A comprehensive LLM chat client built with Go, featuring a modern web interface and support for multiple AI providers.
๐จ User Interface
Modern Chat Experience
- Clean, responsive design with light and dark theme support
- Real-time streaming responses with typewriter animation effect
- Markdown rendering with syntax highlighting for code blocks
- Mobile-friendly sidebar that collapses on smaller screens
- Loading skeletons - Animated placeholder UI while loading
Accessibility
- ARIA labels - Full screen reader support
- Skip link - Quick navigation to main content
- Focus indicators - Visible focus states for keyboard navigation
- Screen reader announcements - Live region for status updates
Theme Support
- Light mode - Clean, bright interface for daytime use
- Dark mode - Eye-friendly dark interface for low-light environments
- Persistent preference - Theme choice is saved and synced across sessions
๐ฌ Chat Features
Conversation Management
- Automatic chat saving - All conversations are automatically saved to database
- Chat history sidebar - Browse and search through previous conversations
- Rename chats - Click to edit icon to rename any conversation inline
- Delete chats - Remove conversations with 5-second undo option
- Pinned chats - Pin important conversations to top of list
- Floating New Chat - "New Chat" button (FAB) available on mobile
Message Features
- Copy-to-clipboard - One-click copy for code blocks and messages
- Edit user messages - Click to pencil icon to modify sent messages inline
- Regenerate responses - Request a new AI response for any message
- Undo deletion - 5-second window to undo chat deletion with toast notification
Export
- Export to HTML - Save conversations as formatted HTML documents
- Export to JSON - Export chat data in JSON format
- Preserves formatting - Code blocks, markdown, and styling are maintained
Keyboard Shortcuts
| Shortcut |
Action |
Ctrl+N |
New chat |
Ctrl+S |
Export chat |
Arrow Keys |
Navigate chat history |
Delete |
Delete selected chat |
Shift+? |
Show keyboard shortcuts |
๐ค Telegram Bot Integration
Bot Setup
- Create bot via @BotFather - Get bot token from Telegram's official bot
- Configure with environment variables - Set
TELEGRAM_BOT_TOKEN in .env
- User allowlisting - Restrict bot to specific Telegram user IDs for security
Available Commands
| Command |
Description |
/start |
Start a new session |
/help |
Show all available commands |
/memories |
View your saved memories |
/clear |
Clear current conversation history |
/settings |
Show your current settings |
/link_session <id> <token> |
Link Telegram to web session |
/unlink_session |
Unlink from web session |
/session_info |
Show session status (linked/unlinked) |
Session Linking
- Secure token-based linking - 256-bit entropy cryptographically secure tokens
- 15-minute token expiration - Tokens expire automatically for security
- One-time use tokens - Each token can only be used once
- Shared memories and context - Unified experience across web and Telegram
Linking to Web Session
- Open your web app at
http://localhost:1102
- Open browser console (F12) and run:
fetch('/api/session/link-token').then(r=>r.json()).then(console.log)
- Copy
session_id and link_token from response
- In Telegram, send:
/link_session <session_id> <link_token>
Telegram Features
- Typing indicators - Shows "typing..." while bot generates responses
- Full LLM response support - Complete AI responses in Telegram
- Memory sharing - Memories sync between web and Telegram when linked
- Chat summary support - Uses rolling summaries for efficient context
- System prompt support - Respects chat-specific system instructions
- Automatic conversation saving - All Telegram chats saved to database
Configuration
See .env.example for Telegram bot configuration variables:
TELEGRAM_BOT_TOKEN - Bot token from @BotFather
TELEGRAM_ALLOWED_USERS - Comma-separated list of allowed Telegram user IDs
๐ง Memory System
Automatic Extraction
- LLM-based extraction - Uses AI to extract important information from messages
- Pattern-based extraction - Recognizes common phrases (e.g., "my name is...")
