RAG PDF Chatbot

Intent Classification — intent_classifier.py uses pattern matching and keyword detection to classify queries into 6 types:

- FIGURE_QUERY: 'What does Fig 3.3 show?' → Extract figure number, exact match in metadata

- TABLE_QUERY: 'Table 6.2 guidelines' → Extract table number, exact match

- PAGE_QUERY: 'What is on page 27?' → Extract page number, retrieve chunks from that page

- SECTION_QUERY: 'What is in Section 4?' → Extract section identifier, match section headers

- GENERAL_QUERY: 'Size of STOP sign?' → FAISS semantic search with k=5 nearest neighbors

- COMPARISON_QUERY: 'Compare Fig 3.1 and 3.2' → Extract both references, retrieve both, compare

Retrieval — Based on intent, use appropriate strategy:

- Exact match (figures/tables/pages): Query metadata.json for exact reference, return specific chunk

- FAISS semantic search (general/section): Embed query with gemini-embedding-001, query FAISS index (CPU-based approximate nearest neighbor), return...

- Vision captions: If page has images, load from vision_captions.json (pre-generated with Gemini Vision API on page images)

Context Building — Assemble retrieved chunks into context:

- Sort by relevance score (FAISS distance or exact match priority)

- Include chunk text, page numbers, figure/table identifiers, section headers

- Add surrounding chunks if /expand-context called (shows context before/after matched chunk)

- Limit total context to ~4000 tokens to fit Gemini context window

LLM Generation — Send context to Google Gemini gemini-2.5-flash:

- Structured prompt: "Based on the following PDF excerpts, answer the question. Provide structured JSON with 'answer' (paragraphs array or lists),...

- Temperature 0.3 for factual accuracy (low creativity, high consistency)

- Max tokens 1024 for detailed answers

Response — Parse Gemini JSON response, calculate confidence score, return to frontend:

- Multi-factor confidence: source quality (primary source = High, secondary = Medium), chunk count (1 chunk = Medium, 3+ = High), semantic match...

- Final confidence: average of factors mapped to High/Medium/Low

app.py — Main FastAPI application with 5 endpoints:

`GET /health` — Health check with environment variable verification (returns 'GEMINI_API_KEY: set' or 'missing', never exposes actual key)

`POST /ask` — Main RAG Q&A endpoint (accepts question, returns answer with confidence and sources)

`POST /classify-intent` — Intent classification only (returns intent type and extracted entities like figure numbers)

`POST /expand-context` — Show surrounding chunks for a given chunk ID (no additional LLM/FAISS calls, just metadata lookup)

`POST /generate-chat-title` — Generate short title from question (uses Gemini to create 3-5 word summary)

intent_classifier.py — Pattern-based intent classification with regex for figure numbers, table numbers, page numbers, section identifiers. Falls...

rebuild_index.py — Script to rebuild FAISS index from PDF:

Extract text chunks (paragraph-level, preserving structure)

Embed each chunk with gemini-embedding-001

Build FAISS index with IndexFlatL2 (exact search, CPU-friendly)

Save faiss.index, metadata.json (chunk text, page numbers, figure/table IDs), vision_captions.json (pre-generated page image captions)

Gitignored (faiss.index can be large, regenerated locally)

App.jsx — Main component with chat interface:

Multi-chat support: create/switch/delete conversations, stored in localStorage

Message list with user questions and bot answers (structured paragraphs/lists, confidence badge, source citations)

Input field with submit button and loading indicator

Dark/light theme toggle (persists to localStorage)

api.js — API client for FastAPI backend:

Fetch wrapper with error handling

Endpoints for /ask, /classify-intent, /expand-context, /generate-chat-title

Environment variable VITE_API_URL for backend URL (localhost:8000 in dev, production URL in deploy)

PDF Export — jsPDF export button captures conversation:

Generates PDF with conversation title, timestamp, all Q&A pairs, confidence scores, sources

