2023-05-04 00:08:37 +09:00
|
|
|
import { NextRequest } from "next/server";
|
|
|
|
|
import { getServerSideConfig } from "../config/server";
|
|
|
|
|
import md5 from "spark-md5";
|
2023-12-25 06:12:21 +09:00
|
|
|
import { ACCESS_CODE_PREFIX, ModelProvider } from "../constant";
|
2023-05-04 00:08:37 +09:00
|
|
|
|
|
|
|
|
function getIP(req: NextRequest) {
|
|
|
|
|
let ip = req.ip ?? req.headers.get("x-real-ip");
|
|
|
|
|
const forwardedFor = req.headers.get("x-forwarded-for");
|
|
|
|
|
|
|
|
|
|
if (!ip && forwardedFor) {
|
|
|
|
|
ip = forwardedFor.split(",").at(0) ?? "";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ip;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function parseApiKey(bearToken: string) {
|
|
|
|
|
const token = bearToken.trim().replaceAll("Bearer ", "").trim();
|
2023-12-25 05:07:35 +09:00
|
|
|
const isApiKey = !token.startsWith(ACCESS_CODE_PREFIX);
|
2023-05-04 00:08:37 +09:00
|
|
|
|
|
|
|
|
return {
|
2023-12-25 05:07:35 +09:00
|
|
|
accessCode: isApiKey ? "" : token.slice(ACCESS_CODE_PREFIX.length),
|
|
|
|
|
apiKey: isApiKey ? token : "",
|
2023-05-04 00:08:37 +09:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-25 06:12:21 +09:00
|
|
|
export function auth(req: NextRequest, modelProvider: ModelProvider) {
|
2023-05-04 00:08:37 +09:00
|
|
|
const authToken = req.headers.get("Authorization") ?? "";
|
|
|
|
|
|
|
|
|
|
// check if it is openai api key or user token
|
2023-11-10 03:43:30 +09:00
|
|
|
const { accessCode, apiKey } = parseApiKey(authToken);
|
2023-05-04 00:08:37 +09:00
|
|
|
|
|
|
|
|
const hashedCode = md5.hash(accessCode ?? "").trim();
|
|
|
|
|
|
2023-05-18 03:15:30 +09:00
|
|
|
const serverConfig = getServerSideConfig();
|
2023-05-04 00:08:37 +09:00
|
|
|
console.log("[Auth] allowed hashed codes: ", [...serverConfig.codes]);
|
|
|
|
|
console.log("[Auth] got access code:", accessCode);
|
|
|
|
|
console.log("[Auth] hashed access code:", hashedCode);
|
|
|
|
|
console.log("[User IP] ", getIP(req));
|
|
|
|
|
console.log("[Time] ", new Date().toLocaleString());
|
|
|
|
|
|
2023-11-10 03:43:30 +09:00
|
|
|
if (serverConfig.needCode && !serverConfig.codes.has(hashedCode) && !apiKey) {
|
2023-05-04 00:08:37 +09:00
|
|
|
return {
|
|
|
|
|
error: true,
|
2023-05-16 02:58:58 +09:00
|
|
|
msg: !accessCode ? "empty access code" : "wrong access code",
|
2023-05-04 00:08:37 +09:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-16 01:53:11 +09:00
|
|
|
if (serverConfig.hideUserApiKey && !!apiKey) {
|
|
|
|
|
return {
|
|
|
|
|
error: true,
|
2023-12-25 05:07:35 +09:00
|
|
|
msg: "you are not allowed to access with your own api key",
|
2023-11-16 01:53:11 +09:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2023-05-04 00:08:37 +09:00
|
|
|
// if user does not provide an api key, inject system api key
