litellm-rs 0.4.16

A high-performance AI Gateway written in Rust, providing OpenAI-compatible APIs with intelligent routing, load balancing, and enterprise features
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167

//! Middleware for API key management routes
//!
//! This module provides middleware for authentication, rate limiting,
//! and audit logging of key management operations.

#![allow(dead_code)] // Middleware structures are defined for future use

use actix_web::Error;
use actix_web::dev::{Service, ServiceRequest, ServiceResponse, Transform, forward_ready};
use futures::future::LocalBoxFuture;
use std::future::{Ready, ready};
use std::rc::Rc;
use tracing::{info, warn};

/// Middleware for audit logging key operations
pub struct KeyAuditLogger;

impl KeyAuditLogger {
    pub fn new() -> Self {
        Self
    }
}

impl Default for KeyAuditLogger {
    fn default() -> Self {
        Self::new()
    }
}

impl<S, B> Transform<S, ServiceRequest> for KeyAuditLogger
where
    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
    S::Future: 'static,
    B: 'static,
{
    type Response = ServiceResponse<B>;
    type Error = Error;
    type InitError = ();
    type Transform = KeyAuditLoggerMiddleware<S>;
    type Future = Ready<Result<Self::Transform, Self::InitError>>;

    fn new_transform(&self, service: S) -> Self::Future {
        ready(Ok(KeyAuditLoggerMiddleware {
            service: Rc::new(service),
        }))
    }
}

pub struct KeyAuditLoggerMiddleware<S> {
    service: Rc<S>,
}

impl<S, B> Service<ServiceRequest> for KeyAuditLoggerMiddleware<S>
where
    S: Service<ServiceRequest, Response = ServiceResponse<B>, Error = Error> + 'static,
    S::Future: 'static,
    B: 'static,
{
    type Response = ServiceResponse<B>;
    type Error = Error;
    type Future = LocalBoxFuture<'static, Result<Self::Response, Self::Error>>;

    forward_ready!(service);

    fn call(&self, req: ServiceRequest) -> Self::Future {
        let service = self.service.clone();

        // Extract audit information
        let method = req.method().to_string();
        let path = req.path().to_string();
        let client_ip = req
            .connection_info()
            .peer_addr()
            .unwrap_or("unknown")
            .to_string();

        Box::pin(async move {
            // Log the request
            info!(
                target: "key_audit",
                method = %method,
                path = %path,
                client_ip = %client_ip,
                "Key management operation initiated"
            );

            let result = service.call(req).await;

            match &result {
                Ok(response) => {
                    let status = response.status();
                    if status.is_success() {
                        info!(
                            target: "key_audit",
                            method = %method,
                            path = %path,
                            status = %status.as_u16(),
                            "Key management operation completed successfully"
                        );
                    } else {
                        warn!(
                            target: "key_audit",
                            method = %method,
                            path = %path,
                            status = %status.as_u16(),
                            "Key management operation failed"
                        );
                    }
                }
                Err(e) => {
                    warn!(
                        target: "key_audit",
                        method = %method,
                        path = %path,
                        error = %e,
                        "Key management operation error"
                    );
                }
            }

            result
        })
    }
}

/// Rate limiter for key verification endpoint
/// This helps prevent brute-force attacks on the verification endpoint
pub struct KeyVerificationRateLimiter {
    /// Maximum requests per minute
    pub max_requests_per_minute: u32,
}

impl KeyVerificationRateLimiter {
    pub fn new(max_requests_per_minute: u32) -> Self {
        Self {
            max_requests_per_minute,
        }
    }
}

impl Default for KeyVerificationRateLimiter {
    fn default() -> Self {
        Self::new(60) // 60 requests per minute by default
    }
}

#[cfg(test)]
mod middleware_tests {
    use super::*;

    #[test]
    fn test_audit_logger_creation() {
        let _logger = KeyAuditLogger::new();
    }

    #[test]
    fn test_rate_limiter_default() {
        let limiter = KeyVerificationRateLimiter::default();
        assert_eq!(limiter.max_requests_per_minute, 60);
    }

    #[test]
    fn test_rate_limiter_custom() {
        let limiter = KeyVerificationRateLimiter::new(100);
        assert_eq!(limiter.max_requests_per_minute, 100);
    }
}