admin/GenExam-IA
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Harden LLM access: secrets only in server .env, no URL in repo.

Browse Source 
Require LLM_BASE_URL and LLM_API_KEY for automatic generation, add per-user rate limits, stop publishing backend/LLM settings in docker-compose, and document secure deployment.
This commit is contained in:
Mireya Cueto Garrido
2026-06-04 13:24:40 +02:00
parent 182eae1e36
commit 4d2ced85a3
11 changed files with 487 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files
GUIA_API_Y_FLUJO.md
+3 -2
View File
@@ -581,14 +581,15 @@ Todas con `Authorization: Bearer <token>`.
| Código | Ejemplo |
|--------|---------|
| 503 | `LLM_API_KEY` no configurada (`llm_unavailable`). |
| 503 | LLM no configurado en el servidor (`llm_unavailable`: faltan `LLM_BASE_URL` y/o `LLM_API_KEY` en `.env`). |
| 429 | Demasiadas generaciones automáticas por usuario (`llm_rate_limited`). |
| 422 | JSON del modelo inválido (`parse_error`). |
```json
{
"error": {
"code": "llm_unavailable",
"message": "LLM_API_KEY is not configured"
"message": "Automatic AI generation is not available"
}
}
```