private keys

lunary-ai · Mar 30, 2024 · d59b021 · d59b021
1 parent 33f078a
commit d59b021
Show file tree

Hide file tree

Showing 5 changed files with 65 additions and 8 deletions.
diff --git a/e2e/api.spec.ts b/e2e/api.spec.ts
@@ -0,0 +1,43 @@
+import { test, expect } from "@playwright/test"
+
+let privateKey = null
+let publicKey = null
+
+// run tests one after another
+test.describe.configure({ mode: "serial" })
+
+test("regenerate api keys", async ({ page }) => {
+  await page.goto("/settings")
+
+  publicKey = await page.getByTestId("private-key").textContent()
+
+  const firstPrivateKey = await page.getByTestId("private-key").textContent()
+
+  // expect to not be empty string
+  expect(firstPrivateKey).not.toEqual("")
+
+  await page.getByTestId("regenerate-private-key-button").click()
+
+  const secondPrivateKey = await page.getByTestId("private-key").textContent()
+
+  console.log({ firstPrivateKey, secondPrivateKey })
+
+  expect(firstPrivateKey).not.toEqual(secondPrivateKey)
+
+  privateKey = secondPrivateKey
+})
+
+test("private api /logs", async ({ page }) => {
+  // Test API query
+
+  const res = await fetch(process.env.API_URL + "/api/v1/runs", {
+    method: "POST",
+    headers: {
+      "X-API-Key": privateKey!,
+    },
+  })
+
+  const json = await res.json()
+
+  expect(json).toEqual([])
+})
diff --git a/e2e/projects.spec.ts b/e2e/projects.spec.ts
@@ -1,5 +1,7 @@
 import { test, expect } from "@playwright/test"
-import { setOrgFree, setOrgPro } from "./db-utils"
+
+// run tests one after another
+test.describe.configure({ mode: "serial" })
 
 test("create new project, rename it and delete it", async ({ page }) => {
   await page.goto("/")

diff --git a/packages/backend/src/api/v1/auth/utils.ts b/packages/backend/src/api/v1/auth/utils.ts
@@ -111,14 +111,18 @@ export async function authMiddleware(ctx: Context, next: Next) {
     typeof route === "string" ? route === ctx.path : route.test(ctx.path),
   )
 
-  const key = ctx.request?.headers?.authorization?.split(" ")[1]
+  const bearer = ctx.request?.headers?.authorization?.split(" ")[1] as string
+  const apiKey = ctx.request?.headers?.["x-api-key"] as string
+
+  const key = bearer || apiKey
 
   // For routes like signup, login, etc
   if (isPublicRoute && !key) {
     await next()
     return
   }
   // Check if API key is valid
+  // Support passing as bearer because legacy SDKs did that
   else if (validateUUID(key)) {
     try {
       const { type, projectId, orgId } = await checkApiKey(key as string)
@@ -140,7 +144,7 @@ export async function authMiddleware(ctx: Context, next: Next) {
   } else {
     // Check if JWT is valid
     try {
-      if (!key) {
+      if (!bearer) {
         throw new Error("No bearer token provided.")
       }
       const { payload } = await verifyJwt<SessionData>(key)

diff --git a/packages/frontend/components/blocks/CopyText.tsx b/packages/frontend/components/blocks/CopyText.tsx
@@ -24,10 +24,10 @@ export const SuperCopyButton = ({ value }) => (
   </CopyButton>
 )
 
-export default function CopyText({ c = "violet", value }) {
+export default function CopyText({ c = "violet", value, ...props }) {
   return (
     <Group gap={0} display="inline-flex">
-      <Code ml={5} c={c}>
+      <Code ml={5} c={c} {...props}>
         {value}
       </Code>
       <SuperCopyButton value={value} />

diff --git a/packages/frontend/pages/settings.tsx b/packages/frontend/pages/settings.tsx
@@ -59,7 +59,11 @@ function Keys() {
         title={
           <Group>
             <Text fw={500}>Project ID / Public Key:</Text>
-            <CopyText c="green.8" value={project?.id} />
+            <CopyText
+              c="green.8"
+              value={project?.id}
+              data-testid="public-key"
+            />
           </Group>
         }
         color="green"
@@ -79,14 +83,18 @@ function Keys() {
             <Group justify="space-between" w="100%">
               <Group>
                 <Text fw={500}>Private Key:</Text>
-                <CopyText c="red.8" value={project?.privateApiKey} />
+                <CopyText
+                  c="red.8"
+                  value={project?.privateApiKey}
+                  data-testid="private-key"
+                />
               </Group>
               <Button
                 ml="auto"
                 size="xs"
                 color="red"
                 loading={regenerating}
-                data-testid="regenerate-key-button"
+                data-testid="regenerate-private-key-button"
                 onClick={() => {
                   modals.openConfirmModal({
                     title: "Please confirm your action",