Acasă Explorează Ajutor
Înregistrare Autentificare
LiXinYan
/
Crawl
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Ramură: master
Ramuri Etichete
Crawl
/
backend
/
app
/
routers
/
api_keys.py

api_keys.py 4.7 KB
Permalink Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. from __future__ import annotations
    2. 

  2. 

  3. from datetime import datetime
    4. 

  4. from typing import List, Optional
    5. 

  5. 

  6. from fastapi import APIRouter, HTTPException
    7. 

  7. from fastapi.responses import Response
    8. 

  8. from pydantic import BaseModel
    9. 

  9. 

  10. from app.db import get_pool
    11. 

  11. from app.routers.models import _bump_all_domain_versions
    12. 

  12. 

  13. router = APIRouter(tags=["api_keys"])
    14. 

  14. 

  15. 

  16. class ApiKeyIn(BaseModel):
    17. 

  17.     name: str
    18. 

  18.     key_value: str
    19. 

  19.     note: Optional[str] = None
    20. 

  20. 

  21. 

  22. class ApiKeyUpdate(BaseModel):
    23. 

  23.     name: Optional[str] = None
    24. 

  24.     key_value: Optional[str] = None
    25. 

  25.     note: Optional[str] = None
    26. 

  26. 

  27. 

  28. class ApiKeyOut(BaseModel):
    29. 

  29.     id: int
    30. 

  30.     name: str
    31. 

  31.     key_value: str  # 返回脱敏值,不暴露明文
    32. 

  32.     note: Optional[str]
    33. 

  33.     model_count: int = 0
    34. 

  34.     created_at: datetime
    35. 

  35.     updated_at: datetime
    36. 

  36. 

  37. 

  38. def _mask_key(v: str) -> str:
    39. 

  39.     """脱敏:保留前6位和后4位,中间替换为 ••••••••"""
    40. 

  40.     if len(v) <= 10:
    41. 

  41.         return '••••••••'
    42. 

  42.     return v[:6] + '••••••••' + v[-4:]
    43. 

  43. 

  44. 

  45. class BatchAssignIn(BaseModel):
    46. 

  46.     """批量将某个 api_key 绑定到一批模型"""
    47. 

  47.     api_key_id: Optional[int] = None   # None 表示清除绑定
    48. 

  48.     model_ids: List[int]
    49. 

  49. 

  50. 

  51. @router.get("/api-keys", response_model=List[ApiKeyOut])
    52. 

  52. async def list_api_keys() -> List[ApiKeyOut]:
    53. 

  53.     pool = get_pool()
    54. 

  54.     rows = await pool.fetch(
    55. 

  55.         """
    56. 

  56.         SELECT k.id, k.name, k.key_value, k.note, k.created_at, k.updated_at,
    57. 

  57.                COUNT(m.id) AS model_count
    58. 

  58.         FROM api_keys k
    59. 

  59.         LEFT JOIN models m ON m.api_key_id = k.id
    60. 

  60.         GROUP BY k.id
    61. 

  61.         ORDER BY k.created_at DESC
    62. 

  62.         """
    63. 

  63.     )
    64. 

  64.     return [ApiKeyOut(**{**dict(r), "key_value": _mask_key(r["key_value"])}) for r in rows]
    65. 

  65. 

  66. 

  67. @router.post("/api-keys", response_model=ApiKeyOut, status_code=201)
    68. 

  68. async def create_api_key(body: ApiKeyIn) -> ApiKeyOut:
    69. 

  69.     pool = get_pool()
    70. 

  70.     row = await pool.fetchrow(
    71. 

  71.         """
    72. 

  72.         INSERT INTO api_keys (name, key_value, note)
    73. 

  73.         VALUES ($1, $2, $3)
    74. 

  74.         RETURNING id, name, key_value, note, created_at, updated_at
    75. 

  75.         """,
    76. 

  76.         body.name, body.key_value, body.note,
    77. 

