Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-01-01 16:18:51 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

🛡️ feat: Model Validation Middleware (#1841)

Browse source 
* refactor: add ViolationTypes enum and add new violation for illegal model requests

* feat: validateModel middleware to protect the backend against illicit requests for unlisted models
This commit is contained in:
Danny Avila 2024-02-19 22:47:39 -05:00 committed by GitHub
parent d8038e3b19
commit a8a19c6caa
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
19 changed files with 539 additions and 377 deletions
Download patch file Download diff file Expand all files Collapse all files

3
docs/install/configuration/dotenv.md
View file

@ -602,8 +602,11 @@ REGISTRATION_VIOLATION_SCORE=1
CONCURRENT_VIOLATION_SCORE=1
MESSAGE_VIOLATION_SCORE=1
NON_BROWSER_VIOLATION_SCORE=20
ILLEGAL_MODEL_REQ_SCORE=5
```
> Note: Non-browser access and Illegal model requests are almost always nefarious as it means a 3rd party is attempting to access the server through an automated script.
#### Login and registration rate limiting.
- `LOGIN_MAX`: The max amount of logins allowed per IP per `LOGIN_WINDOW`
- `LOGIN_WINDOW`: In minutes, determines the window of time for `LOGIN_MAX` logins