# Build a Chat Assistant with AI
Remember in Star Trek when the crew would casually chat with the ship's computer, asking it complex questions and getting thoughtful responses? What seemed like pure science fiction in the 1960s is now something you can build using web technologies you already know.
In this lesson, we'll create an AI chat assistant using HTML, CSS, JavaScript, and some backend integration. You'll discover how the same skills you've been learning can connect to powerful AI services that can understand context and generate meaningful responses.
Think of AI like having access to a vast library that can not only find information but also synthesize it into coherent answers tailored to your specific questions. Instead of searching through thousands of pages, you get direct, contextual responses.
The integration happens through familiar web technologies working together. HTML creates the chat interface, CSS handles the visual design, JavaScript manages user interactions, and a backend API connects everything to AI services. It's similar to how different sections of an orchestra work together to create a symphony.
We're essentially building a bridge between natural human communication and machine processing. You'll learn both the technical implementation of AI service integration and the design patterns that make interactions feel intuitive.
By the end of this lesson, AI integration will feel less like a mysterious process and more like another API you can work with. You'll understand the foundational patterns that power applications like ChatGPT and Claude, using the same web development principles you've been learning.
## β‘ What You Can Do in the Next 5 Minutes
**Quick Start Pathway for Busy Developers**
```mermaid
flowchart LR
A[β‘ 5 minutes] --> B[Get GitHub token]
B --> C[Test AI playground]
C --> D[Copy Python code]
D --> E[See AI responses]
```
- **Minute 1**: Visit [GitHub Models Playground](https://github.com/marketplace/models/azure-openai/gpt-4o-mini/playground) and create a personal access token
- **Minute 2**: Test AI interactions directly in the playground interface
- **Minute 3**: Click "Code" tab and copy the Python snippet
- **Minute 4**: Run the code locally with your token: `GITHUB_TOKEN=your_token python test.py`
- **Minute 5**: Watch your first AI response generate from your own code
**Quick Test Code**:
```python
import os
from openai import OpenAI
client = OpenAI(
base_url="https://models.github.ai/inference",
api_key="your_token_here"
)
response = client.chat.completions.create(
messages=[{"role": "user", "content": "Hello AI!"}],
model="openai/gpt-4o-mini"
)
print(response.choices[0].message.content)
```
**Why This Matters**: In 5 minutes, you'll experience the magic of programmatic AI interaction. This represents the fundamental building block that powers every AI application you use.
Here's what your finished project will look like:
## πΊοΈ Your Learning Journey Through AI Application Development
```mermaid
journey
title From Web Development to AI Integration
section Understanding AI Foundations
Discover generative AI concepts: 4: You
Explore GitHub Models platform: 6: You
Master AI parameters and prompts: 8: You
section Backend Integration
Build Python API server: 5: You
Implement AI function calls: 7: You
Handle async operations: 8: You
section Frontend Development
Create modern chat interface: 6: You
Master real-time interactions: 8: You
Build responsive user experience: 9: You
section Professional Application
Deploy complete AI system: 7: You
Optimize performance patterns: 8: You
Create production-ready app: 9: You
```
**Your Journey Destination**: By the end of this lesson, you'll have built a complete AI-powered application using the same technologies and patterns that power modern AI assistants like ChatGPT, Claude, and Google Bard.
## Understanding AI: From Mystery to Mastery
Before diving into the code, let's understand what we're working with. If you've used APIs before, you know the basic pattern: send a request, receive a response.
AI APIs follow a similar structure, but instead of retrieving pre-stored data from a database, they generate new responses based on patterns learned from vast amounts of text. Think of it like the difference between a library catalog system and a knowledgeable librarian who can synthesize information from multiple sources.
### What is "Generative AI" Really?
Consider how the Rosetta Stone allowed scholars to understand Egyptian hieroglyphics by finding patterns between known and unknown languages. AI models work similarly β they find patterns in vast amounts of text to understand how language works, then use those patterns to generate appropriate responses to new questions.
**Let me break this down with a simple comparison:**
- **Traditional database**: Like asking for your birth certificate β you get the exact same document every time
- **Search engine**: Like asking a librarian to find books about cats β they show you what's available
- **Generative AI**: Like asking a knowledgeable friend about cats β they tell you interesting things in their own words, tailored to what you want to know
```mermaid
graph LR
A[Your Question] --> B[AI Model]
B --> C[Pattern Recognition]
C --> D[Content Generation]
D --> E[Contextual Response]
F[Training Data Books, Articles, Web] --> B
```
### How AI Models Learn (The Simple Version)
AI models learn through exposure to enormous datasets containing text from books, articles, and conversations. Through this process, they identify patterns in:
- How thoughts are structured in written communication
- Which words commonly appear together
- How conversations typically flow
- Contextual differences between formal and informal communication
**It's similar to how archaeologists decode ancient languages**: they analyze thousands of examples to understand grammar, vocabulary, and cultural context, eventually becoming able to interpret new texts using those learned patterns.
### Why GitHub Models?
We're using GitHub Models for a pretty practical reason β it gives us access to enterprise-level AI without having to set up our own AI infrastructure (which, trust me, you don't want to do right now!). Think of it like using a weather API instead of trying to predict the weather yourself by setting up weather stations everywhere.
It's basically "AI-as-a-Service," and the best part? It's free to get started, so you can experiment without worrying about running up a huge bill.
```mermaid
graph LR
A[Frontend Chat UI] --> B[Your Backend API]
B --> C[GitHub Models API]
C --> D[AI Model Processing]
D --> C
C --> B
B --> A
```
We'll use GitHub Models for our backend integration, which provides access to professional-grade AI capabilities through a developer-friendly interface. The [GitHub Models Playground](https://github.com/marketplace/models/azure-openai/gpt-4o-mini/playground) serves as a testing environment where you can experiment with different AI models and understand their capabilities before implementing them in code.