- Background processing - Memory extraction runs asynchronously
Memory Categories
| Category |
Description |
Examples |
reminder |
Appointments, meetings, tasks, deadlines |
"Meeting with Ram at 5 PM EST" |
fact |
Personal information, important details |
"My name is John" |
preference |
User preferences, communication style |
"Prefer concise responses" |
entity |
People, organizations, locations |
"Works at Acme Corp" |
Confidence Scoring
- 70-100 confidence range - Higher scores for more reliable extractions
- Automatic categorization - Memories are auto-categorized by AI
- Quality tracking - Confidence scores help prioritize important information
Memory Management
- Add memories - Automatically extracted from conversations
- Update memories - Modify existing memories with new information
- Delete memories - Remove outdated or incorrect memories
- Search memories - Find memories by category or keyword
- Automatic injection - Memories are automatically included in AI context
๐ Rolling Summary System
Automatic Summarization
- Triggers after 10+ unsummarized messages - Automatically summarizes old messages
- Batch processing - Processes oldest 10 messages per batch
- Background processing - Summarization runs without blocking user interaction
Context Window Management
- Combines summary + recent messages - Maintains conversation continuity
- Token-efficient - Reduces token usage for long conversations
- Intelligent history - Smart context window management
Summary Evolution
- Incremental updates - Summaries are updated with each batch
- Preserves key information - Maintains important facts, decisions, context
- Narrative format - Summaries are readable conversation summaries
๐ System Prompts
Chat-Specific Prompts
- Custom system instructions - Set unique AI behavior per chat
- Override default behavior - Customize how AI responds in specific conversations
- Persistent across sessions - System prompts saved with chat
Prompt Management
| Method |
Endpoint |
Description |
GET |
/api/chats/{id}/system-prompt |
Get system prompt for chat |
PUT |
/api/chats/{id}/system-prompt |
Update system prompt for chat |
Usage
System prompts are automatically applied to all LLM generations within that chat, allowing for:
- Different personas for different conversation types
- Specialized instructions for technical vs casual chats
- Custom behavior for specific use cases
๐ Provider Support
Multiple Provider Types
- Ollama (Local) - Connect to local Ollama installations
- OpenAI-compatible APIs - Support for:
- Groq
- DeepInfra
- OpenRouter
- Any OpenAI-compatible endpoint
Provider Management
- Add multiple providers - Configure as many providers as needed
- Switch between providers - Easily activate different providers
- Auto-detect models - Fetch available models from provider APIs
- Manual model entry - Add models manually if needed
- Default model selection - Set a preferred model for each provider
Security
- Encrypted API keys - All API keys encrypted with AES-GCM
- Encryption enforcement - Application fails if
ENCRYPTION_KEY not set
- Secure key migration - Existing keys are automatically encrypted
๐ Brave Search Integration
Search API Configuration
- API key setup - Set
brave_api_key in settings
- Encrypted storage - API keys stored securely in database
- Optional feature - Works fine without search integration
Search Features
/search <query> command - Initiate web search from chat
- Automatic enrichment - Search results automatically added to context
- Real-time results - Live search results from Brave Search API
Result Integration
- Merges search results - Combines web search with user query
- Enhanced AI responses - AI provides answers with current information
- Seamless experience - Search integration is transparent to user
๐ MCP Integration
Model Context Protocol
- Connect to MCP servers - Integrate with external tools and services
- Tool discovery - Automatically discover available tools from servers
- HTTP and stdio support - Connect to both HTTP and stdio-based servers
Server Management
| Method |
Endpoint |
Description |
GET |
/api/mcp/servers |
List all configured MCP servers |
POST |
/api/mcp/servers |
Create new MCP server |
PUT |
/api/mcp/servers/{id} |
Update MCP server configuration |
DELETE |
/api/mcp/servers/{id} |
Delete MCP server |
GET |
/api/mcp/servers/tools |
Fetch available tools from servers |
Tool Integration
- Automatic tool discovery - Fetches tools from connected servers
- Tool-based AI capabilities - AI can use external tools for enhanced responses
- Server management - Enable/disable servers as needed
Configuration
- Add MCP servers via web interface
- Configure endpoints and commands
- Manage server connections
- View available tools
๐ Authentication
Session-Based Authentication
- Optional authentication - Enable via environment variables
- Secure session cookies - HttpOnly, Secure, SameSite
- AES-GCM encryption - Secure credential storage
- Session expiration - 24-hour session TTL with auto-cleanup
Endpoints
| Method |
Endpoint |
Description |
POST |
/api/auth/login |
Authenticate user |
POST |
/api/auth/logout |
End session |
GET |
/api/auth/session |
Check session status |
GET |
/admin |
Admin login page |
Protected Routes
When authentication is enabled, these endpoints require a valid session:
- All
/api/chats/* endpoints
- All
/api/messages/* endpoints
Configuration
See .env.example for authentication configuration variables:
AUTH_USER - Admin username
AUTH_PASSWORD - Admin password
Without AUTH_USER and AUTH_PASSWORD, the application runs in public mode (no authentication required).
๐ Analytics & Metrics
Response Metadata
- Model display - Shows which model generated each response
- Token usage - Displays tokens used for each response
- Generation speed - Shows tokens per second performance
Application Metrics
- Endpoint:
GET /api/metrics
- Chat count
- Message count
- Provider count
- Model count
- Uptime
- Version
๐ Security Features
Encryption
API keys and sensitive configuration are encrypted using AES-GCM.
