But when my friend clones the repository, it stops working on both sides. The key doesn’t work anymore.
What can be the issue?
require("dotenv").config();
const { Configuration, OpenAIApi } = require("openai");
const express = require("express");
const cors = require("cors");
const bodyParser = require("body-parser");
const configuration = new Configuration({
organization: "org-l0cNBbeMn1Rt9cabZOTLWYBr",
apiKey: "■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■g0GwOZW7",
});
const openai = new OpenAIApi(configuration);
const app = express();
const port = 3080;
app.use(cors());
app.use(bodyParser.json());
//for getting response for any chat prompt
app.post("/", async (req, res) => {
try {
console.log(req.body);
const response = await openai.createChatCompletion({
model: "gpt-3.5-turbo",
messages: [
{ role: "system", content: req.body.systemMessage },
{ role: "user", content: req.body.message },
],
max_tokens: 100,
});
res.json({
data: response.data,
});
} catch (error) {
console.error(error);
res.status(500).send("An error occurred");
}
});
//for editing the uploaded pdf text into good prompt so that the size gets reduced and give better result
//only when someone upload a file , this api will be called.
app.post("/edit", async (req, res) => {
try {
console.log(req.body);
const response = await openai.createEdit({
model: "text-davinci-edit-001",
input: req.body,
instruction:
"Please rephrase the input to minimize token count without omitting any details. Ensure grammatical correctness, fix any spelling errors, and optimize the format for easy retrieval of information when used as a prompt for the OPEN AI API.",
});
res.json({
data: response.data,
});
} catch (error) {
console.error(error);
res.status(500).send("An error occurred");
}
});
app.listen(port, () => {
console.log(`Server listening on port ${port}`);
});
If you upload an API key to Github it will be detected as a leaked Key and disabled. You need to pass any secret keys privately, or handle them in a secure way, using a remote server and environment variable, e.g.
What’s the actual error you are receiving, in the response body?
Have you tried generating a new key?
Are you sure it’s pulling from your .env correctly? You’re able to console.log it?
There’s no connection between an API key and your machine. There’s no architectural reason it wouldn’t work when cloned on a different machine. The issue is in your code with the way you are accessing/storing/using the keys.
It works perfectly when I use a new key, as soon as someone pulls the updated code from GitHub that key doesn’t work anymore. until then everything works fine.
I put the key inside env and it’s working fine and remove it from GitHub also using gitignore.
I tried 2 different keys under the same org-key, still not working.
currently, my project structure is like this:
under the parent folder, there is a server & client folder. inside the server folder, I have the index.js (backend) & .env.
Ok, you may be running into an issue with Git, if you have a file that is in your local folder AND on the remote git repo, and you add that to git ignore then it will still get copied to the repo, the file needs to not exist in the repo and on your local drive, so just move the file out of your local folder and then push your folder, then move the file back. At that point your git ignore will be honored, and you should not get the file being uploaded again.
At the same time you should do some sanity checking to ensure that the API works before sharing and then does not work after sharing for both of you, incase there is an issue unrelated to the API key being shared.
If the API key works for you before sharing and then stops working for you after sharing then you have a problem with the key being leaked to the repo, if it IS working for you but not for your friend then there is a config error on their side.