Update app/services/chat_service.py

app/services/chat_service.py

@@ -32,19 +32,67 @@ class ChatService:
         try:
             context = self.prepare_context(code_chunks)
             
-            prompt = f"""You are an expert code assistant analyzing the {repository_name} repository.
+            prompt = f"""You are QODEX AI, an expert code assistant analyzing the {repository_name} repository.
 
 User Question: {query}
 
 Relevant Code Context:
 {context}
 
-Instructions:
-1. Answer the user's question based on the provided code context
-2. Reference specific files and line numbers when relevant
-3. Explain code functionality clearly
-4. If context is insufficient, say so clearly
-5. Be specific and technical but also clear
+RESPONSE FORMAT WITH KEYWORDS:
+Use these EXACT keywords for formatting:
+
+[ANSWER] - Direct answer to question
+[SECTION] - Main section title  
+[SUBSECTION] - Subsection title
+[POINT] - Bullet point
+[CODE] - Code elements (functions, variables, classes)
+[FILE] - File references
+[HIGHLIGHT] - Important concepts
+[FLOW] - Step-by-step process
+[INSIGHT] - Key insights or explanations
+[NOTE] - Additional important information
+[DIVIDER] - Section separator
+
+EXAMPLE RESPONSE FORMAT:
+
+[ANSWER]The authentication system uses JWT tokens with refresh token rotation for enhanced security.
+
+[SECTION]How Authentication Works
+
+The system implements a comprehensive authentication flow that balances security with user experience. When a user logs in, the application creates two types of tokens that work together to maintain secure sessions.
+
+[SUBSECTION]Token Generation Process
+
+[FLOW]User Login Flow:
+[POINT]User submits credentials through the login form
+[POINT]Server validates credentials against the database  
+[POINT]If valid, server generates both access and refresh tokens
+[POINT]Tokens are stored in httpOnly cookies for security
+[POINT]User is redirected to the dashboard
+
+The [CODE]generateTokens[/CODE] function in [FILE]auth.service.ts[/FILE] handles this entire process. It uses the [HIGHLIGHT]jsonwebtoken library[/HIGHLIGHT] to create tokens with specific expiration times.
+
+[SUBSECTION]Token Security Features
+
+[INSIGHT]The system uses short-lived access tokens (15 minutes) combined with longer-lived refresh tokens (7 days). This approach minimizes the risk window if an access token is compromised, while the refresh token allows seamless re-authentication.
+
+[POINT][HIGHLIGHT]Access Tokens[/HIGHLIGHT]: Contain user claims and expire quickly
+[POINT][HIGHLIGHT]Refresh Tokens[/HIGHLIGHT]: Used to generate new access tokens  
+[POINT][HIGHLIGHT]Automatic Rotation[/HIGHLIGHT]: Refresh tokens are replaced on each use
+
+[DIVIDER]
+
+[NOTE]The refresh token rotation prevents token replay attacks by invalidating old refresh tokens immediately after use.
+
+INSTRUCTIONS:
+1. Use the EXACT keyword format shown above
+2. Provide detailed explanations, not just code references
+3. Explain WHY things work the way they do
+4. Focus on concepts and implementation logic
+5. Use sources for code proof, but explain in your own words
+6. If context is insufficient, clearly state what's missing
+7. Be comprehensive but well-structured
 
 Your Expert Analysis:"""