SunburstEnzo
commented
3 months ago I'm really sorry to hear your API key was compromised; this is a really good idea and something I'd love to see added myself. Though I'm not a moderator I'll have a look at adding some helpful text, but feel free to add a basic PR and we'll build on it.
ppoh71
Documentation about how a proxy server can work with this client. Otherwise, it is not recommended to use this client, since you expose your API key in your client which will result in a compromised API Key and financial costs on your side. (Speaking out of experience)
The feature request: A working example of secure server-side communication with a proxy server and openai and the macpaw/client
Context:
Since we all read this disclaimer:
⚠️ OpenAI strongly recommends developers of client-side applications proxy requests through a separate backend service to keep their API key safe. API keys can access and manipulate customer billing, usage, and organizational data, so it's a significant risk to expose.
I still deployed my app without a proxy and used the openai API directly in my app. After few days in the AppStore my API key got compromised and was used for by Chatgpt4 request. Luckily I had a set a limit and learned a lesson.