updated fallback logic

added query parameter loading for the secret key
2026-02-10 20:27:12 +08:00 · 2026-02-10 19:48:29 +08:00
9 changed files with 46 additions and 172 deletions
--- a/16
+++ b/16
@@ -1,16 +0,0 @@
-gateway.madebypaulo.com {
-    log {
-        output stdout
-    }
-
-    reverse_proxy ai-gateway:8000
-}
-
-test.ldex.dev {
-    reverse_proxy ai_proxy_test:8000
-
-    header {
-        X-Zscaler-Test "Ready"
-        Access-Control-Allow-Origin *
-    }
-}
--- a/app/api/deps.py
+++ b/app/api/deps.py
@@ -10,22 +10,16 @@ api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
 api_key_query = APIKeyQuery(name="api_key", auto_error=False)

 # Cache keys for 5 minutes, store up to 1000 keys
+# This prevents a Supabase round-trip on every message
 auth_cache = TTLCache(maxsize=1000, ttl=300)

 async def get_api_key(
-    api_key_h: str = Security(api_key_header),
-    api_key_q: str = Security(api_key_query),
+    api_key_header: str = Security(api_key_header),
+    api_key_query: str = Security(api_key_query),
    db: Session = Depends(get_db)
 ):
    # Use header if provided, otherwise fallback to query param
-    api_key = api_key_h or api_key_q
-
-    # DEBUG LOGGING FOR 403 TROUBLESHOOTING
-    print(f"DEBUG: Auth Check - Header: {'Yes' if api_key_h else 'No'}, Query: {'Yes' if api_key_q else 'No'}")
-    if api_key:
-        print(f"DEBUG: API Key received (prefix): {api_key[:5]}...")
-    else:
-        print("DEBUG: API Key is MISSING from both header and query params")
+    api_key = api_key_header or api_key_query

    if not api_key:
        raise HTTPException(
@@ -44,7 +38,7 @@ async def get_api_key(
    # 3. Check Database for Module key (Database round-trip)
    module = db.query(Module).filter(Module.secret_key == api_key, Module.is_active == True).first()
    if module:
-        # Save key to cache for next time
+        # Save module ID to cache for next time
        auth_cache[api_key] = module.id
        return module

@@ -54,11 +48,12 @@ async def get_api_key(
    )

 async def get_current_module(
-    api_key_h: str = Security(api_key_header),
-    api_key_q: str = Security(api_key_query),
+    api_key_header: str = Security(api_key_header),
+    api_key_query: str = Security(api_key_query),
    db: Session = Depends(get_db)
 ):
-    api_key = api_key_h or api_key_q
+    # Use header if provided, otherwise fallback to query param
+    api_key = api_key_header or api_key_query

    if not api_key:
        raise HTTPException(
--- a/app/api/endpoints/gemini.py
+++ b/app/api/endpoints/gemini.py
@@ -3,7 +3,6 @@ from app.api.deps import get_api_key, get_current_module
 from app.models.module import Module
 from sqlalchemy.orm import Session
 from app.core.database import get_db
-from fastapi.responses import PlainTextResponse
 from app.core.limiter import limiter
 from app.core.config import settings
 from pydantic import BaseModel
@@ -33,7 +32,7 @@ def get_gemini_client():
        _client = genai.Client(api_key=settings.GOOGLE_API_KEY, http_options={'api_version': 'v1alpha'})
    return _client

-@router.api_route("/chat", methods=["GET", "POST"])
+@router.post("/chat")
@limiter.limit(settings.RATE_LIMIT)
 async def gemini_chat(
    request: Request,
@@ -41,26 +40,7 @@ async def gemini_chat(
    module: Module = Depends(get_current_module),
    db: Session = Depends(get_db)
 ):
-    chat_data = None
-    
-    if request.method == "GET":
-        # Handle GET requests (Ultimate Simple Request)
-        params = request.query_params
-        if not params.get("prompt"):
-             return {"status": "error", "detail": "Missing 'prompt' query parameter"}
-        
-        chat_data = LLMRequest(
-            prompt=params.get("prompt"),
-            context=params.get("context", ""),
-            system_prompt=params.get("system_prompt"),
-            knowledge_base=params.get("knowledge_base"),
-            temperature=float(params.get("temperature", 0.7)),
-            top_p=float(params.get("top_p", 0.95)),
-            top_k=int(params.get("top_k", 40)),
-            max_output_tokens=int(params.get("max_output_tokens", 8192))
-        )
-    else:
-        # Handle POST requests
+    # Handle text/plain as JSON (fallback for CORS "Simple Requests")
    content_type = request.headers.get("Content-Type", "")
    if "text/plain" in content_type:
        try:
@@ -78,9 +58,6 @@ async def gemini_chat(
        except Exception as e:
            return {"status": "error", "detail": f"Invalid JSON: {str(e)}"}

-    if not chat_data:
-        return {"status": "error", "detail": "Could not determine request data"}
-
    client = get_gemini_client()
    
    try:
@@ -139,14 +116,10 @@ async def gemini_chat(
            module.total_tokens += (prompt_tokens + completion_tokens)
            db.commit()
        
