diff --git a/src/config/settings.py b/src/config/settings.py index 035ff388..c4e36b51 100644 --- a/src/config/settings.py +++ b/src/config/settings.py @@ -89,8 +89,8 @@ INDEX_BODY = { "type": "knn_vector", "dimension": VECTOR_DIM, "method": { - "name": "hnsw", - "engine": "lucene", + "name": "disk_ann", + "engine": "jvector", "space_type": "l2", "parameters": {"ef_construction": 100, "m": 16}, }, @@ -255,8 +255,8 @@ class AppClients: self.opensearch = AsyncOpenSearch( hosts=[{"host": OPENSEARCH_HOST, "port": OPENSEARCH_PORT}], connection_class=AIOHttpConnection, - scheme="http", - use_ssl=False, + scheme="https", + use_ssl=True, verify_certs=False, ssl_assert_fingerprint=None, http_auth=(OPENSEARCH_USERNAME, OPENSEARCH_PASSWORD), @@ -381,21 +381,20 @@ class AppClients: ) def create_user_opensearch_client(self, jwt_token: str): - """Create OpenSearch client with basic auth (JWT not used in current setup)""" - # Note: jwt_token parameter kept for compatibility but not used - # Using basic auth instead of JWT Bearer tokens + """Create OpenSearch client with user's JWT token for OIDC auth""" + headers = {"Authorization": f"Bearer {jwt_token}"} return AsyncOpenSearch( hosts=[{"host": OPENSEARCH_HOST, "port": OPENSEARCH_PORT}], connection_class=AIOHttpConnection, - scheme="http", - use_ssl=False, + scheme="https", + use_ssl=True, verify_certs=False, ssl_assert_fingerprint=None, - http_auth=(OPENSEARCH_USERNAME, OPENSEARCH_PASSWORD), # Use basic auth + headers=headers, http_compress=True, ) # Global clients instance -clients = AppClients() +clients = AppClients() \ No newline at end of file