Commit graph

20 commits

Author SHA1 Message Date
Tim Farrell
08e8e922fd Endpoint role-checking was redundantly applied but FastAPI provides a nice abstraction mechanic...so I applied it. There should be no logical changes in this code; only simpler, cleaner ways for doing the same thing. 2024-02-08 18:05:01 -06:00
Timothy J. Baek
442e3d978a feat: terminate request on user stop 2024-01-17 19:19:44 -08:00
goecho
74f91bc74d Fix bug: Header attributes (Host, Authorization, Origin, Referer) not sanitized
- Resolved an issue where header attributes Host, Authorization, Origin, and Referer were not being sanitized, resulting in two major issues:
  1. Ollama requests inadvertently exposed user information, leading to data leakage.
  2. When Ollama is deployed on different servers, and the intermediary proxy layer uses the host header to locate downstream services, it fails to find them.

Root Cause:
- In FastAPI, when accessing request.headers, all header names are converted to lowercase. This is because FastAPI, and its underlying framework Starlette, adhere to the HTTP/2 standard, which mandates lowercase header field names for performance and consistency.
- In HTTP/2, enforcing lowercase header field names reduces complexity in header processing as case sensitivity is no longer a concern. Thus, regardless of the case used in client-sent header fields, the server processes them uniformly in lowercase.
- This practice is adopted in FastAPI and other modern HTTP frameworks, even in an HTTP/1.1 context, to maintain consistency with HTTP/2 and improve overall performance. As a result, header field names are always presented in lowercase in FastAPI, even if the original request used capitalization or mixed case.
2024-01-11 14:36:34 +08:00
Timothy J. Baek
bb2971260d fix: backend proxy 2024-01-05 17:16:35 -08:00
Timothy J. Baek
78477baa0e feat: proxy logging 2024-01-05 15:51:33 -08:00
Timothy J. Baek
a37b9c126f refac 2024-01-05 01:29:04 -08:00
Timothy J. Baek
47dc3b5fb2 feat: async reverse proxy 2024-01-05 01:25:34 -08:00
ThatOneCalculator
05fade1426
chore: 🎨 format backend 2024-01-04 13:30:47 -08:00
Timothy J. Baek
30aff2db53 feat: enable backend ollama url update 2024-01-04 13:06:31 -08:00
Anuraag Jain
bdd153d8f5 refac: use dependencies to verify token
- feat: added new util to get the current user when needed. Middleware was adding authentication logic to all the routes. let's revisit if we can move the non-auth endpoints to a separate route.
- refac: update the routes to use new helpers for verification and retrieving user
- chore: added black for local formatting of py code
2023-12-30 12:53:33 +02:00
Timothy J. Baek
a696698ac8 feat: chat import to backend added 2023-12-26 16:35:01 -08:00
Timothy J. Baek
8f2b691ee0 fix: headers issue 2023-12-26 13:43:32 -08:00
Timothy J. Baek
0ae57b5ae1 fix: cors & #281 2023-12-26 13:40:03 -08:00
Timothy J. Baek
9174331025 feat: db migration to sqlite 2023-12-25 21:44:28 -08:00
Timothy J. Baek
d10e367664 feat: improved backend error message 2023-12-14 17:05:46 -08:00
Timothy J. Baek
25987fe3c9 feat: better error handling for ollama reverse proxy 2023-12-13 17:37:29 -08:00
Timothy J. Baek
83ff1d77ea feat: set first user to admin by default 2023-11-19 00:41:29 -08:00
Timothy J. Baek
8547b7807d feat: basic RBAC support 2023-11-18 21:41:43 -08:00
Timothy J. Baek
921eef03b3 feat: multi-user support w/ RBAC 2023-11-18 16:47:12 -08:00
Timothy J. Baek
6a9bef755b feat: backend reverse proxy 2023-11-14 16:28:51 -08:00