Downloads as `chat-export-{timestamp}.pdf`

`make install` — Install Python dependencies (requirements.txt) + Node dependencies (frontend/package.json), optionally in venv

`make setup-env` — Copy .env.example → .env for local configuration

`make check-env` — Verify GEMINI_API_KEY is set in environment

`make dev` — Run backend (uvicorn on port 8000) + frontend (Vite on port 5173) concurrently

`make dev-backend` — Backend only (uvicorn app:app --reload --port 8000)

`make dev-frontend` — Frontend only (cd frontend && npm run dev)

`make health` — Curl http://localhost:8000/health to verify backend responding

`make status` — Show running processes (backend/frontend)

`make build` — Production frontend build (frontend/dist/)

`make lint` — Lint frontend (ESLint)

`make lint-backend` — Lint Python (requires black/flake8, optional)

`make kill` — Kill dev server processes (backend/frontend)

`make rebuild-index` — Run rebuild_index.py to regenerate FAISS index from PDFs

`make clean` — Remove build artifacts (__pycache__, frontend/dist/)

`make clean-all` — Deep clean (remove node_modules, venv, faiss.index, metadata.json)

`make verify-deploy` — Run scripts/verify-deployment.sh for pre-deployment security check

Runs on every push and pull request:

Lint Frontend — Install npm deps, run ESLint on frontend/src/

Build Frontend — Production build (npm run build), verify frontend/dist/ created

Lint Backend (optional) — Install black/flake8, lint Python files

Security Scan — Check for committed secrets (.env files, API keys) using grep/ack, fail if found

SETUP.md — Detailed setup guide: prerequisites (Python 3.10+, Node 18+, Gemini API key), installation steps (clone, venv setup, install deps,...

DEPLOYMENT.md — Deployment guides for 5 platforms:

Vercel: Connect GitHub repo, configure build settings (root: ., build command: cd frontend && npm run build, output: frontend/dist), set...

GCP Cloud Run: Build Docker image, push to Container Registry, deploy with Cloud Run, configure secrets (GEMINI_API_KEY in Secret Manager)

Railway: Connect repo, configure start command (uvicorn app:app --host 0.0.0.0 --port $PORT), set environment variables

Render: Connect repo, configure build/start commands, set environment variables

Docker: Multi-stage Dockerfile (build frontend → copy to backend → serve with FastAPI), docker build/run commands

CONTRIBUTING.md — Contribution guidelines: fork/clone/branch workflow, code style (black for Python, ESLint for JS), commit message conventions,...

SECURITY.md — Security policy: responsible disclosure process, supported versions, known issues, security best practices (API keys in env only,...

CHANGELOG.md — Version history: v1.0.0 initial release, v1.1.0 added intent classification, v1.2.0 added confidence scoring, v2.0.0 React 19...

API key server-only: GEMINI_API_KEY loaded from environment on backend, never sent to frontend. Health endpoint returns 'set' or 'missing' status...

.env gitignored: .gitignore blocks .env, .env.local, .env.*, ensuring secrets never committed. .env.example template with placeholder values safe to...

Pre-commit hooks: .pre-commit-config.yaml runs secret detection (detect-private-key, check-added-large-files) before each commit.

Secret scanning in CI: GitHub Actions workflow fails build if .env files or API key patterns detected in committed files.

verify-deploy check: scripts/verify-deployment.sh runs automated security checks (no .env files, no API keys in code, faiss.index gitignored) before...

Vercel (Easiest) — Full-stack serverless, automatic deployments on git push, environment variables via dashboard

GCP Cloud Run (Medium) — Scalable containerized deployment, Cloud Build integration, Secret Manager for API keys

Railway (Easy) — Git-push deploy, automatic HTTPS, environment variables via dashboard

Render (Easy) — Git-push deploy, free tier available, environment variables via dashboard

Docker (Medium) — Any container platform (AWS ECS, Azure Container Instances, DigitalOcean), multi-stage Dockerfile provided