diff --git a/README.md b/README.md index e8acfba..7f39470 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,150 @@ -# FastAPI Application +# One-Time Secret Sharing Service -This is a FastAPI application bootstrapped by BackendIM, the AI-powered backend generation platform. +A secure API backend for a one-time secret sharing service built with FastAPI and SQLite. + +## Features + +- Create and share secrets securely +- Secrets can only be viewed once +- Automatic deletion after viewing or expiration +- Customizable time-to-live (TTL) for secrets +- Background cleanup of expired secrets +- Encrypted storage of secrets + +## API Endpoints + +### Health Check + +``` +GET /health +``` + +Returns the health status of the API and database connection. + +### Create a Secret + +``` +POST /api/v1/secrets +``` + +Create a new secret and get a token to access it. + +**Request Body:** +```json +{ + "content": "Your secret message here", + "ttl_hours": 24 // Optional, defaults to 24 hours +} +``` + +**Response:** +```json +{ + "token": "unique-token-id", + "expires_at": "2023-07-28T10:00:00.000Z", + "message": "Secret stored successfully" +} +``` + +### Retrieve a Secret + +``` +GET /api/v1/secrets/{token} +``` + +Retrieve a secret using its token. The secret is deleted immediately after retrieval. + +**Response:** +```json +{ + "content": "Your secret message here", + "message": "Secret retrieved successfully" +} +``` + +**Error Responses:** +- `404 Not Found` - Secret not found, already viewed, or expired + +## Setup and Installation + +### Prerequisites + +- Python 3.8+ +- SQLite + +### Environment Variables + +The application uses the following environment variables: + +- `SECRET_KEY`: Secret key for encryption (defaults to "development_secret_key" in development) + +### Installation + +1. Clone the repository +2. Create a virtual environment and activate it: + ```bash + python -m venv venv + source venv/bin/activate # On Windows: venv\Scripts\activate + ``` +3. Install dependencies: + ```bash + pip install -r requirements.txt + ``` + +### Database Setup + +Run Alembic migrations to set up the database: + +```bash +alembic upgrade head +``` + +### Running the Application + +Start the application with uvicorn: + +```bash +uvicorn main:app --host 0.0.0.0 --port 8000 --reload +``` + +The API will be available at `http://localhost:8000`. + +- API Documentation: `http://localhost:8000/docs` +- ReDoc Documentation: `http://localhost:8000/redoc` +- OpenAPI Specification: `http://localhost:8000/openapi.json` + +## Security Considerations + +- Secrets are encrypted before storage +- Secrets are automatically deleted after viewing +- Expired secrets are cleaned up regularly +- The service uses a TTL (time-to-live) mechanism to ensure secrets don't persist indefinitely + +## Development + +### Project Structure + +``` +. +├── alembic.ini # Alembic configuration +├── app/ # Application code +│ ├── api/ # API endpoints +│ │ └── routes/ # Route definitions +│ ├── core/ # Core application code +│ │ └── config.py # Application configuration +│ ├── db/ # Database related code +│ │ └── session.py # Database session setup +│ ├── models/ # SQLAlchemy models +│ │ ├── base.py # Base model +│ │ └── secret.py # Secret model +│ ├── schemas/ # Pydantic schemas +│ │ └── secret.py # Secret schemas +│ └── services/ # Business logic +│ ├── encryption.py # Encryption service +│ └── secret_service.py # Secret service +├── main.py # Application entry point +├── migrations/ # Alembic migrations +│ └── versions/ # Migration scripts +├── README.md # This file +└── requirements.txt # Python dependencies +``` \ No newline at end of file diff --git a/alembic.ini b/alembic.ini new file mode 100644 index 0000000..609115c --- /dev/null +++ b/alembic.ini @@ -0,0 +1,106 @@ +# A generic, single database configuration. + +[alembic] +# path to migration scripts +script_location = migrations + +# template used to generate migration