View Single Post
Old 06-30-2024, 10:16 PM   #14
Bradles
Zealot
Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.Bradles turned on, tuned in, and dropped out.
 
Bradles's Avatar
 
Posts: 112
Karma: 35586
Join Date: Nov 2020
Location: Perth, Western Australia
Device: Apple Books & Kobo Libra H20
Quote:
Originally Posted by YGKGamer View Post
I am assuming that if you can log the API key then you get access to the person's account. Why not make the login info required each time and it is not saved so that way you do not have access? Or force the user to use an authenticator like duo mobile. If my assumption is incorrect, then sorry, and please disregard this post.
Your assumption is incorrect, but I won't disregard your post as you've shown genuine interest in AI and not just responded with FUD.

The API key doesn't give access to the account, but it does allow use of the account, i.e. expense would be incurred.

The way I designed my solution, and the way most APIs work, the API key is required for every call to the backend LLM. So the plugin would call my API, and my API would call the backend LLM, passing along the API key.

Anyway, it's a moot point, as I won't release this plugin due to lack of interest.
Bradles is offline   Reply With Quote