feat: lightweight RAG with Pinecone + Gemini embeddings + Render deploy

.env.example

@@ -1,15 +1,11 @@
-MODEL_NAME=
-OLLAMA_BASE_URL=
-CHROMA_DB_PATH=
 UPLOAD_FOLDER=uploads
 
-OAUTHLIB_INSECURE_TRANSPORT=
-OAUTHLIB_RELAX_TOKEN_SCOPE=
-TUNNEL_URL=
+OAUTHLIB_INSECURE_TRANSPORT=1
+OAUTHLIB_RELAX_TOKEN_SCOPE=1
 
 SECRET_KEY=
-GOOGLE_CLIENT_ID=
-GOOGLE_CLIENT_SECRET=
-
+ENCRYPTION_KEY=
+MONGO_URI=
 
-GROQ_API_KEY=
+GOOGLE_CLIENT_ID=
+GOOGLE_CLIENT_SECRET=

.github/workflows/deploy.yml

@@ -1,47 +1,43 @@
-name: Deploy to GCP Cloud Run
+name: Docker Image CI
 
 on:
   push:
     branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
 
 env:
-  PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
-  REGION: ${{ secrets.GCP_REGION }}
-  SERVICE: rag-pdf-assistant
-  IMAGE: ${{ secrets.GCP_REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/rag-app/rag-pdf-assistant
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-  deploy:
+  build-and-push:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
 
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout repository
+        uses: actions/checkout@v4
 
-      - name: Authenticate to Google Cloud
-        uses: google-github-actions/auth@v2
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
         with:
-          credentials_json: ${{ secrets.GCP_SA_KEY }}
-
-      - name: Set up Cloud SDK
-        uses: google-github-actions/setup-gcloud@v2
-
-      - name: Configure Docker for Artifact Registry
-        run: gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev --quiet
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build Docker image
-        run: docker build -t ${{ env.IMAGE }}:${{ github.sha }} -t ${{ env.IMAGE }}:latest .
-
-      - name: Push Docker image
-        run: |
-          docker push ${{ env.IMAGE }}:${{ github.sha }}
-          docker push ${{ env.IMAGE }}:latest
+      - name: Extract metadata (tags, labels)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
-      - name: Deploy to Cloud Run
-        run: |
-          gcloud run deploy ${{ env.SERVICE }} \
-            --image ${{ env.IMAGE }}:${{ github.sha }} \
-            --region ${{ env.REGION }} \
-            --platform managed \
-            --port 5000 \
-            --allow-unauthenticated \
-            --set-env-vars "SECRET_KEY=${{ secrets.SECRET_KEY }},ENCRYPTION_KEY=${{ secrets.ENCRYPTION_KEY }},MONGO_URI=${{ secrets.MONGO_URI }},GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }},GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}"
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -17,7 +17,7 @@ RUN pip install --no-cache-dir -r requirements.txt
 COPY . .
 
 # Create persistent storage directories
-RUN mkdir -p uploads vectorstore
+RUN mkdir -p uploads
 
 # Command to run the application using Gunicorn for production
 CMD ["gunicorn", "--bind", "0.0.0.0:5000", "--workers", "2", "app:app"]

README.md

@@ -1,21 +1,22 @@
 # 📄 RAG PDF Assistant
 
-A **Retrieval-Augmented Generation (RAG)** based document assistant built with Flask, FAISS, Sentence Transformers, Groq API, and Gemini. Upload PDFs, DOCX, or TXT files and intuitively chat with them using modern AI models.
+A **Retrieval-Augmented Generation (RAG)** document assistant built with Flask, Pinecone, Gemini Embeddings, Groq API, and Google Gemini. Upload PDFs, DOCX, TXT, or MD files and intuitively chat with them using modern AI models.
 
 ---
 
 ## 🚀 Features
 
-- 📂 **Multi-format Uploads**: Support for PDF, DOCX, and TXT files.
+- 📂 **Multi-format Uploads**: Support for PDF, DOCX, TXT, and Markdown files.
 - 💬 **Interactive Chat**: Query and chat with your documents using AI.
-- 🔍 **RAG-based Retrieval**: Fast and accurate chunk retrieval using FAISS.
-- 🧠 **Multiple LLM Support**: Powered by Groq API (Llama 3 models) and Google Gemini.
+- 🔍 **RAG-based Retrieval**: Fast and accurate semantic search using Pinecone vector database.
+- 🧠 **Multiple LLM Support**: Powered by Groq API (Llama 3) and Google Gemini.
 - 🔐 **Robust Authentication**: Supports Google OAuth as well as standard Email/Password login.
 - 🖼️ **User Profiles**: Custom profile picture uploads & Google profile pic sync.
-- 👤 **Data Isolation**: Per-user file and vector store isolation for privacy.
-- �️ **Admin Dashboard**: Admin panel to monitor users and uploaded files.
-- �🗑️ **Data Management**: Intuitive UI to delete files and clear vector stores.
+- 👤 **Data Isolation**: Per-user namespaces in Pinecone for complete privacy.
+- 🛡️ **Admin Dashboard**: Admin panel to monitor users and uploaded files.
+- 🗑️ **Data Management**: Intuitive UI to delete files and clear vector stores.
 - 📱 **Responsive UI**: Minimal and modern front-end for seamless user experience.
+- ☁️ **Lightweight & Cloud-Native**: Zero local ML models — all embeddings and LLM calls are cloud-based API calls, requiring minimal server RAM.
 