## π§ AI Application Development Ecosystem
```mermaid
mindmap
root((AI Development))
Understanding AI
Generative Models
Pattern Recognition
Content Generation
Context Understanding
Response Synthesis
AI Parameters
Temperature Control
Token Limits
Top-p Filtering
System Prompts
Backend Architecture
API Integration
GitHub Models
Authentication
Request Handling
Error Management
Python Infrastructure
FastAPI Framework
Async Operations
Environment Security
CORS Configuration
Frontend Experience
Chat Interface
Real-time Updates
Message History
User Feedback
Loading States
Modern Web Tech
ES6 Classes
Async/Await
DOM Manipulation
Event Handling
Professional Patterns
Security Best Practices
Token Management
Input Validation
XSS Prevention
Error Boundaries
Production Readiness
Performance Optimization
Responsive Design
Accessibility
Testing Strategies
```
**Core Principle**: AI application development combines traditional web development skills with AI service integration, creating intelligent applications that feel natural and responsive to users.
**Here's what makes the playground so useful:**
- **Try out** different AI models like GPT-4o-mini, Claude, and others (all free!)
- **Test** your ideas and prompts before you write any code
- **Get** ready-to-use code snippets in your favorite programming language
- **Tweak** settings like creativity level and response length to see how they affect the output
Once you've played around a bit, just click the "Code" tab and pick your programming language to get the implementation code you'll need.
## Setting Up the Python Backend Integration
Now let's implement the AI integration using Python. Python is excellent for AI applications because of its simple syntax and powerful libraries. We'll start with the code from GitHub Models playground and then refactor it into a reusable, production-ready function.
### Understanding the Base Implementation
When you grab the Python code from the playground, you'll get something that looks like this. Don't worry if it seems like a lot at first β let's walk through it piece by piece:
```python
"""Run this model in Python
> pip install openai
"""
import os
from openai import OpenAI
# To authenticate with the model you will need to generate a personal access token (PAT) in your GitHub settings.
# Create your PAT token by following instructions here: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens
client = OpenAI(
base_url="https://models.github.ai/inference",
api_key=os.environ["GITHUB_TOKEN"],
)
response = client.chat.completions.create(
messages=[
{
"role": "system",
"content": "",
},
{
"role": "user",
"content": "What is the capital of France?",
}
],
model="openai/gpt-4o-mini",
temperature=1,
max_tokens=4096,
top_p=1
)
print(response.choices[0].message.content)
```
**Here's what's happening in this code:**
- **We import** the tools we need: `os` for reading environment variables and `OpenAI` for talking to the AI
- **We set up** the OpenAI client to point to GitHub's AI servers instead of OpenAI directly
- **We authenticate** using a special GitHub token (more on that in a minute!)
- **We structure** our conversation with different "roles" β think of it like setting the scene for a play
- **We send** our request to the AI with some fine-tuning parameters
- **We extract** the actual response text from all the data that comes back
### Understanding Message Roles: The AI Conversation Framework
AI conversations use a specific structure with different "roles" that serve distinct purposes:
```python
messages=[
{
"role": "system",
"content": "You are a helpful assistant who explains things simply."
},
{
"role": "user",
"content": "What is machine learning?"
}
]
```
**Think of it like directing a play:**
- **System role**: Like stage directions for an actor β it tells the AI how to behave, what personality to have, and how to respond
- **User role**: The actual question or message from the person using your application
- **Assistant role**: The AI's response (you don't send this, but it appears in conversation history)
**Real-world analogy**: Imagine you're introducing a friend to someone at a party:
- **System message**: "This is my friend Sarah, she's a doctor who's great at explaining medical concepts in simple terms"
- **User message**: "Can you explain how vaccines work?"
- **Assistant response**: Sarah responds as a friendly doctor, not as a lawyer or a chef
### Understanding AI Parameters: Fine-Tuning Response Behavior
The numerical parameters in AI API calls control how the model generates responses. These settings allow you to adjust the AI's behavior for different use cases:
#### Temperature (0.0 to 2.0): The Creativity Dial
**What it does**: Controls how creative or predictable the AI's responses will be.
**Think of it like a jazz musician's improvisation level:**
- **Temperature = 0.1**: Playing the exact same melody every time (highly predictable)
- **Temperature = 0.7**: Adding some tasteful variations while staying recognizable (balanced creativity)
- **Temperature = 1.5**: Full experimental jazz with unexpected turns (highly unpredictable)
```python
# Very predictable responses (good for factual questions)
response = client.chat.completions.create(
messages=[{"role": "user", "content": "What is 2+2?"}],
temperature=0.1 # Will almost always say "4"
)
# Creative responses (good for brainstorming)
response = client.chat.completions.create(
messages=[{"role": "user", "content": "Write a creative story opening"}],
temperature=1.2 # Will generate unique, unexpected stories
)
```
#### Max Tokens (1 to 4096+): The Response Length Controller
**What it does**: Sets a limit on how long the AI's response can be.
**Think of tokens as roughly equivalent to words** (about 1 token = 0.75 words in English):
- **max_tokens=50**: Short and sweet (like a text message)
- **max_tokens=500**: A nice paragraph or two
- **max_tokens=2000**: A detailed explanation with examples
```python
# Short, concise answers
response = client.chat.completions.create(
messages=[{"role": "user", "content": "Explain JavaScript"}],
max_tokens=100 # Forces a brief explanation
)
# Detailed, comprehensive answers
response = client.chat.completions.create(
messages=[{"role": "user", "content": "Explain JavaScript"}],
max_tokens=1500 # Allows for detailed explanations with examples
)
```
#### Top_p (0.0 to 1.0): The Focus Parameter
**What it does**: Controls how focused the AI stays on the most likely responses.
**Picture the AI having a huge vocabulary, ranked by how likely each word is:**
- **top_p=0.1**: Only considers the top 10% most likely words (very focused)
- **top_p=0.9**: Considers 90% of possible words (more creative)
- **top_p=1.0**: Considers everything (maximum variety)
**For example**: If you ask "The sky is usually..."
- **Low top_p**: Almost definitely says "blue"
- **High top_p**: Might say "blue", "cloudy", "vast", "changing", "beautiful", etc.
