completion-kit 0.5.28 → 0.5.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -1
- data/app/controllers/completion_kit/api/v1/base_controller.rb +2 -0
- data/app/controllers/completion_kit/application_controller.rb +2 -0
- data/lib/completion_kit/version.rb +1 -1
- data/lib/completion_kit.rb +4 -0
- data/lib/generators/completion_kit/templates/initializer.rb +6 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f1c4a2e5c9305e6f54a09266a8e7896231c6518dbe576a76c1f0d3db6511f18f
|
|
4
|
+
data.tar.gz: 1127b9f555ef7ef483302522cfb9039ec9d274cfa32aff2789301562ea0d1043
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3e6018c3d6d44ae68d64646f4d7272013f065203c765c68444800fd9b528b137582a4b4c6872a1b3e33325ab66a1dc5f67dd59536185320f602bc9875be8c101
|
|
7
|
+
data.tar.gz: 856868da4c6d9aa78fbf3b0a0d7ead23065c3f4b50970aed1056849650f9cffe1e62e01ddaeca2e595e2cc2837c67f077f5e3fd1820f74348cc4fd23d3dffaa1
|
data/README.md
CHANGED
|
@@ -111,7 +111,7 @@ Or add them to `config/credentials.yml.enc` under `active_record_encryption`. In
|
|
|
111
111
|
|
|
112
112
|
## Authentication
|
|
113
113
|
|
|
114
|
-
CompletionKit requires authentication in
|
|
114
|
+
CompletionKit requires authentication in any deployed environment. In development and test, routes are open by default (with a log warning); every other environment returns 403 until auth is configured.
|
|
115
115
|
|
|
116
116
|
### Basic Auth (recommended for simple setups)
|
|
117
117
|
|
|
@@ -132,6 +132,19 @@ end
|
|
|
132
132
|
|
|
133
133
|
Only one mode can be active.
|
|
134
134
|
|
|
135
|
+
## Rate limiting
|
|
136
|
+
|
|
137
|
+
The REST API, the MCP endpoint, and the web UI are rate limited per IP, per minute. The defaults are generous; tune them in the initializer:
|
|
138
|
+
|
|
139
|
+
```ruby
|
|
140
|
+
CompletionKit.configure do |c|
|
|
141
|
+
c.api_rate_limit = 120 # REST API + MCP, requests per minute (default 120)
|
|
142
|
+
c.web_rate_limit = 300 # web UI, requests per minute (default 300)
|
|
143
|
+
end
|
|
144
|
+
```
|
|
145
|
+
|
|
146
|
+
Limiting uses `Rails.cache`. A shared cache store (Solid Cache, Redis) throttles accurately across multiple app instances; a per-process store still throttles each instance independently.
|
|
147
|
+
|
|
135
148
|
## How it works
|
|
136
149
|
|
|
137
150
|
1. **Create a prompt** with `{{variable}}` placeholders
|
|
@@ -2,6 +2,8 @@ module CompletionKit
|
|
|
2
2
|
module Api
|
|
3
3
|
module V1
|
|
4
4
|
class BaseController < ActionController::API
|
|
5
|
+
rate_limit to: CompletionKit.config.api_rate_limit, within: 1.minute,
|
|
6
|
+
with: -> { render json: {error: "Rate limit exceeded"}, status: :too_many_requests }
|
|
5
7
|
before_action :authenticate_api!
|
|
6
8
|
|
|
7
9
|
private
|
|
@@ -3,6 +3,8 @@ module CompletionKit
|
|
|
3
3
|
helper Heroicons::IconsHelper
|
|
4
4
|
layout "completion_kit/application"
|
|
5
5
|
|
|
6
|
+
rate_limit to: CompletionKit.config.web_rate_limit, within: 1.minute,
|
|
7
|
+
with: -> { render plain: "Rate limit exceeded. Please slow down.", status: :too_many_requests }
|
|
6
8
|
before_action :authenticate_completion_kit!
|
|
7
9
|
|
|
8
10
|
private
|
data/lib/completion_kit.rb
CHANGED
|
@@ -10,6 +10,7 @@ module CompletionKit
|
|
|
10
10
|
attr_accessor :username, :password, :auth_strategy, :api_token
|
|
11
11
|
attr_accessor :tenant_scope, :tenant_scope_columns
|
|
12
12
|
attr_accessor :api_reference_authentication_partial
|
|
13
|
+
attr_accessor :api_rate_limit, :web_rate_limit
|
|
13
14
|
|
|
14
15
|
def initialize
|
|
15
16
|
@openai_api_key = ENV['OPENAI_API_KEY']
|
|
@@ -21,6 +22,9 @@ module CompletionKit
|
|
|
21
22
|
@high_quality_threshold = 4
|
|
22
23
|
@medium_quality_threshold = 3
|
|
23
24
|
|
|
25
|
+
@api_rate_limit = 120
|
|
26
|
+
@web_rate_limit = 300
|
|
27
|
+
|
|
24
28
|
@api_reference_authentication_partial = "completion_kit/api_reference/authentication"
|
|
25
29
|
end
|
|
26
30
|
|
|
@@ -44,4 +44,10 @@ CompletionKit.configure do |config|
|
|
|
44
44
|
# Web UI Authentication
|
|
45
45
|
# config.username = "admin"
|
|
46
46
|
# config.password = ENV['COMPLETION_KIT_PASSWORD']
|
|
47
|
+
|
|
48
|
+
# Rate limiting (requests per minute, per IP)
|
|
49
|
+
# The REST API and MCP endpoint share api_rate_limit; the web UI uses
|
|
50
|
+
# web_rate_limit. Both are enforced through Rails.cache.
|
|
51
|
+
# config.api_rate_limit = 120
|
|
52
|
+
# config.web_rate_limit = 300
|
|
47
53
|
end
|