 ---
 
@@ -25,9 +26,10 @@ A **Retrieval-Augmented Generation (RAG)** based document assistant built with F
 |-------|------------|
 | **Backend** | Flask (Python) |
 | **Authentication** | Flask-Login + Flask-Dance (Google OAuth) |
-| **Embeddings** | Sentence Transformers (`all-MiniLM-L6-v2`) |
-| **Vector Store** | FAISS (CPU) |
-| **LLMs** | Groq API & Google Gemini |
+| **Embeddings** | Google Gemini (`gemini-embedding-001`) |
+| **Vector Store** | Pinecone (Serverless) |
+| **LLMs** | Groq API (Llama 3.3 70B) & Google Gemini |
+| **User Database** | MongoDB Atlas |
 | **Frontend** | HTML, CSS, Vanilla JS |
 
 ---
@@ -37,14 +39,16 @@ A **Retrieval-Augmented Generation (RAG)** based document assistant built with F
 ```text
 RAG_App/
 ├── app.py                  # Main Flask application & routes
-├── models.py               # Database models & user schema
-├── config.py               # Configuration & env variables setup
+├── models.py               # MongoDB user model & encrypted key storage
+├── config.py               # Configuration & env variables
 ├── requirements.txt        # Python dependencies
-├── .env                    # Environment variables (not committed)
+├── render.yaml             # Render deployment blueprint
+├── Dockerfile              # Docker containerization
+├── .env.example            # Environment variable template
 ├── rag/
 │   ├── chunker.py          # Document parsing & chunking logic
-│   ├── embeddings.py       # Vector embeddings generation & FAISS storage
-│   ├── retriever.py        # Semantic search & chunk retrieval
+│   ├── embeddings.py       # Gemini embeddings + Pinecone upsert
+│   ├── retriever.py        # Pinecone semantic search & retrieval
 │   └── generator.py        # LLM integration for answer generation
 ├── templates/
 │   ├── index.html          # File management & upload dashboard
@@ -52,10 +56,12 @@ RAG_App/
 │   ├── login.html          # User login page
 │   ├── register.html       # User registration page
 │   ├── admin.html          # Admin dashboard
-│   └── profile.html        # User profile & settings dashboard
+│   └── profile.html        # User profile & API key settings
 ├── static/                 # Static assets (CSS, JS, profile_pics)
 ├── uploads/                # User-uploaded files (isolated per user)
-└── vectorstore/            # FAISS vector database indices (isolated per user)
+└── .github/workflows/
+    ├── devsecops.yml       # Security scanning pipeline
+    └── deploy.yml          # Docker build & GHCR push pipeline
 ```
 
 ---
@@ -65,6 +71,7 @@ RAG_App/
 ### 1. Clone the Repository
 ```bash
 git clone https://github.com/param20h/PDF-Assistant-RAG.git
+cd PDF-Assistant-RAG
 ```
 
 ### 2. Create and Activate Virtual Environment
@@ -84,14 +91,27 @@ pip install -r requirements.txt
 ```
 
 ### 4. Configure Environment Variables
-Create a `.env` file in the root of `RAG_App` (you can use `.env.example` as a template):
+Create a `.env` file using the template:
+```bash
+cp .env.example .env
+```
+
+Fill in the required server-side variables:
 ```env
-SECRET_KEY=your_secure_secret_key
-MONGO_URI=your_mongodb_uri_here  # If applicable, verify config.py
+SECRET_KEY=your_secure_random_key
+ENCRYPTION_KEY=your_fernet_key
+MONGO_URI=mongodb+srv://user:pass@cluster.mongodb.net/rag_app
 GOOGLE_CLIENT_ID=your_google_oauth_client_id
 GOOGLE_CLIENT_SECRET=your_google_oauth_client_secret
 ```
-*Note: Users can supply their own Groq and Gemini API keys directly via the app's Profile page!*
+
+> **Generate keys:**
+> ```bash
+> # SECRET_KEY
+> python -c "import secrets; print(secrets.token_hex(32))"
+> # ENCRYPTION_KEY
+> python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
+> ```
 
 ### 5. Run the Application
 ```bash
@@ -103,59 +123,78 @@ Visit `http://localhost:5000` in your web browser.
 
 ---
 
-## 🔑 Obtaining API Credentials
+## 🔑 User Setup (Per-User API Keys)
+
+After registering/logging in, each user must add their own API keys on the **Profile** page:
+
+| Service | Required? | Where to Get | Notes |
+|---------|-----------|--------------|-------|
+| **Gemini API Key** | ✅ Required | [aistudio.google.com](https://aistudio.google.com) | Free — used for embeddings & chat |
+| **Pinecone API Key** | ✅ Required | [app.pinecone.io](https://app.pinecone.io) | Free tier available |
+| **Pinecone Index Name** | ✅ Required | Pinecone Dashboard | Create: dim `3072`, metric `cosine` |
+| **Groq API Key** | Optional | [console.groq.com](https://console.groq.com) | For Llama 3 chat generation |
 
