feat: add MAX_QUERY_LENGTH guard in handle_chat to prevent overly long queries

Author: tisha-varma

.env.template

@@ -28,3 +28,6 @@ ELASTIC_PASSWORD=
 PAGE_SIZE=1000
 GCS_BUCKET=
 GCS_PREFIX=
+
+# Query length guard (optional, default: 2000 chars)
+# MAX_QUERY_LENGTH=2000          # max allowed query length in characters

backend/agents.py

@@ -83,6 +83,11 @@ def _get_genai_client():
 FLASH_MODEL = os.getenv("GEMINI_FLASH_MODEL", "gemini-2.5-flash")
 FLASH_LITE_MODEL = os.getenv("GEMINI_FLASH_LITE_MODEL", "gemini-2.5-flash-lite")
 
+try:
+    MAX_QUERY_LENGTH = int(os.getenv("MAX_QUERY_LENGTH", "2000"))
+except ValueError:
+    MAX_QUERY_LENGTH = 2000
+
 
 # Query intent/types 
 class QueryIntent(Enum):
@@ -507,6 +512,13 @@ def reset_session(self, session_id: str):
 
     async def handle_chat(self, session_id: str, query: str, reset: bool = False) -> str:
         try:
+            query = query.strip()
+            if len(query) > MAX_QUERY_LENGTH:
+                return (
+                    f"Query too long ({len(query)} chars). "
+                    f"Please keep it under {MAX_QUERY_LENGTH} characters."
+                )
+
             if reset:
                 self.reset_session(session_id)
             if session_id not in self.chat_history: