Using Authorization header to specify Openai API key on a per-request basis instead of config.yaml

[Matteo-Frattaroli]

Hello,

first of all kudos: I recently started using memobase, it seems very well designed and it works really well.

For a project of mine, which uses the OSS version of your api server, I was wondering if you have in roadmap a support for specifying OpenAI api keys on a per-request basis.

Exploring the source code i noticed that you (rightly) instantiate a global openai client once and use it only when flushing the memory buffer (but correct me if I'm wrong). I'm just spitballing here, becuase maybe I'm missing somethig, but I was thinking that if, and only if, an Authorization header is specified, a new AsyncOpenAI instance could be created with the specified api key attribute and destroyed in the lifecycle of a single flush request otherwise falling back on the existing global instance.

To avoid excessive dependency injection, as i saw there is a pretty deep chain to go down to the actual request, maybe a context var can be used to store the actual instance to be used for a specific request without major impacts on the code base, performances or on the current functionalities.

If you find this proposal interesting I would be glad to contribute. Let me know what you think!

[gusye1234]

hmmm, can you elaborate more in which case you will need a per-request OpenAI API key? I guess you might have a lot of OpenAI Keys, and you want to rotate them for use?