-| Service | Where to Get |
-|---------|-------------|
-| **Groq API Key** | [console.groq.com](https://console.groq.com) |
-| **Gemini API Key**| [aistudio.google.com](https://aistudio.google.com) |
-| **Google OAuth** | [console.cloud.google.com](https://console.cloud.google.com) |
+### 🌲 Pinecone Index Setup
+1. Create a free account at [pinecone.io](https://app.pinecone.io)
+2. Create a **Serverless** index with:
+   - **Dimension**: `3072`
+   - **Metric**: `cosine`
+3. Copy your API key and index name into the Profile page
 
-### 🌐 Google OAuth Setup
-1. Go to **Google Cloud Console**.
-2. Create a new project and navigate to **APIs & Services** → **Credentials**.
-3. Click **Create Credentials** → **OAuth Client ID**.
+---
+
+## 🌐 Google OAuth Setup
+1. Go to **Google Cloud Console** → [console.cloud.google.com](https://console.cloud.google.com)
+2. Create a new project and navigate to **APIs & Services** → **Credentials**
+3. Click **Create Credentials** → **OAuth Client ID**
 4. Set the Authorized redirect URI to: `http://localhost:5000/login/google/authorized`
-5. Copy your `Client ID` and `Client Secret` into the `.env` file.
+5. Copy your `Client ID` and `Client Secret` into the `.env` file
 
 ---
 
 ## 🔄 How It Works (The RAG Pipeline)
 
-1. **Upload**: User uploads a document (PDF, DOCX, TXT).
+1. **Upload**: User uploads a document (PDF, DOCX, TXT, or MD).
 2. **Chunking**: The document is parsed and split into manageable textual chunks.
-3. **Embedding**: Chunks are converted to high-dimensional vectors using `all-MiniLM-L6-v2`.
-4. **Vector Storage**: Vectors are indexed and stored using FAISS.
+3. **Embedding**: Chunks are converted to 3072-dimensional vectors using `gemini-embedding-001`.
+4. **Vector Storage**: Vectors are stored in the user's Pinecone namespace.
 5. **Querying**: The user submits a question.
-6. **Retrieval**: FAISS retrieves the most semantically relevant chunks to the question.
+6. **Retrieval**: Pinecone retrieves the most semantically relevant chunks.
 7. **Generation**: The retrieved context is passed to the selected LLM (Groq or Gemini) to generate an accurate, grounded answer.
 
 ---
 
-## 🔐 DevSecOps Pipeline 
+## 🚀 Deployment
+
+### Deploy to Render (Recommended — Free)
+1. Push your code to GitHub
+2. Go to [Render](https://dashboard.render.com) → **New** → **Web Service**
+3. Connect your GitHub repository
+4. Render auto-detects `render.yaml` and configures everything
+5. Add environment variables: `SECRET_KEY`, `ENCRYPTION_KEY`, `MONGO_URI`, `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`
+6. Update Google OAuth redirect URI to: `https://your-app.onrender.com/login/google/authorized`
+7. Deploy!
+
+### Deploy with Docker
+```bash
+docker build -t rag-app .
+docker run -p 5000:5000 --env-file .env rag-app
+```
+
+---
+
+## 🔐 DevSecOps Pipeline
 
 | Tool | Purpose |
 |------|---------|
-| `GitHub Actions` | CI/CD Pipeline tracking |
-| `Bandit` | SAST - Python security vulnerability scanning |
+| `GitHub Actions` | CI/CD Pipeline |
+| `Bandit` | SAST — Python security vulnerability scanning |
 | `Gitleaks` | Hardcoded secret and credential detection |
 | `Trivy` | Container and dependency vulnerability checking |
 | `Snyk` | Advanced dependency vulnerability scanning |
-| `OWASP ZAP` | DAST - Dynamic web security scanning |
+| `OWASP ZAP` | DAST — Dynamic web security scanning |
 | `SonarCloud` | Overall code quality and security analysis |
-| `Docker` | App containerization |
-
----
-
-## 🐳 Docker Deployment
-
-To spin up the application along with its dedicated MongoDB container, simply run:
-
-```bash
-docker-compose up -d --build
-```
-
-Then visit `http://localhost:5000` in your web browser!
+| `GHCR` | Docker image hosting via GitHub Container Registry |
 
 ---
 

app.py

@@ -26,16 +26,14 @@ def patched_fetch(self, *args, **kwargs):
     return original_fetch(self, *args, **kwargs)
 OAuth2Session.fetch_token = patched_fetch
 
-import pickle
-import shutil
-from flask import Flask, request, jsonify, render_template, redirect, url_for
+from flask import Flask, request, jsonify, render_template, redirect, url_for, send_file
 from flask_login import LoginManager, login_user, logout_user, login_required, current_user
 from flask_dance.contrib.google import make_google_blueprint, google
 from flask_dance.consumer import oauth_authorized
 from dotenv import load_dotenv
 from models import User
 from rag.chunker import load_and_chunk
-from rag.embeddings import store_embeddings
+from rag.embeddings import store_embeddings, delete_embeddings, clear_all_embeddings
 from rag.retriever import retrieve_chunks
 from rag.generator import generate_answer
 from config import SECRET_KEY, MONGO_URI, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
@@ -47,10 +45,7 @@ app = Flask(__name__)
 app.config["SECRET_KEY"] = SECRET_KEY
 app.config["UPLOAD_FOLDER"] = "uploads"
 
