Using OpenAI from within Articulate Storyline - a working Story

Hei Juergen,

Thank you for your feedback.

Indeed my example is just a concept demonstrator for using openAI. It is far from a complete application or deliverable course. 

I should point out the functions you critique are not actually those used to store the OpenAI keys. The functions used to do that are writeKey and readKey, which are similar, but ok basically the same.

Following Chris' earlier observation on key security, I have added encryption prior to calling these two functions. So what people will see in the runtime browser variables will be those encrypted strings. You can find this in the revised globalScripts.js file and .story attached in my post above yours; see the revisions to openaiGetKey and openaiSetKey. 

I import the SimpleCrypto library on startup, see the first exec javascript on slide 1.1 of the .story.

I would be interested if you think this encryption is also deficient.

(Just to make it clear you can find the encryption key in the output file data.js if you build a web target from Storyline. So you wouldn't want to deliver a web bundle. But if you deliver a SCORM / xAPI, or deliver to Review360, then the encryption key would be no more exposed than by using node.js.)

(I have deleted the original globalScripts.js and .story files.) 

(I would also point out the openai command line interface tool makes the openai key visible through an environment variable in the client process: https://platform.openai.com/docs/guides/fine-tuning/installation. But we can say that is not best practice.)