forked from wrenn/wrenn
pptx704
a5ad3731f2
Moves 12 packages from internal/ to pkg/ (config, id, validate, events, db, auth, lifecycle, scheduler, channels, audit, service) so they can be imported by the enterprise repo as a Go module dependency. Introduces pkg/cpextension (shared Extension interface + ServerContext) and pkg/cpserver (Run() entrypoint with functional options) so the enterprise main.go can call cpserver.Run(cpserver.WithExtensions(...)) without duplicating the 20-step server bootstrap. Adds db/migrations/embed.go for go:embed access to OSS SQL migrations from the enterprise module. cmd/control-plane/main.go is reduced to a 10-line wrapper around cpserver.Run.
66 lines
1.9 KiB
Go
66 lines
1.9 KiB
Go
package service
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/jackc/pgx/v5/pgtype"
|
|
|
|
"git.omukk.dev/wrenn/wrenn/pkg/auth"
|
|
"git.omukk.dev/wrenn/wrenn/pkg/db"
|
|
"git.omukk.dev/wrenn/wrenn/pkg/id"
|
|
)
|
|
|
|
// APIKeyService provides API key operations shared between the REST API and the dashboard.
|
|
type APIKeyService struct {
|
|
DB *db.Queries
|
|
}
|
|
|
|
// APIKeyCreateResult holds the result of creating an API key, including the
|
|
// plaintext key which is only available at creation time.
|
|
type APIKeyCreateResult struct {
|
|
Row db.TeamApiKey
|
|
Plaintext string
|
|
}
|
|
|
|
// Create generates a new API key for the given team.
|
|
func (s *APIKeyService) Create(ctx context.Context, teamID, userID pgtype.UUID, name string) (APIKeyCreateResult, error) {
|
|
if name == "" {
|
|
name = "Unnamed API Key"
|
|
}
|
|
|
|
plaintext, hash, err := auth.GenerateAPIKey()
|
|
if err != nil {
|
|
return APIKeyCreateResult{}, fmt.Errorf("generate key: %w", err)
|
|
}
|
|
|
|
row, err := s.DB.InsertAPIKey(ctx, db.InsertAPIKeyParams{
|
|
ID: id.NewAPIKeyID(),
|
|
TeamID: teamID,
|
|
Name: name,
|
|
KeyHash: hash,
|
|
KeyPrefix: auth.APIKeyPrefix(plaintext),
|
|
CreatedBy: userID,
|
|
})
|
|
if err != nil {
|
|
return APIKeyCreateResult{}, fmt.Errorf("insert key: %w", err)
|
|
}
|
|
|
|
return APIKeyCreateResult{Row: row, Plaintext: plaintext}, nil
|
|
}
|
|
|
|
// List returns all API keys belonging to the given team.
|
|
func (s *APIKeyService) List(ctx context.Context, teamID pgtype.UUID) ([]db.TeamApiKey, error) {
|
|
return s.DB.ListAPIKeysByTeam(ctx, teamID)
|
|
}
|
|
|
|
// ListWithCreator returns all API keys for the team, joined with the creator's email.
|
|
func (s *APIKeyService) ListWithCreator(ctx context.Context, teamID pgtype.UUID) ([]db.ListAPIKeysByTeamWithCreatorRow, error) {
|
|
return s.DB.ListAPIKeysByTeamWithCreator(ctx, teamID)
|
|
}
|
|
|
|
// Delete removes an API key by ID, scoped to the given team.
|
|
func (s *APIKeyService) Delete(ctx context.Context, keyID, teamID pgtype.UUID) error {
|
|
return s.DB.DeleteAPIKey(ctx, db.DeleteAPIKeyParams{ID: keyID, TeamID: teamID})
|
|
}
|