From e850c0cbc6a94eab38ee17823adcedb709fd7308 Mon Sep 17 00:00:00 2001
From: Gabriel Luiz Freitas Almeida <gabriel@logspace.ai>
Date: Sat, 26 Aug 2023 17:39:22 -0300
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20fix(api=5Fkey/crud.py):=20remove?=
 =?UTF-8?q?=20unused=20import=20statement=20for=20get=5Fpassword=5Fhash=20?=
 =?UTF-8?q?function=20=E2=9C=A8=20feat(api=5Fkey/crud.py):=20prepend=20'lf?=
 =?UTF-8?q?-'=20to=20generated=20API=20key=20for=20better=20identification?=
 =?UTF-8?q?=20and=20readability=20=E2=9C=A8=20feat(api=5Fkey/crud.py):=20a?=
 =?UTF-8?q?dd=20check=5Fkey=20function=20to=20validate=20API=20key=20and?=
 =?UTF-8?q?=20update=20total=20uses=20and=20last=20used=20at=20timestamp?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../services/database/models/api_key/crud.py  | 39 +++++++++++++++----
 1 file changed, 31 insertions(+), 8 deletions(-)

diff --git a/src/backend/langflow/services/database/models/api_key/crud.py b/src/backend/langflow/services/database/models/api_key/crud.py
index 9da38a382..73ac8de7c 100644
--- a/src/backend/langflow/services/database/models/api_key/crud.py
+++ b/src/backend/langflow/services/database/models/api_key/crud.py
@@ -1,7 +1,8 @@
+import datetime
 import secrets
+import threading
 from uuid import UUID
 from typing import List
-from langflow.services.auth.utils import get_password_hash
 from sqlmodel import Session, select
 from langflow.services.database.models.api_key import (
     ApiKey,
@@ -21,15 +22,10 @@ def create_api_key(
     session: Session, api_key_create: ApiKeyCreate, user_id: UUID
 ) -> UnmaskedApiKeyRead:
     # Generate a random API key with 32 bytes of randomness
-    generated_api_key = secrets.token_urlsafe(32)
+    generated_api_key = f"lf-{secrets.token_urlsafe(32)}"
 
-    # hash the API key
-    hashed = get_password_hash(generated_api_key)
-    # Use the generated key to create the ApiKey object
-    masked_api_key = f"{'*' * 10}{generated_api_key[-4:]}"
     api_key = ApiKey(
-        api_key=masked_api_key,
-        hashed_api_key=hashed,
+        api_key=generated_api_key,
         name=api_key_create.name,
         user_id=user_id,
     )
@@ -48,3 +44,30 @@ def delete_api_key(session: Session, api_key_id: UUID) -> None:
         raise ValueError("API Key not found")
     session.delete(api_key)
     session.commit()
+
+
+def check_key(session: Session, api_key: str) -> bool:
+    """Check if the API key is valid."""
+    query = select(ApiKey).where(ApiKey.api_key == api_key)
+    api_key = session.exec(query).first()
+    if api_key is None:
+        return False
+
+    threading.Thread(
+        target=update_total_uses,
+        args=(
+            session,
+            api_key,
+        ),
+    ).start()
+    return True
+
+
+def update_total_uses(session, api_key: ApiKey):
+    """Update the total uses and last used at."""
+    api_key.total_uses += 1
+    api_key.last_used_at = datetime.datetime.now(datetime.timezone.utc)
+    session.add(api_key)
+    session.commit()
+    session.refresh(api_key)
+    return api_key