gmakstutis/cognee
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix security issue: Hardcoded API Key Exposed Through Insecure HTTP Transmission (CWE-798, CWE-319)

Browse source
This commit is contained in:
pensarapp[bot] 2025-06-09 16:18:42 +00:00 committed by GitHub
parent ecbabbd261
commit 29571445a2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 25 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
notebooks/cognee_openai_compatable_demo.ipynb vendored
View file

@ -9,11 +9,20 @@
}
},
"source": [
"import os\n",
"from openai import OpenAI\n",
"\n",
"# Use /api/v1/auth/login to get JWT\n",
"\n",
"client = OpenAI(api_key=\"COGNEE_API_KEY\", base_url=\"http://localhost:8000/api/v1/\")\n",
"# Retrieve API key from environment variable\n",
"api_key = os.getenv(\"COGNEE_API_KEY\")\n",
"if not api_key:\n",
" raise EnvironmentError(\"COGNEE_API_KEY environment variable is not set.\")\n",
"\n",
"# Use HTTPS for secure transmission\n",
"base_url = \"https://localhost:8000/api/v1/\"\n",
"\n",
"client = OpenAI(api_key=api_key, base_url=base_url)\n",
"\n",
"client.responses.create(\n",
" model=\"cognee-v1\",\n",
@ -26,8 +35,8 @@
"output_type": "stream",
"text": [
"\n",
"\u001B[1mHTTP Request: POST http://localhost:8000/api/v1/responses \"HTTP/1.1 307 Temporary Redirect\"\u001B[0m\n",
"\u001B[1mHTTP Request: POST http://localhost:8000/api/v1/responses/ \"HTTP/1.1 200 OK\"\u001B[0m"
"\u001B[1mHTTP Request: POST https://localhost:8000/api/v1/responses \"HTTP/1.1 307 Temporary Redirect\"\u001B[0m\n",
"\u001B[1mHTTP Request: POST https://localhost:8000/api/v1/responses/ \"HTTP/1.1 200 OK\"\u001B[0m"
]
},
{
@ -52,9 +61,18 @@
}
},
"source": [
"import os\n",
"from openai import OpenAI\n",
"\n",
"client = OpenAI(api_key=\"COGNEE_API_KEY\", base_url=\"http://localhost:8000/api/v1/\")\n",
"# Retrieve API key from environment variable\n",
"api_key = os.getenv(\"COGNEE_API_KEY\")\n",
"if not api_key:\n",
" raise EnvironmentError(\"COGNEE_API_KEY environment variable is not set.\")\n",
"\n",
"# Use HTTPS for secure transmission\n",
"base_url = \"https://localhost:8000/api/v1/\"\n",
"\n",
"client = OpenAI(api_key=api_key, base_url=base_url)\n",
"\n",
"client.responses.create(\n",
" model=\"cognee-v1\",\n",
@ -67,8 +85,8 @@
"output_type": "stream",
"text": [
"\n",
"\u001B[1mHTTP Request: POST http://localhost:8000/api/v1/responses \"HTTP/1.1 307 Temporary Redirect\"\u001B[0m\n",
"\u001B[1mHTTP Request: POST http://localhost:8000/api/v1/responses/ \"HTTP/1.1 200 OK\"\u001B[0m"
"\u001B[1mHTTP Request: POST https://localhost:8000/api/v1/responses \"HTTP/1.1 307 Temporary Redirect\"\u001B[0m\n",
"\u001B[1mHTTP Request: POST https://localhost:8000/api/v1/responses/ \"HTTP/1.1 200 OK\"\u001B[0m"
]
},
{
@ -106,4 +124,4 @@
},
"nbformat": 4,
"nbformat_minor": 2
}
}