Add chat history management functionality

[rex993]

• Add chat rename and delete API endpoints (PUT/DELETE /chats/{chat_id})
• Implement database methods for chat conversation management
• Add ChatSidebar dropdown menu with rename/delete options
• Update useChatSessions hook with rename/delete functionality
• Store chat names as metadata in conversation history
• Add confirmation dialogs for rename and delete operations
• Increase sidebar width and improve layout for menu buttons

UPDATE:

• also added search

[jazzberry-ai]

Bug Report

Name	Severity	Example test case	Description
Authorization Bypass	Critical	Create a chat. As a different user or app, attempt to rename or delete the chat.	If convo.user_id or convo.app_id is NULL, the authorization checks in update_chat_conversation_name and delete_chat_conversation will fail, preventing rename/delete.
SQL Injection	High	Rename a chat with a name containing malicious characters (e.g., backslashes).	The name parameter in update_chat_conversation_name is not properly sanitized, potentially leading to SQL injection.
Race Condition	Medium	Concurrent calls to update_chat_conversation_name for the same chat.	Concurrent updates to chat history can lead to data inconsistency due to missing concurrency control.
Frontend Error Handling	Low	Attempt to rename/delete a chat when the API is unavailable.	The renameChat and deleteChat functions in useChatSessions.ts lack proper error handling, leading to a poor user experience.
Potential XSS	Medium	Create a chat with a name containing crafted markdown or HTML.	The generateMessagePreview function and chat name display do not properly sanitize the chat name, potentially leading to an XSS vulnerability.

_{Comments? Email us.}

[jazzberry-ai]

Bug Report

Name	Severity	Example test case	Description
SQL Injection in search_chat_conversations	High	Search for a chat with the name test%'; SELECT pg_sleep(10); --	The search_chat_conversations method uses the query string directly in the python code without proper sanitization, which could lead to a SQL injection vulnerability.
DoS in search_chat_conversations	High	Create a user with 10,000+ chat conversations and then search for a chat.	The search_chat_conversations method fetches all conversations for the user and app before filtering and scoring them, which could lead to a denial-of-service (DoS) vulnerability.
Race Condition in update_chat_conversation_name	Medium	Send two simultaneous requests to rename the same chat conversation.	The update_chat_conversation_name method updates the history field by retrieving the history, modifying it in python, and saving it back to the database using a raw SQL query, which is prone to race conditions.
Missing Input Validation in update_chat_conversation_name	Low	Rename a chat conversation with a very long name (e.g., 1000+ characters).	The update_chat_conversation_name method doesn't validate the name parameter. An attacker could provide a very long or malformed name, which could cause issues with the UI or database.
Unnecessary Data Retrieval in list_chat_conversations	Low	List chat conversations.	The function retrieves all messages in the history, even though only the last one and the chat name are needed. This is inefficient and can be optimized by only selecting the required data.

_{Comments? Email us.}