Merge pull request #2483 from BerriAI/litellm_proxy_perf

fix(proxy_server.py): cache master key check

litellm/proxy/_new_secret_config.yaml

@@ -0,0 +1,10 @@
+model_list:
+- model_name: fake_openai
+  litellm_params:
+    model: openai/my-fake-model
+    api_key: my-fake-key
+    api_base: http://0.0.0.0:8080
+
+general_settings:
+  master_key: sk-1234
+  database_url: "postgresql://krrishdholakia:9yQkKWiB8vVs@ep-icy-union-a5j4dwls.us-east-2.aws.neon.tech/neondb?sslmode=require"

litellm/proxy/proxy_server.py

@@ -353,17 +353,32 @@ async def user_api_key_auth(
 
         ### CHECK IF ADMIN ###
         # note: never string compare api keys, this is vulenerable to a time attack. Use secrets.compare_digest instead
+        ### CHECK IF ADMIN ###
+        # note: never string compare api keys, this is vulenerable to a time attack. Use secrets.compare_digest instead
+        ## Check CACHE
+        valid_token = user_api_key_cache.get_cache(key=hash_token(api_key))
+        if (
+            valid_token is not None
+            and isinstance(valid_token, UserAPIKeyAuth)
+            and valid_token.user_role == "proxy_admin"
+        ):
+            return valid_token
+
         try:
             is_master_key_valid = ph.verify(litellm_master_key_hash, api_key)
         except Exception as e:
             is_master_key_valid = False
 
         if is_master_key_valid:
-            return UserAPIKeyAuth(
+            _user_api_key_obj = UserAPIKeyAuth(
                 api_key=master_key,
                 user_role="proxy_admin",
                 user_id=litellm_proxy_admin_name,
             )
+            user_api_key_cache.set_cache(
+                key=hash_token(master_key), value=_user_api_key_obj
+            )
+            return _user_api_key_obj
 
         if isinstance(
             api_key, str