Update api-key/revoke endpoint to expire the key for the service.

Previously we assumed there was only one api key that was valid.
2026-02-01 07:35:34 -05:00 · 2016-01-20 14:48:44 +00:00
parent 4a3fae7580
commit 2689d908c1
4 changed files with 22 additions and 34 deletions
--- a/app/dao/api_key_dao.py
+++ b/app/dao/api_key_dao.py
@@ -16,18 +16,10 @@ def save_model_api_key(api_key, update_dict={}):
    db.session.commit()


-def get_model_api_keys(service_id=None, raise_=True):
-    """
-    :param raise_: when True query api_keys using one() which will raise NoResultFound exception
-                   when False query api_keys usong first() which will return None and not raise an exception.
-    """
-    if service_id:
-        # If expiry date is None the api_key is active
-        if raise_:
-            return ApiKey.query.filter_by(service_id=service_id, expiry_date=None).one()
-        else:
-            return ApiKey.query.filter_by(service_id=service_id, expiry_date=None).first()
-    return ApiKey.query.filter_by().all()
+def get_model_api_keys(service_id, id=None):
+    if id:
+        return ApiKey.query.filter_by(id=id, service_id=service_id, expiry_date=None).one()
+    return ApiKey.query.filter_by(service_id=service_id).all()


 def get_unsigned_secrets(service_id):
--- a/app/service/rest.py
+++ b/app/service/rest.py
@@ -96,18 +96,16 @@ def renew_api_key(service_id=None):
    return jsonify(data=unsigned_api_key), 201


-@service.route('/<int:service_id>/api-key/revoke', methods=['POST'])
-def revoke_api_key(service_id):
+@service.route('/<int:service_id>/api-key/revoke/<int:api_key_id>', methods=['POST'])
+def revoke_api_key(service_id, api_key_id):
    try:
-        get_model_services(service_id=service_id)
+        service_api_key = get_model_api_keys(service_id=service_id, id=api_key_id)
    except DataError:
-        return jsonify(result="error", message="Invalid service id"), 400
+        return jsonify(result="error", message="Invalid  api key for service"), 400
    except NoResultFound:
-        return jsonify(result="error", message="Service not found"), 404
+        return jsonify(result="error", message="Api key not found for service"), 404

-    service_api_key = get_model_api_keys(service_id=service_id, raise_=False)
-    if service_api_key:
-        save_model_api_key(service_api_key, update_dict={'id': service_api_key.id, 'expiry_date': datetime.now()})
+    save_model_api_key(service_api_key, update_dict={'id': service_api_key.id, 'expiry_date': datetime.utcnow()})
    return jsonify(), 202