-
Notifications
You must be signed in to change notification settings - Fork 44.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(platform): Add api generator functions and endpoints #8597
feat(platform): Add api generator functions and endpoints #8597
Conversation
This PR targets the Automatically setting the base branch to |
PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here. PR Reviewer Guide 🔍Here are some key observations to aid the review process:
|
✅ Deploy Preview for auto-gpt-docs canceled.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Abhi1992002 thanks for the speedy work as usual
I have a few notes:
We don't need a salt or bcrypt as that's needed for passwords, not for API keys which should already be unique and high entropy strings. So we can use something like token_urlsafe e.g.
secrets.token_urlsafe(32)
for hashing: sha256
We also need a prefix pattern: agpt_
Lastly, in my last PR, I also added a postfix, not sure if you've seen that, would you be able to incorporate that in as well, please
…revoke, and update API code for Prisma compatibility
2bfddab
to
22e6d33
Compare
autogpt_platform/autogpt_libs/autogpt_libs/api_key/key_manager.py
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, if you can just address a few minor comments and fix the linting then we can merge please
✅ Deploy Preview for auto-gpt-docs canceled.
|
Fix #8589
This issue depends on #8585
These changes make it easy to create and manage API keys, so we can control who gets access and what they can do. It’s like giving out special keys that we can turn on or off anytime, keeping things secure and organized.
Changes 🏗️
Created
/api-keys
endpoint to generate a new API key with custom permissions.Added
generate_api_key
function to handle API key generation and hashing.Built
validate_api_key
function to check if a provided API key is valid.Created
DELETE /api-keys/{key_id}
endpoint to revoke an API key.Made
POST /api-keys/{key_id}/suspend
andPOST /api-keys/{key_id}/reactivate
endpoints to suspend/reactivate keys.Added
list_user_api_keys
function to list all API keys for a user, ordered by creation date.Created
update_api_key_permissions
function to modify an existing key’s permissions.Defined
request/response models (CreateAPIKeyRequest, CreateAPIKeyResponse)
for API key handling.Added permission validation with
has_permission
function to check if a key has the required access.Depends on this schema