file names; The default value is %%(rev)s_%%(slug)s +# Uncomment the line below if you want the files to be prepended with date and time +# see https://alembic.sqlalchemy.org/en/latest/tutorial.html#editing-the-ini-file +# for all available tokens +# file_template = %%(year)d_%%(month).2d_%%(day).2d_%%(hour).2d%%(minute).2d-%%(rev)s_%%(slug)s + +# sys.path path, will be prepended to sys.path if present. +# defaults to the current working directory. +prepend_sys_path = . + +# timezone to use when rendering the date within the migration file +# as well as the filename. +# If specified, requires the python-dateutil library that can be +# installed by adding `alembic[tz]` to the pip requirements +# string value is passed to dateutil.tz.gettz() +# leave blank for localtime +# timezone = + +# max length of characters to apply to the +# "slug" field +# truncate_slug_length = 40 + +# set to 'true' to run the environment during +# the 'revision' command, regardless of autogenerate +# revision_environment = false + +# set to 'true' to allow .pyc and .pyo files without +# a source .py file to be detected as revisions in the +# versions/ directory +# sourceless = false + +# version location specification; This defaults +# to migrations/versions. When using multiple version +# directories, initial revisions must be specified with --version-path. +# The path separator used here should be the separator specified by "version_path_separator" below. +# version_locations = %(here)s/bar:%(here)s/bat:migrations/versions + +# version path separator; As mentioned above, this is the character used to split +# version_locations. The default within new alembic.ini files is "os", which uses os.pathsep. +# If this key is omitted entirely, it falls back to the legacy behavior of splitting on spaces and/or commas. +# Valid values for version_path_separator are: +# +# version_path_separator = : +# version_path_separator = ; +# version_path_separator = space +version_path_separator = os # Use os.pathsep. Default configuration used for new projects. + +# the output encoding used when revision files +# are written from script.py.mako +# output_encoding = utf-8 + +# SQLite URL using absolute path +sqlalchemy.url = sqlite:////app/storage/db/db.sqlite + + +[post_write_hooks] +# post_write_hooks defines scripts or Python functions that are run +# on newly generated revision scripts. See the documentation for further +# detail and examples + +# format using "black" - use the console_scripts runner, against the "black" entrypoint +# hooks = black +# black.type = console_scripts +# black.entrypoint = black +# black.options = -l 79 REVISION_SCRIPT_FILENAME + +# Logging configuration +[loggers] +keys = root,sqlalchemy,alembic + +[handlers] +keys = console + +[formatters] +keys = generic + +[logger_root] +level = WARN +handlers = console +qualname = + +[logger_sqlalchemy] +level = WARN +handlers = +qualname = sqlalchemy.engine + +[logger_alembic] +level = INFO +handlers = +qualname = alembic + +[handler_console] +class = StreamHandler +args = (sys.stderr,) +level = NOTSET +formatter = generic + +[formatter_generic] +format = %(levelname)-5.5s [%(name)s] %(message)s +datefmt = %H:%M:%S \ No newline at end of file diff --git a/app/__init__.py b/app/__init__.py new file mode 100644 index 0000000..bdff6c4 --- /dev/null +++ b/app/__init__.py @@ -0,0 +1 @@ +# App package \ No newline at end of file diff --git a/app/api/__init__.py b/app/api/__init__.py new file mode 100644 index 0000000..a757e69 --- /dev/null +++ b/app/api/__init__.py @@ -0,0 +1 @@ +# API package \ No newline at end of file diff --git a/app/api/routes/__init__.py b/app/api/routes/__init__.py new file mode 100644 index 0000000..7e1d20f --- /dev/null +++ b/app/api/routes/__init__.py @@ -0,0 +1 @@ +# Routes package \ No newline at end of file diff --git a/app/api/routes/health.py b/app/api/routes/health.py new file mode 100644 index 0000000..7cfb04b --- /dev/null +++ b/app/api/routes/health.py @@ -0,0 +1,28 @@ +from fastapi import APIRouter, Depends, status +from sqlalchemy.orm import Session +from app.db.session import get_db + +router = APIRouter() + + +@router.get("/health", status_code=status.HTTP_200_OK) +def health_check(db: Session = Depends(get_db)): + """ + Health check endpoint. + Returns status of the API and database connection. + """ + health_status = { + "status": "healthy", + "api": "up", + "database": "up", + } + + # Test database connection + try: + # Execute a simple query + db.execute("SELECT 1") + except Exception as e: + health_status["status"] = "unhealthy" + health_status["database"] = f"down: {str(e)}" + + return health_status \ No newline at end of file diff --git a/app/api/routes/secrets.py b/app/api/routes/secrets.py new file mode 100644 index 0000000..63f4273 --- /dev/null +++ b/app/api/routes/secrets.py @@ -0,0 +1,75 @@ +from fastapi import APIRouter, Depends, HTTPException, BackgroundTasks, status +from sqlalchemy.orm import Session +from app.db.session import get_db +from app.schemas.secret import SecretCreate, SecretResponse, SecretRetrieved +from app.services.secret_service import create_secret, retrieve_and_delete_secret, cleanup_expired_secrets + +router = APIRouter() + + +@router.post("/secrets", response_model=SecretResponse) +def create_new_secret( + secret: SecretCreate, + background_tasks: BackgroundTasks, + db: Session = Depends(get_db) +): + """ + Create a new secret. + + Args: + secret: The secret data to store + background_tasks: FastAPI background tasks + db: Database session + + Returns: + The token to access the secret + """ + # Add a background task to clean up expired secrets + background_tasks.add_task(cleanup_expired_secrets, db) + + # Create the secret + secret_obj = create_secret( + db=db, + content=secret.content, + ttl_hours=secret.ttl_hours + ) + + # Return the token + return { + "token": secret_obj.id, + "expires_at": secret_obj.expires_at, + "message": "Secret stored successfully" + } + + +@router.get("/secrets/{token}", response_model=SecretRetrieved) +def get_secret(token: str, background_tasks: BackgroundTasks, db: Session = Depends(get_db)): + """ + Retrieve a secret by its token and delete it. + + Args: + token: The secret token + background_tasks: FastAPI background tasks + db: Database session + + Returns: + The secret content + """ + # Add a background task to clean up expired secrets + background_tasks.add_task(cleanup_expired_secrets, db) + + # Retrieve and delete the secret + content, message = retrieve_and_delete_secret(db, token) + + # Check if retrieval was successful + if not content: + raise HTTPException( + status_code=status.HTTP_404_NOT_FOUND, + detail=message + ) + + # Return the secret content + return { + "content": content, + "message": message + } \ No newline at end of file diff --git a/app/core/__init__.py b/app/core/__init__.py new file mode 100644 index 0000000..3d8cf2e --- /dev/null +++ b/app/core/__init__.py @@ -0,0 +1 @@ +# Core package \ No newline at end of file diff --git a/app/core/config.py b/app/core/config.py new file mode 100644 index 0000000..3fd3058 --- /dev/null +++ b/app/core/config.py @@ -0,0 +1,37 @@ +import os +from pathlib import Path +from pydantic import field_validator +from pydantic_settings import BaseSettings + +# Project directories +ROOT_DIR = Path(__file__).parent.parent.parent.resolve() + + +class Settings(BaseSettings): + # Project info + PROJECT_NAME: str = "One-Time Secret Sharing Service" + API_V1_STR: str = "/api/v1" + + # Database + DB_DIR: Path = Path("/app") / "storage" / "db" + SQLALCHEMY_DATABASE_URL: str = f"sqlite:///{DB_DIR}/db.sqlite" + + # Secret settings + DEFAULT_SECRET_TTL_HOURS: int = 24 + MAX_SECRET_TTL_HOURS: int = 168 # 7 days + + # Security + SECRET_KEY: str = os.environ.get("SECRET_KEY", "development_secret_key") + + @field_validator("DB_DIR") + def create_db_dir(cls, db_dir: Path) -> Path: + db_dir.mkdir(parents=True, exist_ok=True) + return db_dir + + class Config: + env_file = ".env" + case_sensitive = True + + +# Create global settings instance +settings = Settings() \ No newline at end of file diff --git a/app/db/__init__.py b/app/db/__init__.py new file mode 100644 index 0000000..8cc3bc6 --- /dev/null +++ b/app/db/__init__.py @@ -0,0 +1 @@ +# Database package \ No newline at end of file diff --git a/app/db/session.py b/app/db/session.py new file mode 100644 index 0000000..739749a --- /dev/null +++ b/app/db/session.py @@ -0,0 +1,26 @@ +from sqlalchemy import create_engine +from sqlalchemy.orm import sessionmaker +from pathlib import Path + + +# Ensure DB directory exists +DB_DIR = Path("/app") / "storage" / "db" +DB_DIR.mkdir(parents=True, exist_ok=True) + +SQLALCHEMY_DATABASE_URL = f"sqlite:///{DB_DIR}/db.sqlite" + +engine = create_engine( + SQLALCHEMY_DATABASE_URL, + connect_args={"check_same_thread": False} # Needed for SQLite +) + +SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine) + + +# Dependency to get DB session +def get_db(): + db = SessionLocal() + try: + yield db + finally: + db.close() \ No newline at end of file diff --git a/app/models/__init__.py b/app/models/__init__.py new file mode 100644 index 0000000..1d51e16 --- /dev/null +++ b/app/models/__init__.py @@ -0,0 +1,5 @@ +# Import models here for easy access +from app.models.base import Base as Base +from app.models.secret import Secret as Secret + +__all__ = ["Base", "Secret"] \ No newline at end of file diff --git a/app/models/base.py b/app/models/base.py new file mode 100644 index 0000000..7c2377a --- /dev/null +++ b/app/models/base.py @@ -0,0 +1,3 @@ +from sqlalchemy.ext.declarative import declarative_base + +Base = declarative_base() \ No newline at end of file diff --git a/app/models/secret.py b/app/models/secret.py new file mode 100644 index 0000000..ba7106a --- /dev/null +++ b/app/models/secret.py @@ -0,0 +1,57 @@ +import uuid +from datetime import datetime, timedelta +from sqlalchemy import Column, String, DateTime, Text, Boolean +from sqlalchemy.sql import func + +from app.models.base import Base +from app.core.config import settings + + +class Secret(Base): + """SQLAlchemy model for storing secrets.""" + __tablename__ = "secrets" + + # Primary key - unique identifier for the secret + id = Column(String(36), primary_key=True, index=True, default=lambda: str(uuid.uuid4())) + + # The encrypted secret content + content = Column(Text, nullable=False) + + # When the secret was created + created_at = Column(DateTime, default=func.now(), nullable=False) + + # When the secret expires + expires_at = Column(DateTime, nullable=False) + + # Whether the secret has been viewed + is_viewed = Column(Boolean, default=False, nullable=False) + + @classmethod + def create_with_ttl(cls, content: str, ttl_hours: int = None): + """ + Create a new secret with TTL (time-to-live). + + Args: + content: The secret content to store + ttl_hours: Time-to-live in hours (default: settings.DEFAULT_SECRET_TTL_HOURS) + + Returns: + A new Secret instance + """ + if ttl_hours is None: + ttl_hours = settings.DEFAULT_SECRET_TTL_HOURS + + # Ensure TTL doesn't exceed maximum + ttl_hours = min(ttl_hours, settings.MAX_SECRET_TTL_HOURS) + + # Calculate expiration time + expires_at = datetime.utcnow() + timedelta(hours=ttl_hours) + + return cls( + content=content, + expires_at=expires_at + ) + + def is_expired(self) -> bool: + """Check if the secret is expired.""" + return datetime.utcnow() > self.expires_at \ No newline at end of file diff --git a/app/schemas/__init__.py b/app/schemas/__init__.py new file mode 100644 index 0000000..1556bdd --- /dev/null +++ b/app/schemas/__init__.py @@ -0,0 +1,6 @@ +# Import schemas for easy access +from app.schemas.secret import SecretCreate as SecretCreate +from app.schemas.secret import SecretResponse as SecretResponse +from app.schemas.secret import SecretRetrieved as SecretRetrieved + +__all__ = ["SecretCreate", "SecretResponse", "SecretRetrieved"] \ No newline at end of file diff --git a/app/schemas/secret.py b/app/schemas/secret.py new file mode 100644 index 0000000..e24abac --- /dev/null +++ b/app/schemas/secret.py @@ -0,0 +1,38 @@ +from datetime import datetime +from typing import Optional +from pydantic import BaseModel, Field, field_validator + +from app.core.config import settings + + +class SecretCreate(BaseModel): + """Schema for creating a new secret.""" + content: str = Field(..., description="The secret content to store") + ttl_hours: Optional[int] = Field( + default=settings.DEFAULT_SECRET_TTL_HOURS, + description="Time-to-live in hours" + ) + + @field_validator("ttl_hours") + def validate_ttl(cls, ttl_hours: int) -> int: + """Validate TTL doesn't exceed maximum.""" + if ttl_hours <= 0: + raise ValueError("TTL must be greater than 0") + + if ttl_hours > settings.MAX_SECRET_TTL_HOURS: + return settings.MAX_SECRET_TTL_HOURS + + return ttl_hours + + +class SecretResponse(BaseModel): + """Schema for response after creating a secret.""" + token: str = Field(..., description="The token to access the secret") + expires_at: datetime = Field(..., description="When the secret expires") + message: str = Field("Secret stored successfully", description="Status message") + + +class SecretRetrieved(BaseModel): + """Schema for retrieved secret.""" + content: str = Field(..., description="The secret content") + message: str = Field("Secret retrieved successfully", description="Status message") \ No newline at end of file diff --git a/app/services/__init__.py b/app/services/__init__.py new file mode 100644 index 0000000..14841b5 --- /dev/null +++ b/app/services/__init__.py @@ -0,0 +1 @@ +# Import services for easy access \ No newline at end of file diff --git a/app/services/encryption.py b/app/services/encryption.py new file mode 100644 index 0000000..8e58afb --- /dev/null +++ b/app/services/encryption.py @@ -0,0 +1,45 @@ +from cryptography.fernet import Fernet +from base64 import urlsafe_b64encode +from app.core.config import settings + +# Generate a key from the secret key +def get_fernet_key(): + """Generate a Fernet key from the application secret key.""" + # Convert secret key to bytes and ensure it's 32 bytes + key_bytes = settings.SECRET_KEY.encode() + # Pad or truncate to 32 bytes + key_bytes = key_bytes.ljust(32, b'0')[:32] + # Convert to URL-safe base64-encoded bytes (Fernet requirement) + return urlsafe_b64encode(key_bytes) + + +# Initialize Fernet with the key +_fernet = Fernet(get_fernet_key()) + + +def encrypt_secret(secret: str) -> str: + """ + Encrypt a secret string. + + Args: + secret: The secret string to encrypt + + Returns: + The encrypted secret as a string + """ + encrypted = _fernet.encrypt(secret.encode()) + return encrypted.decode() + + +def decrypt_secret(encrypted_secret: str) -> str: + """ + Decrypt an encrypted secret string. + + Args: + encrypted_secret: The encrypted secret string + + Returns: + The decrypted secret as a string + """ + decrypted = _fernet.decrypt(encrypted_secret.encode()) + return decrypted.decode() \ No newline at end of file diff --git a/app/services/secret_service.py b/app/services/secret_service.py new file mode 100644 index 0000000..6e4a3de --- /dev/null +++ b/app/services/secret_service.py @@ -0,0 +1,107 @@ +from datetime import datetime +from typing import Optional, Tuple +from sqlalchemy.orm import Session +from app.models.secret import Secret +from app.services.encryption import encrypt_secret, decrypt_secret + + +def create_secret(db: Session, content: str, ttl_hours: Optional[int] = None) -> Secret: + """ + Create a new secret in the database. + + Args: + db: Database session + content: Secret content to store + ttl_hours: Time-to-live in hours + + Returns: + The created Secret instance + """ + # Encrypt the content + encrypted_content = encrypt_secret(content) + + # Create the secret + secret = Secret.create_with_ttl(content=encrypted_content, ttl_hours=ttl_hours) + + # Add to database + db.add(secret) + db.commit() + db.refresh(secret) + + return secret + + +def get_secret_by_id(db: Session, secret_id: str) -> Optional[Secret]: + """ + Get a secret by its ID. + + Args: + db: Database session + secret_id: Secret ID + + Returns: + The Secret instance if found, None otherwise + """ + return db.query(Secret).filter(Secret.id == secret_id).first() + + +def retrieve_and_delete_secret(db: Session, secret_id: str) -> Tuple[Optional[str], str]: + """ + Retrieve a secret and then delete it. + + Args: + db: Database session + secret_id: Secret ID + + Returns: + Tuple of (decrypted_content, message) + """ + # Get the secret + secret = get_secret_by_id(db, secret_id) + + # Check if it exists + if not secret: + return None, "Secret not found" + + # Check if it's expired + if secret.is_expired(): + # Delete the expired secret + db.delete(secret) + db.commit() + return None, "Secret has expired" + + # Check if it's already been viewed + if secret.is_viewed: + return None, "Secret has already been viewed" + + # Decrypt the content + decrypted_content = decrypt_secret(secret.content) + + # Delete the secret + db.delete(secret) + db.commit() + + return decrypted_content, "Secret retrieved successfully" + + +def cleanup_expired_secrets(db: Session) -> int: + """ + Delete all expired secrets from the database. + + Args: + db: Database session + + Returns: + Number of secrets deleted + """ + now = datetime.utcnow() + expired_secrets = db.query(Secret).filter(Secret.expires_at < now).all() + + count = len(expired_secrets) + + for secret in expired_secrets: + db.delete(secret) + + db.commit() + + return count \ No newline at end of file diff --git a/main.py b/main.py new file mode 100644 index 0000000..475bd80 --- /dev/null +++ b/main.py @@ -0,0 +1,35 @@ +import uvicorn +from fastapi import FastAPI +from fastapi.middleware.cors import CORSMiddleware +from app.api.routes import health, secrets +from app.core.config import settings +from app.db.session import engine +from app.models import base + +# Create database tables if they don't exist +base.Base.metadata.create_all(bind=engine) + +app = FastAPI( + title=settings.PROJECT_NAME, + description="One-time Secret Sharing Service API", + version="1.0.0", + openapi_url="/openapi.json", + docs_url="/docs", + redoc_url="/redoc", +) + +# Add CORS middleware +app.add_middleware( + CORSMiddleware, + allow_origins=["*"], + allow_credentials=True, + allow_methods=["*"], + allow_headers=["*"], +) + +# Include routers +app.include_router(health.router, tags=["health"]) +app.include_router(secrets.router, prefix="/api/v1", tags=["secrets"]) + +if __name__ == "__main__": + uvicorn.run("main:app", host="0.0.0.0", port=8000, reload=True) \ No newline at end of file diff --git a/migrations/README b/migrations/README new file mode 100644 index 0000000..3542e0e --- /dev/null +++ b/migrations/README @@ -0,0 +1 @@ +Generic single-database configuration with SQLite. \ No newline at end of file diff --git a/migrations/env.py b/migrations/env.py new file mode 100644 index 0000000..1b6e595 --- /dev/null +++ b/migrations/env.py @@ -0,0 +1,86 @@ +from logging.config import fileConfig + +from sqlalchemy import engine_from_config +from sqlalchemy import pool + +from alembic import context + +# Import models to ensure they are registered with SQLAlchemy +from app.models.base import Base +# Import Secret model to ensure it's registered +# noqa: F401 is used to tell linters to ignore the unused import +from app.models.secret import Secret # noqa: F401 + +# this is the Alembic Config object, which provides +# access to the values within the .ini file in use. +config = context.config + +# Interpret the config file for Python logging. +# This line sets up loggers basically. +if config.config_file_name is not None: + fileConfig(config.config_file_name) + +# add your model's MetaData object