### Putting It All Together: Parameter Combinations for Different Use Cases
```python
# For factual, consistent answers (like a documentation bot)
factual_params = {
"temperature": 0.2,
"max_tokens": 300,
"top_p": 0.3
}
# For creative writing assistance
creative_params = {
"temperature": 1.1,
"max_tokens": 1000,
"top_p": 0.9
}
# For conversational, helpful responses (balanced)
conversational_params = {
"temperature": 0.7,
"max_tokens": 500,
"top_p": 0.8
}
```
```mermaid
quadrantChart
title AI Parameter Optimization Matrix
x-axis Low Creativity --> High Creativity
y-axis Short Response --> Long Response
quadrant-1 Creative Content
quadrant-2 Detailed Analysis
quadrant-3 Quick Facts
quadrant-4 Conversational AI
Documentation Bot: [0.2, 0.3]
Customer Service: [0.4, 0.4]
General Assistant: [0.7, 0.5]
Creative Writer: [0.9, 0.9]
Brainstorming Tool: [0.8, 0.8]
```
**Understanding why these parameters matter**: Different applications need different types of responses. A customer service bot should be consistent and factual (low temperature), while a creative writing assistant should be imaginative and varied (high temperature). Understanding these parameters gives you control over your AI's personality and response style.
```
**Here's what's happening in this code:**
- **We import** the tools we need: `os` for reading environment variables and `OpenAI` for talking to the AI
- **We set up** the OpenAI client to point to GitHub's AI servers instead of OpenAI directly
- **We authenticate** using a special GitHub token (more on that in a minute!)
- **We structure** our conversation with different "roles" β think of it like setting the scene for a play
- **We send** our request to the AI with some fine-tuning parameters
- **We extract** the actual response text from all the data that comes back
> π **Security Note**: Never hardcode API keys in your source code! Always use environment variables to store sensitive credentials like your `GITHUB_TOKEN`.
### Creating a Reusable AI Function
Let's refactor this code into a clean, reusable function that we can easily integrate into our web application:
```python
import asyncio
from openai import AsyncOpenAI
# Use AsyncOpenAI for better performance
client = AsyncOpenAI(
base_url="https://models.github.ai/inference",
api_key=os.environ["GITHUB_TOKEN"],
)
async def call_llm_async(prompt: str, system_message: str = "You are a helpful assistant."):
"""
Sends a prompt to the AI model asynchronously and returns the response.
Args:
prompt: The user's question or message
system_message: Instructions that define the AI's behavior and personality
Returns:
str: The AI's response to the prompt
"""
try:
response = await client.chat.completions.create(
messages=[
{
"role": "system",
"content": system_message,
},
{
"role": "user",
"content": prompt,
}
],
model="openai/gpt-4o-mini",
temperature=1,
max_tokens=4096,
top_p=1
)
return response.choices[0].message.content
except Exception as e:
logger.error(f"AI API error: {str(e)}")
return "I'm sorry, I'm having trouble processing your request right now."
# Backward compatibility function for synchronous calls
def call_llm(prompt: str, system_message: str = "You are a helpful assistant."):
"""Synchronous wrapper for async AI calls."""
return asyncio.run(call_llm_async(prompt, system_message))
```
**Understanding this improved function:**
- **Accepts** two parameters: the user's prompt and an optional system message
- **Provides** a default system message for general assistant behavior
- **Uses** proper Python type hints for better code documentation
- **Includes** a detailed docstring explaining the function's purpose and parameters
- **Returns** only the response content, making it easy to use in our web API
- **Maintains** the same model parameters for consistent AI behavior
### The Magic of System Prompts: Programming AI Personality
If parameters control how the AI thinks, system prompts control who the AI thinks it is. This is honestly one of the coolest parts of working with AI β you're essentially giving the AI a complete personality, expertise level, and communication style.
**Think of system prompts like casting different actors for different roles**: Instead of having one generic assistant, you can create specialized experts for different situations. Need a patient teacher? A creative brainstorming partner? A no-nonsense business advisor? Just change the system prompt!
#### Why System Prompts Are So Powerful
Here's the fascinating part: AI models have been trained on countless conversations where people adopt different roles and expertise levels. When you give the AI a specific role, it's like flipping a switch that activates all those learned patterns.
**It's like method acting for AI**: Tell an actor "you're a wise old professor" and watch how they automatically adjust their posture, vocabulary, and mannerisms. AI does something remarkably similar with language patterns.
#### Crafting Effective System Prompts: The Art and Science
**The anatomy of a great system prompt:**
1. **Role/Identity**: Who is the AI?
2. **Expertise**: What do they know?
3. **Communication style**: How do they speak?
4. **Specific instructions**: What should they focus on?
```python
# β Vague system prompt
"You are helpful."
# β Detailed, effective system prompt
"You are Dr. Sarah Chen, a senior software engineer with 15 years of experience at major tech companies. You explain programming concepts using real-world analogies and always provide practical examples. You're patient with beginners and enthusiastic about helping them understand complex topics."
```
#### System Prompt Examples with Context
Let's see how different system prompts create completely different AI personalities:
```python
# Example 1: The Patient Teacher
teacher_prompt = """
You are an experienced programming instructor who has taught thousands of students.
You break down complex concepts into simple steps, use analogies from everyday life,
and always check if the student understands before moving on. You're encouraging
and never make students feel bad for not knowing something.
"""
# Example 2: The Creative Collaborator
creative_prompt = """
You are a creative writing partner who loves brainstorming wild ideas. You're
enthusiastic, imaginative, and always build on the user's ideas rather than
replacing them. You ask thought-provoking questions to spark creativity and
offer unexpected perspectives that make stories more interesting.
"""
# Example 3: The Strategic Business Advisor
business_prompt = """
You are a strategic business consultant with an MBA and 20 years of experience
helping startups scale. You think in frameworks, provide structured advice,
and always consider both short-term tactics and long-term strategy. You ask
probing questions to understand the full business context before giving advice.
"""
```
#### Seeing System Prompts in Action
Let's test the same question with different system prompts to see the dramatic differences:
**Question**: "How do I handle user authentication in my web app?"
```python
# With teacher prompt:
teacher_response = call_llm(
"How do I handle user authentication in my web app?",
teacher_prompt
)
# Typical response: "Great question! Let's break authentication down into simple steps.
# Think of it like a nightclub bouncer checking IDs..."
# With business prompt:
business_response = call_llm(
"How do I handle user authentication in my web app?",
business_prompt
)
# Typical response: "From a strategic perspective, authentication is crucial for user
# trust and regulatory compliance. Let me outline a framework considering security,
# user experience, and scalability..."
```
#### Advanced System Prompt Techniques
**1. Context Setting**: Give the AI background information
```python
system_prompt = """
You are helping a junior developer who just started their first job at a startup.
