alex/nova-api
1
0
Fork 0
mirror of https://github.com/NovaOSS/nova-api.git synced 2024-11-25 18:23:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Key rate-limit system thanks to Leander, full proxy list support

Browse source
This commit is contained in:
nsde 2023-10-02 20:06:18 +02:00
parent 1e2a596df3
commit 577cdc0d0b
11 changed files with 109 additions and 1780 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
.gitignore vendored
View file

@ -1,7 +1,20 @@
*.zip # Environments
# !!! KEEP THESE ENTRIES AT THE TOP OF THIS FILE BECAUSE THEY CONTAIN THE MOST SENSITIVE DATA !!!
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
env.old/
.prod.env
# !!! KEEP THESE ENTRIES AT THE TOP OF THIS FILE BECAUSE THEY CONTAIN THE MOST SENSITIVE DATA !!!
rate_limited_keys.json
last_update.txt last_update.txt
*.zip
*.log.json *.log.json
/logs /logs
/log /log
@ -142,15 +155,6 @@ celerybeat.pid
# SageMath parsed files # SageMath parsed files
*.sage.py *.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings # Spyder project settings
.spyderproject .spyderproject
.spyproject .spyproject
@ -184,3 +188,4 @@ cython_debug/
backups/ backups/
cache/ cache/
api/cache/rate_limited_keys.json

1
.vscode/settings.json vendored
View file

@ -7,6 +7,7 @@
"**/.DS_Store": true, "**/.DS_Store": true,
"**/Thumbs.db": true, "**/Thumbs.db": true,
"**/__pycache__": true, "**/__pycache__": true,
"**/*.css.map": true,
"**/.vscode": true, "**/.vscode": true,
"**/*.map": true, "**/*.map": true,
"tests/__pycache__": true "tests/__pycache__": true

2
PUSH_TO_PRODUCTION.sh
View file

@ -22,4 +22,4 @@ cp env/.prod.env /home/nova-prod/.env
cd /home/nova-prod cd /home/nova-prod
# Start screen # Start screen
screen -S nova-api python run prod && sleep 5 screen -L -S nova-api python run prod && sleep 5

