Deploy a68420a

app/models/chat.py

@@ -11,7 +11,12 @@ class SourceRef(BaseModel):
 
 class ChatRequest(BaseModel):
     message: str = Field(..., min_length=1, max_length=500)
-    session_id: str = Field(..., pattern=r"^[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$")
+    session_id: str = Field(
+        ...,
+        min_length=1,
+        max_length=64,
+        pattern=r"^[a-zA-Z0-9_-]+$",
+    )
 
 
 class ChatResponse(BaseModel):

tests/test_chat_endpoint.py

@@ -52,7 +52,8 @@ class TestChatInputValidation:
         assert resp.status_code == 422
 
     def test_invalid_session_id_returns_422(self, app_client, valid_token):
-        resp = chat(app_client, "hello", session_id="not-a-uuid", token=valid_token)
+        # session_id must match ^[a-zA-Z0-9_-]+$ — spaces and special chars are rejected.
+        resp = chat(app_client, "hello", session_id="invalid id with spaces!", token=valid_token)
         assert resp.status_code == 422
 
     def test_missing_session_id_returns_422(self, app_client, valid_token):

tests/test_models.py

@@ -29,14 +29,14 @@ class TestChatRequest:
         assert len(req.message) == 500
 
     def test_invalid_session_id_rejected(self):
-        # Not a valid UUID v4
+        # Contains spaces and special chars not in [a-zA-Z0-9_-]
         with pytest.raises(ValidationError):
-            ChatRequest(message="hello", session_id="not-a-uuid")
+            ChatRequest(message="hello", session_id="invalid id with spaces!")
 
-    def test_non_v4_uuid_rejected(self):
-        # UUID v1 — the pattern enforces the 4xxx-[89ab]xxx format
+    def test_session_id_with_special_chars_rejected(self):
+        # @ and # are not in the allowed set [a-zA-Z0-9_-]
         with pytest.raises(ValidationError):
-            ChatRequest(message="hello", session_id="a1b2c3d4-e5f6-1789-8abc-def012345678")
+            ChatRequest(message="hello", session_id="bad@session#id")
 
     def test_missing_message_rejected(self):
         with pytest.raises(ValidationError):