Remove landing page

[gkorland]

Summary by CodeRabbit

• New Features

  • API tokens: generate, list, and delete tokens with a new in-app modal and “API Tokens” button.
  • Database connection: guided, streaming setup with progress steps; select PostgreSQL/MySQL and connect via updated modal and footer/header buttons.
  • MCP endpoints available (toggle via environment).

• Changes

  • Home now always shows chat; landing page removed.
  • OAuth callbacks redirect to home; improved auth messages.
  • Legacy JSON/CSV/OData schema loaders and example schemas removed.

• Documentation

  • Docker-first README, REST/MCP coverage, streaming workflow, OAuth guidance.
  • New TOKEN_MANAGEMENT.md; contributor setup instructions updated.

• Chores

  • Environment template modernized (Azure keys, FALKORDB_URL, DISABLE_MCP).
  • Dependency and build tweaks; ignore/demo updates.

[coderabbitai]

Caution

Review failed

Failed to post review comments.

Walkthrough

This PR introduces streaming database connection/loading, adds an API token management feature (backend routes and frontend UI), integrates optional MCP endpoints, refactors loader interfaces to async generators with distinct-values enrichment, updates auth and home routing, removes several legacy loaders/examples/schemas, and reorganizes documentation, env config, CSS/TS, and tests accordingly.

Changes

Cohort / File(s)	Summary
Environment & Docs \.env.example, README.md, .github/copilot-instructions.md, Pipfile, Makefile, .gitignore, .github/wordlist.txt, TOKEN_MANAGEMENT.md, vercel.json, tests/e2e/README.md	Env rewording and Azure keys; shift to FALKORDB_URL; add DISABLE_MCP; docs/README overhauled (Docker-first, REST/MCP, streaming); add fastapi-mcp dep; tweak Makefile npm install; ignore demo_tokens.py; expand wordlist; add token mgmt doc; remove Vercel config; test docs add APP_ENV.
App startup & Routing api/app_factory.py, api/routes/tokens.py	Mount tokens API at /tokens; optional MCP via FastApiMCP with DISABLE_MCP; MCP HTTP mounted; tokens router implements generate/list/delete.
Auth & Home api/routes/auth.py, api/auth/user_management.py, tests/e2e/pages/home_page.py	Remove /chat route; home (/) always renders chat; OAuth callback flows updated; token extraction helper; token_required supports API tokens; cleanup invalid tokens; tests navigate to “/”.
Agents api/agents/__init__.py, api/agents/taxonomy_agent.py (removed), api/agents/analysis_agent.py, api/agents/follow_up_agent.py, api/agents/relevancy_agent.py, api/agents/utils.py	Remove TaxonomyAgent and export; make optional params typed as Optional; refactor schema formatting helpers; adjust FollowUpAgent signature and fallback text; lint-related tweaks.
Loaders Core api/loaders/base_loader.py	Base interface changed: load becomes async generator; add abstract count/distinct query hooks; add extract_distinct_values_for_column with Config thresholds.
RDBMS Loaders api/loaders/mysql_loader.py, api/loaders/postgres_loader.py	Load methods now stream (AsyncGenerator) with progress; add distinct-values enrichment into column descriptions; add typed exceptions; refactor query execution/serialization; schema-change detection scaffolding (Postgres).
Removed Loaders & Validation api/loaders/csv_loader.py, api/loaders/json_loader.py, api/loaders/odata_loader.py, api/loaders/schema_validator.py	Remove CSV/JSON/OData loaders and schema validator modules.
Database Routes api/routes/database.py, api/routes/graphs.py	/database becomes StreamingResponse with MESSAGE_DELIMITER; add optional type in request; graphs endpoints get operation_ids; remove JSON/XML/CSV pathways (501); add DB loader selection; add safety/logging/memory flow and destructive-check handling.
Config & Utils api/config.py, api/utils.py, api/constants.py (removed), api/graph.py	Add DB_MAX_DISTINCT and DB_UNIQUENESS_THRESHOLD; remove TEMPERATURE; remove constants and LLM validators/benchmark; tighten generate_db_description; lint note in graph.py.
Frontend Templates app/templates/chat.j2, app/templates/components/chat_header.j2, app/templates/components/database_modal.j2, app/templates/components/left_toolbar.j2, app/templates/components/reset_modal.j2, app/templates/components/token_modal.j2, app/templates/landing.j2 (removed)	Add token modal include; replace DB-type dropdown with “Connect Database” button; expand database modal (type dropdown, steps, spinner); add footer toolbar buttons; minor reset modal copy; add full token management modal; remove landing page.
Frontend Styles app/public/css/buttons.css, app/public/css/menu.css, app/public/css/modals.css, app/public/css/responsive.css, app/public/css/landing.css (removed)	New toolbar/footer and mobile behaviors; rename dropdown selectors to header-button; add tokens/modal/steps/alerts styles; switch .db-modal to #db-modal; remove landing styles.
Frontend TS app/ts/app.ts, app/ts/modules/modals.ts, app/ts/modules/tokens.ts, app/ts/modules/ui.ts	Initialize token management; rework DB modal to stream step updates using boundary; add full tokens UI module; adjust dropdown utility to stricter non-null usage.
Examples Removed examples/*	Remove multiple example schemas and SQL files (blog, crm, erp, ecommerce, store, topology, tables, examples.txt).
Tests tests/test_mysql_loader.py, tests/test_postgres_loader.py	Add helper to consume async generator loaders; update mocks for multiple fetchall calls (Postgres).

