60 lines
1.8 KiB
Python
60 lines
1.8 KiB
Python
import datetime
|
|
from fastapi import APIRouter, Depends, HTTPException, Request, status
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.crud import secret as secret_crud
|
|
from app.db.session import get_db
|
|
from app.schemas.secret import SecretCreate, SecretCreated, SecretRead
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.post("/", response_model=SecretCreated, status_code=status.HTTP_201_CREATED)
|
|
def create_secret(
|
|
request: Request,
|
|
secret: SecretCreate,
|
|
db: Session = Depends(get_db),
|
|
):
|
|
"""
|
|
Create a new secret.
|
|
|
|
Returns an access key that can be used to retrieve the secret once.
|
|
"""
|
|
db_secret = secret_crud.create_secret(db=db, secret=secret)
|
|
|
|
# Generate the full URL for accessing the secret
|
|
base_url = str(request.base_url).rstrip("/")
|
|
secret_url = f"{base_url}/api/v1/secrets/{db_secret.access_key}"
|
|
|
|
return {
|
|
"access_key": db_secret.access_key,
|
|
"expires_at": db_secret.expires_at,
|
|
"secret_url": secret_url,
|
|
}
|
|
|
|
|
|
@router.get("/{access_key}", response_model=SecretRead)
|
|
def read_secret(
|
|
access_key: str,
|
|
db: Session = Depends(get_db),
|
|
):
|
|
"""
|
|
Retrieve a secret by its access key.
|
|
|
|
The secret can only be retrieved once and will be deleted after retrieval.
|
|
"""
|
|
secret_content = secret_crud.read_and_delete_secret(db=db, access_key=access_key)
|
|
|
|
if not secret_content:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_404_NOT_FOUND,
|
|
detail="Secret not found or already accessed",
|
|
)
|
|
|
|
# Since we've deleted the secret, we'll use the current time for demonstration purposes
|
|
return {
|
|
"content": secret_content,
|
|
"created_at": db.query(secret_crud.Secret.created_at).filter(
|
|
secret_crud.Secret.access_key == access_key
|
|
).scalar() or datetime.datetime.utcnow(),
|
|
} |