-META_PATH = os.path.join("vectorstore", "metadata.pkl")
-
 os.makedirs("uploads", exist_ok=True)
-os.makedirs("vectorstore", exist_ok=True)
 
 # ── Google Blueprint ──────────────────────────────────
 google_bp = make_google_blueprint(
@@ -172,10 +167,9 @@ def get_user_upload_folder(username):
     os.makedirs(folder, exist_ok=True)
     return folder
 
-def get_user_meta_path(username):
-    path = os.path.join("vectorstore", username)
-    os.makedirs(path, exist_ok=True)
-    return os.path.join(path, "metadata.pkl")
+def user_has_rag_keys(user):
+    """Check if user has all required keys for RAG operations."""
+    return (user.get_gemini_key() and user.get_pinecone_key() and user.pinecone_index_name)
 
 # ── Auth Routes ───────────────────────────────────────
 
@@ -254,7 +248,6 @@ def admin_dashboard():
 @app.route("/download/<username>/<filename>")
 @login_required
 def download_file(username, filename):
-    # Only the owner or an admin can download
     if current_user.username != username and not current_user.is_admin:
         return "Unauthorized", 403
         
@@ -263,7 +256,6 @@ def download_file(username, filename):
     if not os.path.exists(filepath):
         return "File not found", 404
         
-    from flask import send_file
     return send_file(filepath, as_attachment=True)
 
 @app.route("/profile", methods=["GET"])
@@ -278,19 +270,31 @@ def update_settings():
         data = request.get_json()
         current_user.preferred_model = data.get("preferred_model", "groq")
         
-        # Determine if we are deleting keys or setting new ones
+        # ── Groq Key ──
         groq_req = data.get("groq_key", "").strip()
-        gemini_req = data.get("gemini_key", "").strip()
-        
         if groq_req == "DELETE":
             current_user.set_groq_key(None)
         elif groq_req:
             current_user.set_groq_key(groq_req)
             
+        # ── Gemini Key ──
+        gemini_req = data.get("gemini_key", "").strip()
         if gemini_req == "DELETE":
             current_user.set_gemini_key(None)
         elif gemini_req:
             current_user.set_gemini_key(gemini_req)
+
+        # ── Pinecone Key ──
+        pinecone_req = data.get("pinecone_key", "").strip()
+        if pinecone_req == "DELETE":
+            current_user.set_pinecone_key(None)
+        elif pinecone_req:
+            current_user.set_pinecone_key(pinecone_req)
+
+        # ── Pinecone Index Name ──
+        pinecone_index = data.get("pinecone_index", "").strip()
+        if pinecone_index:
+            current_user.pinecone_index_name = pinecone_index
         
         current_user.save()
         return jsonify({"message": "Settings updated successfully!"}), 200
@@ -311,8 +315,8 @@ def get_files():
 @login_required
 def upload():
     try:
-        if not current_user.get_groq_key() and not current_user.get_gemini_key():
-            return jsonify({"error": "⚠️ Please add your Groq or Gemini API key in the Profile page to upload and chat."}), 400
+        if not user_has_rag_keys(current_user):
+            return jsonify({"error": "⚠️ Please add your Gemini API key, Pinecone API key, and Pinecone index name in the Profile page to upload and chat."}), 400
 
         if "pdf" not in request.files:
             return jsonify({"error": "No file found"}), 400
@@ -329,9 +333,8 @@ def upload():
         filepath = os.path.join(folder, file.filename)
         file.save(filepath)
 
-        meta_path = get_user_meta_path(current_user.username)
         chunks = load_and_chunk(filepath)
-        store_embeddings(chunks, file.filename, meta_path)
+        store_embeddings(chunks, file.filename, current_user)
 
         return jsonify({"message": f"{file.filename} uploaded successfully!"}), 200
 
@@ -342,8 +345,8 @@ def upload():
 @login_required
 def ask():
     try:
-        if not current_user.get_groq_key() and not current_user.get_gemini_key():
-            return jsonify({"error": "⚠️ Please add your Groq or Gemini API key in the Profile page to upload and chat."}), 400
+        if not user_has_rag_keys(current_user):
+            return jsonify({"error": "⚠️ Please add your Gemini API key, Pinecone API key, and Pinecone index name in the Profile page to upload and chat."}), 400
 
         data = request.get_json()
         question = data.get("question", "").strip()
@@ -352,8 +355,7 @@ def ask():
         if not question:
             return jsonify({"error": "Question cannot be empty"}), 400
 
-        meta_path = get_user_meta_path(current_user.username)
-        context_chunks = retrieve_chunks(question, filename, meta_path)
+        context_chunks = retrieve_chunks(question, filename, current_user)
         answer = generate_answer(question, context_chunks, current_user)
 
         username = current_user.username
@@ -410,13 +412,8 @@ def delete():
 
         os.remove(filepath)
 
