Forum Discussion
Adding Chat GPT functionality to Storyline
Easy solution is creating a Google Cloud function ( NodeJS ) that you can call for a OpenAI request. Then it is secure and works well.
The code listed below works when using it directly in either Lectora or Storyline. For Storyline you would need to change several lines. Especially you need to change the getting and setting of variables....and the aiBearer is offcourse your own key. But using it like this ISNOT SAFE !
/*
OpenAI API related functions
*/
function setAIsettings(){
aiCompletions = "https://api.openai.com/v1/chat/completions";
DALEurl = "https://api.openai.com/v1/images/generations";
aiModel = VaraiModel.getValue(); // Lectora variable
aiBearer ="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; //Bearer code from OpenAI
aiInstructions = VaraiInstructions.getValue(); // Lectora variable
console.log("instruct: "+aiInstructions);
inlineQuestion = VarinlineQuestion.getValue(); // Lectora variable
chatMessages = [
{role: "system",content: aiInstructions },
{role: "user", content: inlineQuestion },
];
OpenAIArray.push({role: "system",content: aiInstructions });
window.localStorage.setItem('AIcalls', JSON.stringify(OpenAIArray));
}
function OpenaiFetchAPI() {
console.log("Calling OpenAI and getting localStorage");
/*
For history in chatGPT we use localStorage.
So we first get all previous questions and then we create a new 'message' for chatGPT
*/
savedQuestionsArray = JSON.parse(window.localStorage.getItem('AIcalls'));
console.log("savedQuestions "+savedQuestionsArray);
inlineQuestion = VarAIprompt_01.getValue();// Variable in your tool. This is for Lectora. Storyline uses other syntax
savedQuestionsArray.push({role: "user", content: inlineQuestion });
window.localStorage.setItem('AIcalls', JSON.stringify(savedQuestionsArray));
var url = aiCompletions;
var bearer = 'Bearer ' + aiBearer;
fetch(url, {
method: 'POST',
headers: {
'Authorization': bearer,
'Content-Type': 'application/json'
},
body: JSON.stringify({
messages:savedQuestionsArray,
max_tokens: 1000,
temperature: 1,
model:aiModel,
top_p: 1,
n: 1,
stream: false
})
}).then(response => {
return response.json();
}).then(data=>{
console.log(data);
console.log(data.choices[0].message.content);
AIresponse = data.choices[0].message.content;
console.log("response: "+AIresponse);
showResults();
})
.catch(error => {
console.log('Something bad happened ' + error);
});
}
/*
To ensure AI remembers questions and answers given we use LocalStorage
*/
function setLocalStorage(_arr){
window.localStorage.setItem('AIcalls', JSON.stringify(_arr));
}
function getLocalStorage(){
let tmpArray = JSON.parse(window.localStorage.getItem('AIcalls'));
return tmpArray;
}
function clearLocalStorage(){
window.localStorage.clear();
}
Do remember you have to change these things. It will not work just copying and pasting.
When you have this code setup properly, you can set your variables. Then call setAISettings( );
on start of a slide... and then when a user asks a question...fill the variable 'inlineQuestion' and call OpenAIFetchAPI( );
The function showResults( )
does exactly what it says ;-)
This easily exposes your API key which is against the OpenAI TOS and can be
easily hacked by anybody using your course. This is NOT the proper way to
use ChatGPT inside of a course.
You should recall this message.
- MathNotermans-97 months agoCommunity Member
I allready stated that its not safe. And people should use it serverbased or on a cloudservice. Nevertheless this is the principle to get it working.
- AdamScormit7 months agoCommunity Member
I read that you said it was unsafe, but why give the unsafe version when you
know there are lots of IDs out there that will take this idea and run it in
a production environment? It's a fun new shiny object to chase. I assume
lots of people.Instead, explain what an endpoint is and how to use Vercel to be an endpoint
that is the middleware to be used between the OpenAI and the application.
Explain what CORS means and how the endpoint stores the private key so it's
not exposed.I feel like by exposing this code on the forum, it's like showing a kid
where the keys are and how to drive a car, but then reminding them that they
can't drive until they are old enough as you leave for work.In my modest and humble opinion, Articulate, as a leader and innovator,
should not show how to do something half-baked like this. Leave that to the
hacks on YouTube that thrive on clickbait.- MathNotermans-97 months agoCommunity Member
Explaining things like that i gave up on on this forum. And i completely agree with the statement about Articulate. It is their responsibility to ensure the runtime version is safe. Their own code is heavily obsfuscated but a users code is easily copyable.