Skip to content

Improved API keys logic #1061

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 113 commits into from
Mar 29, 2023
Merged

Improved API keys logic #1061

merged 113 commits into from
Mar 29, 2023

Conversation

dmytrotsko
Copy link
Contributor

Prerequisites:

  • Unless it is a documentation hotfix it should be merged against the dev branch
  • Branch is up-to-date with the branch to be merged with, i.e. dev
  • Build is successful
  • Code is cleaned up and formatted (Black was used as a code formatter)

Summary

Implements the server logic to require API keys and roles for the endpoints.

List of tasks:

  • check for api key
  • show a soft warning
  • show a hard warning
  • adapt tests
  • admin interface
  • [?] log / track api_key + query if allowed
  • create basic google form
  • connect google form with api server handling -> webhook
  • create a basic request a key form: /admin/create_key
  • use flask-limited for rate limiting
  • setup a Redis DB for shared rate limit tracking
  • add email address validation
  • fix logging (for now we are logging user requests with api_key even without asking user wether he wants to be logged)
  • update documentation ???
  • add tests for admin endpoint
  • define a good default rate limit
  • consider using Redis DB also for account management instead of SQL server

work and others added 30 commits October 18, 2022 09:43
Cleanup unused imports && added role definition and security
c7b0120
@dmytrotsko
Simple api role checking
a700ef2
@dmytrotsko
Render api key warnings
75509cb
@dmytrotsko
Move tests
a796e2c
@dmytrotsko
Add api user ddl
8d48b20
@dmytrotsko
tests
c753f73
@dmytrotsko
improve dockerignore
a15a36e
@dmytrotsko
support api date via env
4fc210d
@dmytrotsko
start with admin interface
ee0c087
@dmytrotsko
start with simple admin interface
0446ea9
@dmytrotsko
very basic admin interface
c7ca927
@dmytrotsko
list all known roles
d066a90
@dmytrotsko
remove log statement
8b09387
@dmytrotsko
fixup tests
e940f8b
@dmytrotsko
add record flag to user
8bb2789
@dmytrotsko
basic record based on flag logging
3161d2e
@dmytrotsko
rename column to tracking
9ab8978
@dmytrotsko
add webhook endpoint for google forms and simplify table
54dc83c
@dmytrotsko
tests for simplified api_user
62122cf
@dmytrotsko
prepare for sending mails with mailgun
32096ac
@dmytrotsko
disable security check for test setup
45414bc
@dmytrotsko
fix tests
60f7cd6
@dmytrotsko
add registered flag
dac3fcb
@dmytrotsko
request a simple api key form with recaptcha check
d880795
@dmytrotsko
implement rate limiting
e76cde4
@dmytrotsko
registered flag not saved
f1f008e
@dmytrotsko
mark all tests no rate limit
98315c6
@dmytrotsko
add link to registration form within api key form
f897e28
@dmytrotsko
elevate sqlalchemy log level to ERROR for test purpose
b345f76
@dmytrotsko
add structlog to requirements
5ce96bd
@dmytrotsko
Added missing import
466adfb
@dmytrotsko
Moved admin models to the separate file. Now we have only 1 User clas…
16c4dec 
…s which containts all necessary methods to work with User model.
@dmytrotsko
Added declarative_base and session objects to the _db.py file. To hav…
007be57 
…e all db related stuff into one file
@dmytrotsko
Updated tests to use statement in order to clean api_user table after…
a2de0c7 
… each test run. This is done because of returning relationship into User model.
@krivard krivard mentioned this pull request Feb 2, 2023
Closed
17 tasks
@korlaxxalrok korlaxxalrok changed the base branch from dev to api-keys March 23, 2023 17:27
@krivard
Copy link
Contributor

krivard commented Mar 23, 2023

@dmytrotsko do you need to add a redis image to Makefile and ci.yaml?

@dmytrotsko
Copy link
Contributor Author

dmytrotsko commented Mar 24, 2023
edited by krivard
Loading

@dmytrotsko do you need to add a redis image to Makefile and ci.yaml?

I'm not sure actually about ci.yaml.
But I think I can add it to Makefile as we need it to be built to use API keys stuff.
Or if we have Redis instance somewhere else we just need to provide it in env variables for web-server start.

@krivard
Copy link
Contributor

krivard commented Mar 27, 2023

If we need a redis server in order to pass integration tests, then we need to set one up in ci.yaml

@krivard
Copy link
Contributor

krivard commented Mar 27, 2023

(this PR is not currently running integration tests since it was made from a fork)

@dmytrotsko
Copy link
Contributor Author

If we need a redis server in order to pass integration tests, then we need to set one up in ci.yaml

Okay. I see. Will add it to ci.yaml then

@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@github-advanced-security
Copy link

You have successfully added a new SonarCloud configuration ``. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

@krivard krivard merged commit 717a189 into cmu-delphi:api-keys Mar 29, 2023
@krivard krivard mentioned this pull request Mar 29, 2023
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@melange396 melange396 Awaiting requested review from melange396

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dmytrotsko @krivard