leapfrogai icon indicating copy to clipboard operation
leapfrogai copied to clipboard
verified publisher icon defenseunicorns

feat(API): Add authentication

Open gphorvath opened this issue 1 year ago • 2 comments

User Story

As a LeapfrogAI user I want authentication for LeapfrogAI API So that my data is secure and separated.

Additional context

The OpenAI spec uses API keys for the user.

Idea: Have the UI lookup the User's API Key in Supabase and pass it to the API so the API spec remains compliant with OpenAI.

gphorvath avatar May 06 '24 19:05 gphorvath

When does the API key get created?

  • The first time user logs into ai.xxx.xxx generate the key

  • [ ] Update profile table in the database to store the api-key

  • [ ] consider using jwt/session token to add more security by making the calls expire and be more transactionally validated

    • In this case, the key can be the JWT token

YrrepNoj avatar May 16 '24 18:05 YrrepNoj

Will be turning on RLS for backend tables as a part of this.

CollectiveUnicorn avatar May 16 '24 22:05 CollectiveUnicorn