Archives
/
fabric
mirror of https://github.com/danielmiessler/fabric
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #36 from u66u/main

Browse Source 
use jwt auth
pull/65/head
xssdoctor 7 months ago committed by GitHub
parent 0f97e619cc 0dd7d1dc9d
commit ef5dd0118e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 92 additions and 21 deletions
Show Stats Download Patch File Download Diff File

2
server/.env.example
Unescape Escape View File

@ -0,0 +1,2 @@
FLASK_SECRET_KEY=
OPENAI_API_KEY=

3
server/fabric_api_keys.json
Unescape Escape View File

@ -1,5 +1,6 @@
{ {
"/extwis": { "/extwis": {
"eJ4f1e0b-25wO-47f9-97ec-6b5335b2": "Daniel Miessler" "eJ4f1e0b-25wO-47f9-97ec-6b5335b2": "Daniel Miessler",
"test": "user2"
} }
} }

72
server/fabric_api_server.py
Unescape Escape View File

@ -1,14 +1,24 @@
# Imports import jwt
import openai
import json import json
import openai
from flask import Flask, request, jsonify from flask import Flask, request, jsonify
from functools import wraps from functools import wraps
import re import re
import requests import requests
import os
from dotenv import load_dotenv
## Define Flask app
app = Flask(__name__) app = Flask(__name__)
@app.errorhandler(404)
def not_found(e):
return jsonify({"error": "The requested resource was not found."}), 404
@app.errorhandler(500)
def server_error(e):
return jsonify({"error": "An internal server error occurred."}), 500
################################################## ##################################################
################################################## ##################################################
# #
@ -25,10 +35,8 @@ app = Flask(__name__)
## Set authentication on your APIs ## Set authentication on your APIs
## Let's at least have some kind of auth ## Let's at least have some kind of auth
load_dotenv()
# Load your OpenAI API key from a file openai.api_key = os.getenv("OPENAI_API_KEY")
with open("openai.key", "r") as key_file:
openai.api_key = key_file.read().strip()
## Define our own client ## Define our own client
client = openai.OpenAI(api_key = openai.api_key) client = openai.OpenAI(api_key = openai.api_key)
@ -39,6 +47,11 @@ with open("fabric_api_keys.json", "r") as tokens_file:
valid_tokens = json.load(tokens_file) valid_tokens = json.load(tokens_file)
# Read users from the users.json file
with open("users.json", "r") as users_file:
users = json.load(users_file)
# The function to check if the token is valid # The function to check if the token is valid
def auth_required(f): def auth_required(f):
""" Decorator function to check if the token is valid. """ Decorator function to check if the token is valid.
@ -101,7 +114,7 @@ def check_auth_token(token, route):
# Check if token is valid for the given route and return corresponding user # Check if token is valid for the given route and return corresponding user
if route in valid_tokens and token in valid_tokens[route]: if route in valid_tokens and token in valid_tokens[route]:
return valid_tokens[route][token] return users[valid_tokens[route][token]]
else: else:
return "Unauthorized: You are not authorized for this API" return "Unauthorized: You are not authorized for this API"
@ -196,8 +209,47 @@ def extwis():
assistant_message = response.choices[0].message.content assistant_message = response.choices[0].message.content
return jsonify({"response": assistant_message}) return jsonify({"response": assistant_message})
except Exception as e: except Exception as e:
return jsonify({"error": str(e)}), 500 app.logger.error(f"Error occurred: {str(e)}")
return jsonify({"error": "An error occurred while processing the request."}), 500
@app.route("/register", methods=["POST"])
def register():
data = request.get_json()
username = data["username"]
password = data["password"]
if username in users:
return jsonify({"error": "Username already exists"}), 400
new_user = {
"username": username,
"password": password
}
users[username] = new_user
token = jwt.encode({"username": username}, os.getenv("JWT_SECRET"), algorithm="HS256")
return jsonify({"token": token.decode("utf-8")})
@app.route("/login", methods=["POST"])
def login():
data = request.get_json()
username = data["username"]
password = data["password"]
if username in users and users[username]["password"] == password:
# Generate a JWT token
token = jwt.encode({"username": username}, os.getenv("JWT_SECRET"), algorithm="HS256")
return jsonify({"token": token.decode("utf-8")})
return jsonify({"error": "Invalid username or password"}), 401
# Run the application
if __name__ == "__main__": if __name__ == "__main__":
app.run(host="127.0.0.1", port=13337, debug=True) app.run(host="127.0.0.1", port=13337, debug=True)

