHelpers GUHF)
+    public QuotesController(ApplicationDbContext db, GeneralUseHelpers GUHF, IConfiguration appsettings)
     {
         _db = db;
         guhf = GUHF;
+        _appsettings = appsettings;
     }
 
     // GET /api/v1/quotes
@@ -45,7 +48,7 @@ public class QuotesController : ControllerBase
     /// <response code="404">Returned when requested page is invalid (page_no &lt;= 0)</response>
     [HttpGet("page/{page_no}")]
     [EnableCors]
-    [ProducesResponseType(typeof(List<QuoteShortDTO>), 200)]
+    [ProducesResponseType(typeof(List<QuoteCompleteDTO>), 200)]
     [ProducesResponseType(typeof(ErrorDTO), 404)]
     public async Task<IActionResult> GetQuotePage(int page_no = 1, string? sort = "desc", [FromQuery] string? category_id = null)
     {
@@ -112,7 +115,7 @@ public class QuotesController : ControllerBase
         }
 
         var result = pageQuotes
-            .Select(q => q.ToQuoteShortDTO())
+            .Select(q => q.ToQuoteCompleteDTO())
             .ToList();
 
         return Ok(result);
@@ -124,15 +127,14 @@ public class QuotesController : ControllerBase
     /// [AUTHED] Get specified quote summary
     /// </summary>
     /// <remarks>
-    /// As per project's guidelines, requires a JWT.
+    /// <s>As per project's guidelines, requires a JWT.</s> We need this endpoint to check previous draws for draw history.
     /// </remarks>
     /// <param name="id">The quote id in question</param>
     /// <returns>A quote: id, quote content and author, imageUrl and categories if successful, otherwise: error message</returns>
     /// <response code="200">Returned on valid request</response>
     /// <response code="404">Returned when quote id is invalid or simply doesn't exist</response>
     [HttpGet("{id}")]
-    [Authorize]
-    [ProducesResponseType(typeof(QuoteShortDTO), 200)]
+    [ProducesResponseType(typeof(QuoteCompleteDTO), 200)]
     [ProducesResponseType(typeof(ErrorDTO), 404)]
     public async Task<IActionResult> GetQuoteById(int id)
     {
@@ -147,7 +149,7 @@ public class QuotesController : ControllerBase
         if (quote == null)
             return NotFound(new { status = "error", error_msg = "Quote not found" });
 
-        return Ok(quote.ToQuoteShortDTO());
+        return Ok(quote.ToQuoteCompleteDTO());
     }
 
     // POST /api/v1/quotes/new
@@ -385,6 +387,7 @@ public class QuotesController : ControllerBase
         // Try to find the quote in question
         Quote? quote = await _db.Quotes
             .Include(q => q.QuoteCategories)
+            .Include(q => q.Image)
             .FirstOrDefaultAsync(q => q.Id == id);
 
         // Failed?
@@ -481,4 +484,77 @@ public class QuotesController : ControllerBase
         return Ok(quote.ToQuoteShortDTO());
     }
 