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant U as User
  participant UI as Database Modal (Frontend)
  participant S as Server (/database)
  participant L as Loader (Postgres/MySQL)
  participant G as Graph DB

  U->>UI: Open Connect Database
  UI->>S: POST /database { url, type }
  Note right of S: StreamingResponse<br/>delimiter: "|||FALKORDB_MESSAGE_BOUNDARY|||"
  S-->>UI: reasoning_step: "Starting..."
  S->>S: Detect DB type/loader
  alt Valid type
    S->>L: load(prefix, url) (async generator)
    loop Progress
      L-->>S: yield (ok, message)
      S-->>UI: reasoning_step: message
    end
    L->>G: Persist schema
    S-->>UI: final_result: success
  else Invalid/Error
    S-->>UI: error message
  end

Loading

sequenceDiagram
  autonumber
  participant U as User (Authenticated)
  participant UI as Tokens Modal
  participant A as API /tokens
  participant OG as Orgs Graph

  U->>UI: Open Tokens Modal
  UI->>A: GET /tokens/list
  A->>OG: MATCH Identity-[:HAS_TOKEN]->Token
  OG-->>A: Token list
  A-->>UI: { tokens: [...] }

  U->>UI: Generate New Token
  UI->>A: POST /tokens/generate
  A->>OG: Persist token (via callback handler)
  A-->>UI: { token_id, created_at }

  U->>UI: Delete (last4)
  UI->>A: DELETE /tokens/{last4}
  A->>OG: DELETE matching token
  A-->>UI: 200/404

Loading

sequenceDiagram
  autonumber
  participant App as App Factory
  participant MCP as FastApiMCP
  participant R as Routers

  App->>App: Read DISABLE_MCP
  alt MCP enabled
    App->>MCP: Instantiate (name, description, operations)
    MCP->>App: mount_http()
  else Disabled
    App->>App: Log "MCP disabled"
  end
  App->>R: include_router(tokens, /tokens)

Loading

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~120–180 minutes

Possibly related PRs

• Load DB in steps #161 — Also introduces streaming DB loading (MESSAGE_DELIMITER), MCP, and tokens API/UI across the same modules.
• Add MCP server #153 — Adds MCP integration (fastapi-mcp, DISABLE_MCP) and mounts FastApiMCP in app_factory, overlapping directly.
• Add Swagger and REST API in README #162 — Implements MCP plus token routes/templates/JS and env changes similar to this PR.

Suggested reviewers

• galshubeli

Poem

A rabbit taps the stream—tick, tick, tick—
Steps appear, then schemas click.
Tokens sprout like clover bright,
One-time shine, then out of sight.
MCP paths quietly weave,
Query threads we now retrieve.
Hop! The SQL’s ripe to leave. 🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch remove-landing

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 5 package(s) with unknown licenses.
• ⚠️ 1 packages with OpenSSF Scorecard issues.

See the Details below.

License Issues

Pipfile

Package	Version	License	Issue Type
fastapi-mcp	~> 0.4.0	Null	Unknown License
litellm	~> 1.76.0	Null	Unknown License

Pipfile.lock

Package	Version	License	Issue Type
regex	2025.8.29	Null	Unknown License
litellm	1.76.1	Null	Unknown License
mcp	1.13.1	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/fastapi-mcp	~> 0.4.0	Unknown	Unknown
pip/litellm	~> 1.76.0	Unknown	Unknown
pip/authlib	1.6.3	Unknown	Unknown
pip/fastapi-mcp	0.4.0	Unknown	Unknown
pip/fastuuid	0.12.0	Unknown	Unknown
pip/httpx-sse	0.4.1	Unknown	Unknown
pip/litellm	1.76.1	Unknown	Unknown
pip/markdown-it-py	4.0.0	🟢 6.5	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 3 Found 8/23 approved changesets -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/mcp	1.13.1	Unknown	Unknown
pip/mdurl	0.1.2	🟢 4	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review ⚠️ 0 Found 2/26 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pydantic-settings	2.10.1	⚠️ 1.3	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ -1 no dependencies found Token-Permissions ⚠️ -1 No tokens found Dangerous-Workflow ⚠️ -1 no workflows found Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 no SAST tool detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected License ⚠️ 0 license file not detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities ⚠️ 0 27 existing vulnerabilities detected
pip/pygments	2.19.2	🟢 6.5	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Code-Review 🟢 6 Found 12/18 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/regex	2025.8.29	Unknown	Unknown
pip/rich	14.1.0	🟢 7.1	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 2 Found 4/17 approved changesets -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/shellingham	1.5.4	🟢 3	Details Check Score Reason Code-Review 🟢 5 Found 6/11 approved changesets -- score normalized to 5 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities ⚠️ 0 13 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/sse-starlette	3.0.2	🟢 4.6	Details Check Score Reason Maintained 🟢 10 16 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 2 Found 5/23 approved changesets -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/tokenizers	0.22.0	🟢 5.3	Details Check Score Reason Maintained 🟢 10 18 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 7 Found 20/26 approved changesets -- score normalized to 7 Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 4 6 existing vulnerabilities detected
pip/tomli	2.2.1	🟢 4.7	Details Check Score Reason Code-Review 🟢 3 Found 7/21 approved changesets -- score normalized to 3 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/typer	0.17.3	Unknown	Unknown

Scanned Files

• Pipfile
• Pipfile.lock

To fix this issue, we should sanitize the token_id parameter before logging it to ensure that it does not contain any characters which could break or forge log entries (specifically: carriage returns \r or newlines \n). The simplest approach is to remove or replace these characters before writing to logs. We will do this directly before the logging statement in the delete_token handler, by assigning a cleaned version of token_id (e.g., replacing all \r and \n characters with the empty string). No additional dependencies are required.
Edit the region of api/routes/tokens.py within the delete_token handler, immediately before the logging statement that logs token_id. You only need to edit lines you have been shown, and you can define a new variable or overwrite token_id locally.

---