-        meta_path = get_user_meta_path(current_user.username)
-        if os.path.exists(meta_path):
-            with open(meta_path, "rb") as f:
-                metadata = pickle.load(f)
-            new_metadata = [m for m in metadata if m["filename"] != filename]
-            with open(meta_path, "wb") as f:
-                pickle.dump(new_metadata, f)
+        # Delete vectors from Pinecone
+        delete_embeddings(filename, current_user)
 
         return jsonify({"message": f"{filename} deleted successfully!"}), 200
 
@@ -427,13 +424,8 @@ def delete():
 @login_required
 def clear_vectorstore():
     try:
-        username = current_user.username
-        vectorstore_path = os.path.join("vectorstore", username)
-
-        if os.path.exists(vectorstore_path):
-            shutil.rmtree(vectorstore_path)
-            os.makedirs(vectorstore_path, exist_ok=True)
-
+        # Clear all vectors in user's Pinecone namespace
+        clear_all_embeddings(current_user)
         return jsonify({"message": "Vector store cleared successfully!"}), 200
 
     except Exception as e:

config.py

@@ -12,15 +12,13 @@ MONGO_URI = os.getenv("MONGO_URI", "mongodb://localhost:27017/rag_app")
 UPLOAD_FOLDER = "uploads"
 ALLOWED_EXTENSIONS = {"pdf", "docx", "txt", "md"}
 
-# ── Embedding Config ─────────────────────────────────
-EMBEDDING_MODEL = "all-MiniLM-L6-v2"
-CHROMA_DB_PATH = "vectorstore"
-TOP_K = 50
+# ── RAG Config ───────────────────────────────────────
+TOP_K = 5
 CHUNK_SIZE = 500
 CHUNK_OVERLAP = 50
 
 # ── Groq Config ──────────────────────────────────────
-GROQ_MODEL = "llama-3.3-70b-versatile"  
+GROQ_MODEL = "llama-3.3-70b-versatile"
 
 # ── Google OAuth Config ──────────────────────────────
 GOOGLE_CLIENT_ID = os.getenv("GOOGLE_CLIENT_ID")

models.py

@@ -7,15 +7,19 @@ from config import ENCRYPTION_KEY, MONGO_URI
 
 # Connect to MongoDB
 mongo_client = pymongo.MongoClient(MONGO_URI)
-db = mongo_client.get_default_database()
-if not db.name:
+try:
+    db = mongo_client.get_default_database()
+except pymongo.errors.ConfigurationError:
     db = mongo_client["rag_app"]
 
 users_collection = db["users"]
 cipher_suite = Fernet(ENCRYPTION_KEY)
 
 class User(UserMixin):
-    def __init__(self, username, email, password=None, _id=None, google_id=None, profile_pic=None, groq_api_key=None, gemini_api_key=None, preferred_model="groq", is_admin=False):
+    def __init__(self, username, email, password=None, _id=None, google_id=None,
+                 profile_pic=None, groq_api_key=None, gemini_api_key=None,
+                 pinecone_api_key=None, pinecone_index_name=None,
+                 preferred_model="groq", is_admin=False):
         self.username = username
         self.email = email
         self.password = password
@@ -23,6 +27,8 @@ class User(UserMixin):
         self.profile_pic = profile_pic
         self.groq_api_key = groq_api_key
         self.gemini_api_key = gemini_api_key
+        self.pinecone_api_key = pinecone_api_key
+        self.pinecone_index_name = pinecone_index_name or ""
         self.preferred_model = preferred_model
         self.is_admin = is_admin
         if _id:
@@ -31,7 +37,7 @@ class User(UserMixin):
             self.id = None
 
     def get_id(self):
-        return self.id or self.username  # fallback to username if id is not yet set
+        return self.id or self.username
 
     def save(self):
         user_data = {
@@ -42,6 +48,8 @@ class User(UserMixin):
             "profile_pic": self.profile_pic,
             "groq_api_key": self.groq_api_key,
             "gemini_api_key": self.gemini_api_key,
+            "pinecone_api_key": self.pinecone_api_key,
+            "pinecone_index_name": self.pinecone_index_name,
             "preferred_model": self.preferred_model,
             "is_admin": self.is_admin
         }
@@ -58,6 +66,7 @@ class User(UserMixin):
     def check_password(self, password):
         return check_password_hash(self.password, password)
 
+    # ── Groq Key ─────────────────────────────────────
     def set_groq_key(self, api_key):
         if api_key:
             self.groq_api_key = cipher_suite.encrypt(api_key.encode('utf-8')).decode('utf-8')
@@ -72,6 +81,7 @@ class User(UserMixin):
                 return None
         return None
 
+    # ── Gemini Key ───────────────────────────────────
     def set_gemini_key(self, api_key):
         if api_key:
             self.gemini_api_key = cipher_suite.encrypt(api_key.encode('utf-8')).decode('utf-8')
@@ -86,6 +96,21 @@ class User(UserMixin):
                 return None
         return None
 
