phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-25 10:44:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(user_api_key_auth.py): allow restricting calls by IP address

Browse source 
Allows admin to restrict which IP addresses can make calls to the proxy
This commit is contained in:
Krrish Dholakia 2024-07-08 15:58:15 -07:00
parent 95739c3778
commit f3cc57bc6f
2 changed files with 78 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

32
litellm/proxy/auth/user_api_key_auth.py
View file

@ -136,6 +136,19 @@ async def user_api_key_auth(
enable_jwt_auth: true
```
"""
### FILTER IP ADDRESS ###
is_valid_ip = _check_valid_ip(
allowed_ips=general_settings.get("allowed_ips", None), request=request
)
if not is_valid_ip:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Access forbidden: IP address not allowed.",
)
route: str = request.url.path
if (
@ -1208,3 +1221,22 @@ def _get_user_role(user_id_information: Optional[list]):
_user = user_id_information[0]
return _user.get("user_role")
def _check_valid_ip(allowed_ips: Optional[List[str]], request: Request) -> bool:
"""
Returns if ip is allowed or not
"""
if allowed_ips is None: # if not set, assume true
return True
if request.client is not None:
client_ip = request.client.host
else:
client_ip = None
# Check if IP address is allowed
if client_ip not in allowed_ips:
return False
return True