They know basic HTML/CSS/JavaScript but are new to backend development and databases.
Be encouraging and explain things step-by-step without being condescending.
"""
```
**2. Output Formatting**: Tell the AI how to structure responses
```python
system_prompt = """
You are a technical mentor. Always structure your responses as:
1. Quick Answer (1-2 sentences)
2. Detailed Explanation
3. Code Example
4. Common Pitfalls to Avoid
5. Next Steps for Learning
"""
```
**3. Constraint Setting**: Define what the AI should NOT do
```python
system_prompt = """
You are a coding tutor focused on teaching best practices. Never write complete
solutions for the user - instead, guide them with hints and questions so they
learn by doing. Always explain the 'why' behind coding decisions.
"""
```
#### Why This Matters for Your Chat Assistant
Understanding system prompts gives you incredible power to create specialized AI assistants:
- **Customer service bot**: Helpful, patient, policy-aware
- **Learning tutor**: Encouraging, step-by-step, checks understanding
- **Creative partner**: Imaginative, builds on ideas, asks "what if?"
- **Technical expert**: Precise, detailed, security-conscious
**The key insight**: You're not just calling an AI API β you're creating a custom AI personality that serves your specific use case. This is what makes modern AI applications feel tailored and useful rather than generic.
### π― Pedagogical Check-in: AI Personality Programming
**Pause and Reflect**: You've just learned to program AI personalities through system prompts. This is a fundamental skill in modern AI application development.
**Quick Self-Assessment**:
- Can you explain how system prompts differ from regular user messages?
- What's the difference between temperature and top_p parameters?
- How would you create a system prompt for a specific use case (like a coding tutor)?
**Real-World Connection**: The system prompt techniques you've learned are used in every major AI application - from GitHub Copilot's coding assistance to ChatGPT's conversational interface. You're mastering the same patterns used by AI product teams at major tech companies.
**Challenge Question**: How might you design different AI personalities for different user types (beginner vs expert)? Consider how the same underlying AI model could serve different audiences through prompt engineering.
## Building the Web API with FastAPI: Your High-Performance AI Communication Hub
Now let's build the backend that connects your frontend to AI services. We'll use FastAPI, a modern Python framework that excels at building APIs for AI applications.
FastAPI offers several advantages for this type of project: built-in async support for handling concurrent requests, automatic API documentation generation, and excellent performance. Your FastAPI server acts as an intermediary that receives requests from the frontend, communicates with AI services, and returns formatted responses.
### Why FastAPI for AI Applications?
You might be wondering: "Can't I just call the AI directly from my frontend JavaScript?" or "Why FastAPI instead of Flask or Django?" Great questions!
**Here's why FastAPI is perfect for what we're building:**
- **Async by default**: Can juggle multiple AI requests at once without getting stuck
- **Automatic docs**: Visit `/docs` and get a beautiful, interactive API documentation page for free
- **Built-in validation**: Catches errors before they cause problems
- **Lightning fast**: One of the speediest Python frameworks out there
- **Modern Python**: Uses all the latest and greatest Python features
**And here's why we need a backend at all:**
**Security**: Your AI API key is like a password β if you put it in frontend JavaScript, anyone who views your website's source code could steal it and use your AI credits. The backend keeps sensitive credentials secure.
**Rate Limiting & Control**: The backend lets you control how often users can make requests, implement user authentication, and add logging to track usage.
**Data Processing**: You might want to save conversations, filter inappropriate content, or combine multiple AI services. The backend is where this logic lives.
**The architecture resembles a client-server model:**
- **Frontend**: User interface layer for interaction
- **Backend API**: Request processing and routing layer
- **AI Service**: External computation and response generation
- **Environment Variables**: Secure configuration and credentials storage
### Understanding the Request-Response Flow
Let's trace what happens when a user sends a message:
```mermaid
sequenceDiagram
participant User as π€ User
participant Frontend as π Frontend
participant API as π§ FastAPI Server
participant AI as π€ AI Service
User->>Frontend: Types "Hello AI!"
Frontend->>API: POST /hello {"message": "Hello AI!"}
Note over API: Validates request Adds system prompt
API->>AI: Sends formatted request
AI->>API: Returns AI response
Note over API: Processes response Logs conversation
API->>Frontend: {"response": "Hello! How can I help?"}
Frontend->>User: Displays AI message
```
**Understanding each step:**
1. **User interaction**: Person types in the chat interface
2. **Frontend processing**: JavaScript captures the input and formats it as JSON
3. **API validation**: FastAPI automatically validates the request using Pydantic models
4. **AI integration**: Backend adds context (system prompt) and calls the AI service
5. **Response handling**: API receives AI response and can modify it if needed
6. **Frontend display**: JavaScript shows the response in the chat interface
### Understanding API Architecture
```mermaid
sequenceDiagram
participant Frontend
participant FastAPI
participant AI Function
participant GitHub Models
Frontend->>FastAPI: POST /hello {"message": "Hello AI!"}
FastAPI->>AI Function: call_llm(message, system_prompt)
AI Function->>GitHub Models: API request
GitHub Models->>AI Function: AI response
AI Function->>FastAPI: response text
FastAPI->>Frontend: {"response": "Hello! How can I help?"}
```
```mermaid
flowchart TD
A[User Input] --> B[Frontend Validation]
B --> C[HTTP POST Request]
C --> D[FastAPI Router]
D --> E[Pydantic Validation]
E --> F[AI Function Call]
F --> G[GitHub Models API]
G --> H[Response Processing]
H --> I[JSON Response]
I --> J[Frontend Update]
subgraph "Security Layer"
K[CORS Middleware]
L[Environment Variables]
M[Error Handling]
end
D --> K
F --> L
H --> M
```
### Creating the FastAPI Application
Let's build our API step by step. Create a file called `api.py` with the following FastAPI code:
```python
# api.py
from fastapi import FastAPI, HTTPException
from fastapi.middleware.cors import CORSMiddleware
from pydantic import BaseModel
from llm import call_llm
import logging
# Configure logging
logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(__name__)
# Create FastAPI application
app = FastAPI(
title="AI Chat API",
description="A high-performance API for AI-powered chat applications",
version="1.0.0"
)
# Configure CORS
app.add_middleware(
CORSMiddleware,
allow_origins=["*"], # Configure appropriately for production
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
# Pydantic models for request/response validation
class ChatMessage(BaseModel):
message: str
class ChatResponse(BaseModel):
response: str
@app.get("/")
async def root():
"""Root endpoint providing API information."""