67
README.md
View file

@ -125,14 +125,45 @@ Set up a MongoDB database and set `MONGO_URI` to the MongoDB database connection
Want to use a proxy list? See the according section! Want to use a proxy list? See the according section!
Keep in mind to set `USE_PROXY_LIST` to `True`! Otherwise, the proxy list won't be used. Keep in mind to set `USE_PROXY_LIST` to `True`! Otherwise, the proxy list won't be used.
### `ACTUAL_IPS` (optional) ### Proxy Lists
To use proxy lists, navigate to `api/secret/proxies/` and create the following files:
- `http.txt`
- `socks4.txt`
- `socks5.txt`
Then, paste your proxies in the following format:
```
[username:password@]host:port
```
Whereas anything inside of `[]` is optional and the host can be an IP address or a hostname. Always specify the port.
If you're using [iproyal.com](https://iproyal.com?r=307932)<sup>affiliate link</sup>, follow the following steps:
- Order any type of proxy or proxies
- In the *Product Info* tab:
- set *Select port* to `SOCKS5`
- and *Select format* to `USER:PASS@IP:PORT`
#### Proxy List Examples
```
1.2.3.4:8080
user:pass@127.0.0.1:1337
aaaaaaaaaaaaa:bbbbbbbbbb@1.2.3.4:5555
```
In the proxy credential files, can use comments just like in Python.
**Important:** to activate the proxy lists, you need to change the `USE_PROXY_LIST` environment variable to `True`!
### ~~`ACTUAL_IPS` (optional)~~ (deprecated, might come back in the future)
This is a security measure to make sure a proxy, VPN, Tor or any other IP hiding service is used by the host when accessing "Closed"AI's API. This is a security measure to make sure a proxy, VPN, Tor or any other IP hiding service is used by the host when accessing "Closed"AI's API.
It is a space separated list of IP addresses that are allowed to access the API. It is a space separated list of IP addresses that are allowed to access the API.
You can also just add the *beginning* of an API address, like `12.123.` (without an asterisk!) to allow all IPs starting with `12.123.`. You can also just add the *beginning* of an API address, like `12.123.` (without an asterisk!) to allow all IPs starting with `12.123.`.
> To disable the warning if you don't have this feature enabled, set `ACTUAL_IPS` to `None`. > To disable the warning if you don't have this feature enabled, set `ACTUAL_IPS` to `None`.
### Timeout ### Timeout
`TRANSFER_TIMEOUT` seconds to wait until the program throws an exception for if the request takes too long. We recommend rather long times like `120` for two minutes. `TRANSFER_TIMEOUT` seconds to wait until the program throws an exception for if the request takes too long. We recommend rather long times like `500` for 500 seconds.
### Core Keys ### Core Keys
`CORE_API_KEY` specifies the **very secret key** for which need to access the entire user database etc. `CORE_API_KEY` specifies the **very secret key** for which need to access the entire user database etc.
@ -145,29 +176,6 @@ You can also just add the *beginning* of an API address, like `12.123.` (without
### Other ### Other
`KEYGEN_INFIX` can be almost any string (avoid spaces or special characters) - this string will be put in the middle of every NovaAI API key which is generated. This is useful for identifying the source of the key using e.g. RegEx. `KEYGEN_INFIX` can be almost any string (avoid spaces or special characters) - this string will be put in the middle of every NovaAI API key which is generated. This is useful for identifying the source of the key using e.g. RegEx.
## Proxy Lists
To use proxy lists, navigate to `api/secret/proxies/` and create the following files:
- `http.txt`
- `socks4.txt`
- `socks5.txt`
Then, paste your proxies in the following format:
```
[username:password@]host:port
```
e.g.
```
1.2.3.4:8080
user:pass@127.0.0.1:1337
```
You can use comments just like in Python.
**Important:** to use the proxy lists, you need to change the `USE_PROXY_LIST` environment variable to `True`!
## Run ## Run
> **Warning:** read the according section for production usage! > **Warning:** read the according section for production usage!
@ -186,17 +194,20 @@ python run 1337
``` ```
## Adding a provider ## Adding a provider
To be documented!]
## Test if it works ## Run tests
Make sure the API server is running on the port you specified and run:
`python checks` `python checks`
## Ports ## Default Ports
```yml ```yml
2332: Developement (default) 2332: Developement
2333: Production 2333: Production
``` ```
## Production ## Production
Make sure your server is secure and up to date. Make sure your server is secure and up to date.
Check everything. Check everything.

1