+    # ── Pinecone Key ─────────────────────────────────
+    def set_pinecone_key(self, api_key):
+        if api_key:
+            self.pinecone_api_key = cipher_suite.encrypt(api_key.encode('utf-8')).decode('utf-8')
+        else:
+            self.pinecone_api_key = None
+
+    def get_pinecone_key(self):
+        if self.pinecone_api_key:
+            try:
+                return cipher_suite.decrypt(self.pinecone_api_key.encode('utf-8')).decode('utf-8')
+            except Exception:
+                return None
+        return None
+
     @classmethod
     def get(cls, user_id):
         try:

rag/embeddings.py

@@ -1,49 +1,98 @@
-import faiss
-import numpy as np
-import pickle
-import os
-from sentence_transformers import SentenceTransformer
-from config import EMBEDDING_MODEL, CHROMA_DB_PATH
-
-# ── Load Model ───────────────────────────────────────
-embedding_model = SentenceTransformer(EMBEDDING_MODEL)
-
-INDEX_PATH = CHROMA_DB_PATH + "/index.faiss"
-
-def embed_text(text):
-    return embedding_model.encode(text)
-
-# ── Updated to accept meta_path ──────────────────────
-def store_embeddings(chunks, filename, meta_path):
-    embeddings = []
-    metadata = []
-
-    for i, chunk in enumerate(chunks):
-        emb = embed_text(chunk["text"])
-        embeddings.append(emb)
-        metadata.append({
-            "text": chunk["text"],
-            "filename": filename,
-            "page": chunk["page"],
-            "chunk_index": i
-        })
-
-    embeddings_np = np.array(embeddings).astype("float32")
-    dimension = embeddings_np.shape[1]
-
-    index_path = os.path.join(os.path.dirname(meta_path), "index.faiss")
-
-    if os.path.exists(index_path):
-        index = faiss.read_index(index_path)
-        with open(meta_path, "rb") as f:
-            existing_metadata = pickle.load(f)
-    else:
-        index = faiss.IndexFlatL2(dimension)
-        existing_metadata = []
-
-    index.add(embeddings_np)
-    existing_metadata.extend(metadata)
-
-    faiss.write_index(index, index_path)
-    with open(meta_path, "wb") as f:
-        pickle.dump(existing_metadata, f)
+from google import genai
+from google.genai import types
+from pinecone import Pinecone
+from config import CHUNK_SIZE, CHUNK_OVERLAP
+
+# ── Gemini Embedding ─────────────────────────────────
+def embed_text(text, gemini_key):
+    """Generate embedding using Gemini's free gemini-embedding-001 model."""
+    client = genai.Client(api_key=gemini_key)
+    result = client.models.embed_content(
+        model="gemini-embedding-001",
+        contents=text
+    )
+    return result.embeddings[0].values  # 3072-dimensional vector
+
+# ── Get Pinecone Index ───────────────────────────────
+def get_pinecone_index(pinecone_key, index_name):
+    """Connect to user's Pinecone index."""
+    pc = Pinecone(api_key=pinecone_key)
+    return pc.Index(index_name)
+
+# ── Store Embeddings in Pinecone ─────────────────────
+def store_embeddings(chunks, filename, user):
+    """Embed chunks using Gemini and upsert into user's Pinecone index."""
+    gemini_key = user.get_gemini_key()
+    pinecone_key = user.get_pinecone_key()
+    index_name = user.pinecone_index_name
+
+    if not gemini_key:
+        raise ValueError("Gemini API key is required for embeddings. Please add it in your Profile.")
+    if not pinecone_key or not index_name:
+        raise ValueError("Pinecone API key and index name are required. Please add them in your Profile.")
+
+    index = get_pinecone_index(pinecone_key, index_name)
+    namespace = user.username
+
+    # Batch upsert vectors
+    batch_size = 50
+    for i in range(0, len(chunks), batch_size):
+        batch = chunks[i:i + batch_size]
+        vectors = []
+
+        for j, chunk in enumerate(batch):
+            embedding = embed_text(chunk["text"], gemini_key)
+            vector_id = f"{filename}_{i + j}"
+
+            vectors.append({
+                "id": vector_id,
+                "values": embedding,
+                "metadata": {
+                    "text": chunk["text"],
+                    "filename": filename,
+                    "page": chunk["page"],
+                    "chunk_index": i + j
+                }
+            })
+
+        index.upsert(vectors=vectors, namespace=namespace)
+
+# ── Delete Vectors by Filename ───────────────────────
+def delete_embeddings(filename, user):
+    """Delete all vectors for a specific file from user's Pinecone index."""
+    pinecone_key = user.get_pinecone_key()
+    index_name = user.pinecone_index_name
+
+    if not pinecone_key or not index_name:
+        return
+
+    index = get_pinecone_index(pinecone_key, index_name)
+    namespace = user.username
+
+    try:
+        dummy_vector = [0.0] * 3072
+        results = index.query(
+            vector=dummy_vector,
+            top_k=10000,
+            namespace=namespace,
+            filter={"filename": {"$eq": filename}},
+            include_metadata=False
+        )
+        
+        if results.matches:
+            ids_to_delete = [match.id for match in results.matches]
+            index.delete(ids=ids_to_delete, namespace=namespace)
+    except Exception as e:
+        print(f"Error deleting embeddings: {e}")
+
+# ── Clear All Vectors for User ───────────────────────
+def clear_all_embeddings(user):
+    """Delete all vectors in user's namespace."""
+    pinecone_key = user.get_pinecone_key()
+    index_name = user.pinecone_index_name
+
+    if not pinecone_key or not index_name:
+        return
+
+    index = get_pinecone_index(pinecone_key, index_name)
+    index.delete(delete_all=True, namespace=user.username)

rag/generator.py

@@ -1,8 +1,9 @@
 import os
-import google.generativeai as genai
+from google import genai
+from google.genai import types
 from dotenv import load_dotenv
 
-load_dotenv()  # ← Load .env file first
+load_dotenv()
 
 from groq import Groq
 from config import GROQ_MODEL
@@ -44,9 +45,11 @@ Answer:"""
             if not key:
                 return "❌ No Gemini API key available. Please add it in your Profile settings."
             
