darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-16 10:12:32 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
c98705696a0f88e0510f11076c42376d62c303c8
notifications-api/app/dao/api_key_dao.py
chrisw c98705696a filter revoked api keys older than 7 days
2018-03-13 17:24:14 +00:00

57 lines
1.5 KiB
Python
Raw Blame History

import uuid
from datetime import datetime, timedelta
from app import db
from app.models import ApiKey
from app.dao.dao_utils import (
transactional,
version_class
)
from sqlalchemy import or_, func
@transactional
@version_class(ApiKey)
def save_model_api_key(api_key):
if not api_key.id:
api_key.id = uuid.uuid4() # must be set now so version history model can use same id
api_key.secret = uuid.uuid4()
db.session.add(api_key)
@transactional
@version_class(ApiKey)
def expire_api_key(service_id, api_key_id):
api_key = ApiKey.query.filter_by(id=api_key_id, service_id=service_id).one()
api_key.expiry_date = datetime.utcnow()
db.session.add(api_key)
def get_model_api_keys(service_id, id=None):
if id:
return ApiKey.query.filter_by(id=id, service_id=service_id, expiry_date=None).one()
seven_days_ago = datetime.utcnow() - timedelta(days=7)
return ApiKey.query.filter(
or_(ApiKey.expiry_date == None, func.date(ApiKey.expiry_date) > seven_days_ago), # noqa
ApiKey.service_id == service_id
).all()
def get_unsigned_secrets(service_id):
"""
This method can only be exposed to the Authentication of the api calls.
"""
api_keys = ApiKey.query.filter_by(service_id=service_id, expiry_date=None).all()
keys = [x.secret for x in api_keys]
return keys
def get_unsigned_secret(key_id):
"""
This method can only be exposed to the Authentication of the api calls.
"""
api_key = ApiKey.query.filter_by(id=key_id, expiry_date=None).one()
return api_key.secret
Reference in New Issue View Git Blame Copy Permalink