14
server/fabric_web_interface/fabric_web_server.py
Unescape Escape View File

@ -33,19 +33,23 @@ def send_request(prompt, endpoint):
url = f"{base_url}{endpoint}" url = f"{base_url}{endpoint}"
headers = { headers = {
"Content-Type": "application/json", "Content-Type": "application/json",
"Authorization": "eJ4f1e0b-25wO-47f9-97ec-6b5335b2", "Authorization": f"Bearer {session['token']}",
} }
data = json.dumps({"input": prompt}) data = json.dumps({"input": prompt})
response = requests.post(url, headers=headers, data=data, verify=False) response = requests.post(url, headers=headers, data=data, verify=False)
try: try:
return response.json()["response"] response = requests.post(url, headers=headers, data=data)
except KeyError: response.raise_for_status() # raises HTTPError if the response status isn't 200
return f"Error: You're not authorized for this application." except requests.ConnectionError:
return "Error: Unable to connect to the server."
except requests.HTTPError as e:
return f"Error: An HTTP error occurred: {str(e)}"
app = Flask(__name__) app = Flask(__name__)
app.secret_key = "your_secret_key" app.secret_key = os.getenv("FLASK_SECRET_KEY")
@app.route("/favicon.ico") @app.route("/favicon.ico")

8
server/fabric_web_interface/templates/index.html
Unescape Escape View File

@ -17,7 +17,7 @@
<h1 class="text-4xl font-bold"><code>fabric</code></h1> <h1 class="text-4xl font-bold"><code>fabric</code></h1>
</div> </div>
<p>Enter your content and the API you want to send it to.</p> <p>Please enter your content and select the API you want to use:</p>
<br /> <br />
<form method="POST" class="space-y-4"> <form method="POST" class="space-y-4">
<div> <div>
@ -31,13 +31,13 @@
<!-- Add more API endpoints here... --> <!-- Add more API endpoints here... -->
</select> </select>
</div> </div>
<button type="submit" class="px-4 py-2 bg-blue-600 hover:bg-blue-700 rounded-md text-white font-medium">Submit</button> <button type="submit" class="px-4 py-2 bg-blue-600 hover:bg-blue-700 rounded-md text-white font-medium">Send Request</button>
</form> </form>
{% if response %} {% if response %}
<div class="mt-8"> <div class="mt-8">
<div class="flex justify-between items-center mb-4"> <div class="flex justify-between items-center mb-4">
<h2 class="text-2xl font-bold">Response:</h2> <h2 class="text-2xl font-bold">API Response:</h2>
<button id="copy-button" class="bg-green-600 hover:bg-green-700 text-white px-4 py-2 rounded-md">Copy</button> <button id="copy-button" class="bg-green-600 hover:bg-green-700 text-white px-4 py-2 rounded-md">Copy to Clipboard</button>
</div> </div>
<pre id="response-output" class="bg-gray-800 p-4 rounded-md whitespace-pre-wrap">{{ response }}</pre> <pre id="response-output" class="bg-gray-800 p-4 rounded-md whitespace-pre-wrap">{{ response }}</pre>
</div> </div>

1
server/openai.key
Unescape Escape View File

@ -1 +0,0 @@
sk-somethingsomethingnumbersandstuff

2
server/requirements.txt
Unescape Escape View File

@ -1,3 +1,5 @@
openai openai
requests requests
flask flask
python-dotenv
jwt

11
server/users.json
Unescape Escape View File

@ -0,0 +1,11 @@
{
"user1": {
"username": "user1",
"password": "password1"
},
"user2": {
"username": "user2",
"password": "password2"
}
}
Write Preview
Loading…
Cancel
Save