phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-25 18:54:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(proxy_server.py): allow user to create key for themselves

Browse source
This commit is contained in:
Krrish Dholakia 2024-02-07 11:12:30 -08:00
parent 766b946b94
commit dfd027da35
3 changed files with 21 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docs/my-website/docs/proxy/ui.md
View file

@ -37,14 +37,10 @@ http://0.0.0.0:8000/ui # <proxy_base_url>/ui
### 3. Create Key ### 3. Create Key
<Image img={require('../../img/litellm_ui_login.png')} /> <Image img={require('../../img/litellm_ui_create_key.png')} />
### 1. Start the proxy
```
litellm --config /path/to/config.yaml
```
## 1. Setup SSO/Auth for UI ## Setup SSO/Auth for UI
<Tabs> <Tabs>

BIN
docs/my-website/img/litellm_ui_create_key.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 243 KiB

21
litellm/proxy/proxy_server.py
View file

@ -650,9 +650,26 @@ async def user_api_key_auth(
elif route == "/model/info": elif route == "/model/info":
# /model/info just shows models user has access to # /model/info just shows models user has access to
pass pass
elif allow_user_auth == True and route == "/key/generate": elif route == "/key/generate":
pass """
Make sure user can only create a key for themselves
- if user_id passed in -> check if it matches the user id for that key
"""
request_data = await _read_request_body(request=request)
user_id_passed_to_key_generate = request_data.get("user_id", None)
if (
user_id_passed_to_key_generate is not None
and user_id_passed_to_key_generate != valid_token.user_id
):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="key not allowed to crea this user's info",
)
elif allow_user_auth == True and route == "/key/delete": elif allow_user_auth == True and route == "/key/delete":
"""
[TODO] Make sure user can only delete a key for themselves
- if user_id passed in -> check if it matches the user id for that key
"""
pass pass
elif route == "/spend/logs": elif route == "/spend/logs":
# check if user can access this route # check if user can access this route