Spaces:
Paused
Paused
File size: 3,019 Bytes
2529305 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 | """
API Token model for datastore API access.
"""
import secrets
import uuid
from django.conf import settings
from django.db import models
class DataStoreAPIToken(models.Model):
"""
API token for accessing datastore data via REST API.
Tokens can be scoped to a single datastore or grant access to all datastores.
"""
id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
# The actual token value (64-char URL-safe string)
token = models.CharField(
max_length=64,
unique=True,
db_index=True,
help_text="API token value (auto-generated)",
)
# Friendly name to identify this token
name = models.CharField(
max_length=100,
help_text="Friendly name for this token",
)
# Optional: Restrict to specific datastore (null = global access to all datastores)
datastore = models.ForeignKey(
"DataStore",
on_delete=models.CASCADE,
null=True,
blank=True,
related_name="api_tokens",
help_text="If set, token only grants access to this datastore. Leave empty for global access.",
)
# Timestamps
created_at = models.DateTimeField(auto_now_add=True)
last_used_at = models.DateTimeField(
null=True,
blank=True,
help_text="Last time this token was used",
)
expires_at = models.DateTimeField(
null=True,
blank=True,
help_text="Optional expiration date. Leave empty for no expiration.",
)
# Who created this token
created_by = models.ForeignKey(
settings.AUTH_USER_MODEL,
on_delete=models.SET_NULL,
null=True,
blank=True,
related_name="created_api_tokens",
)
# Active flag for soft-disable
is_active = models.BooleanField(
default=True,
help_text="Inactive tokens cannot be used for API access",
)
class Meta:
db_table = "datastore_api_tokens"
verbose_name = "API token"
verbose_name_plural = "API tokens"
ordering = ["-created_at"]
def __str__(self):
if self.datastore:
return f"{self.name} ({self.datastore.name})"
return f"{self.name} (global)"
@staticmethod
def generate_token() -> str:
"""Generate a secure random API token (64 chars, URL-safe)."""
return secrets.token_urlsafe(48)
def get_masked_token(self) -> str:
"""Return a masked version of the token for display."""
if len(self.token) <= 12:
return "*" * len(self.token)
return f"{self.token[:8]}...{self.token[-4:]}"
@property
def is_global(self) -> bool:
"""Return True if this is a global token (not scoped to a datastore)."""
return self.datastore is None
@property
def scope_display(self) -> str:
"""Return a human-readable scope description."""
if self.datastore:
return f"Datastore: {self.datastore.name}"
return "All datastores"
|