plastic-labs · VVoruganti · Mar 29, 2024 · Mar 25, 2024 · Mar 25, 2024 · Mar 25, 2024
diff --git a/api/.env.template b/api/.env.template
@@ -8,6 +8,11 @@ OPENAI_API_KEY=
 OPENTELEMETRY_ENABLED=false # Set to true to enable OpenTelemetry logging and tracing
 SENTRY_ENABLED=false # Set to true to enable Sentry logging and tracing
 
+# Auth
+
+USE_AUTH_SERVICE=false
+AUTH_SERVICE_URL=http://localhost:8001
+
 ## Sentry
 SENTRY_DSN=
 

diff --git a/api/docker-compose.yml.example b/api/docker-compose.yml.example
@@ -25,6 +25,7 @@ services:
       - OTEL_RESOURCE_ATTRIBUTES=
       - DEBUG_LOG_OTEL_TO_PROVIDER=false
       - DEBUG_LOG_OTEL_TO_CONSOLE=true
+      - USE_AUTH_SERVICE=false
   database:
     image: ankane/pgvector
     restart: always

diff --git a/api/fly.toml b/api/fly.toml
@@ -7,25 +7,10 @@ app = "honcho"
 kill_signal = "SIGINT"
 kill_timeout = "5s"
 
-[experimental]
-  auto_rollback = true
-
-[build]
-
 [processes]
   api = "python -m uvicorn src.main:app --host 0.0.0.0 --port 8000"
   deriver = "python -m src.deriver"
 
-[[services]]
-  auto_stop_machines = false
-  auto_start_machines = true
-  min_machines_running = 1
-  processes = ["deriver"]
-  protocol = "tcp"
-  [services.concurrency]
-    hard_limit = 250
-    soft_limit = 200
-
 [http_service]
   internal_port = 8000
   auto_stop_machines = false

diff --git a/api/poetry.lock b/api/poetry.lock
diff --git a/api/pyproject.toml b/api/pyproject.toml
@@ -27,6 +27,7 @@ realtime = "^1.0.2"
 psycopg = {extras = ["binary"], version = "^3.1.18"}
 langchain = "^0.1.12"
 langchain-openai = "^0.0.8"
+httpx = "^0.27.0"
 
 [tool.ruff.lint]
 # from https://docs.astral.sh/ruff/linter/#rule-selection example

diff --git a/api/src/deriver.py b/api/src/deriver.py
@@ -1,5 +1,6 @@
 import asyncio
 import os
+import time
 import uuid
 from typing import List
 
@@ -15,6 +16,7 @@
 from realtime.connection import Socket
 from sqlalchemy import select
 from sqlalchemy.orm import selectinload
+from websockets.exceptions import ConnectionClosedError
 
 from . import crud, models, schemas
 from .db import SessionLocal
@@ -32,7 +34,7 @@
 SUPABASE_ID = os.getenv("SUPABASE_ID")
 SUPABASE_API_KEY = os.getenv("SUPABASE_API_KEY")
 
-llm = ChatOpenAI(model_name="gpt-4")
+llm = ChatOpenAI(model_name="gpt-3.5")
 output_parser = NumberedListOutputParser()
 
 SYSTEM_DERIVE_FACTS = load_prompt(
@@ -200,9 +202,26 @@ async def check_dups(
     return new_facts
 
 
+# def listen_to_websocket(url):
+#     while True:
+#         try:
+#             s = Socket(url)
+#             s.connect()
+#             channel = s.set_channel("realtime:public:messages")
+#             channel.join().on(
+#                 "INSERT", lambda payload: asyncio.create_task(callback(payload))
+#             )
+
+#             s.listen()
+#         except ConnectionClosedError:
+#             print("Connection closed, attempting to reconnect...")
+#             time.sleep(5)
+
+
 if __name__ == "__main__":
     URL = f"wss://{SUPABASE_ID}.supabase.co/realtime/v1/websocket?apikey={SUPABASE_API_KEY}&vsn=1.0.0"
     # URL = f"ws://127.0.0.1:54321/realtime/v1/websocket?apikey={SUPABASE_API_KEY}"  # For local Supabase
+    # listen_to_websocket(URL)
     s = Socket(URL)
     s.connect()
 

diff --git a/api/src/harvester.py b/api/src/harvester.py
diff --git a/api/src/main.py b/api/src/main.py
@@ -1,14 +1,17 @@
 import json
 import logging
 import os
+import re
 import uuid
 from contextlib import asynccontextmanager
 from typing import Optional, Sequence
 
+import httpx
 import sentry_sdk
 from fastapi import (
     APIRouter,
     FastAPI,
+    Request,
 )
 from fastapi.responses import PlainTextResponse
 from fastapi_pagination import add_pagination
@@ -43,6 +46,8 @@
 from slowapi.middleware import SlowAPIMiddleware
 from slowapi.util import get_remote_address
 from starlette.exceptions import HTTPException as StarletteHTTPException
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.responses import Response
 
 from src.routers import (
     apps,
@@ -216,6 +221,56 @@ async def lifespan(app: FastAPI):
 
 add_pagination(app)
 
+USE_AUTH_SERVICE = os.getenv("USE_AUTH_SERVICE", "False").lower() == "true"
+AUTH_SERVICE_URL = os.getenv("AUTH_SERVICE_URL", "http://localhost:8001")
+
+
+class BearerTokenMiddleware(BaseHTTPMiddleware):
+    async def dispatch(self, request: Request, call_next):
+        authorization: Optional[str] = request.headers.get("Authorization")
+        if authorization:
+            scheme, _, token = authorization.partition(" ")
+            if scheme.lower() == "bearer" and token:
+                id_pattern = r"\/apps\/([^\/]+)"
+                name_pattern = r"\/apps\/name\/([^\/]+)|\/apps\/get_or_create\/([^\/]+)"
+                match_id = re.search(id_pattern, request.url.path)
+                match_name = re.search(name_pattern, request.url.path)
+                payload = {"token": token}
+                if match_name:
+                    payload["name"] = match_name.group(1)
+                elif match_id:
+                    payload["app_id"] = match_id.group(1)
+
+                res = httpx.get(
+                    f"{AUTH_SERVICE_URL}/validate",
+                    params=payload,
+                )
+                data = res.json()
+                if (
+                    data["app_id"] or data["name"]
+                ):  # Anything that checks app_id if True is valid
+                    return await call_next(request)
+                if data["token"]:
+                    check_pattern = r"^\/apps$|^\/apps\/get_or_create"
+                    match = re.search(check_pattern, request.url.path)
+                    if match:
+                        return await call_next(request)
+
+                return Response(content="Invalid token.", status_code=400)
+            else:
+                return Response(
+                    content="Invalid authentication scheme.", status_code=400
+                )
+
+        exclude_paths = ["/docs", "/redoc", "/openapi.json"]
+        if request.url.path in exclude_paths:
+            return await call_next(request)
+        return Response(content="Authorization header missing.", status_code=401)
+
+
+if USE_AUTH_SERVICE:
+    app.add_middleware(BearerTokenMiddleware)
+
 
 @app.exception_handler(StarletteHTTPException)
 async def http_exception_handler(request, exc):