cvpfus
Add missing feature proposals
e163e74
|
Raw
History Blame Contribute Delete
1.51 kB

Secure Modal Klein Endpoint

Why

The Modal Klein worker exposes POST /generate without an app-level token. Modal URLs are not meant to be treated as secrets, and image generation can consume paid compute. The endpoint should support a simple shared-token guard while keeping local fallback behavior unchanged.

What Changes

  • Add optional KLEIN_MODAL_TOKEN configuration.
  • Send the token from Tiny Narrator to the Modal worker when configured.
  • Require the token in the Modal worker when configured there.
  • Keep unauthenticated behavior only when no token is configured, so local tests and demos remain simple.
  • Ensure runtime setup/status never exposes the token value.

Capabilities

  • modal-klein-token-auth: protect live Klein generation with bearer or app token headers.
  • safe-modal-status: perform health checks with auth when required.
  • secret-redaction: document and verify that token values are never leaked.

Non-Goals

  • Do not add user accounts or browser login.
  • Do not require auth for local fallback generation.
  • Do not change the /api/generate-image browser-facing contract.
  • Do not hard-code secrets in code, docs, or verifier fixtures.

Impact

  • app.py will read KLEIN_MODAL_TOKEN and attach it to Modal worker requests.
  • modal_workers/klein_image.py will validate the incoming token when configured.
  • .env.example, README, and runtime setup text will document the token.
  • scripts/verify.py will check auth wiring and secret redaction.