api/cache/crypto_prices.json vendored
View file

@ -1 +0,0 @@
{"LTC": 64.665, "_last_updated": 1695334741.4905503, "BTC": 26583.485, "MATIC": 0.52075, "XMR": 146.46058828041404, "ADA": 0.2455, "USDT": 1.000005, "ETH": 1586.115, "USD": 1.0, "EUR": 1.0662838016640013}

1709
api/cache/models.json vendored
View file

File diff suppressed because it is too large Load diff

1
api/cache/rate_limited_keys.json vendored
View file

@ -1 +0,0 @@
[]

21
api/db/key_validation.py
View file

@ -7,8 +7,8 @@ from dotenv import load_dotenv
from motor.motor_asyncio import AsyncIOMotorClient from motor.motor_asyncio import AsyncIOMotorClient
load_dotenv() load_dotenv()
MONGO_URI = os.getenv("MONGO_URI")
MONGO_URI = os.getenv('MONGO_URI')
async def log_rated_key(key: str) -> None: async def log_rated_key(key: str) -> None:
"""Logs a key that has been rate limited to the database.""" """Logs a key that has been rate limited to the database."""
@ -16,8 +16,8 @@ async def log_rated_key(key: str) -> None:
client = AsyncIOMotorClient(MONGO_URI) client = AsyncIOMotorClient(MONGO_URI)
scheme = { scheme = {
"key": key, 'key': key,
"timestamp_added": int(time.time()) 'timestamp_added': int(time.time())
} }
collection = client['Liabilities']['rate-limited-keys'] collection = client['Liabilities']['rate-limited-keys']
@ -31,7 +31,7 @@ async def key_is_rated(key: str) -> bool:
collection = client['Liabilities']['rate-limited-keys'] collection = client['Liabilities']['rate-limited-keys']
query = { query = {
"key": key 'key': key
} }
result = await collection.find_one(query) result = await collection.find_one(query)
@ -39,9 +39,9 @@ async def key_is_rated(key: str) -> bool:
async def cached_key_is_rated(key: str) -> bool: async def cached_key_is_rated(key: str) -> bool:
path = os.path.join(os.getcwd(), "cache", "rate_limited_keys.json") path = os.path.join(os.getcwd(), 'cache', 'rate_limited_keys.json')
with open(path, "r") as file: with open(path, 'r') as file:
keys = json.load(file) keys = json.load(file)
return key in keys return key in keys
@ -62,14 +62,13 @@ async def remove_rated_keys() -> None:
marked_for_removal.append(key['_id']) marked_for_removal.append(key['_id'])
query = { query = {
"_id": { '_id': {
"$in": marked_for_removal '$in': marked_for_removal
} }
} }
await collection.delete_many(query) await collection.delete_many(query)
async def cache_all_keys() -> None: async def cache_all_keys() -> None:
"""Clones all keys from the database to the cache.""" """Clones all keys from the database to the cache."""
@ -79,8 +78,8 @@ async def cache_all_keys() -> None:
keys = await collection.find().to_list(length=None) keys = await collection.find().to_list(length=None)
keys = [key['key'] for key in keys] keys = [key['key'] for key in keys]
path = os.path.join(os.getcwd(), "cache", "rate_limited_keys.json") path = os.path.join(os.getcwd(), 'cache', 'rate_limited_keys.json')
with open(path, "w") as file: with open(path, 'w') as file:
json.dump(keys, file) json.dump(keys, file)
if __name__ == "__main__": if __name__ == "__main__":

8
api/main.py
View file

@ -16,6 +16,8 @@ from slowapi import Limiter, _rate_limit_exceeded_handler
from helpers import network from helpers import network
#
import core import core
import handler import handler
@ -37,7 +39,7 @@ limiter = Limiter(
swallow_errors=True, swallow_errors=True,
key_func=get_remote_address, key_func=get_remote_address,
default_limits=[ default_limits=[
'2/second', '1/second',
'20/minute', '20/minute',
'300/hour' '300/hour'
]) ])
@ -71,8 +73,8 @@ async def v1_handler(request: fastapi.Request):
res = await handler.handle(incoming_request=request) res = await handler.handle(incoming_request=request)
return res return res
@limiter.limit('100/second') @limiter.limit('100/minute', '1000/hour')
@app.route('/enterprise/{path:path}', methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH']) @app.route('/enterprise/v1/{path:path}', methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH'])
async def enterprise_handler(request: fastapi.Request): async def enterprise_handler(request: fastapi.Request):
res = await handler.handle(incoming_request=request) res = await handler.handle(incoming_request=request)
return res return res

25
api/proxies.py
View file

@ -45,7 +45,10 @@ class Proxy:
self.proxy_type = proxy_type self.proxy_type = proxy_type
self.host_or_ip = host_or_ip self.host_or_ip = host_or_ip
try:
self.ip_address = socket.gethostbyname(self.host_or_ip) # get ip address from host self.ip_address = socket.gethostbyname(self.host_or_ip) # get ip address from host
except socket.gaierror:
self.ip_address = self.host_or_ip
