Track and limit EVI2 minutes via auth token tagging
Robert Ross
When issuing an auth token for a user to chat with EVI2, it would be nice to specify a limit of how many seconds that auth token can chat. It would also be good to have a way of tagging these auth tokens and getting reliable reports of how many seconds of billing were associated with each auth token tag. The end goal is to be able to track and limit Hume billing in a reliable way that can be tracked and enforced for each of my users, even when those users are accessing the same chat configuration. The only thing different for each user is the Hume auth token and the language_model_api_key. In this situation the browser itself is not trusted and so reporting chat id or chat group id from the browser does not solve the problem.
Robert Ross
This issue is solved when the following problem is properly addressed: one could imagine a user configured to have a max_duration of 1 minute, but then they take their config id and auth token and start 10,000 one-minute conversations in parallel, and repeat that for the full 30 minutes until the auth token expires. So their configuration has max_duration 1 minute, but they just incurred 10,000 minutes of billing before the first chat_ended webhook shows up. This problem can not be solved in the web browser because the web browser can not be trusted from a security perspective.