here +# for 'autogenerate' support +target_metadata = Base.metadata + +# other values from the config, defined by the needs of env.py, +# can be acquired: +# my_important_option = config.get_main_option("my_important_option") +# ... etc. + + +def run_migrations_offline() -> None: + """Run migrations in 'offline' mode. + + This configures the context with just a URL + and not an Engine, though an Engine is acceptable + here as well. By skipping the Engine creation + we don't even need a DBAPI to be available. + + Calls to context.execute() here emit the given string to the + script output. + + """ + url = config.get_main_option("sqlalchemy.url") + context.configure( + url=url, + target_metadata=target_metadata, + literal_binds=True, + dialect_opts={"paramstyle": "named"}, + ) + + with context.begin_transaction(): + context.run_migrations() + + +def run_migrations_online() -> None: + """Run migrations in 'online' mode. + + In this scenario we need to create an Engine + and associate a connection with the context. + + """ + connectable = engine_from_config( + config.get_section(config.config_ini_section, {}), + prefix="sqlalchemy.", + poolclass=pool.NullPool, + ) + + with connectable.connect() as connection: + is_sqlite = connection.dialect.name == 'sqlite' + context.configure( + connection=connection, + target_metadata=target_metadata, + render_as_batch=is_sqlite, # Key configuration for SQLite + compare_type=True, + ) + + with context.begin_transaction(): + context.run_migrations() + + +if context.is_offline_mode(): + run_migrations_offline() +else: + run_migrations_online() \ No newline at end of file diff --git a/migrations/script.py.mako b/migrations/script.py.mako new file mode 100644 index 0000000..37d0cac --- /dev/null +++ b/migrations/script.py.mako @@ -0,0 +1,24 @@ +"""${message} + +Revision ID: ${up_revision} +Revises: ${down_revision | comma,n} +Create Date: ${create_date} + +""" +from alembic import op +import sqlalchemy as sa +${imports if imports else ""} + +# revision identifiers, used by Alembic. +revision = ${repr(up_revision)} +down_revision = ${repr(down_revision)} +branch_labels = ${repr(branch_labels)} +depends_on = ${repr(depends_on)} + + +def upgrade() -> None: + ${upgrades if upgrades else "pass"} + + +def downgrade() -> None: + ${downgrades if downgrades else "pass"} \ No newline at end of file diff --git a/migrations/versions/initial_migration.py b/migrations/versions/initial_migration.py new file mode 100644 index 0000000..26e4d57 --- /dev/null +++ b/migrations/versions/initial_migration.py @@ -0,0 +1,39 @@ +"""Initial migration + +Revision ID: 9daa2d43c98a +Revises: +Create Date: 2023-07-27 10:00:00.000000 + +""" +from alembic import op +import sqlalchemy as sa + + +# revision identifiers, used by Alembic. +revision = '9daa2d43c98a' +down_revision = None +branch_labels = None +depends_on = None + + +def upgrade() -> None: + # Create secrets table + op.create_table( + 'secrets', + sa.Column('id', sa.String(36), primary_key=True, index=True), + sa.Column('content', sa.Text(), nullable=False), + sa.Column('created_at', sa.DateTime(), nullable=False, server_default=sa.func.now()), + sa.Column('expires_at', sa.DateTime(), nullable=False), + sa.Column('is_viewed', sa.Boolean(), nullable=False, default=False), + ) + + # Create an index on expires_at for faster cleanup of expired secrets + op.create_index('ix_secrets_expires_at', 'secrets', ['expires_at']) + + +def downgrade() -> None: + # Drop the index + op.drop_index('ix_secrets_expires_at', 'secrets') + + # Drop the table + op.drop_table('secrets') \ No newline at end of file diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..5f02353 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,10 @@ +fastapi>=0.96.0 +uvicorn>=0.22.0 +SQLAlchemy>=2.0.9 +alembic>=1.10.4 +python-dotenv>=1.0.0 +pydantic>=2.0.0 +ruff>=0.0.262 +cryptography>=40.0.2 +asyncio>=3.4.3 +python-multipart>=0.0.6 \ No newline at end of file