quivr/backend/auth/api_key_handler.py
Stan Girard e076bbe79f
Feat/testing backend (#446)
* feat(pytest): added

* feat(brains): added tests

* feat(actions): pytest
2023-07-02 02:19:30 +02:00

71 lines
1.9 KiB
Python

from datetime import datetime
from fastapi import HTTPException
from models.settings import common_dependencies
from pydantic import DateError
async def verify_api_key(
api_key: str,
):
try:
# Use UTC time to avoid timezone issues
current_date = datetime.utcnow().date()
commons = common_dependencies()
result = (
commons["supabase"]
.table("api_keys")
.select("api_key", "creation_time")
.filter("api_key", "eq", api_key)
.filter("is_active", "eq", True)
.execute()
)
if result.data is not None and len(result.data) > 0:
api_key_creation_date = datetime.strptime(
result.data[0]["creation_time"], "%Y-%m-%dT%H:%M:%S"
).date()
# Check if the API key was created in the month of the current date
if (api_key_creation_date.month == current_date.month) and (
api_key_creation_date.year == current_date.year
):
return True
return False
except DateError:
return False
async def get_user_from_api_key(
api_key: str,
):
commons = common_dependencies()
# Lookup the user_id from the api_keys table
user_id_data = (
commons["supabase"]
.table("api_keys")
.select("user_id")
.filter("api_key", "eq", api_key)
.execute()
)
if not user_id_data.data:
raise HTTPException(status_code=400, detail="Invalid API key.")
user_id = user_id_data.data[0]["user_id"]
# Lookup the email from the users table. Todo: remove and use user_id for credentials
user_email_data = (
commons["supabase"]
.table("users")
.select("email")
.filter("user_id", "eq", user_id)
.execute()
)
return (
{"email": user_email_data.data[0]["email"], "sub": user_id}
if user_email_data.data
else {"email": None}
)