{"id":19747052,"url":"https://github.com/backmesh/backmesh","last_synced_at":"2025-10-29T15:49:42.265Z","repository":{"id":271933243,"uuid":"836513849","full_name":"backmesh/backmesh","owner":"backmesh","description":"Open Source BaaS for AI apps","archived":false,"fork":false,"pushed_at":"2025-02-27T19:33:55.000Z","size":268,"stargazers_count":8,"open_issues_count":1,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-02-27T21:09:26.130Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://backmesh.com","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/backmesh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-01T02:37:20.000Z","updated_at":"2025-02-27T21:03:15.000Z","dependencies_parsed_at":"2025-01-10T21:08:00.449Z","dependency_job_id":"eacf385d-f840-4b3a-a9ca-d2d16c3bc4e6","html_url":"https://github.com/backmesh/backmesh","commit_stats":null,"previous_names":["backmesh/backmesh"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backmesh%2Fbackmesh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backmesh%2Fbackmesh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backmesh%2Fbackmesh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backmesh%2Fbackmesh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/backmesh","download_url":"https://codeload.github.com/backmesh/backmesh/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241078464,"owners_count":19905861,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firebase","flutter","openai-api","react-native"],"created_at":"2024-11-12T02:16:45.555Z","updated_at":"2025-10-29T15:49:42.260Z","avatar_url":"https://github.com/backmesh.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://backmesh.com/img/logo.png\" width=\"80\"/\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eBackmesh\u003c/h1\u003e\n\n### 😵‍💫 Problem\n\nShipping private API keys in your app can lead to bad actors that hack your API account and rack up thousands of dollars in API costs\n\n### 🛠️ Solution\n\nBackmesh is an open-source, thoroughly tested backend that uses military grade encryption to protect your private API key and offer an API Gatekeeper to let your web or mobile app safely call the API using **any SDK** without exposing private API keys. Only 2 changes needed in your app:\n1. Replace the API URL with the Backmesh Gatekeeper URL.\n2. Replace the API private key with the authenticated user's JWT.\n\n```js title=\"openai.ts\"\nimport OpenAI from \"openai\";\nimport supabase from \"supabase-js\";\n\nconst BACKMESH_URL =\n \"https://edge.backmesh.com/v1/proxy/gbBbHCDBxqb8zwMk6dCio63jhOP2/wjlwRswvSXp4FBXwYLZ1/v1\";\n\nconst jwt = supabase.auth.session().access_token;\nconst client = new OpenAI({\n  httpAgent: new HttpsProxyAgent(BACKMESH_URL),\n  dangerouslyAllowBrowser: true, // no longer dangerous\n  apiKey: jwt,\n});\n```\n\n### 🔒 How is the LLM API protected\n\n- *JWT Authentication:* Requests are verified with [JWTs](https://firebase.google.com/docs/auth/admin/verify-id-tokens) from the app's authentication provider so only your users have access to the LLM API via Backmesh.\n- *Rate limits per user:* Configurable per-user rate limits to prevent abuse (e.g. no more than 5 OpenAI API calls per user per hour).\n\n## 🛡️ Additional Protections for LLM APIs\n- *Resource access control:* Sensitive API resources like [Files](https://platform.openai.com/docs/api-reference/files) and [Threads](https://platform.openai.com/docs/api-reference/threads) are protected so only the users that create them can continue to access them.\n\nFor more details, see the [security documentation](https://backmesh.com/docs/security).\n\n### ⚡️ Try out Backmesh\n\nGet started with Backmesh using our [dashboard](https://app.backmesh.com) or if you would like to self host make sure to check out the self hosting [guide](https://backmesh.com/docs/selfhost).\n\n### 🚀 Contribute\n\nTo contribute, visit [Contributing.md](./CONTRIBUTING.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbackmesh%2Fbackmesh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbackmesh%2Fbackmesh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbackmesh%2Fbackmesh/lists"}