A secure proxy for OpenAI and Anthropic APIs that provides:
- Request/response logging
- Configurable security filters
- Rate limiting
- Monitoring capabilities
- Clone the repository:
git clone https://github.com/jio-gl/openai-proxy.git
cd openai-proxy- Install dependencies:
pip install -r requirements.txt- Create a
.envfile with your configuration:
cp .env-example .env
# Edit the .env file with your settings- Clone the repository:
git clone https://github.com/jio-gl/openai-proxy.git
cd openai-proxy- Create a
.envfile with your configuration:
cp .env-example .env
# Edit the .env file with your settings- Build and run with Docker Compose:
docker-compose up -dThe .env file supports the following settings:
# OpenAI API key
OPENAI_API_KEY=your_openai_api_key_here
# Anthropic API key
ANTHROPIC_API_KEY=your_anthropic_api_key_here
ANTHROPIC_VERSION=2023-06-01
# Logging configuration
LOG_LEVEL=INFO
LOG_FILE=logs/api-firewall.log
# Filter configuration
# Set to "false" to disable security filters
FILTERS_ENABLED=true
# Maximum tokens allowed in a request
FILTERS_MAX_TOKENS=8192
# Comma-separated list of allowed models
FILTERS_ALLOWED_MODELS=gpt-3.5-turbo,gpt-4,gpt-4-turbo,gpt-4o-mini,text-embedding-ada-002,claude-3-opus-20240229,claude-3-sonnet-20240229,claude-3-haiku-20240307,claude-3-5-sonnet-20240620
# Rate limit (requests per minute)
FILTERS_RATE_LIMIT=100
Start the server:
python run.pyOr using uvicorn directly:
uvicorn app.main:app --reload --port 8000# Start the service
docker-compose up -d
# View logs
docker-compose logs -f
# Stop the service
docker-compose downUse the proxy by replacing the API base URLs with your local server:
For OpenAI API:
http://localhost:8000/v1/
For Anthropic API:
http://localhost:8000/anthropic/
For example, if you're using the OpenAI Python client:
import openai
openai.api_key = "your_api_key"
openai.base_url = "http://localhost:8000/v1/"
response = openai.chat.completions.create(
model="gpt-3.5-turbo",
messages=[{"role": "user", "content": "Hello world"}]
)
print(response)For Anthropic's Claude using the Python SDK:
from anthropic import Anthropic
client = Anthropic(
api_key="your_anthropic_api_key",
base_url="http://localhost:8000/anthropic"
)
response = client.messages.create(
model="claude-3-sonnet-20240229",
max_tokens=100,
messages=[
{"role": "user", "content": "Hello world"}
]
)
print(response.content)Note: Integration with Cursor is currently a work in progress (WIP) as Cursor blocks local API calls to private networks.
To use this proxy with Cursor IDE:
-
Make sure the proxy is running and accessible on a public URL (not localhost)
- For local development, use ngrok or SSH tunneling (see
run_proxy_with_ngrok.sh) - For production, deploy on a cloud server with a public domain
- For local development, use ngrok or SSH tunneling (see
-
In Cursor settings:
- Go to Settings > AI > API Endpoints
- Set the OpenAI Base URL to your proxy's public URL + "/v1"
- Example:
https://your-domain.com/v1orhttps://abcd1234.ngrok-free.app/v1
-
Cursor should now route all OpenAI API requests through your proxy.
Important: Cursor will reject connections to private network URLs (localhost/127.0.0.1). You must expose your proxy through a public URL using ngrok, SSH tunneling, or cloud hosting.
All endpoints for both OpenAI and Anthropic APIs are supported, including:
/v1/chat/completions/v1/completions/v1/embeddings- Any other OpenAI API endpoint
/anthropic/v1/messages- Other Anthropic API endpoints
The proxy includes several security filters:
- Model filtering: Only allow specified models
- Token limit: Prevent excessive token usage
- Content filtering: Block requests with prohibited content
- Rate limiting: Prevent abuse with request rate limits
Detailed request and response logging with privacy controls:
- All requests and responses are logged
- Sensitive information (API keys, auth tokens) is automatically redacted
- Logs can be directed to console or file
- Configurable log levels
Run the tests with pytest:
pytestFor verbose output:
pytest -vvThe project includes integration tests that use a real OpenAI API key to make actual API calls through the proxy. These tests verify that:
- Chat completions (both streaming and non-streaming) work correctly
- Embeddings can be generated successfully
- Security filters block invalid models
- Sensitive information is handled appropriately
To run the integration tests:
- Ensure you have a valid OpenAI API key set in your environment:
export OPENAI_API_KEY="sk-your-api-key"- Run only the integration tests:
pytest tests/test_integration.py -vNote: These tests will be skipped if no API key is available.
app/- Main application codemain.py- FastAPI applicationproxy.py- API proxies (OpenAI and Anthropic)security.py- Security filterslogging.py- Logging utilitiesconfig.py- Configuration management
tests/- Test suiteexamples/- Example scripts showing usagelogs/- Log filesrun.py- Application entry pointDockerfile- Docker configurationdocker-compose.yml- Docker Compose configuration
Apache License 2.0
- Added: Apache 2.0 License file
- Added: Improved setup for public networks via ngrok or SSH tunneling
- Added: Proper gitignore file for better repository management
- Fixed: Removed sensitive data from example files
- Improved: Documentation for direct deployment and cloud hosting options
- Fixed: Resolved "Too little data for declared Content-Length" error by implementing proper content-length handling for all JSON responses.
- Fixed: Created SafeJSONResponse class to ensure consistent content-length headers for all API responses.
- Changed: Updated default port from 8088 to 8000 to match OpenAI and Anthropic APIs.
- Improved: Enhanced browser emulation headers to better bypass API restrictions.
- Added: Explicit OpenAI Organization ID support from environment variables.