return {
"message": "Welcome to the AI Chat API",
"docs": "/docs",
"health": "/health"
}
@app.get("/health")
async def health_check():
"""Health check endpoint."""
return {"status": "healthy", "service": "ai-chat-api"}
@app.post("/hello", response_model=ChatResponse)
async def chat_endpoint(chat_message: ChatMessage):
"""Main chat endpoint that processes messages and returns AI responses."""
try:
# Extract and validate message
message = chat_message.message.strip()
if not message:
raise HTTPException(status_code=400, detail="Message cannot be empty")
logger.info(f"Processing message: {message[:50]}...")
# Call AI service (note: call_llm should be made async for better performance)
ai_response = await call_llm_async(message, "You are a helpful and friendly assistant.")
logger.info("AI response generated successfully")
return ChatResponse(response=ai_response)
except HTTPException:
raise
except Exception as e:
logger.error(f"Error processing chat message: {str(e)}")
raise HTTPException(status_code=500, detail="Internal server error")
if __name__ == "__main__":
import uvicorn
uvicorn.run(app, host="0.0.0.0", port=5000, reload=True)
```
**Understanding the FastAPI implementation:**
- **Imports** FastAPI for modern web framework functionality and Pydantic for data validation
- **Creates** automatic API documentation (available at `/docs` when server runs)
- **Enables** CORS middleware to allow frontend requests from different origins
- **Defines** Pydantic models for automatic request/response validation and documentation
- **Uses** async endpoints for better performance with concurrent requests
- **Implements** proper HTTP status codes and error handling with HTTPException
- **Includes** structured logging for monitoring and debugging
- **Provides** health check endpoint for monitoring service status
**Key FastAPI advantages over traditional frameworks:**
- **Automatic validation**: Pydantic models ensure data integrity before processing
- **Interactive docs**: Visit `/docs` for auto-generated, testable API documentation
- **Type safety**: Python type hints prevent runtime errors and improve code quality
- **Async support**: Handle multiple AI requests simultaneously without blocking
- **Performance**: Significantly faster request processing for real-time applications
### Understanding CORS: The Web's Security Guard
CORS (Cross-Origin Resource Sharing) is like a security guard at a building who checks if visitors are allowed to enter. Let's understand why this matters and how it affects your application.
#### What is CORS and Why Does It Exist?
**The Problem**: Imagine if any website could make requests to your bank's website on your behalf without your permission. That would be a security nightmare! Browsers prevent this by default through the "Same-Origin Policy."
**Same-Origin Policy**: Browsers only allow web pages to make requests to the same domain, port, and protocol they were loaded from.
**Real-world analogy**: It's like apartment building security β only residents (same origin) can access the building by default. If you want to let a friend (different origin) visit, you need to explicitly tell security it's okay.
#### CORS in Your Development Environment
During development, your frontend and backend run on different ports:
- Frontend: `http://localhost:3000` (or file:// if opening HTML directly)
- Backend: `http://localhost:5000`
These are considered "different origins" even though they're on the same computer!
```python
from fastapi.middleware.cors import CORSMiddleware
app = FastAPI(__name__)
CORS(app) # This tells browsers: "It's okay for other origins to make requests to this API"
```
**What CORS configuration does in practice:**
- **Adds** special HTTP headers to API responses that tell browsers "this cross-origin request is allowed"
- **Handles** "preflight" requests (browsers sometimes check permissions before sending the actual request)
- **Prevents** the dreaded "blocked by CORS policy" error in your browser console
#### CORS Security: Development vs Production
```python
# π¨ Development: Allows ALL origins (convenient but insecure)
CORS(app)
# β Production: Only allow your specific frontend domain
CORS(app, origins=["https://yourdomain.com", "https://www.yourdomain.com"])
# π Advanced: Different origins for different environments
if app.debug: # Development mode
CORS(app, origins=["http://localhost:3000", "http://127.0.0.1:3000"])
else: # Production mode
CORS(app, origins=["https://yourdomain.com"])
```
**Why this matters**: In development, `CORS(app)` is like leaving your front door unlocked β convenient but not secure. In production, you want to specify exactly which websites can talk to your API.
#### Common CORS Scenarios and Solutions
| Scenario | Problem | Solution |
|----------|---------|----------|
| **Local Development** | Frontend can't reach backend | Add CORSMiddleware to FastAPI |
| **GitHub Pages + Heroku** | Deployed frontend can't reach API | Add your GitHub Pages URL to CORS origins |
| **Custom Domain** | CORS errors in production | Update CORS origins to match your domain |
| **Mobile App** | App can't reach web API | Add your app's domain or use `*` carefully |
**Pro tip**: You can check CORS headers in your browser's Developer Tools under the Network tab. Look for headers like `Access-Control-Allow-Origin` in the response.
### Error Handling and Validation
Notice how our API includes proper error handling:
```python
# Validate that we received a message
if not message:
return jsonify({"error": "Message field is required"}), 400
```
**Key validation principles:**
- **Checks** for required fields before processing requests
- **Returns** meaningful error messages in JSON format
- **Uses** appropriate HTTP status codes (400 for bad requests)
- **Provides** clear feedback to help frontend developers debug issues
## Setting Up and Running Your Backend
Now that we have our AI integration and FastAPI server ready, let's get everything running. The setup process involves installing Python dependencies, configuring environment variables, and starting your development server.
