phoenix/litellm
1
0
Fork 0
forked from phoenix/litellm-mirror
Code Pull requests Activity

(fix) litellm-ui keys can never access /chat/completions

Browse source
This commit is contained in:
ishaan-jaff 2024-02-05 16:10:49 -08:00
parent 77fe71ee08
commit 8d7698f24d
1 changed files with 25 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

25
litellm/proxy/proxy_server.py
View file

@ -636,6 +636,31 @@ async def user_api_key_auth(
raise Exception( raise Exception(
f"Only master key can be used to generate, delete, update or get info for new keys/users. Value of allow_user_auth={allow_user_auth}" f"Only master key can be used to generate, delete, update or get info for new keys/users. Value of allow_user_auth={allow_user_auth}"
) )
# check if token is from litellm-ui, litellm ui makes keys to allow users to login with sso. These keys can only be used for LiteLLM UI functions
# sso/login, ui/login, /key functions and /user functions
# this will never be allowed to call /chat/completions
token_team = getattr(valid_token, "team_id", None)
if token_team is not None:
if token_team == "litellm-dashboard":
# this token is only used for managing the ui
allowed_routes = [
"/sso",
"/login",
"/key",
"/spend",
"/user",
]
# check if the current route startswith any of the allowed routes
if any(
route.startswith(allowed_route) for allowed_route in allowed_routes
):
# Do something if the current route starts with any of the allowed routes
pass
else:
raise Exception(
f"This key is made for LiteLLM UI, Tried to access route: {route}. Not allowed"
)
return UserAPIKeyAuth(api_key=api_key, **valid_token_dict) return UserAPIKeyAuth(api_key=api_key, **valid_token_dict)
else: else:
raise Exception(f"Invalid Key Passed to LiteLLM Proxy") raise Exception(f"Invalid Key Passed to LiteLLM Proxy")