-            genai.configure(api_key=key)
-            model = genai.GenerativeModel("gemini-1.5-flash") # Fast & Free Gemini Model
-            response = model.generate_content(prompt)
+            client = genai.Client(api_key=key, http_options=types.HttpOptions(api_version="v1"))
+            response = client.models.generate_content(
+                model="gemini-2.0-flash",
+                contents=prompt
+            )
             return response.text
         else:
             key = user.get_groq_key() if user else None

rag/retriever.py

@@ -1,80 +1,71 @@
-import faiss
-import numpy as np
-import pickle
-import os
-from sentence_transformers import SentenceTransformer
-from config import EMBEDDING_MODEL, TOP_K
-
-embedding_model = SentenceTransformer(EMBEDDING_MODEL)
-
-def embed_query(query):
-    return embedding_model.encode(query)
-
-def retrieve_chunks(query, filename=None, meta_path=None):
-    if meta_path is None or not os.path.exists(meta_path):
+from google import genai
+from google.genai import types
+from pinecone import Pinecone
+from config import TOP_K
+
+# ── Gemini Embedding ─────────────────────────────────
+def embed_query(query, gemini_key):
+    """Generate query embedding using Gemini's gemini-embedding-001."""
+    client = genai.Client(api_key=gemini_key)
+    result = client.models.embed_content(
+        model="gemini-embedding-001",
+        contents=query
+    )
+    return result.embeddings[0].values
+
+# ── Retrieve Chunks from Pinecone ────────────────────
+def retrieve_chunks(query, filename=None, user=None):
+    """Query user's Pinecone index for relevant chunks."""
+    if not user:
         return []
 
-    index_path = os.path.join(os.path.dirname(meta_path), "index.faiss")
+    gemini_key = user.get_gemini_key()
+    pinecone_key = user.get_pinecone_key()
+    index_name = user.pinecone_index_name
 
-    if not os.path.exists(index_path):
+    if not gemini_key or not pinecone_key or not index_name:
         return []
 
-    query_embedding = np.array([embed_query(query)]).astype("float32")
+    try:
+        # Generate query embedding
+        query_embedding = embed_query(query, gemini_key)
 
-    index = faiss.read_index(index_path)
+        # Connect to Pinecone
+        pc = Pinecone(api_key=pinecone_key)
+        index = pc.Index(index_name)
 
-    with open(meta_path, "rb") as f:
-        metadata = pickle.load(f)
+        # Build metadata filter
+        filter_dict = None
+        if filename:
+            filter_dict = {"filename": {"$eq": filename}}
 
-    # ── Fix: search a larger pool to allow filtering by filename ──
-    n_search = min(100, len(metadata))
+        # Query Pinecone
+        results = index.query(
+            vector=query_embedding,
+            top_k=TOP_K,
+            namespace=user.username,
+            filter=filter_dict,
+            include_metadata=True
+        )
 
-    if n_search == 0:
-        return []
-
-    distances, indices = index.search(query_embedding, n_search)
-
-    # ── Fix: check distances is not empty ──
-    if len(distances) == 0 or len(distances[0]) == 0:
-        return []
+        # Format results
+        chunks = []
+        if results.matches:
+            max_score = max(m.score for m in results.matches) if results.matches else 1
 
-    max_distance = float(distances[0].max()) if distances[0].max() > 0 else 1
+            for match in results.matches:
+                confidence = round((match.score / max_score) * 100, 2) if max_score > 0 else 0
 
-    chunks = []
-    for i, idx in enumerate(indices[0]):
-        # ── Fix: skip invalid indices ──
-        if idx == -1 or idx >= len(metadata):
-            continue
-
-        if filename and metadata[idx]["filename"] != filename:
-            continue
-
-        raw_score = float(distances[0][i])
-        confidence = round((1 - (raw_score / max_distance)) * 100, 2)
-
-        chunks.append({
-            "text": metadata[idx]["text"],
-            "filename": metadata[idx]["filename"],
-            "page": metadata[idx]["page"],
-            "score": raw_score,
-            "confidence": confidence
-        })
-
-        if len(chunks) == TOP_K:
-            break
-
-    # fallback: if no specific good match, and the user asks a very generic question 
-    # and we have chunks for this file, just return the first chunk of the file
-    if not chunks and filename:
-        for idx in range(len(metadata)):
-            if metadata[idx]["filename"] == filename:
                 chunks.append({
-                    "text": metadata[idx]["text"],
-                    "filename": metadata[idx]["filename"],
-                    "page": metadata[idx]["page"],
-                    "score": 0.0,
-                    "confidence": 0.0
+                    "text": match.metadata.get("text", ""),
+                    "filename": match.metadata.get("filename", ""),
+                    "page": match.metadata.get("page", 1),
+                    "score": round(match.score, 4),
+                    "confidence": confidence
                 })
-                break
 
