🔧 fix(endpoints.py): update import statement for get_current_active_user function to match the new location

🔧 fix(endpoints.py): update import statement for api_key_security function to match the new location 🔧 fix(endpoints.py): update dependencies argument in router.post calls to use a list instead of multiple lines for better readability 🔧 fix(endpoints.py): remove valid argument from process_flow function as it is no longer needed 🔧 fix(api_key.py): remove hashed_api_key field as it is no longer used 🔧 fix(api_key.py): add total_uses field to track the number of times the API key has been used 🔧 fix(api_key.py): add is_active field to track the status of the API key
2023-08-26 17:39:08 -03:00 · 2023-08-26 17:39:08 -03:00 · 9c77cc1875
commit 9c77cc1875
parent f687599ecc
2 changed files with 15 additions and 9 deletions
--- a/src/backend/langflow/api/v1/endpoints.py
+++ b/src/backend/langflow/api/v1/endpoints.py
@ -1,6 +1,6 @@
 from http import HTTPStatus
 from typing import Annotated, Optional, Union
-from langflow.services.auth.utils import get_current_active_user, validate_api_key
+from langflow.services.auth.utils import api_key_security, get_current_active_user

 from langflow.services.cache.utils import save_uploaded_file
 from langflow.services.database.models.flow import Flow
@ -77,22 +77,27 @@ def get_all(current_user: User = Depends(get_current_active_user)):


 # For backwards compatibility we will keep the old endpoint
-@router.post("/predict/{flow_id}", response_model=ProcessResponse)
-@router.post("/process/{flow_id}", response_model=ProcessResponse)
+@router.post(
+    "/predict/{flow_id}",
+    response_model=ProcessResponse,
+    dependencies=[Depends(api_key_security)],
+)
+@router.post(
+    "/process/{flow_id}",
+    response_model=ProcessResponse,
+    dependencies=[Depends(api_key_security)],
+)
 async def process_flow(
+    session: Annotated[Session, Depends(get_session)],
    flow_id: str,
    inputs: Optional[dict] = None,
    tweaks: Optional[dict] = None,
    clear_cache: Annotated[bool, Body(embed=True)] = False,  # noqa: F821
    session_id: Annotated[Union[None, str], Body(embed=True)] = None,  # noqa: F821
-    session: Session = Depends(get_session),
-    valid: bool = Depends(validate_api_key),
 ):
    """
    Endpoint to process an input with a given flow_id.
    """
-    if not valid:
-        raise HTTPException(status_code=401, detail="Invalid API key")

    try:
        flow = session.get(Flow, flow_id)
--- a/src/backend/langflow/services/database/models/api_key/api_key.py
+++ b/src/backend/langflow/services/database/models/api_key/api_key.py
@ -13,13 +13,14 @@ class ApiKeyBase(SQLModelSerializable):
    name: Optional[str] = Field(index=True)
    created_at: datetime = Field(default_factory=datetime.utcnow)
    last_used_at: Optional[datetime] = Field(default=None)
+    total_uses: int = Field(default=0)
+    is_active: bool = Field(default=True)


 class ApiKey(ApiKeyBase, table=True):
    id: UUID = Field(default_factory=uuid4, primary_key=True, unique=True)

    api_key: str = Field(index=True, unique=True)
-    hashed_api_key: str = Field(index=True)
    # User relationship
    user_id: UUID = Field(index=True, foreign_key="user.id")
    user: "User" = Relationship(back_populates="api_keys")
@ -44,4 +45,4 @@ class ApiKeyRead(ApiKeyBase):
    @validator("api_key", always=True)
    def mask_api_key(cls, v):
        # This validator will always run, and will mask the API key
-        return f"{'*' * 8}{v[-4:]}"
+        return f"{v[:2]}{'*' * (len(v) - 4)}{v[-2:]}"