Correctly overwrite API auth files
This commit is contained in:
+17
@@ -0,0 +1,17 @@
|
|||||||
|
from sqlalchemy import create_engine, Column, String, DateTime
|
||||||
|
from sqlalchemy.ext.declarative import declarative_base
|
||||||
|
from sqlalchemy.orm import sessionmaker
|
||||||
|
import datetime
|
||||||
|
|
||||||
|
SQLALCHEMY_DATABASE_URL = 'sqlite:///./test.db'
|
||||||
|
|
||||||
|
engine = create_engine(SQLALCHEMY_DATABASE_URL, connect_args={'check_same_thread': False})
|
||||||
|
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
|
||||||
|
Base = declarative_base()
|
||||||
|
|
||||||
|
class APIKey(Base):
|
||||||
|
__tablename__ = 'api_keys'
|
||||||
|
key = Column(String, primary_key=True, index=True)
|
||||||
|
expires_at = Column(DateTime)
|
||||||
|
|
||||||
|
Base.metadata.create_all(bind=engine)
|
||||||
@@ -1,7 +1,30 @@
|
|||||||
from fastapi import FastAPI
|
from fastapi import FastAPI, Header, HTTPException, Depends
|
||||||
|
from sqlalchemy.orm import Session
|
||||||
|
import datetime
|
||||||
|
import uuid
|
||||||
|
from database import SessionLocal, APIKey
|
||||||
|
|
||||||
app = FastAPI()
|
app = FastAPI()
|
||||||
|
|
||||||
@app.get("/")
|
def get_db():
|
||||||
def read_root():
|
db = SessionLocal()
|
||||||
return {"Hello": "World"}
|
try:
|
||||||
|
yield db
|
||||||
|
finally:
|
||||||
|
db.close()
|
||||||
|
|
||||||
|
@app.get('/get-api-key')
|
||||||
|
def get_api_key(db: Session = Depends(get_db)):
|
||||||
|
new_key = str(uuid.uuid4())
|
||||||
|
expires_at = datetime.datetime.utcnow() + datetime.timedelta(hours=24)
|
||||||
|
db_key = APIKey(key=new_key, expires_at=expires_at)
|
||||||
|
db.add(db_key)
|
||||||
|
db.commit()
|
||||||
|
return {'api_key': new_key, 'expires_at': expires_at}
|
||||||
|
|
||||||
|
@app.get('/hello')
|
||||||
|
def read_hello(x_api_key: str = Header(...), db: Session = Depends(get_db)):
|
||||||
|
db_key = db.query(APIKey).filter(APIKey.key == x_api_key).first()
|
||||||
|
if not db_key or db_key.expires_at < datetime.datetime.utcnow():
|
||||||
|
raise HTTPException(status_code=403, detail='Invalid or expired API Key')
|
||||||
|
return {'message': 'Hello World'}
|
||||||
|
|||||||
Reference in New Issue
Block a user