Skip to content

API key server logic #633

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 58 commits into from
Closed

API key server logic #633

wants to merge 58 commits into from

Conversation

@sgratzl
Copy link
Member

@sgratzl sgratzl commented Jul 13, 2021
edited
Loading

Prerequisites:

  • Unless it is a documentation hotfix it should be merged against the dev branch
  • Branch is up-to-date with the branch to be merged with, i.e. dev
  • Build is successful
  • Code is cleaned up and formatted

Summary

implements the server logic to require API keys and roles for the endpoints.

tasks

  • check for api key
  • show a soft warning
  • show a hard warning
  • adapt tests
  • create tests
  • admin interface?
  • [?] log / track api_key + query if allowed
  • create basic google form
  • connect google form with api server handling -> webhook
  • create a basic request a key form: /admin/create_key
  • use flask-limited for rate limiting
  • setup a Redis DB for shared rate limit tracking
  • define a good default rate limit
  • consider using Redis DB also for account management instead of SQL server

sgratzl added 20 commits July 13, 2021 14:26
@sgratzl
refactor: cleanup unused imports
d25c89d
@sgratzl
feat: start with role definition and security
d3b9e54
@sgratzl
feat: simple api role checking
0d701f0
@sgratzl
feat: render api key warnings
03bf4a3
@sgratzl
fix: move tests
b4b6a26
@sgratzl
Merge remote-tracking branch 'origin/dev' into sgratzl/api_key
d249721
@sgratzl
fix: avoid final keyword since python 3.9
fc63886
@sgratzl
feat: add api_user ddl
31b5c23
@sgratzl
fix: tests
373a60f
@sgratzl
build: use python 3.9
088fb78
@sgratzl
build: use python 3.8
f8ccf48
@sgratzl
build: improve dockerignore
a90a88c
@sgratzl
feat: support api date via env
731e0f0
@sgratzl
feat: start with admin interface
f4feb26
@sgratzl
Merge remote-tracking branch 'origin/dev' into sgratzl/api_key
e0dd985
@sgratzl
feat: start with simple admin interface
11b97d4
@sgratzl
Merge remote-tracking branch 'origin/dev' into sgratzl/api_key
acf4f8b
@sgratzl
fix: use printer for sending meta data
e0bf678
@sgratzl
feat: very basic api admin interface
f23a102
@sgratzl
feat: list all known roles
565f0eb
@sgratzl
Copy link
Member Author

sgratzl commented Jul 20, 2021

basic admin interface:

image

/admin/

@sgratzl
Copy link
Member Author

sgratzl commented Aug 13, 2021

[ ] setup a Redix DB for shared rate limit tracking

@korlaxxalrok heads up we are going to need some kind of redis like database that is accessible from all web server nodes

@sgratzl sgratzl self-assigned this Aug 13, 2021
@sgratzl sgratzl added api change affect the API and its responses enhancement labels Aug 13, 2021
@korlaxxalrok
Copy link
Contributor

korlaxxalrok commented Aug 19, 2021

@sgratzl What URL will we expose the admin interface at?

@sgratzl
Copy link
Member Author

sgratzl commented Aug 19, 2021

@sgratzl What URL will we expose the admin interface at?

so far the plan is on delphi.cmu.edu/epidata/admin/ which is connected to the master database. Thus, when you edit users it should get replicated to the other databases.

@korlaxxalrok
Copy link
Contributor

korlaxxalrok commented Aug 23, 2021

@sgratzl Re Redix DB. Can we use Redis?

@sgratzl
Copy link
Member Author

sgratzl commented Aug 23, 2021

@sgratzl Re Redix DB. Can we use Redis?

lol. I should watch out more for typos. Sure, it should be a Redis-compatible database. see also https://limits.readthedocs.io/en/latest/storage.html#storage-scheme

Woo Chan Lee and others added 15 commits January 13, 2022 15:02
Elevate sqlalchemy log level to ERROR for test purpose
c28a047
Add structlog in software requirements
7dc0d24
Add structured logging module
e6fe31e
Implement API key scrubbing in logs and getter functions for User class
bc5b400
Minor commenting change
3749e7c
@lee14257
Minor commenting changes
428625f
Delete base flask logger
6839921
Delete flask base log
a0fec4a
Commenting change in structured logger
08bad07
Change logging to kwarg format and add a get function for API key
2c252ec
Implement scrubbing in URL path during resolve user before request
1c4bd90
Move mask_apikey function out of User class
8f47223
Minor change in variable name
9795d6c
@lee14257
Change SQLAlchemy logging level and add comment
1b5bf2a
@lee14257
Merge pull request #806 from lee14257/lee14257/api_key
c0efc6c 
Implement API key scrubbing and structured logging
@dshemetov dshemetov mentioned this pull request Jun 22, 2022
Closed
4 tasks
@krivard
Copy link
Contributor

krivard commented Feb 2, 2023

superceded by #1061

@krivard krivard closed this Feb 2, 2023
@krivard krivard deleted the sgratzl/api_key branch February 2, 2023 20:53
@melange396 melange396 restored the sgratzl/api_key branch March 29, 2023 20:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sgratzl sgratzl

Labels

api change affect the API and its responses enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@sgratzl @korlaxxalrok @krivard @lee14257