You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
JS Client: I would like to start of by saying that i am aware that it is no longer maintained. However since I'm working with react 18, naturally i went for the JS Client first. Problem is that after setting up my code like so: const weave = require('weaviate-client'); const client = weave.client({ scheme: 'https', host: 'cluster-something.weaviate.network', headers: {'X-OpenAI-Api-Key': 'secret-key'}, authClientSecret: new weave.AuthUserPasswordCredentials({ username: 'email', password: 'password!', }), })
I am unable to get past openconfiguration as the one and only header that is required for queries in my case, ie, the 'x-open-ai-api-key' happens to be a forbidden header. This is also applicable for all 'Acess-Control-X' headers. In short, it fails preflight.
The issue is however resolved when i turn on CORS everywhere for firefox. Not reallu sure if this will negatively impact the production build.
The exact error is attached below: Access fetch at api-endpoint' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field x-openai-api-key is not allowed by Access-Control-Allow-Headers in preflight response.
To me it looks like you need an https server to run queries. But surely i have to be wrong. I mean there should be some wiggle room for development environments.
TS Client: Since i work with react 18, switching to the ts library was not easy. I had to downgrade react-scripts v5 to v4 which was already not ideal. But once i got it running, on using the code above in issue 1, I got an error saying that "You can either provide an API Key or Auth Credentials" which had me confused because the documentation says that you need to provide both. Yes, i did infact double check that i am using the 'x-open-ai-api-key' in headers. So i was not in any way providing an auth token alongside auth credentials.
If Anyone has any suggestions or can help in any way i would really appreciate it. Thanks!
The text was updated successfully, but these errors were encountered:
kcm
transferred this issue from weaviate/weaviate
Apr 11, 2023
Hi, yes, HTTPS is generally required for most use today. You'll need to either use a local proxy or disable checks as you've found without it, generally.
The Typescript client works with both JS and TS. You should be be able to use either with React 18. Please give that a shot and see if your issues remain.
I'm going to close this issue as the client is no longer maintained.
Regarding the query for the TS client, you may be confusing Weaviate API key vs OpenAI keys. The below config will connect with a Weaviate API key and OpenAI key for the OpenAI module:
constweaviate=require('weaviate-ts-client');// Instantiate the client with the auth configconstclient=weaviate.client({scheme: 'https',host: "some-endpoint.weaviate.network",apiKey: newweaviate.ApiKey("YOUR-WEAVIATE-API-KEY"),// Replace w/ your API Key for the Weaviate instanceheaders: {"X-OpenAI-Api-Key": "<THE-KEY>"}});
For your questions around CORS. Currently the header X-OpenAI-Api-Key will not be allowed by the browser unless explicitly allowed via CORS due to browser security settings. We have an open issue to add custom CORS settings to Weaviate weaviate/weaviate#2486. A current workaround would be to use NGINX or create a simple wrapper api around Weaviate which would also give you the benefit of keeping the OpenAI key hidden from users.
Issues:
JS Client: I would like to start of by saying that i am aware that it is no longer maintained. However since I'm working with react 18, naturally i went for the JS Client first. Problem is that after setting up my code like so:
const weave = require('weaviate-client'); const client = weave.client({ scheme: 'https', host: 'cluster-something.weaviate.network', headers: {'X-OpenAI-Api-Key': 'secret-key'}, authClientSecret: new weave.AuthUserPasswordCredentials({ username: 'email', password: 'password!', }), })
I am unable to get past openconfiguration as the one and only header that is required for queries in my case, ie, the 'x-open-ai-api-key' happens to be a forbidden header. This is also applicable for all 'Acess-Control-X' headers. In short, it fails preflight.
The issue is however resolved when i turn on CORS everywhere for firefox. Not reallu sure if this will negatively impact the production build.
The exact error is attached below:
Access fetch at api-endpoint' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field x-openai-api-key is not allowed by Access-Control-Allow-Headers in preflight response.
To me it looks like you need an https server to run queries. But surely i have to be wrong. I mean there should be some wiggle room for development environments.
TS Client: Since i work with react 18, switching to the ts library was not easy. I had to downgrade react-scripts v5 to v4 which was already not ideal. But once i got it running, on using the code above in issue 1, I got an error saying that "You can either provide an API Key or Auth Credentials" which had me confused because the documentation says that you need to provide both. Yes, i did infact double check that i am using the 'x-open-ai-api-key' in headers. So i was not in any way providing an auth token alongside auth credentials.
If Anyone has any suggestions or can help in any way i would really appreciate it. Thanks!
The text was updated successfully, but these errors were encountered: