feat: allow API key auth for reset-apikey endpoint
Change dependency from get_current_user (OAuth2 only) to get_current_user_or_apikey, enabling account-manager API key to reset user API keys for provisioning workflows. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -241,7 +241,7 @@ def delete_user(
|
|||||||
def reset_user_apikey(
|
def reset_user_apikey(
|
||||||
identifier: str,
|
identifier: str,
|
||||||
db: Session = Depends(get_db),
|
db: Session = Depends(get_db),
|
||||||
current_user: models.User = Depends(get_current_user),
|
current_user: models.User = Depends(get_current_user_or_apikey),
|
||||||
):
|
):
|
||||||
"""Reset (regenerate) a user's API key.
|
"""Reset (regenerate) a user's API key.
|
||||||
|
|
||||||
@@ -249,6 +249,8 @@ def reset_user_apikey(
|
|||||||
- user.reset-apikey: can reset any user's API key
|
- user.reset-apikey: can reset any user's API key
|
||||||
- user.reset-self-apikey: can reset only own API key
|
- user.reset-self-apikey: can reset only own API key
|
||||||
- admin: can reset any user's API key
|
- admin: can reset any user's API key
|
||||||
|
|
||||||
|
Accepts both OAuth2 Bearer token and X-API-Key authentication.
|
||||||
"""
|
"""
|
||||||
import secrets
|
import secrets
|
||||||
from app.models.apikey import APIKey
|
from app.models.apikey import APIKey
|
||||||
|
|||||||
Reference in New Issue
Block a user