Required for production:
# Generate a secure key (Linux/Mac)
openssl rand -hex 32
# Set environment variable
export ENCRYPTION_KEY=your-generated-key-here
The application will fail to start if ENCRYPTION_KEY is not set in production.
Rate Limiting
- 10 requests per second per IP address
- Burst capacity of 50 requests
- Configurable via
middleware.go
CSRF Protection
- State-changing API requests require a valid CSRF token
- Obtain token from:
GET /api/csrf
SQL Injection Prevention
- All user inputs are sanitized before database queries
sanitizeSearchQuery() function handles search input
Content Security Policy
- Strict CSP headers configured
- Self-referencing directives for scripts and styles
๐งช Testing
Unit Tests
Test Coverage:
TestSanitizeSearchQuery - Input sanitization validation
TestWriteError - Error response formatting
TestWriteJSON - JSON response helper
TestRateLimitMiddleware - Rate limiting logic
TestGenerateCSRFToken - CSRF token generation
End-to-End Tests
npm install
npm run test:e2e
E2E Tests (Playwright):
- Homepage rendering
- Settings page functionality
- Keyboard shortcuts validation
โก Performance
Backend Optimizations
- Connection pooling - 25 max connections, 5 idle, 5-minute lifetime
- Message pagination - Load 50 messages at a time for large chats
- Lazy loading - Chat history loaded on demand
- Debounced search - 300ms debounce for chat search
Frontend Optimizations
- Error boundaries - Graceful error handling with toast notifications
๐ก API Reference
Core Endpoints
| Method |
Endpoint |
Description |
GET |
/api/chats |
List all chats |
GET |
/api/chats/{id} |
Get specific chat |
POST |
/api/chats |
Create new chat |
DELETE |
/api/chats/{id} |
Delete chat |
PUT |
/api/chats/{id}/rename |
Rename chat |
PUT |
/api/chats/{id}/pin |
Toggle pin |
POST |
/api/chats/{id}/messages |
Add message |
GET |
/api/chats/search |
Search chats |
System Prompt Endpoints
| Method |
Endpoint |
Description |
GET |
/api/chats/{id}/system-prompt |
Get system prompt |
PUT |
/api/chats/{id}/system-prompt |
Update system prompt |
Message Endpoints
| Method |
Endpoint |
Description |
PUT |
/api/messages/{id} |
Update message |
DELETE |
/api/messages/{id} |
Delete message |
Provider Endpoints
| Method |
Endpoint |
Description |
GET |
/api/providers |
List providers |
POST |
/api/providers |
Create provider |
PUT |
/api/providers/{id} |
Update provider |
DELETE |
/api/providers/{id} |
Delete provider |
POST |
/api/providers/{id}/activate |
Activate provider |
POST |
/api/providers/{id}/fetch-models |
Fetch models |
Model Endpoints
| Method |
Endpoint |
Description |
GET |
/api/models/{providerId} |
Get models |
POST |
/api/models |
Add model |
DELETE |
/api/models/{id} |
Delete model |
POST |
/api/models/{id}/set-default |
Set default |
Memory Endpoints
| Method |
Endpoint |
Description |
GET |
/api/memories |
Get memories for current session |
POST |
/api/memories |
Set a memory |
DELETE |
/api/memories |
Delete a memory |
GET |
/api/memories/search |
Search memories |
POST |
/api/memories/extract |
Test memory extraction |
MCP Server Endpoints
| Method |
Endpoint |
Description |
GET |
/api/mcp/servers |
List MCP servers |
POST |
/api/mcp/servers |
Create MCP server |
PUT |
/api/mcp/servers/{id} |
Update MCP server |
DELETE |
/api/mcp/servers/{id} |
Delete MCP server |
GET |
/api/mcp/servers/tools |
Fetch server tools |
Session Linking Endpoints
| Method |
Endpoint |
Description |
GET |
/api/session/link-token |
Generate secure link token |
Authentication Endpoints
| Method |
Endpoint |
Description |
POST |
/api/auth/login |
User login |
POST |
/api/auth/logout |
User logout |
GET |
/api/auth/session |
Session status |
GET |
/admin |
Admin login page |
Utility Endpoints
| Method |
Endpoint |
Description |
GET |
/api/csrf |
Get CSRF token |
GET |
/api/metrics |
Get app metrics |
GET |
/api/settings/{key} |
Get setting |
PUT |
/api/settings/{key} |
Update setting |
GET |
/api/active-provider |
Get active provider |
๐ Getting Started
Prerequisites
- Go 1.21 or later
- Node.js (for E2E tests)
- Ollama (for local models) or API key for cloud providers
Quick Start
# Clone repository
git clone <repo-url>
cd ollamagoweb
# Copy environment template
cp .env.example .env
# Edit .env with your configuration
nano .env
Required Configuration:
# Set server port (default: 1102)
PORT=1102
# Set encryption key (required for production)
# Generate with: openssl rand -hex 32
ENCRYPTION_KEY=your-encryption-key-here
# Configure LLM provider
llm=ollama # or your preferred model
Optional Configuration:
# Enable authentication
AUTH_USER=admin
AUTH_PASSWORD=your-secure-password
# Configure Telegram bot
TELEGRAM_BOT_TOKEN=your-bot-token-from-botfather
TELEGRAM_ALLOWED_USERS=123456789,987654321
# Configure Brave Search
brave_api_key=your-brave-api-key
# Run application
go run .
