feat: support using user api key

2023-03-26 11:58:25 +00:00 · 2023-03-26 11:58:25 +00:00 · df66eef919
commit df66eef919
parent 1e89fe14ac
7 changed files with 58 additions and 19 deletions
--- a/app/api/chat-stream/route.ts
+++ b/app/api/chat-stream/route.ts
@ -2,19 +2,25 @@ import type { ChatRequest } from "../chat/typing";
 import { createParser } from "eventsource-parser";
 import { NextRequest } from "next/server";

-const apiKey = process.env.OPENAI_API_KEY;
-
-async function createStream(payload: ReadableStream<Uint8Array>) {
+async function createStream(req: NextRequest) {
  const encoder = new TextEncoder();
  const decoder = new TextDecoder();

+  let apiKey = process.env.OPENAI_API_KEY;
+
+  const userApiKey = req.headers.get("token");
+  if (userApiKey) {
+    apiKey = userApiKey;
+    console.log("[Stream] using user api key");
+  }
+
  const res = await fetch("https://api.openai.com/v1/chat/completions", {
    headers: {
      "Content-Type": "application/json",
      Authorization: `Bearer ${apiKey}`,
    },
    method: "POST",
-    body: payload,
+    body: req.body,
  });

  const stream = new ReadableStream({
@ -49,7 +55,7 @@ async function createStream(payload: ReadableStream<Uint8Array>) {

 export async function POST(req: NextRequest) {
  try {
-    const stream = await createStream(req.body!);
+    const stream = await createStream(req);
    return new Response(stream);
  } catch (error) {
    console.error("[Chat Stream]", error);
--- a/app/api/chat/route.ts
+++ b/app/api/chat/route.ts
@ -1,7 +1,14 @@
 import { OpenAIApi, Configuration } from "openai";
 import { ChatRequest } from "./typing";

-const apiKey = process.env.OPENAI_API_KEY;
+export async function POST(req: Request) {
+  try {
+    let apiKey = process.env.OPENAI_API_KEY;
+
+    const userApiKey = req.headers.get("token");
+    if (userApiKey) {
+      apiKey = userApiKey;
+    }

    const openai = new OpenAIApi(
      new Configuration({
@ -9,14 +16,10 @@ const openai = new OpenAIApi(
      })
    );

-export async function POST(req: Request) {
-  try {
    const requestBody = (await req.json()) as ChatRequest;
-    const completion = await openai!.createChatCompletion(
-      {
+    const completion = await openai!.createChatCompletion({
      ...requestBody,
-      }
-    );
+    });

    return new Response(JSON.stringify(completion.data));
  } catch (e) {
--- a/app/components/settings.tsx
+++ b/app/components/settings.tsx
@ -257,6 +257,20 @@ export function Settings(props: { closeSettings: () => void }) {
            <></>
          )}

+          <SettingItem
+            title={Locale.Settings.Token.Title}
+            subTitle={Locale.Settings.Token.SubTitle}
+          >
+            <input
+              value={accessStore.token}
+              type="text"
+              placeholder={Locale.Settings.Token.Placeholder}
+              onChange={(e) => {
+                accessStore.updateToken(e.currentTarget.value);
+              }}
+            ></input>
+          </SettingItem>
+
          <SettingItem
            title={Locale.Settings.HistoryCount.Title}
            subTitle={Locale.Settings.HistoryCount.SubTitle}
--- a/app/locales/cn.ts
+++ b/app/locales/cn.ts
@ -69,6 +69,11 @@ const cn = {
      Title: "历史消息长度压缩阈值",
      SubTitle: "当未压缩的历史消息超过该值时，将进行压缩",
    },
+    Token: {
+      Title: "API Key",
+      SubTitle: "使用自己的 Key 可绕过受控访问限制",
+      Placeholder: "OpenAI API Key",
+    },
    AccessCode: {
      Title: "访问码",
      SubTitle: "现在是受控访问状态",
--- a/app/requests.ts
+++ b/app/requests.ts
@ -35,6 +35,10 @@ function getHeaders() {
    headers["access-code"] = accessStore.accessCode;
  }

+  if (accessStore.token && accessStore.token.length > 0) {
+    headers["token"] = accessStore.token;
+  }
+
  return headers;
 }

--- a/app/store/access.ts
+++ b/app/store/access.ts
@ -4,7 +4,9 @@ import { queryMeta } from "../utils";

 export interface AccessControlStore {
  accessCode: string;
+  token: string;

+  updateToken: (_: string) => void;
  updateCode: (_: string) => void;
  enabledAccessControl: () => boolean;
 }
@ -14,6 +16,7 @@ export const ACCESS_KEY = "access-control";
 export const useAccessStore = create<AccessControlStore>()(
  persist(
    (set, get) => ({
+      token: "",
      accessCode: "",
      enabledAccessControl() {
        return queryMeta("access") === "enabled";
@ -21,6 +24,9 @@ export const useAccessStore = create<AccessControlStore>()(
      updateCode(code: string) {
        set((state) => ({ accessCode: code }));
      },
+      updateToken(token: string) {
+        set((state) => ({ token }));
+      },
    }),
    {
      name: ACCESS_KEY,
--- a/middleware.ts
+++ b/middleware.ts
@ -8,13 +8,14 @@ export const config = {

 export function middleware(req: NextRequest, res: NextResponse) {
  const accessCode = req.headers.get("access-code");
+  const token = req.headers.get("token");
  const hashedCode = md5.hash(accessCode ?? "").trim();

  console.log("[Auth] allowed hashed codes: ", [...ACCESS_CODES]);
  console.log("[Auth] got access code:", accessCode);
  console.log("[Auth] hashed access code:", hashedCode);

-  if (ACCESS_CODES.size > 0 && !ACCESS_CODES.has(hashedCode)) {
+  if (ACCESS_CODES.size > 0 && !ACCESS_CODES.has(hashedCode) && !token) {
    return NextResponse.json(
      {
        needAccessCode: true,