### Python Environment Setup
Let's set up your Python development environment. Virtual environments are like the Manhattan Project's compartmentalized approach β each project gets its own isolated space with specific tools and dependencies, preventing conflicts between different projects.
```bash
# Navigate to your backend directory
cd backend
# Create a virtual environment (like creating a clean room for your project)
python -m venv venv
# Activate it (Linux/Mac)
source ./venv/bin/activate
# On Windows, use:
# venv\Scripts\activate
# Install the good stuff
pip install openai fastapi uvicorn python-dotenv
```
**What we just did:**
- **Created** our own little Python bubble where we can install packages without affecting anything else
- **Activated** it so our terminal knows to use this specific environment
- **Installed** the essentials: OpenAI for AI magic, FastAPI for our web API, Uvicorn to actually run it, and python-dotenv for secure secrets management
**Key dependencies explained:**
- **FastAPI**: Modern, fast web framework with automatic API documentation
- **Uvicorn**: Lightning-fast ASGI server that runs FastAPI applications
- **OpenAI**: Official library for GitHub Models and OpenAI API integration
- **python-dotenv**: Secure environment variable loading from .env files
### Environment Configuration: Keeping Secrets Safe
Before we start our API, we need to talk about one of the most important lessons in web development: how to keep your secrets actually secret. Environment variables are like a secure vault that only your application can access.
#### What Are Environment Variables?
**Think of environment variables like a safety deposit box** β you put your valuable stuff in there, and only you (and your app) have the key to get it out. Instead of writing sensitive information directly in your code (where literally anyone can see it), you store it safely in the environment.
**Here's the difference:**
- **The wrong way**: Writing your password on a sticky note and putting it on your monitor
- **The right way**: Keeping your password in a secure password manager that only you can access
#### Why Environment Variables Matter
```python
# π¨ NEVER DO THIS - API key visible to everyone
client = OpenAI(
api_key="ghp_1234567890abcdef...", # Anyone can steal this!
base_url="https://models.github.ai/inference"
)
# β DO THIS - API key stored securely
client = OpenAI(
api_key=os.environ["GITHUB_TOKEN"], # Only your app can access this
base_url="https://models.github.ai/inference"
)
```
**What happens when you hardcode secrets:**
1. **Version control exposure**: Anyone with access to your Git repository sees your API key
2. **Public repositories**: If you push to GitHub, your key is visible to the entire internet
3. **Team sharing**: Other developers working on your project get access to your personal API key
4. **Security breaches**: If someone steals your API key, they can use your AI credits
#### Setting Up Your Environment File
Create a `.env` file in your backend directory. This file stores your secrets locally:
```bash
# .env file - This should NEVER be committed to Git
GITHUB_TOKEN=your_github_personal_access_token_here
FASTAPI_DEBUG=True
ENVIRONMENT=development
```
**Understanding the .env file:**
- **One secret per line** in `KEY=value` format
- **No spaces** around the equals sign
- **No quotes** needed around values (usually)
- **Comments** start with `#`
#### Creating Your GitHub Personal Access Token
Your GitHub token is like a special password that gives your application permission to use GitHub's AI services:
**Step-by-step token creation:**
1. **Go to GitHub Settings** β Developer settings β Personal access tokens β Tokens (classic)
2. **Click "Generate new token (classic)"**
3. **Set expiration** (30 days for testing, longer for production)
4. **Select scopes**: Check "repo" and any other permissions you need
5. **Generate token** and copy it immediately (you can't see it again!)
6. **Paste into your .env file**
```bash
# Example of what your token looks like (this is fake!)
GITHUB_TOKEN=ghp_1A2B3C4D5E6F7G8H9I0J1K2L3M4N5O6P7Q8R
```
#### Loading Environment Variables in Python
```python
import os
from dotenv import load_dotenv
# Load environment variables from .env file
load_dotenv()
# Now you can access them securely
api_key = os.environ.get("GITHUB_TOKEN")
if not api_key:
raise ValueError("GITHUB_TOKEN not found in environment variables!")
client = OpenAI(
api_key=api_key,
base_url="https://models.github.ai/inference"
)
```
**What this code does:**
- **Loads** your .env file and makes variables available to Python
- **Checks** if the required token exists (good error handling!)
- **Raises** a clear error if the token is missing
- **Uses** the token securely without exposing it in code
#### Git Security: The .gitignore File
Your `.gitignore` file tells Git which files to never track or upload:
```bash
# .gitignore - Add these lines
.env
*.env
.env.local
.env.production
__pycache__/
venv/
.vscode/
```
**Why this is crucial**: Once you add `.env` to `.gitignore`, Git will ignore your environment file, preventing you from accidentally uploading your secrets to GitHub.
#### Different Environments, Different Secrets
Professional applications use different API keys for different environments:
```bash
# .env.development
GITHUB_TOKEN=your_development_token
DEBUG=True
# .env.production
GITHUB_TOKEN=your_production_token
DEBUG=False
```
**Why this matters**: You don't want your development experiments to affect your production AI usage quota, and you want different security levels for different environments.
### Starting Your Development Server: Bringing Your FastAPI to Life
Now comes the exciting moment β starting your FastAPI development server and seeing your AI integration come alive! FastAPI uses Uvicorn, a lightning-fast ASGI server that's specifically designed for async Python applications.
#### Understanding the FastAPI Server Startup Process
```bash
# Method 1: Direct Python execution (includes auto-reload)
python api.py
# Method 2: Using Uvicorn directly (more control)
uvicorn api:app --host 0.0.0.0 --port 5000 --reload
```
When you run this command, here's what happens behind the scenes:
**1. Python loads your FastAPI application**:
- Imports all required libraries (FastAPI, Pydantic, OpenAI, etc.)
- Loads environment variables from your `.env` file
- Creates the FastAPI application instance with automatic documentation
**2. Uvicorn configures the ASGI server**:
- Binds to port 5000 with async request handling capabilities
- Sets up request routing with automatic validation
- Enables hot reload for development (restarts on file changes)
- Generates interactive API documentation
**3. Server starts listening**:
- Your terminal shows: `INFO: Uvicorn running on http://0.0.0.0:5000`
- The server can handle multiple concurrent AI requests
- Your API is ready with automatic docs at `http://localhost:5000/docs`
#### What You Should See When Everything Works
```bash
$ python api.py
INFO: Will watch for changes in these directories: ['/your/project/path']
INFO: Uvicorn running on http://0.0.0.0:5000 (Press CTRL+C to quit)
INFO: Started reloader process [12345] using WatchFiles
INFO: Started server process [12346]
INFO: Waiting for application startup.
