admin/Akern-Genai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

google credentials

Browse Source
This commit is contained in:
Matteo Rosati
2026-01-29 12:54:47 +01:00
parent b18c56e2f2
commit 20919298c8
2 changed files with 48 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
.env.dist
View File

@@ -1,4 +1,12 @@
# Google Cloud Authentication - Choose ONE of the following methods:
# Option 1: Local development - Path to JSON credentials file
GOOGLE_APPLICATION_CREDENTIALS=credentials.json GOOGLE_APPLICATION_CREDENTIALS=credentials.json
# Option 2: Production - JSON content as string (useful for serverless platforms like Vercel)
# Paste the entire JSON content of your service account key here
# GOOGLE_CREDENTIALS_JSON={"type":"service_account","project_id":"..."}
PORT=8000 PORT=8000
HOST=0.0.0.0 HOST=0.0.0.0
BASIC_AUTH_USERNAME=admin BASIC_AUTH_USERNAME=admin

42
lib.py
View File

@@ -5,9 +5,12 @@ with Vertex AI RAG (Retrieval-Augmented Generation) support.
""" """
import asyncio import asyncio
import json
import os
import threading import threading
from google import genai from google import genai
from google.genai import types from google.genai import types
from google.oauth2 import service_account
from dotenv import load_dotenv from dotenv import load_dotenv
from llm_config import generate_content_config from llm_config import generate_content_config
@@ -16,6 +19,39 @@ from llm_config import generate_content_config
load_dotenv() load_dotenv()
def get_credentials():
"""Get Google Cloud credentials from environment.
Supports two methods:
1. GOOGLE_CREDENTIALS_JSON: Direct JSON content as string (production)
2. GOOGLE_APPLICATION_CREDENTIALS: Path to JSON file (local development)
Returns:
service_account.Credentials: The loaded credentials
"""
# Try to load credentials from JSON content directly
credentials_json = os.getenv("GOOGLE_CREDENTIALS_JSON")
if credentials_json:
try:
credentials_info = json.loads(credentials_json)
return service_account.Credentials.from_service_account_info(
credentials_info
)
except json.JSONDecodeError as e:
raise ValueError(f"Invalid JSON in GOOGLE_CREDENTIALS_JSON: {e}")
# Fall back to file-based credentials (standard behavior)
credentials_path = os.getenv("GOOGLE_APPLICATION_CREDENTIALS")
if credentials_path and os.path.exists(credentials_path):
return service_account.Credentials.from_service_account_file(
credentials_path
)
# If neither is provided, return None to let the client use default credentials
# (useful when running on Google Cloud with service account attached)
return None
# Gemini model name # Gemini model name
GEMINI_MODEL: str = "gemini-3-pro-preview" GEMINI_MODEL: str = "gemini-3-pro-preview"
@@ -42,10 +78,12 @@ async def generate(prompt: str):
def run_streaming(): def run_streaming():
"""Run the synchronous streaming in a separate thread.""" """Run the synchronous streaming in a separate thread."""
try: try:
client = genai.Client(vertexai=True) credentials = get_credentials()
client = genai.Client(vertexai=True, credentials=credentials)
contents = [ contents = [
types.Content(role="user", parts=[types.Part.from_text(text=prompt)]), types.Content(role="user", parts=[
types.Part.from_text(text=prompt)]),
] ]
for chunk in client.models.generate_content_stream( for chunk in client.models.generate_content_stream(