npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@genesis-xyz/ai

v0.0.8

Published

Auth that enables users to sign in with their own OpenAI API key, so that you can build apps powered by users. Your app, their API usage.

Downloads

18

Readme

Sign In With AI

Auth that enables users to sign in with their own OpenAI API key, so that you can build apps powered by users. Your app, their API usage.

User OpenAI API keys will not be shared with your app. Instead, your app will receive an apiKey and baseURL for a proxy to the OpenAI API which uses your user's API keys.

Why build apps using Sign In With AI?

Because we believe it should be easier for developers to experiment and build new ideas for AI apps.

For each new app they build, developers also become responsible for the cost of using the OpenAI API and apps that leverage cutting-edge models like GPT-4 can carry a large bill if usage grows. Multiply that cost burden across several app ideas and that's a lot of overhead, making it harder to justify building new app ideas.

As a result, it’s becoming increasingly common to allow users to paste their personal OpenAI API key directly into the app. Not only is this bad security, it’s also super annoying for users to manually paste their API key in every new app that they want to try.

By offering a way for users to sign in with their own OpenAI API key, Genesis provides a safer way for users to try more AI apps and empowers developers to build their app ideas more easily, without taking on all of the cost burden for compute. It’s a win-win for everyone involved.

Installation

bun add @genesis-xyz/ai

‼️ Add this script to the <head> tag of your site:

<script src="https://unpkg.com/@passes/polyfill@^0.1.5"></script>

Usage

requestOpenAIAPI returns the following type, which may be passed directly to the OpenAI sdk constructor.

type RequestOpenAIAPIResult = {
  apiKey: string;
  baseURL: string;
};

With the openai sdk:

import { requestOpenAIAPI } from '@genesis-xyz/ai';
import { OpenAI } from 'openai';

// Request the user to "Sign In With OpenAI"
const openai = new OpenAI(await requestOpenAIAPI());

const chat = await openai.chat.completions.create({
  model: 'gpt-4',
  stream: true,
  messages: [{ role: 'user', content: 'Hello OpenAI!' }],
});

With client-side fetch:

import { requestOpenAIAPI } from '@genesis-xyz/ai';
import { OpenAI } from 'openai';

// Request the user to "Sign In With OpenAI"
const { baseURL, apiKey } = await requestOpenAIAPI();

// Use fetch to request the OpenAI API
const result = await fetch(`${baseURL}/chat/completions`, {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${apiKey}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    model: 'gpt-4',
    messages: [{ role: 'user', content: 'Hello OpenAI!' }],
  }),
})

FAQ

Requesting an OpenAI API key from the user

  1. When a user first signs up for your app, a new tab opens and requests the user to enter their OpenAI API key and secure it with a Passkey.
  2. The API key is encrypted and stored for easy future access.
  3. Your app gets an apiKey and baseURL that it can use to configure the openai SDK.

Proxying the the OpenAI API

  1. Your app sends requests to the provided baseURL, which is a proxy to OpenAI's API.
  2. The proxy sends requests to OpenAI with the user's OpenAI API key.
  3. Responses from OpenAI are streamed to your app.
  • Encrypted API keys. User API keys are wrapped in (encrypted) JWTs for both storage and transmission, meaning the key is never directly exposed to the requesting site or transmitted over the network in plain text.
  • Reverse proxy. Genesis hosts a secure intermediary layer for proxying OpenAI API requests, which handles decrypting the user's API key, and forwarding the request to OpenAI. The reverse proxy allows the client to use the full functionality of the OpenAI API (including streaming) without ever handling the user API key.

For users: How do I get an OpenAI API key?

For now, it’s a manual process:

  1. If you already have an OpenAI account, sign in on the developer platform. If not, sign up for an account here.

  2. To get an API key, click the lock icon in the left-side toolbar.

  3. You’ll see all of the API keys that you’ve created on this page. To create a new API key, select Create new secret key, give it a name, and then copy the API key that appears.

    • Note: any previously created API keys can’t be retrieved from this page, so be sure to save the key when you create it.
  4. Paste the API key in the text field and approve the request.