INFO: Application startup complete.
```
**Understanding the FastAPI output:**
- **Will watch for changes**: Auto-reload enabled for development
- **Uvicorn running**: High-performance ASGI server is active
- **Started reloader process**: File watcher for automatic restarts
- **Application startup complete**: FastAPI app initialized successfully
- **Interactive docs available**: Visit `/docs` for automatic API documentation
#### Testing Your FastAPI: Multiple Powerful Approaches
FastAPI provides several convenient ways to test your API, including automatic interactive documentation:
**Method 1: Interactive API Documentation (Recommended)**
1. Open your browser and go to `http://localhost:5000/docs`
2. You'll see Swagger UI with all your endpoints documented
3. Click on `/hello` β "Try it out" β Enter a test message β "Execute"
4. See the response directly in the browser with proper formatting
**Method 2: Basic Browser Test**
1. Go to `http://localhost:5000` for the root endpoint
2. Go to `http://localhost:5000/health` to check server health
3. This confirms your FastAPI server is running properly
**Method 2: Command Line Test (Advanced)**
```bash
# Test with curl (if available)
curl -X POST http://localhost:5000/hello \
-H "Content-Type: application/json" \
-d '{"message": "Hello AI!"}'
# Expected response:
# {"response": "Hello! I'm your AI assistant. How can I help you today?"}
```
**Method 3: Python Test Script**
```python
# test_api.py - Create this file to test your API
import requests
import json
# Test the API endpoint
url = "http://localhost:5000/hello"
data = {"message": "Tell me a joke about programming"}
response = requests.post(url, json=data)
if response.status_code == 200:
result = response.json()
print("AI Response:", result['response'])
else:
print("Error:", response.status_code, response.text)
```
#### Troubleshooting Common Startup Issues
| Error Message | What It Means | How to Fix |
|---------------|---------------|------------|
| `ModuleNotFoundError: No module named 'fastapi'` | FastAPI not installed | Run `pip install fastapi uvicorn` in your virtual environment |
| `ModuleNotFoundError: No module named 'uvicorn'` | ASGI server not installed | Run `pip install uvicorn` in your virtual environment |
| `KeyError: 'GITHUB_TOKEN'` | Environment variable not found | Check your `.env` file and `load_dotenv()` call |
| `Address already in use` | Port 5000 is busy | Kill other processes using port 5000 or change the port |
| `ValidationError` | Request data doesn't match Pydantic model | Check your request format matches the expected schema |
| `HTTPException 422` | Unprocessable entity | Request validation failed, check `/docs` for correct format |
| `OpenAI API error` | AI service authentication failed | Verify your GitHub token is correct and has proper permissions |
#### Development Best Practices
**Hot Reloading**: FastAPI with Uvicorn provides automatic reloading when you save changes to your Python files. This means you can modify your code and test immediately without manually restarting.
```python
# Enable hot reloading explicitly
if __name__ == "__main__":
app.run(host="0.0.0.0", port=5000, debug=True) # debug=True enables hot reload
```
**Logging for Development**: Add logging to understand what's happening:
```python
import logging
# Set up logging
logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(__name__)
@app.route("/hello", methods=["POST"])
def hello():
data = request.get_json()
message = data.get("message", "")
logger.info(f"Received message: {message}")
if not message:
logger.warning("Empty message received")
return jsonify({"error": "Message field is required"}), 400
try:
response = call_llm(message, "You are a helpful and friendly assistant.")
logger.info(f"AI response generated successfully")
return jsonify({"response": response})
except Exception as e:
logger.error(f"AI API error: {str(e)}")
return jsonify({"error": "AI service temporarily unavailable"}), 500
```
**Why logging helps**: During development, you can see exactly what requests are coming in, what the AI is responding with, and where errors occur. This makes debugging much faster.
### Configuring for GitHub Codespaces: Cloud Development Made Easy
GitHub Codespaces is like having a powerful development computer in the cloud that you can access from any browser. If you're working in Codespaces, there are a few additional steps to make your backend accessible to your frontend.
#### Understanding Codespaces Networking
In a local development environment, everything runs on the same computer:
- Backend: `http://localhost:5000`
- Frontend: `http://localhost:3000` (or file://)
In Codespaces, your development environment runs on GitHub's servers, so "localhost" has a different meaning. GitHub automatically creates public URLs for your services, but you need to configure them properly.
#### Step-by-Step Codespaces Configuration
**1. Start your backend server**:
```bash
cd backend
python api.py
```
You'll see the familiar FastAPI/Uvicorn startup message, but notice it's running inside the Codespace environment.
**2. Configure port visibility**:
- Look for the "Ports" tab in the bottom panel of VS Code
- Find port 5000 in the list
- Right-click on port 5000
- Select "Port Visibility" β "Public"
**Why make it public?** By default, Codespace ports are private (only accessible to you). Making it public allows your frontend (which runs in the browser) to communicate with your backend.
**3. Get your public URL**:
After making the port public, you'll see a URL like:
```
https://your-codespace-name-5000.app.github.dev
```
**4. Update your frontend configuration**:
```javascript
// In your frontend app.js, update the BASE_URL:
this.BASE_URL = "https://your-codespace-name-5000.app.github.dev";
```
#### Understanding Codespace URLs
Codespace URLs follow a predictable pattern:
```
https://[codespace-name]-[port].app.github.dev
```
**Breaking this down:**
- `codespace-name`: A unique identifier for your Codespace (usually includes your username)
- `port`: The port number your service is running on (5000 for our FastAPI app)
- `app.github.dev`: GitHub's domain for Codespace applications
#### Testing Your Codespace Setup
**1. Test the backend directly**:
Open your public URL in a new browser tab. You should see:
```
Welcome to the AI Chat API. Send POST requests to /hello with JSON payload containing 'message' field.