Build
# Build binary
go build -o ollamagoweb.exe .
# Run tests
go test -v .
# Run E2E tests
npm install
npm run test:e2e
Environment Variables
See .env.example for all available configuration variables:
| Variable |
Description |
Default |
Required |
PORT |
Server port |
1102 |
No |
DB_PATH |
SQLite database path |
./ollamagoweb.db |
No |
OLLAMA_HOST |
Ollama server URL |
http://localhost:11434 |
No |
ENCRYPTION_KEY |
Required - Encryption key for API keys |
- |
Yes (production) |
AUTH_USER |
Admin username (optional) |
- |
No |
AUTH_PASSWORD |
Admin password (optional) |
- |
No |
TELEGRAM_BOT_TOKEN |
Telegram bot token from @BotFather |
- |
No |
TELEGRAM_ALLOWED_USERS |
Allowed Telegram user IDs |
- |
No |
brave_api_key |
Brave Search API key |
- |
No |
๐ Project Structure
ollamagoweb/
โโโ main.go # Application entry point and routes
โโโ handlers.go # HTTP request handlers
โโโ handlers_chat.go # Chat management endpoints
โโโ handlers_memory.go # Memory management endpoints
โโโ handlers_mcp.go # MCP server endpoints
โโโ middleware.go # Rate limiting, CSRF
โโโ utils.go # Helper functions
โโโ database.go # Database, migrations, pooling
โโโ crypto.go # Encryption (AES-GCM)
โโโ auth.go # Authentication system
โโโ provider.go # Provider implementations
โโโ memory.go # Memory extraction and management
โโโ summarizer.go # Context summarization
โโโ telegram.go # Telegram bot integration
โโโ search.go # Brave Search integration
โ
โโโ static/
โ โโโ index.html # Main chat interface
โ โโโ css/
โ โ โโโ styles.css # Styles, accessibility, animations
โ โโโ js/
โ โโโ app.js # Main application logic
โ โโโ settings.js # Settings page logic
โ โโโ state.js # State management
โ โโโ ...
โ
โโโ mcp/ # MCP-related files
โโโ e2e/
โ โโโ tests.spec.js # Playwright E2E tests
โ โโโ playwright.config.js
โ
โโโ .env.example # Environment template
โโโ package.json # E2E test scripts
โโโ README.md
โโโ go.mod
๐ฏ Key Highlights
| Feature |
Description |
| Multi-provider |
Ollama, Groq, DeepInfra, OpenRouter, more |
| Telegram Bot |
Full-featured bot with session linking and typing indicators |
| Memory System |
LLM-based extraction with categories and confidence scoring |
| Rolling Summary |
Token-efficient long conversations |
| System Prompts |
Chat-specific AI instructions |
| Brave Search |
/search <query> for real-time results |
| Auto-save |
Conversations saved automatically |
| Message editing |
Edit and track message history |
| Encrypted secrets |
AES-GCM encryption |
| Responsive UI |
Desktop and mobile support |
| Theme support |
Light and dark modes |
| Keyboard shortcuts |
Efficient keyboard navigation |
| Export formats |
HTML and JSON export |
| Rate limiting |
Abuse prevention |
| CSRF protection |
Request validation |
| Authentication |
Optional session-based auth |
| MCP Integration |
Model Context Protocol tool integration |
| Unit tests |
Core tests passing |
| E2E tests |
Playwright integration tests |
๐ค Contributing
- Fork the repository
- Create a feature branch
- Make your changes
- Run tests:
go test -v .
- Submit a pull request
๐ License
Apache 2.0 License - See LICENSE file for details