|
2023-11-10 03:43:30 +09:00
|
|
|
if (!apiKey) {
|
2023-12-25 02:30:23 +09:00
|
|
|
const serverConfig = getServerSideConfig();
|
2023-11-10 03:43:30 +09:00
|
|
|
|
2024-04-07 12:32:57 +09:00
|
|
|
// const systemApiKey =
|
|
|
|
|
// modelProvider === ModelProvider.GeminiPro
|
|
|
|
|
// ? serverConfig.googleApiKey
|
|
|
|
|
// : serverConfig.isAzure
|
|
|
|
|
// ? serverConfig.azureApiKey
|
|
|
|
|
// : serverConfig.apiKey;
|
|
|
|
|
|
|
|
|
|
let systemApiKey: string | undefined;
|
|
|
|
|
|
|
|
|
|
switch (modelProvider) {
|
2024-07-11 16:29:47 +09:00
|
|
|
case ModelProvider.Stability:
|
|
|
|
|
systemApiKey = serverConfig.stabilityApiKey;
|
|
|
|
|
break;
|
2024-04-07 12:32:57 +09:00
|
|
|
case ModelProvider.GeminiPro:
|
|
|
|
|
systemApiKey = serverConfig.googleApiKey;
|
|
|
|
|
break;
|
|
|
|
|
case ModelProvider.Claude:
|
|
|
|
|
systemApiKey = serverConfig.anthropicApiKey;
|
|
|
|
|
break;
|
2024-07-06 15:59:37 +09:00
|
|
|
case ModelProvider.Doubao:
|
|
|
|
|
systemApiKey = serverConfig.bytedanceApiKey;
|
|
|
|
|
break;
|
2024-07-06 14:05:09 +09:00
|
|
|
case ModelProvider.Ernie:
|
|
|
|
|
systemApiKey = serverConfig.baiduApiKey;
|
|
|
|
|
break;
|
2024-07-07 22:59:56 +09:00
|
|
|
case ModelProvider.Qwen:
|
|
|
|
|
systemApiKey = serverConfig.alibabaApiKey;
|
2024-07-09 10:50:04 +09:00
|
|
|
break;
|
2024-08-01 12:55:22 +09:00
|
|
|
case ModelProvider.Moonshot:
|
|
|
|
|
systemApiKey = serverConfig.moonshotApiKey;
|
|
|
|
|
break;
|
2024-08-03 18:20:26 +09:00
|
|
|
case ModelProvider.Iflytek:
|
|
|
|
|
systemApiKey =
|
|
|
|
|
serverConfig.iflytekApiKey + ":" + serverConfig.iflytekApiSecret;
|
|
|
|
|
break;
|
2024-10-23 12:40:06 +09:00
|
|
|
case ModelProvider.XAI:
|
|
|
|
|
systemApiKey = serverConfig.xaiApiKey;
|
|
|
|
|
break;
|
2024-10-30 20:24:03 +09:00
|
|
|
case ModelProvider.GLM:
|
|
|
|
|
systemApiKey = serverConfig.glmApiKey;
|
|
|
|
|
break;
|
2024-04-07 12:32:57 +09:00
|
|
|
case ModelProvider.GPT:
|
|
|
|
|
default:
|
2024-07-05 20:59:45 +09:00
|
|
|
if (req.nextUrl.pathname.includes("azure/deployments")) {
|
2024-04-07 12:32:57 +09:00
|
|
|
systemApiKey = serverConfig.azureApiKey;
|
|
|
|
|
} else {
|
|
|
|
|
systemApiKey = serverConfig.apiKey;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-25 02:30:23 +09:00
|
|
|
if (systemApiKey) {
|
2024-10-23 12:55:25 +09:00
|
|
|
console.log("[Auth] use system api key");
|
2023-12-25 05:07:35 +09:00
|
|
|
req.headers.set("Authorization", `Bearer ${systemApiKey}`);
|
2023-05-04 00:08:37 +09:00
|
|
|
} else {
|
|
|
|
|
console.log("[Auth] admin did not provide an api key");
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
console.log("[Auth] use user api key");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
error: false,
|
|
|
|
|
};
|
|
|
|
|
}
|