```
**2. Test with browser developer tools**:
```javascript
// Open browser console and test your API
fetch('https://your-codespace-name-5000.app.github.dev/hello', {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({message: 'Hello from Codespaces!'})
})
.then(response => response.json())
.then(data => console.log(data));
```
#### Codespaces vs Local Development
| Aspect | Local Development | GitHub Codespaces |
|--------|-------------------|-------------------|
| **Setup Time** | Longer (install Python, dependencies) | Instant (pre-configured environment) |
| **URL Access** | `http://localhost:5000` | `https://xyz-5000.app.github.dev` |
| **Port Configuration** | Automatic | Manual (make ports public) |
| **File Persistence** | Local machine | GitHub repository |
| **Collaboration** | Difficult to share environment | Easy to share Codespace link |
| **Internet Dependency** | Only for AI API calls | Required for everything |
#### Codespace Development Tips
**Environment Variables in Codespaces**:
Your `.env` file works the same way in Codespaces, but you can also set environment variables directly in the Codespace:
```bash
# Set environment variable for the current session
export GITHUB_TOKEN="your_token_here"
# Or add to your .bashrc for persistence
echo 'export GITHUB_TOKEN="your_token_here"' >> ~/.bashrc
```
**Port Management**:
- Codespaces automatically detects when your application starts listening on a port
- You can forward multiple ports simultaneously (useful if you add a database later)
- Ports remain accessible as long as your Codespace is running
**Development Workflow**:
1. Make code changes in VS Code
2. FastAPI auto-reloads (thanks to Uvicorn's reload mode)
3. Test changes immediately through the public URL
4. Commit and push when ready
> π‘ **Pro Tip**: Bookmark your Codespace backend URL during development. Since Codespace names are stable, the URL won't change as long as you're using the same Codespace.
## Creating the Frontend Chat Interface: Where Humans Meet AI
Now we'll build the user interface β the part that determines how people interact with your AI assistant. Like the design of the original iPhone's interface, we're focusing on making complex technology feel intuitive and natural to use.
### Understanding Modern Frontend Architecture
Our chat interface will be what we call a "Single Page Application" or SPA. Instead of the old-school approach where every click loads a new page, our app updates smoothly and instantly:
**Old websites**: Like reading a physical book β you flip to completely new pages
**Our chat app**: Like using your phone β everything flows and updates seamlessly
```mermaid
graph TD
A[User Types Message] --> B[JavaScript Captures Input]
B --> C[Validate & Format Data]
C --> D[Send to Backend API]
D --> E[Display Loading State]
E --> F[Receive AI Response]
F --> G[Update Chat Interface]
G --> H[Ready for Next Message]
```
```mermaid
classDiagram
class ChatApp {
+messages: HTMLElement
+form: HTMLElement
+input: HTMLElement
+sendButton: HTMLElement
+BASE_URL: string
+API_ENDPOINT: string
+constructor()
+initializeEventListeners()
+handleSubmit(event)
+callAPI(message)
+appendMessage(text, role)
+escapeHtml(text)
+scrollToBottom()
+setLoading(isLoading)
}
ChatApp --> DOM : manipulates
ChatApp --> FastAPI : sends requests
```
### The Three Pillars of Frontend Development
Every frontend application β from simple websites to complex apps like Discord or Slack β is built on three core technologies. Think of them as the foundation of everything you see and interact with on the web:
**HTML (Structure)**: This is your foundation
- Decides what elements exist (buttons, text areas, containers)
- Gives meaning to content (this is a header, this is a form, etc.)
- Creates the basic structure that everything else builds on
**CSS (Presentation)**: This is your interior designer
- Makes everything look beautiful (colors, fonts, layouts)
- Handles different screen sizes (phone vs laptop vs tablet)
- Creates smooth animations and visual feedback
**JavaScript (Behavior)**: This is your brain
- Responds to what users do (clicks, typing, scrolling)
- Talks to your backend and updates the page
- Makes everything interactive and dynamic
**Think of it like architectural design:**
- **HTML**: The structural blueprint (defining spaces and relationships)
- **CSS**: The aesthetic and environmental design (visual style and user experience)
- **JavaScript**: The mechanical systems (functionality and interactivity)
### Why Modern JavaScript Architecture Matters
Our chat application will use modern JavaScript patterns that you'll see in professional applications. Understanding these concepts will help you as you grow as a developer:
**Class-Based Architecture**: We'll organize our code into classes, which is like creating blueprints for objects
**Async/Await**: Modern way to handle operations that take time (like API calls)
**Event-Driven Programming**: Our app responds to user actions (clicks, key presses) rather than running in a loop
**DOM Manipulation**: Dynamically updating the webpage content based on user interactions and API responses
### Project Structure Setup
Create a frontend directory with this organized structure:
```text
frontend/
βββ index.html # Main HTML structure
βββ app.js # JavaScript functionality
βββ styles.css # Visual styling
```
**Understanding the architecture:**
- **Separates** concerns between structure (HTML), behavior (JavaScript), and presentation (CSS)
- **Maintains** a simple file structure that's easy to navigate and modify
- **Follows** web development best practices for organization and maintainability
### Building the HTML Foundation: Semantic Structure for Accessibility
Let's start with the HTML structure. Modern web development emphasizes "semantic HTML" β using HTML elements that clearly describe their purpose, not just their appearance. This makes your application accessible to screen readers, search engines, and other tools.
**Why semantic HTML matters**: Imagine describing your chat app to someone over the phone. You'd say "there's a header with the title, a main area where conversations appear, and a form at the bottom for typing messages." Semantic HTML uses elements that match this natural description.
Create `index.html` with this thoughtfully structured markup:
```html
AI Chat Assistant
AI Chat Assistant
Ask me anything!
```
**Understanding each HTML element and its purpose:**
#### Document Structure
- **``**: Tells the browser this is modern HTML5
- **``**: Specifies the page language for screen readers and translation tools
- **``**: Ensures proper character encoding for international text
- **``**: Makes the page mobile-responsive by controlling zoom and scale
#### Semantic Elements
- **``**: Clearly identifies the top section with title and description
- **``**: Designates the primary content area (where conversations happen)
- **`