Specs for user auth token generation from Admin portal
This issue documents the feature needed on the CMS frontend to allow (authenticated) users to generate an API Key from their own CMS User profile page.
Existing CLI utility
Currently, an API Key can only be generated from the CLI of the API (Flask) repository by running this Python program - auth.py
The command takes a mandatory argument email
(of the user). If an API Key has already been generated for this user, then it throws a duplicate
error.
API
We need to expose the above CLI functionality over an endpoint.
Routes
Get the user's existing API Key by email
[GET] /auth?email=<user_email>
Response
- 200: When an API Key was successfully found against a user's email address
- 400: When query param
email
is not provided - 404: When no user's auth entry is found with the given email address
Generate an API Key for the user
[POST] /auth
Body: {'email': <user_email>, 'name': <user_name>}
- 200: Generated new API Key successfully
- 400: If the request payload doesn't have the required key - 'email'
Frontend
- Show an additional field on the user's profile page labeled
API Key
- This field shows a hidden password initially [
******
] with an eye button beside it - On click event of the eye button, the API Key is fetched using the
[GET] auth
API - If there exists no auth entry for this user (404 response), then show an error message and provide a button to
Generate API Key
- On click of the
Generate API Key
, an API Key for this user is generated and displayed; use route[POST] /auth