Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature Request] Read tokens from HTTP request sent by clients as API key #50

Open
hycxnas opened this issue Jul 19, 2023 · 2 comments
Labels
enhancement New feature or request

Comments

@hycxnas
Copy link

hycxnas commented Jul 19, 2023

Hi @juzeon,

I hope this message finds you well. I'm writing this issue to share a suggestion that could potentially enhance the performance and robustness of the Poe-OpenAI-Proxy project.

Currently, as I understand, clients provide tokens to access the API via server configuration. This method could potentially limit the project's resiliency and robustness, especially in scenarios where a dynamic switch of tokens is needed to bolster the project's self-recovery ability.

To address this, I propose a change to the codebase of the server-side that will allow it to read tokens directly from the Apikey sent through an HTTP request by the client. This way, we can achieve better mimicry of the standard OpenAI API and also allows more flexibility for users.

The proposed approach could take the form of an array – ["token1", "token2",...] – passed in as an Authorization header's field. With this in place, the server could effortlessly retrieve the latest tokens directly from this array without any need for manual server-side configuration by the user.

By incorporating this feature, the project could benefit from improved resilience, robustness, and provide an enhanced user experience for those who use this project.

Please consider this proposal, and let me know your thoughts on this matter. I believe this change will bring significant additions to the project and the users thereof.

Thank you for your time and consideration.

@wingeva1986
Copy link

wingeva1986 commented Jul 20, 2023

It's unsafe to expose a route to do this stuff,and maybe using one given token to ask poe will cause problem in some app where the key should be ignored.

@juzeon juzeon added the enhancement New feature or request label Jul 20, 2023
@hycxnas
Copy link
Author

hycxnas commented Jul 20, 2023

It's unsafe to expose a route to do this stuff,and maybe using one given token to ask poe will cause problem in some app where the key should be ignored.

Actually it solidify the security since you don't need to store token as plain text and TLS will ensure the point-to-point security while passing tokens via HTTP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

3 participants