A powerful content moderation API that uses Vector Database (ChromaDB) + AI (Gemini) to enforce custom moderation rules. Each API key maintains isolated rule sets with multi-user support.
X-API-Keyheader: Backend secret for authentication (your-strong-secret-key)api_keyin request body: Custom identifier for organizing rule sets (sdsdusdhusdhsddsisjidjsdjsdj12223)
{
"rule_id": "my-app-key-001:no_profanity",
"document": "Do not allow profanity or offensive language...",
"metadata": {
"user_id": "test_user",
"api_key": "my-app-key-001",
"rule_id": "no_profanity",
"created_at": "2025-08-21 ..."
}
}- FastAPI: Modern Python web framework
- ChromaDB: Vector database for semantic rule matching
- Google Gemini AI: Content moderation decisions
- Pydantic: Data validation and schemas
| Endpoint | Method | Body/Params | Description |
|---|---|---|---|
POST /add-rule/ |
POST | {user_id, api_key, rule_id, rule_text} |
Add new moderation rule |
GET /rules/{user_id}/{api_key}/ |
GET | Path params | Get user's rules for specific API key |
GET /api-rules/{api_key}/ |
GET | Path param | Get ALL rules for API key (all users) |
DELETE /delete-rule/{rule_id}/?user_id=X&api_key=Y |
DELETE | Path + Query params | Delete specific rule |
PUT /update-rule/{rule_id}/ |
PUT | {user_id, api_key, rule_text} |
Update existing rule |
POST /moderate/ |
POST | {user_id, api_key, text_to_moderate} |
Moderate text against rules |
POST /add-rule/
Headers: X-API-Key: your-strong-secret-key
Body: {
"user_id": "user123",
"api_key": "sdsdusdhusdhsddsisjidjsdjsdj12223",
"rule_id": "no_profanity",
"rule_text": "Do not allow profanity, swear words, or offensive language."
}POST /moderate/
Headers: X-API-Key: your-strong-secret-key
Body: {
"user_id": "user123",
"api_key": "sdsdusdhusdhsddsisjidjsdjsdj12223",
"text_to_moderate": "This is some text to check"
}- Rules are stored with unique IDs:
{custom_api_key}:{rule_id} - Each custom API key maintains completely isolated rule sets
- Multiple users can share the same custom API key with different rules
- Uses ChromaDB vector database for semantic similarity search
- Finds top 5 most relevant rules for the text being moderated
- Filters rules by both
user_idand customapi_key
- Sends relevant rules + text to Google Gemini AI
- AI determines if ANY rule is violated
- Returns detailed reasoning and violation status
- Users can add multiple rules (paragraphs supported)
- Each rule can be complex and detailed
- AI checks against ALL relevant rules simultaneously
// Mobile app rules (family-friendly)
{
"user_id": "user123",
"api_key": "mobile-app-v1-abc123",
"rule_id": "family_friendly",
"rule_text": "Block inappropriate content, violence, and adult themes for family app users."
}
// Web app rules (professional context)
{
"user_id": "user123",
"api_key": "web-app-v2-xyz789",
"rule_id": "professional",
"rule_text": "Block unprofessional language, spam, and off-topic content for business platform."
}// Development environment
{
"user_id": "developer1",
"api_key": "dev-env-testing-001",
"rule_id": "test_rule",
"rule_text": "Simple test rule for development."
}
// Production environment
{
"user_id": "developer1",
"api_key": "prod-env-live-001",
"rule_id": "strict_moderation",
"rule_text": "Comprehensive content moderation for production users..."
}// Client A's rules
{
"user_id": "admin",
"api_key": "client-a-rules-2025",
"rule_id": "brand_safety",
"rule_text": "Protect brand image by blocking controversial topics..."
}
// Client B's rules (completely separate)
{
"user_id": "admin",
"api_key": "client-b-rules-2025",
"rule_id": "legal_compliance",
"rule_text": "Ensure legal compliance for financial services content..."
}- Python 3.11+
- Google Gemini API key
- ChromaDB
# Clone repository
git clone <repo-url>
cd rag-moderation-api
# Create virtual environment
python -m venv .venv
.venv\Scripts\activate # Windows
source .venv/bin/activate # Linux/Mac
# Install dependencies
pip install -r requirements.txt
# Set up environment variables
# Create .env file with:
GEMINI_API_KEY=your_gemini_api_key
DOT_NET_API_KEY=your-strong-secret-keyuvicorn app.main:app --reload --host 127.0.0.1 --port 8000Open test_client.html in your browser and test the API endpoints.
Once running, access interactive documentation at:
- Swagger UI: http://127.0.0.1:8000/docs
- ReDoc: http://127.0.0.1:8000/redoc
β
Custom API Key Organization: Each API key has isolated rule sets
β
Multi-User Support: Multiple users per API key with separate rules
β
Semantic Matching: Vector database finds relevant rules intelligently
β
AI-Powered Decisions: Gemini AI provides detailed moderation reasoning
β
Paragraph Rules: Support for complex, multi-paragraph rules
β
CORS Enabled: Ready for frontend integration
β
RESTful API: Standard HTTP methods and status codes
β
Type Safety: Pydantic schemas for request/response validation
- API Key Authentication: Secure access control
- Request Validation: Input sanitization and validation
- Error Handling: Graceful error responses
- CORS Support: Configurable cross-origin requests
rag-moderation-api/
βββ app/
β βββ main.py # FastAPI application
β βββ api.py # API router setup
β βββ schemas.py # Pydantic models
β βββ services.py # Business logic
β βββ core/
β β βββ config.py # Configuration
β βββ endpoints/
β βββ moderation.py # API endpoints
βββ chroma_db/ # ChromaDB storage
βββ test_client.html # HTML test interface
βββ requirements.txt # Dependencies
βββ README.md # This file
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.