When a session ID is sent to POST /api/memory/import but that session no
longer exists in the DB, the previous code raised HTTP 404. The import
endpoint only needs the session as an LLM-config source; the file being
imported has nothing to do with the session. A fallback to the utility
endpoint (already used when no session_id is supplied at all) is correct
and safe.
The extract endpoint is intentionally left alone — it reads the session's
message history and therefore genuinely requires a live session.
Co-authored-by: clochard04 <clochard724@gmail.com>
Move every per-route upload byte-limit into src/upload_limits.py as a
validated, env-overridable constant via read_byte_limit_env:
- Add GALLERY_UPLOAD_MAX_BYTES, GALLERY_TRANSFORM_UPLOAD_MAX_BYTES,
MEMORY_IMPORT_MAX_BYTES, PERSONAL_UPLOAD_MAX_BYTES,
EMAIL_COMPOSE_UPLOAD_MAX_BYTES, STT_MAX_AUDIO_BYTES, ICS_MAX_BYTES.
- Routes import their constant instead of defining it locally: replaces 4
raw int(os.getenv(...)) and removes 3 hardcoded literals.
- The 3 previously-hardcoded limits (email compose, STT audio, calendar
ICS) are now env-overridable with the same ODYSSEUS_*_MAX_BYTES naming.
- Defaults unchanged, so behavior is unchanged unless an env var is set;
an invalid value now fails fast with a clear message instead of a bare
int() ValueError.
- Document all env vars in .env.example and the README.
Fixes#3364
Giuseppe Castelluccio