+    // POST /api/v1/quotes/ai
+    /// <summary>
+    /// [AUTHED] Request a LLM-generated quote
+    /// </summary>
+    /// <returns>Generated quote's text</returns>
+    /// <remarks>
+    /// <b>Notes</b>:<br/>
+    ///
+    /// <ul>
+    /// If <i>customPrompt</i> is passed:
+    /// <li>The default prompt is overriden by whatever has been passed by the user.</li>
+    /// </ul><br/>
+    /// 
+    /// <ul>
+    /// If <i>model</i> is passed:
+    /// <li>The default large language model is overriden by whatever has been passed by the user.</li>
+    /// </ul><br/>
+    /// 
+    /// <ul>
+    /// If <i>temperature</i> is passed:
+    /// <li>The default temperature (= 0.8) is overriden by whatever has been passed by the user.</li>
+    /// </ul><br/>
+    /// 
+    /// <ul>
+    /// If <i>categoryId</i> is passed:
+    /// <li>The prompt is appended with an instruction in Polish to generate quotes based on the provided category
+    /// (both name and description get passed to the model).</li>
+    /// <li><b>Heads up!</b> The text is appended even if <i>customPrompt</i> has been provided.</li>
+    /// </ul><br/>
+    /// 
+    /// <ul>
+    /// If <i>useSampleQuote</i> is passed:
+    /// <li>The prompt will be appended with a randomly chosen quote from the categoryId (if any exist),
+    /// thus passing categoryId becomes a prerequisite.</li>
+    /// <li><b>Heads up!</b> The request will fail returning status code 400 if categoryId isn't provided!</li>
+    /// </ul>
+    /// </remarks>
+    /// <param name="request">Form data containing required quote information</param>
+    /// <response code="200">Returned on valid request</response>
+    /// <response code="400">Returned when generation failed due to remote server error (likely because of a bad request)</response>
+    /// <response code="500">Returned when response has been generated, but couldn't be parsed (likely because of incompatible server or bad URL)</response>
+    [HttpPost("ai")]
+    [Authorize]
+    [EnableCors]
+    [ProducesResponseType(200)]
+    [ProducesResponseType(typeof(ErrorDTO), 400)]
+    [ProducesResponseType(typeof(ErrorDTO), 500)]
+    public async Task<IActionResult> CreateLLMQuote([FromBody] AskLLMInDTO request)
+    {
+
+        JObject? generatedResponse = await guhf.GenerateLLMResponse(
+            request.CustomPrompt, request.Model, request.Temperature, request.CategoryId, request.UseSampleQuote
+        );
+
+        string llmUsed = request.Model ?? _appsettings.GetSection("LlmIntegration")["DefaultModel"] ?? "deepclaude";
+
+        // Check if any errors occurred
+        if (generatedResponse == null)
+        {
+            return StatusCode(400, new ErrorDTO { Status = "error", Error_msg = "Generation failed most likely due to bad request" });
+        }
+
+        // Parse JSON to get the bot reply
+        string? llmResponse = generatedResponse["choices"]?[0]?["message"]?["content"]?.ToString().Trim('"');
+
+        // If response string is not where we expect it, return 500
+        if (llmResponse == null)
+            return StatusCode(500, new ErrorDTO { Status = "error", Error_msg = "Unexpected API response" });
+
+        // Otherwise, return the response
+        return Ok(new { Status = "ok", BotResponse = llmResponse, Model = llmUsed });
+    }
+
 }

Controllers/UserContentController.cs

@@ -20,6 +20,7 @@ public class UserContentController : ControllerBase
     private readonly IConfiguration _appsettings;
     private readonly ApplicationDbContext _db;
     private readonly GeneralUseHelpers guhf;
+    List<string> _allowedExtensions = new List<string>() { ".jpg", ".jpeg", ".jfif", ".png", ".gif", ".avif", ".webp" };
 
     public UserContentController(IConfiguration appsettings, ApplicationDbContext db, GeneralUseHelpers GUHF)
     {
@@ -86,15 +87,14 @@ public class UserContentController : ControllerBase
         }
 
         // Dozwolone rozszerzenia
-        List<string> allowedExtensions = new List<string>() { ".jpg", ".jpeg", ".jfif", ".png", ".gif", ".avif", ".webp" };
         string fileExtension = Path.GetExtension(file.FileName).ToLower();
 
-        if (!allowedExtensions.Contains(fileExtension))
+        if (!_allowedExtensions.Contains(fileExtension))
         {
             return StatusCode(415, new ErrorDTO
             {
                 Status = "error",
-                Error_msg = $"Unknown file extension. Allowed: {string.Join(", ", allowedExtensions)}"
+                Error_msg = $"Unknown file extension. Allowed: {string.Join(", ", _allowedExtensions)}"
             });
         }
 
@@ -149,14 +149,46 @@ public class UserContentController : ControllerBase
         });
     }
 
+    // GET /api/v1/uc/restrictions
+    /// <summary>
+    /// [AUTHED] Get server restrictions for file upload
+    /// </summary>
+    /// <remarks>
+    /// Returns a list of allowed file extensions and mimetypes for upload.
+    /// </remarks>
+    /// <response code="200">Returned on valid request</response>
+    [HttpGet("restrictions")]
+    [Authorize]
+    [EnableCors]
+    [ProducesResponseType(200)]
+    public IActionResult GetFileUploadRestrictions()
+    {
+        return Ok(new
+        {
+            Status = "ok",
+            AllowedMimeTypes = new List<string>
+            {
+                "image/" // this could be done dynamically ~eee4
+            },
+            AllowedExtensions = _allowedExtensions,
+            MaxFileSize = int.TryParse(_appsettings.GetSection("UserContent")["MaxFileSize"], out int r)
+            ? r
+            : 5 * 1024 * 1024
+    });
+    }
+
     // DELETE /api/v1/uc/images/{id}
     /// <summary>
     /// [AUTHED] Delete an image
     /// </summary>
     /// <remarks>
-    /// Deletes an image, granted it exists. <br/>
+    /// Deletes an image, granted it exists.
+    /// <br/><br/>
     /// <b>Note</b>:
     /// If the image is a file on disk, it's also deleted. 
+    /// <br/><br/>
+    /// <b>Warning</b>:
+    /// Any reference to deleted image in Quotes table will also be deleted (nullified).
     /// </remarks>
     /// <returns>Json with status</returns>
     /// <param name="id">Image id which will be deleted</param>
@@ -189,6 +221,18 @@ public class UserContentController : ControllerBase
         }
 
