phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-26 03:04:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add checks for safe request body

Browse source
This commit is contained in:
Ishaan Jaff 2024-08-28 14:07:53 -07:00
parent ba1912afd1
commit d3a5162103
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
litellm/proxy/auth/user_api_key_auth.py
View file

@ -54,6 +54,7 @@ from litellm.proxy.auth.auth_checks import (
get_org_object, get_org_object,
get_team_object, get_team_object,
get_user_object, get_user_object,
is_request_body_safe,
log_to_opentelemetry, log_to_opentelemetry,
) )
from litellm.proxy.auth.auth_utils import ( from litellm.proxy.auth.auth_utils import (
@ -122,6 +123,9 @@ async def user_api_key_auth(
try: try:
route: str = get_request_route(request=request) route: str = get_request_route(request=request)
# get the request body
request_data = await _read_request_body(request=request)
is_request_body_safe(request_body=request_data)
### LiteLLM Enterprise Security Checks ### LiteLLM Enterprise Security Checks
# Check 1. Check if request size is under max_request_size_mb # Check 1. Check if request size is under max_request_size_mb
@ -353,9 +357,6 @@ async def user_api_key_auth(
user_info=user_info, user_info=user_info,
) )
) )
# get the request body
request_data = await _read_request_body(request=request)
# run through common checks # run through common checks
_ = common_checks( _ = common_checks(
request_body=request_data, request_body=request_data,
@ -448,7 +449,6 @@ async def user_api_key_auth(
) )
## Check END-USER OBJECT ## Check END-USER OBJECT
request_data = await _read_request_body(request=request)
_end_user_object = None _end_user_object = None
end_user_params = {} end_user_params = {}
if "user" in request_data: if "user" in request_data: