SwiftDev29
commented
1 year ago Add auth via middleware.
Closed BaiMoHan closed 8 months ago
SwiftDev29
commented
1 year ago Add auth via middleware.
Youngv
commented
1 year ago same here
sbusso
commented
1 year ago The code being open source, anybody found a trace of the key being leaked?
djsiroky
commented
1 year ago For anyone experiencing this issue, did you use docker push with this repo? Doing so pushes this image with the .env file to a registry, possibly Docker hub. I see quite a few public images on there named chatbot-ui with plenty of downloads.
seanchito
commented
1 year ago I lost my openai key recently as well. Not certain that this app was the culprit tho.
MrFuryian
commented
1 year ago Same here. Key got leaked somehow. I only used chatbot-ui locally behind my own auth page.
djsiroky
commented
1 year ago @seanchito @MrFuryian how long ago did you deploy? I'm trying to track down a source of the issue and found this comment: https://github.com/mckaywrigley/chatbot-ui/pull/449#issuecomment-1500154212
I wonder if a bug is racking up high usage even when the app is not in use, appearing to be a leak?
I don't think there's any versioning, so you can use git log to see the latest commit in the repo to get a sense of which commit you have running.
seanchito
commented
1 year ago @djsiroky I'm a git newb, but I was merging stuff from the beginning up til the end, mid-april. Openai api logs are shit, but the activity I see looks like lots of people doing different size requests, as if the key was shared somewhere. My key got swiped July 9, and they immediately ran it up to the $65 limit in 24hrs.
djsiroky
commented
1 year ago @seanchito Got it, definitely not a random bug. Thanks for replying. I think I'm going to look for other options instead of trying to track down the cause of this key leaking...
https://github.com/mckaywrigley/chatbot-ui/issues/923 same as this