Initial setup for adding support for api key based auth

routes/settings.py

@@ -0,0 +1,55 @@
+from flask import Blueprint, render_template, request, redirect, url_for, flash
+from flask_login import login_required, current_user
+from extensions import db, environment, htmx
+from jinja2_fragments import render_block
+import secrets
+import json
+
+settings = Blueprint('settings', __name__)
+
+@settings.route("/api-keys", methods=["GET"])
+@login_required
+def api_keys():
+    user_id = current_user.id
+    api_keys = db.list_api_keys(user_id)
+    
+    # Parse scopes for display
+    for key in api_keys:
+        if isinstance(key['scopes'], str):
+            key['scopes'] = json.loads(key['scopes'])
+            
+    if htmx:
+        return render_block(
+            environment, 
+            "dashboard/settings/api_keys.html", 
+            "page", 
+            api_keys=api_keys
+        )
+    return render_template("dashboard/settings/api_keys.html", api_keys=api_keys)
+
+@settings.route("/api-keys", methods=["POST"])
+@login_required
+def create_api_key():
+    user_id = current_user.id
+    name = request.form.get("name", "My API Key")
+    scopes_list = request.form.getlist("scopes")
+    
+    if not scopes_list:
+        scopes = ["*"]
+    else:
+        scopes = scopes_list
+
+    # Generate a secure random key
+    key = f"sk_{secrets.token_urlsafe(24)}"
+    
+    db.create_api_key(user_id, name, key, scopes)
+    
+    flash(f"API Key created: {key} - Save it now, you won't see it again!", "success")
+    return redirect(url_for("settings.api_keys"))
+
+@settings.route("/api-keys/<int:key_id>", methods=["DELETE"])
+@login_required
+def delete_api_key(key_id):
+    user_id = current_user.id
+    db.delete_api_key(user_id, key_id)
+    return "", 200