124 lines
2.5 KiB
Markdown
124 lines
2.5 KiB
Markdown
# One-Time Secret Manager API
|
|
|
|
This is a simple API for creating and managing one-time secrets. It allows users to securely share sensitive information by creating secrets that can only be viewed once before being automatically deleted.
|
|
|
|
## Features
|
|
|
|
- Create encrypted secrets with customizable expiration time
|
|
- Access secrets using a unique access key
|
|
- Automatic deletion of secrets after they are viewed
|
|
- Secrets expire automatically after the specified time
|
|
- Encrypted storage using strong cryptographic algorithms
|
|
|
|
## API Endpoints
|
|
|
|
### Create a New Secret
|
|
|
|
```
|
|
POST /api/v1/secrets/
|
|
```
|
|
|
|
**Request Body:**
|
|
```json
|
|
{
|
|
"content": "Your secret message here",
|
|
"ttl_hours": 24 // Optional, default is 24 hours, max is 168 hours (7 days)
|
|
}
|
|
```
|
|
|
|
**Response:**
|
|
```json
|
|
{
|
|
"access_key": "random_access_key",
|
|
"expires_at": "2023-09-24T12:00:00.000000",
|
|
"secret_url": "https://your-domain.com/api/v1/secrets/random_access_key"
|
|
}
|
|
```
|
|
|
|
### Retrieve a Secret
|
|
|
|
```
|
|
GET /api/v1/secrets/{access_key}
|
|
```
|
|
|
|
**Response:**
|
|
```json
|
|
{
|
|
"content": "Your secret message here",
|
|
"created_at": "2023-09-23T12:00:00.000000"
|
|
}
|
|
```
|
|
|
|
### Health Check
|
|
|
|
```
|
|
GET /health
|
|
```
|
|
|
|
**Response:**
|
|
```json
|
|
{
|
|
"status": "healthy"
|
|
}
|
|
```
|
|
|
|
## Environment Variables
|
|
|
|
The application uses the following environment variables:
|
|
|
|
- `SECRET_KEY`: Secret key for encryption (required in production)
|
|
- `ALGORITHM`: JWT algorithm for tokens, default is "HS256"
|
|
- `ACCESS_TOKEN_EXPIRE_MINUTES`: Default token expiration time in minutes, default is 30
|
|
|
|
## Getting Started
|
|
|
|
### Prerequisites
|
|
|
|
- Python 3.8+
|
|
- SQLite
|
|
|
|
### Installation
|
|
|
|
1. Clone the repository:
|
|
```bash
|
|
git clone https://github.com/yourusername/onetimesecretmanagerapi.git
|
|
cd onetimesecretmanagerapi
|
|
```
|
|
|
|
2. Install dependencies:
|
|
```bash
|
|
pip install -r requirements.txt
|
|
```
|
|
|
|
3. Set up the environment variables:
|
|
```bash
|
|
export SECRET_KEY="your-secret-key"
|
|
```
|
|
|
|
4. Run database migrations:
|
|
```bash
|
|
alembic upgrade head
|
|
```
|
|
|
|
5. Start the server:
|
|
```bash
|
|
uvicorn main:app --reload
|
|
```
|
|
|
|
The API will be available at `http://localhost:8000`.
|
|
|
|
## Documentation
|
|
|
|
- API documentation is available at `/docs` when the server is running
|
|
- Redoc documentation is available at `/redoc`
|
|
|
|
## Security Considerations
|
|
|
|
- All secrets are encrypted at rest
|
|
- The application uses strong cryptographic algorithms for encryption
|
|
- Secrets are automatically deleted after being viewed once
|
|
- Secrets expire automatically after the specified time
|
|
|
|
## License
|
|
|
|
This project is licensed under the MIT License - see the LICENSE file for details. |