[Multi-User Part 4]: Authenticate using API Tokens (#513)

### ✨ New
- Use API keys to authenticate from Desktop, Obsidian, Emacs clients
- Create API, UI on web app config page to CRUD API Keys
- Create user API keys table and functions to CRUD them in Database

### 🧪 Improve
- Default to better search model, [gte-small](https://huggingface.co/thenlper/gte-small), to improve search quality
- Only load chat model to GPU if enough space, throw error on load failure
- Show encoding progress, truncate headings to max chars supported
- Add instruction to create db in Django DB setup Readme

### ⚙️ Fix
- Fix error handling when configure offline chat via Web UI
- Do not warn in anon mode about Google OAuth env vars not being set
- Fix path to load static files when server started from project root

src/database/adapters/__init__.py

@@ -1,3 +1,4 @@
+import secrets
 from typing import Type, TypeVar, List
 from datetime import date
 
@@ -16,6 +17,7 @@ from fastapi import HTTPException
 from database.models import (
     KhojUser,
     GoogleUser,
+    KhojApiUser,
     NotionConfig,
     GithubConfig,
     Embeddings,
@@ -25,6 +27,7 @@ from database.models import (
     OpenAIProcessorConversationConfig,
     OfflineChatProcessorConversationConfig,
 )
+from khoj.utils.helpers import generate_random_name
 from khoj.utils.rawconfig import (
     ConversationProcessorConfig as UserConversationProcessorConfig,
 )
@@ -52,6 +55,25 @@ async def set_notion_config(token: str, user: KhojUser):
     return notion_config
 
 
+async def create_khoj_token(user: KhojUser, name=None):
+    "Create Khoj API key for user"
+    token = f"kk-{secrets.token_urlsafe(32)}"
+    name = name or f"{generate_random_name().title()}'s Secret Key"
+    api_config = await KhojApiUser.objects.acreate(token=token, user=user, name=name)
+    await api_config.asave()
+    return api_config
+
+
+def get_khoj_tokens(user: KhojUser):
+    "Get all Khoj API keys for user"
+    return list(KhojApiUser.objects.filter(user=user))
+
+
+async def delete_khoj_token(user: KhojUser, token: str):
+    "Delete Khoj API Key for user"
+    await KhojApiUser.objects.filter(token=token, user=user).adelete()
+
+
 async def get_or_create_user(token: dict) -> KhojUser:
     user = await get_user_by_token(token)
     if not user:

src/database/migrations/0009_khojapiuser.py

@@ -0,0 +1,24 @@
+# Generated by Django 4.2.5 on 2023-10-26 17:02
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("database", "0008_alter_conversation_conversation_log"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="KhojApiUser",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
+                ("token", models.CharField(max_length=50, unique=True)),
+                ("name", models.CharField(max_length=50)),
+                ("accessed_at", models.DateTimeField(default=None, null=True)),
+                ("user", models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]

src/database/models/__init__.py

@@ -37,6 +37,15 @@ class GoogleUser(models.Model):
         return self.name
 
 
+class KhojApiUser(models.Model):
+    """User issued API tokens to authenticate Khoj clients"""
+
+    user = models.ForeignKey(KhojUser, on_delete=models.CASCADE)
+    token = models.CharField(max_length=50, unique=True)
+    name = models.CharField(max_length=50)
+    accessed_at = models.DateTimeField(null=True, default=None)
+
+
 class NotionConfig(BaseModel):
     token = models.CharField(max_length=200)
     user = models.ForeignKey(KhojUser, on_delete=models.CASCADE)