rsw/score
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Inplement ApiKeys

Browse Source
This commit is contained in:
Sebastiaan
2025-06-05 19:36:35 +02:00
parent f8b15e3407
commit 2b865aa249
8 changed files with 312 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
backend/app/api/routes/login.py
View File

@@ -11,6 +11,7 @@ from app.core.config import settings
from app.core.security import get_password_hash
from app.models.base import Message
from app.models.user import User, NewPassword, Token, UserPublic
from app.models.apikey import ApiKey
from app.utils import (
generate_password_reset_token,
generate_reset_password_email,
@@ -43,6 +44,27 @@ def login_access_token(
)
@router.get("/login/api-key/{api_key}")
def login_apikey(
session: SessionDep,
api_key: str,
) -> Token:
"""
Plain apikey compatible login, get an access token for future requests
"""
user = ApiKey.authenticate(session=session, api_key=api_key)
if not user:
raise HTTPException(status_code=400, detail="Incorrect apikey")
elif not user.is_active:
raise HTTPException(status_code=400, detail="Inactive user")
access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return Token(
access_token=security.create_access_token(
user.id, expires_delta=access_token_expires
)
)
@router.post("/login/test-token", response_model=UserPublic)
def test_token(current_user: CurrentUser) -> Any:
"""

71
backend/app/api/routes/users.py
View File

@@ -11,7 +11,7 @@ from app.api.deps import (
)
from app.core.config import settings
from app.core.security import get_password_hash, verify_password
from app.models.base import Message
from app.models.base import Message, RowId
from app.models.user import (
UpdatePassword,
User,
@@ -25,6 +25,13 @@ from app.models.user import (
PermissionPart,
PermissionRight,
)
from app.models.apikey import (
ApiKey,
ApiKeyCreate,
ApiKeyPublic,
ApiKeysPublic,
ApiKeyGenerate,
)
from app.utils import generate_new_account_email, send_email
router = APIRouter(prefix="/users", tags=["users"])
@@ -118,6 +125,68 @@ def update_password_me(
return Message(message="Password updated successfully")
@router.get("/me/api-key", response_model=ApiKeysPublic)
def read_apikey_me(
session: SessionDep, current_user: CurrentUser, skip: int = 0, limit: int = 100
) -> Any:
"""
Retrieve api keys from user
"""
count_statement = (
select(func.count())
.select_from(ApiKey)
.where(ApiKey.user_id == current_user.id)
)
count = session.exec(count_statement).one()
statement = select(User).offset(skip).limit(limit)
api_keys = session.exec(statement).all()
return ApiKeysPublic(data=api_keys, count=count)
@router.post("/me/api-key", response_model=ApiKeyPublic)
def create_apikey_met(
*, session: SessionDep, body: ApiKeyGenerate, current_user: CurrentUser
) -> Any:
"""
Generate a new api-key.
"""
data_obj = body.model_dump(exclude_unset=True)
extra_data = {
"user_id": current_user.id,
}
create_obj = ApiKeyCreate.model_validate(data_obj, update=extra_data)
api_key = ApiKey.create(session=session, create_obj=create_obj)
current_user.api_keys.append(api_key)
session.add(current_user)
session.commit()
return api_key
@router.delete("/me/api-key/{api_key}", response_model=ApiKeyPublic)
def delete_apikey_me(
*,
session: SessionDep,
current_user: CurrentUser,
api_key: RowId,
) -> Message:
"""
Delete a api-key.
"""
for api_key in current_user.api_keys:
if api_key.id == api_key:
session.delete(api_key)
session.commit()
return Message(message="Api key deleted successfully")
raise HTTPException(status_code=404, detail="API key not found")
@router.get("/me", response_model=UserPublic)
def read_user_me(current_user: CurrentUser) -> Any:
"""