From 5af68ac545902e80465235051c39f068baaf9160 Mon Sep 17 00:00:00 2001 From: Fred Liang Date: Mon, 25 Dec 2023 04:07:35 +0800 Subject: [PATCH 1/2] fix: fix issue https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/issues/3616 --- app/api/auth.ts | 13 +++++-------- app/api/google/[...path]/route.ts | 13 +++++++++++++ 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/app/api/auth.ts b/app/api/auth.ts index 043ad0d3..ed2b6727 100644 --- a/app/api/auth.ts +++ b/app/api/auth.ts @@ -16,11 +16,11 @@ function getIP(req: NextRequest) { function parseApiKey(bearToken: string) { const token = bearToken.trim().replaceAll("Bearer ", "").trim(); - const isOpenAiKey = !token.startsWith(ACCESS_CODE_PREFIX); + const isApiKey = !token.startsWith(ACCESS_CODE_PREFIX); return { - accessCode: isOpenAiKey ? "" : token.slice(ACCESS_CODE_PREFIX.length), - apiKey: isOpenAiKey ? token : "", + accessCode: isApiKey ? "" : token.slice(ACCESS_CODE_PREFIX.length), + apiKey: isApiKey ? token : "", }; } @@ -49,7 +49,7 @@ export function auth(req: NextRequest) { if (serverConfig.hideUserApiKey && !!apiKey) { return { error: true, - msg: "you are not allowed to access openai with your own api key", + msg: "you are not allowed to access with your own api key", }; } @@ -64,10 +64,7 @@ export function auth(req: NextRequest) { if (systemApiKey) { console.log("[Auth] use system api key"); - req.headers.set( - "Authorization", - `Bearer ${systemApiKey}`, - ); + req.headers.set("Authorization", `Bearer ${systemApiKey}`); } else { console.log("[Auth] admin did not provide an api key"); } diff --git a/app/api/google/[...path]/route.ts b/app/api/google/[...path]/route.ts index 21755678..28b9822a 100644 --- a/app/api/google/[...path]/route.ts +++ b/app/api/google/[...path]/route.ts @@ -39,9 +39,22 @@ async function handle( 10 * 60 * 1000, ); + const authResult = auth(req); + if (authResult.error) { + return NextResponse.json(authResult, { + status: 401, + }); + } + const bearToken = req.headers.get("Authorization") ?? ""; const token = bearToken.trim().replaceAll("Bearer ", "").trim(); + console.log( + bearToken, + serverConfig.googleApiKey, + token ? token : serverConfig.googleApiKey, + ); + const key = token ? token : serverConfig.googleApiKey; if (!key) { return NextResponse.json( From cad461b1218e1d3668d4d7005032d46d2986f5d3 Mon Sep 17 00:00:00 2001 From: Fred Liang Date: Mon, 25 Dec 2023 04:09:38 +0800 Subject: [PATCH 2/2] chore: remove console log --- app/api/google/[...path]/route.ts | 6 ------ 1 file changed, 6 deletions(-) diff --git a/app/api/google/[...path]/route.ts b/app/api/google/[...path]/route.ts index 28b9822a..7911f848 100644 --- a/app/api/google/[...path]/route.ts +++ b/app/api/google/[...path]/route.ts @@ -49,12 +49,6 @@ async function handle( const bearToken = req.headers.get("Authorization") ?? ""; const token = bearToken.trim().replaceAll("Bearer ", "").trim(); - console.log( - bearToken, - serverConfig.googleApiKey, - token ? token : serverConfig.googleApiKey, - ); - const key = token ? token : serverConfig.googleApiKey; if (!key) { return NextResponse.json(