admin/GenExam-IA
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Harden LLM access: secrets only in server .env, no URL in repo.

Browse Source 
Require LLM_BASE_URL and LLM_API_KEY for automatic generation, add per-user rate limits, stop publishing backend/LLM settings in docker-compose, and document secure deployment.
This commit is contained in:
Mireya Cueto Garrido
2026-06-04 13:24:40 +02:00
parent 182eae1e36
commit 4d2ced85a3
11 changed files with 487 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/services/llm.py
+3
View File
@@ -17,6 +17,9 @@ class LLMClient:
return f"{base}/api/chat"
async def generate(self, prompt: str) -> str:
if not self.settings.llm_ready:
raise LLMUnavailableError("Automatic AI generation is not available")
payload = {
"model": self.settings.llm_model,
"messages": [