search

bricks-cloud / BricksLLM

🔒 Enterprise-grade API gateway that helps you monitor and impose cost or rate limits per API key. Get fine-grained access control and monitoring per user, application, or environment. Supports OpenAI, Azure OpenAI, Anthropic, vLLM, and open-source LLMs.
https://trybricks.ai/
MIT License
901 stars 61 forks source link

Authentication for Key Creation in BricksLLM API #42

Closed Elliot-Construct closed 8 months ago

Elliot-Construct commented 8 months ago

Description: I am using the BricksLLM API to create keys for my application. However, I am concerned about unauthorized key creation. Is there any way to add authentication to the key creation process?

Steps to Reproduce:

  1. Navigate to the key creation section of the BricksLLM API.
  2. Attempt to create a key without authentication.
  3. Observe that the key is created successfully.

Expected Behavior: Unauthorized key creation should not be possible. There should be some form of authentication required to create a key.

Actual Behavior: Unauthorized key creation is possible without any authentication.

Additional Information: I am using the latest version of the BricksLLM API. I have not made any modifications to the API code.

spikelu2016 commented 8 months ago

This issue is temporarily fixed by https://github.com/bricks-cloud/BricksLLM/commit/afc10cb5b6fe94670b4f60c7e19d43a3e98c0bce