Spaces:
Sleeping
Sleeping
File size: 2,200 Bytes
469eae6 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
"""
Prometheus Auth Middleware
"""
from fastapi import Request
from fastapi.responses import JSONResponse
from starlette.middleware.base import BaseHTTPMiddleware
import litellm
from litellm.proxy._types import SpecialHeaders
from litellm.proxy.auth.user_api_key_auth import user_api_key_auth
class PrometheusAuthMiddleware(BaseHTTPMiddleware):
"""
Middleware to authenticate requests to the metrics endpoint
By default, auth is not run on the metrics endpoint
Enabled by setting the following in proxy_config.yaml:
```yaml
litellm_settings:
require_auth_for_metrics_endpoint: true
```
"""
async def dispatch(self, request: Request, call_next):
# Check if this is a request to the metrics endpoint
if self._is_prometheus_metrics_endpoint(request):
if self._should_run_auth_on_metrics_endpoint() is True:
try:
await user_api_key_auth(
request=request,
api_key=request.headers.get(
SpecialHeaders.openai_authorization.value
)
or "",
)
except Exception as e:
return JSONResponse(
status_code=401,
content=f"Unauthorized access to metrics endpoint: {getattr(e, 'message', str(e))}",
)
# Process the request and get the response
response = await call_next(request)
return response
@staticmethod
def _is_prometheus_metrics_endpoint(request: Request):
try:
if "/metrics" in request.url.path:
return True
return False
except Exception:
return False
@staticmethod
def _should_run_auth_on_metrics_endpoint():
"""
Returns True if auth should be run on the metrics endpoint
False by default, set to True in proxy_config.yaml to enable
```yaml
litellm_settings:
require_auth_for_metrics_endpoint: true
```
"""
return litellm.require_auth_for_metrics_endpoint
|