-    except Exception as e:
-        return {"status": "error", "detail": str(e)}
-
-
-    # Final Response
        return {
            "status": "success",
            "model": "gemini",
            "response": response.text
        }
-
+    except Exception as e:
+        return {"status": "error", "detail": str(e)}
--- a/app/main.py
+++ b/app/main.py
@@ -1,14 +1,8 @@
-from fastapi import FastAPI, Request
+from fastapi import FastAPI
 from fastapi.middleware.cors import CORSMiddleware
 from slowapi import _rate_limit_exceeded_handler
 from slowapi.errors import RateLimitExceeded

-import logging
-
-# Set up logging to stdout
-logging.basicConfig(level=logging.INFO)
-logger = logging.getLogger("ai_gateway")
-
 from app.api.router import api_router
 from app.core.config import settings
 from app.core.limiter import limiter
@@ -37,20 +31,11 @@ def create_application() -> FastAPI:
    # Mount Static Files
    application.mount("/static", StaticFiles(directory="app/static"), name="static")

-    # Debug Logger Middleware
-    @application.middleware("http")
-    async def log_requests(request: Request, call_next):
-        logger.info(f"DEBUG: Incoming {request.method} {request.url}")
-        logger.info(f"DEBUG: Origin: {request.headers.get('origin')}")
-        response = await call_next(request)
-        logger.info(f"DEBUG: Status Code: {response.status_code}")
-        return response
-
-    # Set up fully permissive CORS for standalone/tunnelling mode
+    # Set up CORS
    application.add_middleware(
        CORSMiddleware,
        allow_origins=["*"],
-        allow_credentials=True,
+        allow_credentials=False, # Changed to False for better compat with allow_origins=["*"]
        allow_methods=["*"],
        allow_headers=["*"],
    )
@@ -85,10 +70,6 @@ import os
 async def admin_panel():
    return FileResponse("app/static/admin.html")

-@app.get("/api/v1/health")
-async def health_check():
-    return {"status": "ok", "message": "Global AI Gateway is reachable"}
-
@app.get("/")
 async def root():
    return FileResponse("app/static/index.html")
--- a/app/static/index.html
+++ b/app/static/index.html
@@ -186,7 +186,7 @@
    </div>

    <div class="footer">
-        &copy; 2026 Paulo Reyes. All rights reserved.
+        &copy; 2026 AI Gateway. All rights reserved.
    </div>
 </body>

--- a/docker-compose.test.yml
+++ b/docker-compose.test.yml
@@ -1,18 +0,0 @@
-services:
-  ai-gateway:
-    build: .
-    container_name: ai-gateway
-    expose:
-      - "8191"
-    environment:
-      - PYTHONUNBUFFERED=1
-    env_file:
-      - .env
-    networks:
-      - gateway_net
-    restart: always
-    command: uvicorn app.main:app --host 0.0.0.0 --port 8191
-
-networks:
-  gateway_net:
-    external: true
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,37 +1,20 @@
 services:
-  ai-gateway:
+  api:
    build: .
    container_name: ai-gateway
    networks:
-      - ai_network
-    environment:
-      - PYTHONUNBUFFERED=1
+      - caddy_network
+    ports:
+      - "8000:8000"
    env_file:
      - .env
    restart: always
-    command: uvicorn app.main:app --host 0.0.0.0 --port 8000
-
-  caddy:
-    image: caddy:latest
-    container_name: caddy
-    restart: always
-    ports:
-      - "80:80"
-      - "443:443"
-      - "443:443/udp"
-    networks:
-      - ai_network
    volumes:
-      - ./Caddyfile:/etc/caddy/Caddyfile
-      - caddy_data:/data
-      - caddy_config:/config
-    depends_on:
-      - ai-gateway
+      - .:/app
+    # Override command for development/auto-reload if needed
+    command: uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload

 networks:
-  ai_network:
-    driver: bridge
-
-volumes:
-  caddy_data:
-  caddy_config:
+  caddy_network:
+    # Define the network at the bottom
+    external: true
--- a/server_log.txt
+++ b/server_log.txt
--- a/supabase/migrations/20260311_enable_rls_modules.sql
+++ b/supabase/migrations/20260311_enable_rls_modules.sql
@@ -1,24 +0,0 @@
-- Enable Row Level Security on the modules table.
-- This blocks all direct PostgREST access by default.
-- The backend app connects via the service role (DATABASE_URL), which bypasses RLS,
-- so existing functionality is unaffected.
-
-ALTER TABLE public.modules ENABLE ROW LEVEL SECURITY;
-
-- Deny all access to anonymous (unauthenticated) PostgREST callers.
-- No policy = no access. This is the default when RLS is enabled, but
-- the explicit policy below makes the intent clear.
-CREATE POLICY "deny_anon" ON public.modules
-    AS RESTRICTIVE
-    FOR ALL
-    TO anon
-    USING (false);
-
-- Deny all access to authenticated PostgREST callers too.
-- The modules table is internal admin-only and should never be
-- queried directly via the Supabase REST API.
-CREATE POLICY "deny_authenticated" ON public.modules
-    AS RESTRICTIVE
-    FOR ALL
-    TO authenticated
-    USING (false);
Author	SHA1	Message	Date
Paulo Reyes	9325a4919a	updated fallback logic	2026-02-10 20:27:12 +08:00
Paulo Reyes	f6ad186178	added query parameter loading for the secret key	2026-02-10 19:48:29 +08:00