Option to hide API key from users

cogentapps / chat-with-gpt

An open-source ChatGPT app with a voice

https://www.chatwithgpt.ai

MIT License

2.3k stars 489 forks source link

Option to hide API key from users #131

Open BramSuurdje opened 1 year ago

BramSuurdje commented 1 year ago

hey, first off I just wanted to say that I really like your project! I have been using it for a bit now and it works really well. but one downside I have with it, is that other users are able to see my API key. a great feature to add would be to make it so. the API key will be hidden when it detects that it has been inputted from the server and not from the user.

cogentapps commented 1 year ago

The API key should not be visible to users when provided on the server via a config.yaml file. The API key is loaded and used only on the server, and not sent to the browser.

Vuthric commented 1 year ago

Hi @cogentapps

Does this mean OpenAI would only see API requests coming from my server IP, but not IP from any of the clients who're using the app via web browsers?

Update: Yes it does.