peterstockings/function
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial setup for adding support for api key based auth

Browse Source
This commit is contained in:
Peter Stockings
2025-11-20 19:33:10 +11:00
parent dfcbd9263e
commit 7241c4803f
6 changed files with 248 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
routes/auth.py
View File

@@ -1,7 +1,8 @@
from flask import Blueprint, render_template, request, redirect, url_for
from flask_login import login_user, logout_user, login_required, UserMixin
from flask import Blueprint, render_template, request, redirect, url_for, flash
from flask_login import login_user, logout_user, login_required, UserMixin, current_user
from werkzeug.security import generate_password_hash, check_password_hash
from extensions import db, login_manager
from extensions import db, login_manager, environment, htmx
from jinja2_fragments import render_block
auth = Blueprint('auth', __name__)

55
routes/settings.py Normal file
View File

@@ -0,0 +1,55 @@
from flask import Blueprint, render_template, request, redirect, url_for, flash
from flask_login import login_required, current_user
from extensions import db, environment, htmx
from jinja2_fragments import render_block
import secrets
import json
settings = Blueprint('settings', __name__)
@settings.route("/api-keys", methods=["GET"])
@login_required
def api_keys():
user_id = current_user.id
api_keys = db.list_api_keys(user_id)
# Parse scopes for display
for key in api_keys:
if isinstance(key['scopes'], str):
key['scopes'] = json.loads(key['scopes'])
if htmx:
return render_block(
environment,
"dashboard/settings/api_keys.html",
"page",
api_keys=api_keys
)
return render_template("dashboard/settings/api_keys.html", api_keys=api_keys)
@settings.route("/api-keys", methods=["POST"])
@login_required
def create_api_key():
user_id = current_user.id
name = request.form.get("name", "My API Key")
scopes_list = request.form.getlist("scopes")
if not scopes_list:
scopes = ["*"]
else:
scopes = scopes_list
# Generate a secure random key
key = f"sk_{secrets.token_urlsafe(24)}"
db.create_api_key(user_id, name, key, scopes)
flash(f"API Key created: {key} - Save it now, you won't see it again!", "success")
return redirect(url_for("settings.api_keys"))
@settings.route("/api-keys/<int:key_id>", methods=["DELETE"])
@login_required
def delete_api_key(key_id):
user_id = current_user.id
db.delete_api_key(user_id, key_id)
return "", 200