diff --git a/src/khoj/routers/api_chat.py b/src/khoj/routers/api_chat.py index a42838d9..be28622b 100644 --- a/src/khoj/routers/api_chat.py +++ b/src/khoj/routers/api_chat.py @@ -13,6 +13,7 @@ from starlette.authentication import requires from starlette.websockets import WebSocketDisconnect from websockets import ConnectionClosedOK +from khoj.app.settings import ALLOWED_HOSTS from khoj.database.adapters import ( ConversationAdapters, DataStoreAdapters, @@ -189,7 +190,17 @@ async def sendfeedback(request: Request, data: FeedbackData): @api_chat.post("/speech") @requires(["authenticated", "premium"]) -async def text_to_speech(request: Request, common: CommonQueryParams, text: str): +async def text_to_speech( + request: Request, + common: CommonQueryParams, + text: str, + rate_limiter_per_minute=Depends( + ApiUserRateLimiter(requests=5, subscribed_requests=20, window=60, slug="chat_minute") + ), + rate_limiter_per_day=Depends( + ApiUserRateLimiter(requests=5, subscribed_requests=300, window=60 * 60 * 24, slug="chat_day") + ), +) -> Response: voice_model = await ConversationAdapters.aget_voice_model_config(request.user.object) params = {"text_to_speak": text} @@ -386,17 +397,19 @@ def duplicate_chat_history_public_conversation( conversation_id: int, ): user = request.user.object + domain = request.headers.get("host") + scheme = request.url.scheme + + # Throw unauthorized exception if domain not in ALLOWED_HOSTS + host_domain = domain.split(":")[0] + if host_domain not in ALLOWED_HOSTS: + raise HTTPException(status_code=401, detail="Unauthorized domain") # Duplicate Conversation History to Public Conversation conversation = ConversationAdapters.get_conversation_by_user(user, request.user.client_app, conversation_id) - public_conversation = ConversationAdapters.make_public_conversation_copy(conversation) - public_conversation_url = PublicConversationAdapters.get_public_conversation_url(public_conversation) - domain = request.headers.get("host") - scheme = request.url.scheme - update_telemetry_state( request=request, telemetry_type="api", diff --git a/src/khoj/routers/auth.py b/src/khoj/routers/auth.py index 8249d66e..e7d28301 100644 --- a/src/khoj/routers/auth.py +++ b/src/khoj/routers/auth.py @@ -42,8 +42,12 @@ if not state.anonymous_mode: from google.oauth2 import id_token except ImportError: missing_requirements += ["Install the Khoj production package with `pip install khoj-assistant[prod]`"] - if not os.environ.get("GOOGLE_CLIENT_ID") or not os.environ.get("GOOGLE_CLIENT_SECRET"): - missing_requirements += ["Set your GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET as environment variables"] + if not os.environ.get("RESEND_API_KEY") and ( + not os.environ.get("GOOGLE_CLIENT_ID") or not os.environ.get("GOOGLE_CLIENT_SECRET") + ): + missing_requirements += [ + "Set your RESEND_API_KEY or GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET as environment variables" + ] if missing_requirements: requirements_string = "\n - " + "\n - ".join(missing_requirements) error_msg = f"🚨 Start Khoj with --anonymous-mode flag or to enable authentication:{requirements_string}"