happyz
/
llama.cpp
mirror of https://github.com/ggerganov/llama.cpp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

server: integrate security logging with authentication 

Integrates security audit logging into server initialization and cleanup
lifecycle. Adds authentication audit events to API key validation middleware,
logging success/failure events with endpoint, method, remote address,
and key status.
This commit is contained in:
Jules LEIDELINGER 2026-03-06 11:30:06 +08:00
parent 5b35185afa
commit 0306a58fce
2 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tools/server/server-http.cpp
View File

@ -155,12 +155,24 @@ bool server_http_context::init(const common_params & params) {
req_api_key = req_api_key.substr(prefix.size()); req_api_key = req_api_key.substr(prefix.size());
} }
// audit logging for missing API key
if (req_api_key.empty()) {
security_log_audit_event("auth_failure", req.path, req.method, req.remote_addr, "missing",
"No API key provided");
}
// validate the API key // validate the API key
if (std::find(api_keys.begin(), api_keys.end(), req_api_key) != api_keys.end()) { if (std::find(api_keys.begin(), api_keys.end(), req_api_key) != api_keys.end()) {
security_log_audit_event("auth_success", req.path, req.method, req.remote_addr, "provided",
"API key validated");
return true; // API key is valid return true; // API key is valid
} }
// API key is invalid or not provided // API key is invalid or not provided
if (!req_api_key.empty()) {
security_log_audit_event("auth_failure", req.path, req.method, req.remote_addr, "invalid",
"Invalid API key provided");
}
res.status = 401; res.status = 401;
res.set_content( res.set_content(
safe_json_to_str(json { safe_json_to_str(json {

3
tools/server/server.cpp
View File

@ -99,6 +99,7 @@ int main(int argc, char ** argv) {
} }
common_init(); common_init();
security_log_init(params.security_log_folder);
// struct that contains llama context and inference // struct that contains llama context and inference
server_context ctx_server; server_context ctx_server;
@ -216,6 +217,7 @@ int main(int argc, char ** argv) {
if (models_routes.has_value()) { if (models_routes.has_value()) {
models_routes->models.unload_all(); models_routes->models.unload_all();
} }
security_log_cleanup();
llama_backend_free(); llama_backend_free();
}; };
@ -236,6 +238,7 @@ int main(int argc, char ** argv) {
SRV_INF("%s: cleaning up before exit...\n", __func__); SRV_INF("%s: cleaning up before exit...\n", __func__);
ctx_http.stop(); ctx_http.stop();
ctx_server.terminate(); ctx_server.terminate();
security_log_cleanup();
llama_backend_free(); llama_backend_free();
}; };