Merge pull request #27 from technologiestiftung/staging

feat: make file limit configurable in env
technologiestiftung · Dec 12, 2024 · e97fbb9 · e97fbb9
2 parents b61c7d2 + 518e13c
commit e97fbb9
Show file tree

Hide file tree

Showing 9 changed files with 65 additions and 54 deletions.
diff --git a/.env.sample b/.env.sample
@@ -13,3 +13,6 @@ AZURE_LLM_ENDPOINT="https://<your_hub>.openai.azure.com/openai/deployments/gpt-3
 # config for OpenAI LLM
 OPENAI_ENDPOINT="https://api.openai.com/v1/chat/completions"
 OPENAI_API_KEY=sk-...
+
+# limit file size for document upload to 8MB
+UPLOAD_FILE_SIZE_LIMIT_MB=8
diff --git a/src/index.ts b/src/index.ts
@@ -1,3 +1,7 @@
+// Make sure that config is parsed first before it is used in the middleware and routes.
+import { parseConfig } from "./utils/parse-config";
+export const config: Config = parseConfig();
+
 import express from "express";
 import basicAuthMiddleware from "./middleware/basic-auth-middleware";
 import corsMiddleware from "./middleware/cors";
@@ -6,18 +10,15 @@ import chatRoutes from "./routes/chat-routes";
 import documentRoutes from "./routes/document-routes";
 import healthRoutes from "./routes/health-routes";
 import { Config } from "./types/config-types";
-import { parseConfig } from "./utils/parse-config";
 import modelRoutes from "./routes/model-routes";
 
-export const config: Config = parseConfig();
-
 const app = express();
 const port = 3000;
 
 app.use(express.json({ limit: "10mb" }));
-app.use(corsMiddleware(config));
-app.use(rateLimitMiddleware(config));
-app.use(basicAuthMiddleware(config));
+app.use(corsMiddleware);
+app.use(rateLimitMiddleware);
+app.use(basicAuthMiddleware);
 
 app.use("/", healthRoutes);
 app.use("/chat", chatRoutes);

diff --git a/src/middleware/basic-auth-middleware.ts b/src/middleware/basic-auth-middleware.ts
@@ -1,29 +1,32 @@
-import { Request, Response, NextFunction } from "express";
-import { Config } from "../types/config-types";
+import { NextFunction, Request, Response } from "express";
+import { config } from "..";
 
-const basicAuthMiddleware =
-  (config: Config) => (req: Request, res: Response, next: NextFunction) => {
-    const xApiKeyInHeader = req.headers["x-api-key"];
+const basicAuthMiddleware = (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  const xApiKeyInHeader = req.headers["x-api-key"];
 
-    if (!xApiKeyInHeader) {
-      return res.status(401).json({
-        message: "Unauthorized",
-        code: "unauthorized",
-        status: 401,
-      });
-    }
+  if (!xApiKeyInHeader) {
+    return res.status(401).json({
+      message: "Unauthorized",
+      code: "unauthorized",
+      status: 401,
+    });
+  }
 
-    const validXApiKey = config.xApiKey;
+  const validXApiKey = config.xApiKey;
 
-    if (xApiKeyInHeader !== validXApiKey) {
-      return res.status(401).json({
-        message: "Unauthorized",
-        code: "unauthorized",
-        status: 401,
-      });
-    }
+  if (xApiKeyInHeader !== validXApiKey) {
+    return res.status(401).json({
+      message: "Unauthorized",
+      code: "unauthorized",
+      status: 401,
+    });
+  }
 
-    next();
-  };
+  next();
+};
 
 export default basicAuthMiddleware;
diff --git a/src/middleware/cors.ts b/src/middleware/cors.ts
@@ -1,15 +1,13 @@
-import { Config } from "./../types/config-types";
 import cors from "cors";
+import { config } from "..";
 
-const corsMiddleware = (config: Config) => {
-  const corsOptions = {
-    origin: config.corsAllowedOrigin,
-    methods: "GET,POST",
-    allowedHeaders: "Content-Type,Authorization,x-api-key,llm",
-    optionsSuccessStatus: 200,
-  };
-
-  return cors(corsOptions);
+const corsOptions = {
+  origin: config.corsAllowedOrigin,
+  methods: "GET,POST",
+  allowedHeaders: "Content-Type,Authorization,x-api-key,llm",
+  optionsSuccessStatus: 200,
 };
 
