backend support api key

backend/apps/web/models/auths.py

@@ -24,6 +24,7 @@ class Auth(Model):
     email = CharField()
     password = CharField()
     active = BooleanField()
+    api_key = CharField(null=True, unique=True)
 
     class Meta:
         database = DB
@@ -34,6 +35,7 @@ class AuthModel(BaseModel):
     email: str
     password: str
     active: bool = True
+    api_key: Optional[str] = None
 
 
 ####################
@@ -45,6 +47,8 @@ class Token(BaseModel):
     token: str
     token_type: str
 
+class ApiKey(BaseModel):
+    api_key: Optional[str] = None
 
 class UserResponse(BaseModel):
     id: str
@@ -122,6 +126,21 @@ class AuthsTable:
         except:
             return None
 
+    def authenticate_user_by_api_key(self, api_key: str) -> Optional[UserModel]:
+        log.info(f"authenticate_user_by_api_key: {api_key}")
+        # if no api_key, return None
+        if not api_key:
+            return None
+        try:
+            auth = Auth.get(Auth.api_key == api_key, Auth.active == True)
+            if auth:
+                user = Users.get_user_by_id(auth.id)
+                return user
+            else:
+                return None
+        except:
+            return None
+
     def update_user_password_by_id(self, id: str, new_password: str) -> bool:
         try:
             query = Auth.update(password=new_password).where(Auth.id == id)
@@ -140,6 +159,22 @@ class AuthsTable:
         except:
             return False
 
+    def update_api_key_by_id(self, id: str, api_key: str) -> str:
+        try:
+            query = Auth.update(api_key=api_key).where(Auth.id == id)
+            result = query.execute()
+
+            return True if result == 1 else False
+        except:
+            return False
+
+    def get_api_key_by_id(self, id: str) -> Optional[str]:
+        try:
+            auth = Auth.get(Auth.id == id)
+            return auth.api_key
+        except:
+            return None
+
     def delete_auth_by_id(self, id: str) -> bool:
         try:
             # Delete User

backend/apps/web/routers/auths.py

@@ -1,12 +1,8 @@
-from fastapi import Response, Request
-from fastapi import Depends, FastAPI, HTTPException, status
-from datetime import datetime, timedelta
-from typing import List, Union
+from fastapi import Request
+from fastapi import Depends, HTTPException, status
 
-from fastapi import APIRouter, status
+from fastapi import APIRouter
 from pydantic import BaseModel
-import time
-import uuid
 import re
 
 from apps.web.models.auths import (
@@ -17,6 +13,7 @@ from apps.web.models.auths import (
     UserResponse,
     SigninResponse,
     Auths,
+    ApiKey
 )
 from apps.web.models.users import Users
 
@@ -25,6 +22,7 @@ from utils.utils import (
     get_current_user,
     get_admin_user,
     create_token,
+    create_api_key
 )
 from utils.misc import parse_duration, validate_email_format
 from utils.webhook import post_webhook
@@ -249,3 +247,40 @@ async def update_token_expires_duration(
         return request.app.state.JWT_EXPIRES_IN
     else:
         return request.app.state.JWT_EXPIRES_IN
+
+
+############################
+# API Key
+############################
+
+
+# create api key
+@router.post("/api_key", response_model=ApiKey)
+async def create_api_key_(user=Depends(get_current_user)):
+    api_key = create_api_key()
+    success = Auths.update_api_key_by_id(user.id, api_key)
+    if success:
+        return {
+            "api_key": api_key,
+        }
+    else:
+        raise HTTPException(500, detail=ERROR_MESSAGES.CREATE_API_KEY_ERROR)
+
+
+# delete api key
+@router.delete("/api_key", response_model=bool)
+async def delete_api_key(user=Depends(get_current_user)):
+    success = Auths.update_api_key_by_id(user.id, None)
+    return success
+
+
+# get api key
+@router.get("/api_key", response_model=ApiKey)
+async def get_api_key(user=Depends(get_current_user)):
+    api_key = Auths.get_api_key_by_id(user.id, None)
+    if api_key:
+        return {
+            "api_key": api_key,
+        }
+    else:
+        raise HTTPException(404, detail=ERROR_MESSAGES.API_KEY_NOT_FOUND)