feat: basic credentials fields added + fix email and reddit blocks

[ntindle]

Update and adds a basic credential field for use in integrations like reddit

Changes 🏗️

• Reddit

  • Drops the Username and Password for reddit from the .env
  • Updates Reddit block with modern provider and credential system
  • moves clientid and secret to reading from Settings().secrets rather than input on the block
  • moves user agent to Settings().config

• SMTP

  • update the block to support user password and modern credentials

• Add UserPasswordCredentials

  • Default API key expiry to None explicitly to help type cohesion
  • add UserPasswordCredentials with a weird form of bearer which we ideally remove because basic is a more appropriate name. This is dependent on Webhook _base allowing a subset of Credentials
  • Update Credentials and CredentialsType
  • Fix various OAuth2Credentials | APIKeyCredentials -> Credentials mismatches between base and derived classes
  • Replace router/@post(create_api_key_credentials) with create_credentials which now takes a credential and is discriminated by type provided by the credential

• UI/Frontend

  • Updated various pages to have saved credential types, icons, and text for User Pass Credentials
  • Update credential input to have an input/modals/selects for user/pass combos
  • Update the types to support having user/pass credentials too (we should make this more centralized)
  • Update Credential Providres to support user_password
  • Update client.ts to support the new streamlined credential creation method and endpoint

• DX

  • Sort the provider names again

TODO:

• Reactivate Conditionally Disabling Reddit
  - [ ] Look into moving Webhooks base to allow subset of Credentials rather than requiring all webhooks to support the input of all valid Credentials types Out of scope
• Figure out the singleCredential calculator in credentials-input.tsx so that it also respects User Pass credentials and isn't a logic mess

Checklist 📋

For code changes:

• I have clearly listed my changes in the PR description
• I have made a test plan
• I have tested my changes according to the test plan:
  • ...

Example test plan

• Create from scratch and execute an agent with at least 3 blocks
• Import an agent from file upload, and confirm it executes correctly
• Upload agent to marketplace
• Import an agent from marketplace and confirm it executes correctly
• Edit an agent from monitor, and confirm it executes correctly

For configuration changes:

• .env.example is updated or already compatible with my changes
• docker-compose.yml is updated or already compatible with my changes
• I have included a list of my configuration changes in the PR description (under Changes)

Examples of configuration changes

• Changing ports
• Adding new services that need to communicate with each other
• Secrets or environment variable changes
• New or infrastructure changes such as databases

[netlify]

✅ Deploy Preview for auto-gpt-docs-dev canceled.

Name	Link
🔨 Latest commit	2fd8c8d
🔍 Latest deploy log	https://app.netlify.com/sites/auto-gpt-docs-dev/deploys/67818d1e316abf0008658f20

[netlify]

✅ Deploy Preview for auto-gpt-docs canceled.

Name	Link
🔨 Latest commit	2fd8c8d
🔍 Latest deploy log	https://app.netlify.com/sites/auto-gpt-docs/deploys/67818d1e22fe1f0008b9582e

[github-actions]

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

[github-actions]

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

[github-actions]

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

[qodo-merge-pro]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 4 🔵🔵🔵🔵⚪

🧪 PR contains tests

🔒 Security concerns Password Storage: The implementation stores user passwords as part of credentials. Even though they are stored as SecretStr, ensure proper encryption at rest and in transit, and validate the security of the basic auth token generation in UserPasswordCredentials.bearer() method which exposes username:password in base64 encoding.

⚡ Recommended focus areas for review Security Concern The Reddit client initialization uses settings.secrets directly without validation. Consider adding validation for required credentials and proper error handling if secrets are missing. def get_praw(creds: RedditCredentials) -> praw.Reddit: client = praw.Reddit( client_id=settings.secrets.reddit_client_id, client_secret=settings.secrets.reddit_client_secret, username=creds.username.get_secret_value(), password=creds.password.get_secret_value(), user_agent=settings.config.reddit_user_agent, ) Potential Bug The user password credential handling in getSingleCredential() may have edge cases not properly handled when multiple credential types exist. const getSingleCredential = () => { const counts = getCredentialCounts(); const totalCredentials = Object.values(counts).reduce( (sum, count) => sum + count, 0, ); if (totalCredentials !== 1) return null; if (counts.apiKeys === 1) return savedApiKeys[0]; if (counts.oauth === 1) return savedOAuthCredentials[0]; if (counts.userPass === 1) return savedUserPasswordCredentials[0]; return null; }; API Consistency The createAPIKeyCredentials and createUserPasswordCredentials methods have duplicated code patterns. Consider refactoring to a generic createCredentials method. createAPIKeyCredentials( credentials: Omit<APIKeyCredentials, "id" | "type">, ): Promise<APIKeyCredentials> { return this._request( "POST", `/integrations/${credentials.provider}/credentials`, { ...credentials, type: "api_key" }, ); } createUserPasswordCredentials( credentials: Omit<UserPasswordCredentials, "id" | "type">, ): Promise<UserPasswordCredentials> { return this._request( "POST", `/integrations/${credentials.provider}/credentials`, { ...credentials, type: "user_password" }, );