+const corsMiddleware = cors(corsOptions);
+
 export default corsMiddleware;
diff --git a/src/middleware/file-upload-middleware.ts b/src/middleware/file-upload-middleware.ts
@@ -1,5 +1,6 @@
 import multer from "multer";
 import path from "path";
+import { config } from "..";
 
 const storage = multer.memoryStorage();
 
@@ -22,7 +23,7 @@ const fileFilter = (req: any, file: any, cb: any) => {
 const upload = multer({
   storage,
   fileFilter,
-  limits: { fileSize: 2 * 1024 * 1024 },
+  limits: { fileSize: config.fileUploadLimitMb * 1024 * 1024 },
 });
 
 export default upload;
diff --git a/src/middleware/rate-limit.ts b/src/middleware/rate-limit.ts
@@ -1,18 +1,17 @@
 import rateLimit from "express-rate-limit";
-import { Config } from "../types/config-types";
+import { config } from "..";
 
-const limiter = (config: Config) =>
-  rateLimit({
-    windowMs: 1 * 60 * 1000,
-    max: config.rateLimitRequestsPerMinute,
-    message: "API rate limit exceeded, please try again after one minute.",
-    handler: function (req, res) {
-      res.status(429).json({
-        message: "API rate limit exceeded, please try again after one minute.",
-        code: "api_rate_limit_exceeded",
-        status: 429,
-      });
-    },
-  });
+const limiter = rateLimit({
+  windowMs: 1 * 60 * 1000,
+  max: config.rateLimitRequestsPerMinute,
+  message: "API rate limit exceeded, please try again after one minute.",
+  handler: function (req, res) {
+    res.status(429).json({
+      message: "API rate limit exceeded, please try again after one minute.",
+      code: "api_rate_limit_exceeded",
+      status: 429,
+    });
+  },
+});
 
 export default limiter;
diff --git a/src/routes/document-routes.ts b/src/routes/document-routes.ts
@@ -1,6 +1,7 @@
 import { Router } from "express";
 import { extractDocumentContent } from "../controllers/document-controller";
 import upload from "../middleware/file-upload-middleware";
+import { config } from "..";
 
 const router = Router();
 
@@ -10,7 +11,7 @@ router.post("/extract", (req, res) => {
       console.log(err);
       if (err.code === "LIMIT_FILE_SIZE") {
         return res.status(400).json({
-          message: "File size is too large. Max limit is 2MB",
+          message: `File size is too large. Max limit is ${config.fileUploadLimitMb}MB`,
           code: "file_size_limit_exceeded",
           status: 400,
         });

diff --git a/src/types/config-types.ts b/src/types/config-types.ts
@@ -12,4 +12,5 @@ export interface Config {
   supabaseUrl: string;
   supabaseAnonKey: string;
   xApiKey: string;
+  fileUploadLimitMb: number;
 }
diff --git a/src/utils/parse-config.ts b/src/utils/parse-config.ts
@@ -31,6 +31,9 @@ export function parseConfig(): Config {
   if (!process.env.OLLAMA_API_KEY) {
     throw new Error("OLLAMA_API_KEY must be defined");
   }
+  if (!process.env.UPLOAD_FILE_SIZE_LIMIT_MB) {
+    throw new Error("UPLOAD_FILE_SIZE_LIMIT_MB must be defined");
+  }
   return {
     azureLlmApiKey: process.env.AZURE_LLM_API_KEY,
     azureLlmEndpointGpt35Turbo: process.env.AZURE_LLM_ENDPOINT_GPT_35_TURBO,
@@ -46,5 +49,6 @@ export function parseConfig(): Config {
     supabaseUrl: process.env.SUPABASE_URL,
     supabaseAnonKey: process.env.SUPABASE_ANON_KEY,
     xApiKey: process.env.X_API_KEY,
+    fileUploadLimitMb: parseInt(process.env.UPLOAD_FILE_SIZE_LIMIT_MB),
   } as Config;
 }