         // - from db
+        //    - first, from any quotes that reference it
+        List<Quote> quotesToModify = await _db.Quotes
+                                            .Include(q => q.Image)
+                                            .Where(q => q.Image == image)
+                                            .ToListAsync();
+
+        foreach (Quote quote in quotesToModify)
+        {
+            quote.Image = null;
+        }
+
+        //    - finally, from images table
         _db.Images.Remove(image);
         await _db.SaveChangesAsync();
 

DTOs/AskLLMInDTO.cs

@@ -0,0 +1,12 @@
+namespace QuotifyBE.DTOs;
+
+public record class AskLLMInDTO
+{
+    public string? CustomPrompt { get; set; } = null;
+    public string? Model { get; set; } = null;
+    public float? Temperature { get; set; } = 0.8f;
+    public int? CategoryId { get; set; } = null;
+    public bool? UseSampleQuote { get; set; } = false;
+
+};
+

DTOs/QuoteCompleteDTO.cs

@@ -0,0 +1,14 @@
+namespace QuotifyBE.DTOs;
+
+public record class QuoteCompleteDTO
+{
+    public int Id { get; set; }
+    public string Text { get; set; } = string.Empty;
+    public string Author { get; set; } = string.Empty;
+    public string? ImageUrl { get; set; }
+    public List<string>? Categories { get; set; } = new();
+    public DateTime? createDate { get; set; }
+    public DateTime? updateDate { get; set; }
+
+};
+

Mapping/QuoteMapping.cs

@@ -29,4 +29,28 @@ public static class QuoteMapping
             Categories = categoryNames
         };
     }
+
+    public static QuoteCompleteDTO ToQuoteCompleteDTO(this Quote quote)
+    {
+
+        List<string> categoryNames = [];
+        if (quote.QuoteCategories != null)
+        {
+            foreach (QuoteCategory quoteCategory in quote.QuoteCategories)
+            {
+                categoryNames.Add(quoteCategory.Category!.Name ?? $"Unnamed category {quoteCategory.CategoryId}");
+            }
+        }
+
+        return new QuoteCompleteDTO
+        {
+            Id = quote.Id,
+            Text = quote.Text,
+            Author = quote.Author,
+            ImageUrl = quote.Image?.Url,
+            Categories = categoryNames,
+            createDate = quote.CreatedAt,
+            updateDate = quote.LastUpdatedAt
+        };
+    }
 }

QuotifyBE.csproj

@@ -29,6 +29,7 @@
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
     <PackageReference Include="Microsoft.VisualStudio.Azure.Containers.Tools.Targets" Version="1.22.1" />
+    <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageReference Include="Npgsql" Version="9.0.3" />
     <PackageReference Include="Npgsql.EntityFrameworkCore.PostgreSQL" Version="9.0.4" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="9.0.3" />

appsettings.example.json

@@ -2,10 +2,16 @@
   "JwtSecret": "this is a sample jwt secret token required for quotify - it needs to have at least 256 bits (32 bytes long)",
   "DomainName": "example.com",
   "CorsOrigins": [
-    "http://localhost:5259", "http://localhost:5258", "http://localhost:3000", "http://example.com"
+    "https://localhost:7029", "http://localhost:5259", "http://localhost:5258", "http://localhost:3000", "http://example.com"
   ],
   "UserContent": {
-    "MaxFileSize": 5242880,
+    "MaxFileSize": 5242880
+  },
+  "LlmIntegration": {
+    "ApiUrl": "URL to OpenAI-compatible API server, e.g. https://example.com/api/v1",
+    "ApiKey": "FILL ME for AI-generation capabilities",
+    "DefaultPrompt": "Cześć, czy jesteś w stanie wymyślić i stworzyć jeden oryginalny cytat?\nZastanów się nad jego puentą, a kiedy będziesz gotów - zwróć sam cytat.\nNie pytaj mnie co o nim sądzę, ani nie używaj emotikonów (emoji).\nPamiętaj, że dobre cytaty są krótkie, zwięzłe.",
+    "DefaultModel": "deepclaude"
   },
   "ConnectionStrings": {
     "DefaultConnection": "Server=server-host;Database=db-name;Username=quotify-user;Password=user-secret"