mirror of
https://github.com/langbot-app/LangBot.git
synced 2026-06-02 03:55:55 +00:00
a076ce5756
* Initial plan * feat: Add API key authentication system backend Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * feat: Add API key management UI in frontend sidebar Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * fix: Correct import paths in API controller groups Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * fix: Address code review feedback - add i18n and validation Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * refactor: Enable API key auth on existing endpoints instead of creating separate service API - Added USER_TOKEN_OR_API_KEY auth type that accepts both authentication methods - Removed separate /api/service/v1/models endpoints - Updated existing endpoints (models, bots, pipelines) to accept API keys - External services can now use API keys to access all existing LangBot APIs - Updated documentation to reflect unified API approach Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * docs: Add OpenAPI specification for API key authenticated endpoints Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * chore: rename openapi spec * perf: ui and i18n * fix: ui bug * chore: tidy docs * chore: fix linter errors --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> Co-authored-by: Junyan Qin <rockchinq@gmail.com>
80 lines
2.7 KiB
Python
80 lines
2.7 KiB
Python
from __future__ import annotations
|
|
|
|
import secrets
|
|
import sqlalchemy
|
|
|
|
from ....core import app
|
|
from ....entity.persistence import apikey
|
|
|
|
|
|
class ApiKeyService:
|
|
ap: app.Application
|
|
|
|
def __init__(self, ap: app.Application) -> None:
|
|
self.ap = ap
|
|
|
|
async def get_api_keys(self) -> list[dict]:
|
|
"""Get all API keys"""
|
|
result = await self.ap.persistence_mgr.execute_async(sqlalchemy.select(apikey.ApiKey))
|
|
|
|
keys = result.all()
|
|
return [self.ap.persistence_mgr.serialize_model(apikey.ApiKey, key) for key in keys]
|
|
|
|
async def create_api_key(self, name: str, description: str = '') -> dict:
|
|
"""Create a new API key"""
|
|
# Generate a secure random API key
|
|
key = f'lbk_{secrets.token_urlsafe(32)}'
|
|
|
|
key_data = {'name': name, 'key': key, 'description': description}
|
|
|
|
await self.ap.persistence_mgr.execute_async(sqlalchemy.insert(apikey.ApiKey).values(**key_data))
|
|
|
|
# Retrieve the created key
|
|
result = await self.ap.persistence_mgr.execute_async(
|
|
sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.key == key)
|
|
)
|
|
created_key = result.first()
|
|
|
|
return self.ap.persistence_mgr.serialize_model(apikey.ApiKey, created_key)
|
|
|
|
async def get_api_key(self, key_id: int) -> dict | None:
|
|
"""Get a specific API key by ID"""
|
|
result = await self.ap.persistence_mgr.execute_async(
|
|
sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.id == key_id)
|
|
)
|
|
|
|
key = result.first()
|
|
|
|
if key is None:
|
|
return None
|
|
|
|
return self.ap.persistence_mgr.serialize_model(apikey.ApiKey, key)
|
|
|
|
async def verify_api_key(self, key: str) -> bool:
|
|
"""Verify if an API key is valid"""
|
|
result = await self.ap.persistence_mgr.execute_async(
|
|
sqlalchemy.select(apikey.ApiKey).where(apikey.ApiKey.key == key)
|
|
)
|
|
|
|
key_obj = result.first()
|
|
return key_obj is not None
|
|
|
|
async def delete_api_key(self, key_id: int) -> None:
|
|
"""Delete an API key"""
|
|
await self.ap.persistence_mgr.execute_async(
|
|
sqlalchemy.delete(apikey.ApiKey).where(apikey.ApiKey.id == key_id)
|
|
)
|
|
|
|
async def update_api_key(self, key_id: int, name: str = None, description: str = None) -> None:
|
|
"""Update an API key's metadata (name, description)"""
|
|
update_data = {}
|
|
if name is not None:
|
|
update_data['name'] = name
|
|
if description is not None:
|
|
update_data['description'] = description
|
|
|
|
if update_data:
|
|
await self.ap.persistence_mgr.execute_async(
|
|
sqlalchemy.update(apikey.ApiKey).where(apikey.ApiKey.id == key_id).values(**update_data)
|
|
)
|