  77.     )
    78. 

  78.     return ApiKeyOut(**dict(row))
    79. 

  79. 

  80. 

  81. @router.put("/api-keys/{key_id}", response_model=ApiKeyOut)
    82. 

  82. async def update_api_key(key_id: int, body: ApiKeyUpdate) -> ApiKeyOut:
    83. 

  83.     pool = get_pool()
    84. 

  84.     existing = await pool.fetchrow(
    85. 

  85.         "SELECT id, name, key_value, note, created_at, updated_at FROM api_keys WHERE id = $1",
    86. 

  86.         key_id,
    87. 

  87.     )
    88. 

  88.     if existing is None:
    89. 

  89.         raise HTTPException(status_code=404, detail="API Key 不存在")
    90. 

  90.     new_name = body.name if body.name is not None else existing["name"]
    91. 

  91.     new_value = body.key_value if body.key_value is not None else existing["key_value"]
    92. 

  92.     new_note = body.note if body.note is not None else existing["note"]
    93. 

  93.     key_value_changed = new_value != existing["key_value"]
    94. 

  94.     async with pool.acquire() as conn:
    95. 

  95.         async with conn.transaction():
    96. 

  96.             row = await conn.fetchrow(
    97. 

  97.                 """
    98. 

  98.                 UPDATE api_keys SET name = $1, key_value = $2, note = $3, updated_at = NOW()
    99. 

  99.                 WHERE id = $4
    100. 

  100.                 RETURNING id, name, key_value, note, created_at, updated_at
    101. 

  101.                 """,
    102. 

  102.                 new_name, new_value, new_note, key_id,
    103. 

  103.             )
    104. 

  104.             # key 值本身变了 → 通知所有绑定了此 key 的客户端
    105. 

  105.             if key_value_changed:
    106. 

  106.                 await _bump_all_domain_versions(conn)
    107. 

  107.     return ApiKeyOut(**dict(row))
    108. 

  108. 

  109. 

  110. @router.delete("/api-keys/{key_id}", status_code=204, response_model=None)
    111. 

  111. async def delete_api_key(key_id: int) -> Response:
    112. 

  112.     pool = get_pool()
    113. 

  113.     result = await pool.execute("DELETE FROM api_keys WHERE id = $1", key_id)
    114. 

  114.     if result == "DELETE 0":
    115. 

  115.         raise HTTPException(status_code=404, detail="API Key 不存在")
    116. 

  116.     return Response(status_code=204)
    117. 

  117. 

  118. 

  119. @router.post("/api-keys/batch-assign", status_code=200)
    120. 

  120. async def batch_assign_api_key(body: BatchAssignIn) -> dict:
    121. 

  121.     """批量将指定 api_key 绑定到一批模型(api_key_id=None 则清除绑定)"""
    122. 

  122.     if not body.model_ids:
    123. 

  123.         return {"updated": 0}
    124. 

  124. 

  125.     pool = get_pool()
    126. 

  126. 

  127.     if body.api_key_id is not None:
    128. 

  128.         key_row = await pool.fetchrow("SELECT id FROM api_keys WHERE id = $1", body.api_key_id)
    129. 

  129.         if key_row is None:
    130. 

  130.             raise HTTPException(status_code=404, detail="API Key 不存在")
    131. 

  131. 

  132.     async with pool.acquire() as conn:
    133. 

  133.         async with conn.transaction():
    134. 

  134.             result = await conn.execute(
    135. 

  135.                 "UPDATE models SET api_key_id = $1 WHERE id = ANY($2::bigint[])",
    136. 

  136.                 body.api_key_id, body.model_ids,
    137. 

  137.             )
    138. 

  138.             updated = int(result.split()[-1]) if result else 0
    139. 

  139.             if updated > 0:
    140. 

  140.                 await _bump_all_domain_versions(conn)
    141. 

  141. 

  142.     return {"updated": updated}
    143.