self.host = self.host_or_ip self.host = self.host_or_ip
self.port = port self.port = port
self.username = username self.username = username
@ -61,6 +64,17 @@ class Proxy:
self.urls_httpx = {k + '://' :v for k, v in self.urls.items()} self.urls_httpx = {k + '://' :v for k, v in self.urls.items()}
self.proxies = self.url self.proxies = self.url
print({
'proxy_type': self.proxy_type,
'host_or_ip': self.host_or_ip,
'ip_address': self.ip_address,
'host': self.host,
'port': self.port,
'username': self.username,
'password': self.password,
'url': self.url
})
@property @property
def connector(self): def connector(self):
""" """
@ -78,7 +92,7 @@ class Proxy:
return aiohttp_socks.ProxyConnector( return aiohttp_socks.ProxyConnector(
proxy_type=proxy_types[self.proxy_type], proxy_type=proxy_types[self.proxy_type],
host=self.ip_address, host=self.host,
port=self.port, port=self.port,
rdns=False, rdns=False,
username=self.username, username=self.username,
@ -89,15 +103,14 @@ class Proxy:
proxies_in_files = [] proxies_in_files = []
try: for proxy_type in ['http', 'socks4', 'socks5']:
for proxy_type in ['http', 'socks4', 'socks5']: try:
with open(f'secret/proxies/{proxy_type}.txt') as f: with open(f'secret/proxies/{proxy_type}.txt') as f:
for line in f: for line in f:
clean_line = line.split('#', 1)[0].strip() clean_line = line.split('#', 1)[0].strip()
if clean_line: if clean_line:
proxies_in_files.append(f'{proxy_type}://{clean_line}') proxies_in_files.append(f'{proxy_type}://{clean_line}')
except FileNotFoundError:
except FileNotFoundError:
pass pass
## Manages the proxy list ## Manages the proxy list
@ -115,6 +128,8 @@ def get_proxy() -> Proxy:
The proxy is either from the proxy list or from the environment variables. The proxy is either from the proxy list or from the environment variables.
""" """
print('URL:\t' + ProxyLists().get_random.url)
if USE_PROXY_LIST: if USE_PROXY_LIST:
return ProxyLists().get_random return ProxyLists().get_random

21
api/responder.py
View file

@ -46,7 +46,7 @@ async def respond(
'Content-Type': 'application/json' 'Content-Type': 'application/json'
} }
for i in range(20): for _ in range(20):
# Load balancing: randomly selecting a suitable provider # Load balancing: randomly selecting a suitable provider
# If the request is a chat completion, then we need to load balance between chat providers # If the request is a chat completion, then we need to load balance between chat providers
# If the request is an organic request, then we need to load balance between organic providers # If the request is an organic request, then we need to load balance between organic providers
@ -86,7 +86,7 @@ async def respond(
cookies=target_request.get('cookies'), cookies=target_request.get('cookies'),
ssl=False, ssl=False,
timeout=aiohttp.ClientTimeout( timeout=aiohttp.ClientTimeout(
connect=0.5, connect=0.3,
total=float(os.getenv('TRANSFER_TIMEOUT', '500')) total=float(os.getenv('TRANSFER_TIMEOUT', '500'))
), ),
) as response: ) as response:
@ -104,14 +104,16 @@ async def respond(
pass pass
case _: case _:
match error.get('code'):
case "insufficient_quota":
key = target_request.get('provider_auth') key = target_request.get('provider_auth')
match error.get('code'):
case 'invalid_api_key':
await key_validation.log_rated_key(key) await key_validation.log_rated_key(key)
continue print('[!] invalid key', key)
pass
case _: case _:
pass print('[!] unknown error with key: ', key, error)
if 'method_not_supported' in str(data): if 'method_not_supported' in str(data):
await errors.error(500, 'Sorry, this endpoint does not support this method.', data['error']['message']) await errors.error(500, 'Sorry, this endpoint does not support this method.', data['error']['message'])
@ -124,6 +126,10 @@ async def respond(
if response.ok: if response.ok:
json_response = data json_response = data
else:
continue
if is_stream: if is_stream:
try: try:
response.raise_for_status() response.raise_for_status()
@ -139,6 +145,7 @@ async def respond(
break break
except Exception as exc: except Exception as exc:
print('[!] exception', exc)
continue continue
if (not json_response) and is_chat: if (not json_response) and is_chat:
@ -146,7 +153,7 @@ async def respond(
continue continue
else: else:
print('[!] no response') print('[!] no response')
yield await errors.yield_error(500, 'Sorry, the provider is not responding.', 'Please try again later.') yield await errors.yield_error(500, 'Sorry, our API seems to have issues connecting to our provider(s).', 'This most likely isn\'t your fault. Please try again later.')
return return
if (not is_stream) and json_response: if (not is_stream) and json_response: