Reusable WebSocket session management, auth, and debug API for llming applications
Project description
Real-time JS ↔ Python commands, AI-debuggable sessions, and MCP control — out of the box.
LLMing-Com connects JavaScript frontends to Python backends over WebSockets with structured commands, session management, cookie-based authentication, and a debug API that AI agents can use to inspect and control running applications.
Why?
- AI controls the frontend -- One
@commanddecorator exposes a function as a REST endpoint and an MCP tool. An AI agent can list sessions, send messages, and trigger actions without custom glue code. - AI debugs your app -- The debug API lets agents inspect sessions, view state, and forward WebSocket messages in real time.
- One decorator = one command -- Define a command once; get HTTP routing, parameter validation, JSON Schema, and MCP tooling for free.
- Sessions just work -- Type-safe registry with TTL cleanup, WebSocket lifecycle management, and connection superseding built in.
Features
- HMAC-SHA256 cookie authentication (session + identity tokens with expiry)
- Generic session registry with singleton pattern and TTL cleanup
- WebSocket transport with connection superseding and rate limiting
- Declarative
@commandframework with auto-generated REST + MCP endpoints - Debug API with IP whitelisting, audit logging, and trusted proxy support
- Thread-safe in-memory data store with namespace isolation
- Mock auth system for headless and E2E testing
- MCP server (HTTP/SSE + stdio) for AI agent integration
Quick Start
Commands
from llming_com import command, CommandScope
@command("greet", description="Greet a user", scope=CommandScope.SESSION, http_method="POST")
async def greet(controller, name: str):
await controller.send({"type": "greeting", "text": f"Hello, {name}!"})
return {"status": "sent"}
WebSocket
from fastapi import FastAPI, WebSocket
from llming_com import run_websocket_session, BaseSessionRegistry
app = FastAPI()
@app.websocket("/ws/{session_id}")
async def ws(websocket: WebSocket, session_id: str):
await run_websocket_session(
websocket, session_id, BaseSessionRegistry.get(),
on_message=lambda entry, msg: entry.controller.handle_message(msg),
)
Debug API
from llming_com import build_debug_router
app.include_router(build_debug_router(registry, api_key_env="DEBUG_KEY"))
# GET /debug/sessions
# GET /debug/sessions/{id}
# POST /debug/sessions/{id}/ws_send
Cookie Auth
from llming_com import sign_auth_token, verify_auth_cookie
token = sign_auth_token("session-abc")
response.set_cookie("llming_auth", token, httponly=True, samesite="lax")
if verify_auth_cookie(request):
print("Authenticated!")
Project Structure
llming_com/ Core library (auth, session, transport, commands, debug, data store)
tests/ Pytest suite
samples/ Example applications
docs/ Documentation and assets
Development
git clone https://github.com/Alyxion/llming-com.git
cd llming-com
poetry install
LLMING_AUTH_SECRET=dev-secret pytest tests/ -q
License
MIT -- Copyright 2026 Michael Ikemann
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file llming_com-0.1.1.tar.gz.
File metadata
- Download URL: llming_com-0.1.1.tar.gz
- Upload date:
- Size: 23.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e2ff2228fdf27f711a00297561d6f01f6f9a76413caae13f517f9021e5ac4ca4
|
|
| MD5 |
04e6012fc036438f670bdaec9584e9cc
|
|
| BLAKE2b-256 |
70b2202fe63cc81040209a13c3edadf564c948201c03a55213f96b5d8b5a4511
|
File details
Details for the file llming_com-0.1.1-py3-none-any.whl.
File metadata
- Download URL: llming_com-0.1.1-py3-none-any.whl
- Upload date:
- Size: 30.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a9306eb6127de45b8df683758b9bd38050161c026083ae7c38dac3f77c797559
|
|
| MD5 |
3ba7790f909cabcea2c8a5b011489633
|
|
| BLAKE2b-256 |
7eab40c1d43b8111af1738c8e11ac432d6017dd7c3400f6c0ce7b922cbd7f261
|