-    return chunks 
+        return chunks
+
+    except Exception as e:
+        print(f"Retrieval error: {e}")
+        return []

render.yaml

@@ -0,0 +1,19 @@
+services:
+  - type: web
+    name: rag-pdf-assistant
+    runtime: python
+    buildCommand: pip install -r requirements.txt
+    startCommand: gunicorn app:app --bind 0.0.0.0:$PORT --workers 2
+    envVars:
+      - key: SECRET_KEY
+        generateValue: true
+      - key: ENCRYPTION_KEY
+        sync: false
+      - key: MONGO_URI
+        sync: false
+      - key: GOOGLE_CLIENT_ID
+        sync: false
+      - key: GOOGLE_CLIENT_SECRET
+        sync: false
+      - key: PYTHON_VERSION
+        value: 3.10.12

requirements.txt

@@ -1,8 +1,6 @@
 flask
 python-dotenv
 pymupdf
-faiss-cpu
-sentence-transformers
 flask-login
 pymongo
 werkzeug
@@ -11,6 +9,7 @@ python-docx
 groq
 requests
 requests-oauthlib
-google-generativeai
+google-genai
 cryptography
-gunicorn
+gunicorn
+pinecone

templates/profile.html

@@ -55,14 +55,32 @@
                 </select>
 
                 <label style="color: var(--text-main); font-weight: 500; font-size: 14px;">Groq API Key
-                    (Optional)</label>
+                    (Optional — for chat generation)</label>
                 <input type="password" id="groqKey" name="groq_key" placeholder="Enter your Groq API Key..."
-                    value="{{ current_user.groq_api_key or '' }}" style="margin-top: 10px;">
+                    value="" data-has-key="{{ 'true' if current_user.groq_api_key else 'false' }}" style="margin-top: 10px;">
 
                 <label style="color: var(--text-main); font-weight: 500; font-size: 14px;">Gemini API Key
-                    (Optional)</label>
+                    (Required — used for embeddings & chat)</label>
                 <input type="password" id="geminiKey" name="gemini_key" placeholder="Enter your Gemini API Key..."
-                    value="{{ current_user.gemini_api_key or '' }}" style="margin-top: 10px;">
+                    value="" data-has-key="{{ 'true' if current_user.gemini_api_key else 'false' }}" style="margin-top: 10px;">
+
+                <hr style="border: 1px solid var(--glass-border); margin: 20px 0;">
+
+                <h3 style="margin-bottom: 10px; color: var(--text-main);">🌲 Pinecone Vector Database</h3>
+                <p style="color: var(--text-muted); font-size: 13px; margin-bottom: 15px;">
+                    Create a free index at <a href="https://app.pinecone.io" target="_blank" style="color: var(--primary-color);">pinecone.io</a> 
+                    (Serverless, Dimension: 768, Metric: Cosine)
+                </p>
+
+                <label style="color: var(--text-main); font-weight: 500; font-size: 14px;">Pinecone API Key
+                    (Required)</label>
+                <input type="password" id="pineconeKey" name="pinecone_key" placeholder="Enter your Pinecone API Key..."
+                    value="" data-has-key="{{ 'true' if current_user.pinecone_api_key else 'false' }}" style="margin-top: 10px;">
+
+                <label style="color: var(--text-main); font-weight: 500; font-size: 14px;">Pinecone Index Name
+                    (Required)</label>
+                <input type="text" id="pineconeIndex" name="pinecone_index" placeholder="e.g. rag-app"
+                    value="{{ current_user.pinecone_index_name or '' }}" style="margin-top: 10px;">
 
                 <button type="submit" style="width: 100%; margin-top: 15px;">Save Settings</button>
             </form>
@@ -100,6 +118,11 @@
             }
         }
 
+        // Show placeholder for existing keys
+        document.querySelectorAll('[data-has-key="true"]').forEach(input => {
+            input.placeholder = "••••••••  (key saved — leave blank to keep)"
+        })
+
         document.getElementById("settingsForm").addEventListener("submit", async (e) => {
             e.preventDefault()
             const statusDiv = document.getElementById("settingsStatus")
@@ -107,13 +130,21 @@
             statusDiv.style.color = "var(--primary-color)"
 
             const preferredModel = document.getElementById("preferredModel").value
-            const groqKey = document.getElementById("groqKey").value
-            const geminiKey = document.getElementById("geminiKey").value
+            const groqKey = document.getElementById("groqKey").value.trim()
+            const geminiKey = document.getElementById("geminiKey").value.trim()
+            const pineconeKey = document.getElementById("pineconeKey").value.trim()
+            const pineconeIndex = document.getElementById("pineconeIndex").value.trim()
+
+            // Only send keys if user actually typed a new value
+            const payload = { preferred_model: preferredModel, pinecone_index: pineconeIndex }
+            if (groqKey) payload.groq_key = groqKey
+            if (geminiKey) payload.gemini_key = geminiKey
+            if (pineconeKey) payload.pinecone_key = pineconeKey
 
             const response = await fetch("/update_settings", {
                 method: "POST",
                 headers: { "Content-Type": "application/json" },
-                body: JSON.stringify({ preferred_model: preferredModel, groq_key: groqKey, gemini_key: geminiKey })
+                body: JSON.stringify(payload)
             })
 
             const data = await response.json()
@@ -141,6 +172,7 @@
                 let icon = "📄"
                 if (file.endsWith(".docx")) icon = "📝"
                 if (file.endsWith(".txt")) icon = "📃"
+                if (file.endsWith(".md")) icon = "📑"
 
                 filesList.innerHTML += `
                     <li class="file-item">