Ritikjain91/marine-rag

# Marine RAG — Multi-Tenant Retrieval-Augmented Generation A production-ready, secure RAG backend where multiple organizations (tenants) can upload PDF knowledge bases and query them via AI — with **strict tenant isolation** and **enterprise-grade guardrails**. ## Tech Stack | Layer | Technology | |-------|------------| | Runtime | Node.js + TypeScript | | Framework | Express | | Database | PostgreSQL + pgvector | | Cache | Redis (with in-memory fallback) | | AI/ML | OpenAI Embeddings + GPT-4o-mini | | Validation | Zod | | Testing | Jest + Supertest | ## Key Features - **Multi-Tenant Architecture** — Shared database with row-level tenant isolation; cross-tenant access is impossible by design - **Hybrid Retrieval** — Combines vector similarity search (cosine) with PostgreSQL full-text search (ts_rank) - **Guardrails** — Prompt injection detection, out-of-scope filtering, low-confidence fallbacks, and input sanitization - **JWT Authentication + RBAC** — Role-based access control (`admin` vs `user`) with signed tokens - **Streaming API** — Server-Sent Events (SSE) for real-time LLM token streaming - **Redis Caching** — Query result caching with automatic TTL and invalidation - **Dockerized** — One-command local setup via Docker Compose (Postgres + pgvector + Redis) ## Core APIs | Method | Endpoint | Description | |--------|----------|-------------| | POST | `/tenant` | Create new organization | | GET | `/tenant/:tenantId` | Get tenant details | | POST | `/tenant/:tenantId/documents` | Upload PDF (chunk + embed + store) | | GET | `/tenant/:tenantId/documents` | List tenant documents | | DELETE | `/tenant/:tenantId/documents/:id` | Remove document + vectors | | POST | `/tenant/:tenantId/query` | Ask question (RAG pipeline) | | GET | `/health` | Service health check | ## Quick Start # 1. Clone git clone https://github.com/yourusername/marine-rag.git cd marine-rag # 2. Start infrastructure docker-compose up -d # 3. Install & run npm install cp .env.example .env npm run dev

标签：自动化攻击