feat(platform): User API key management #8602

Abhi1992002 · 2024-11-09T11:08:01Z

Feature #8590

Note

This issue depends upon #8589 so merge it first

Adding frontend functionality on the profile page for API key generation and revocation.

Changes 🏗️

Created requests and types to communicate with the backend.
Developed frontend functionality to create the API key.

Video

api.ket.generation.mp4

…revoke, and update API code for Prisma compatibility

codiumai-pr-agent-pro · 2024-11-09T11:08:29Z

PR-Agent was enabled for this repository. To continue using it, please link your git user with your CodiumAI identity here.

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

🎫 Ticket compliance analysis 🔶 8590 - Fully compliant Fully compliant requirements: Add frontend functionality in profile page for API key generation Add frontend functionality in profile page for API key revocation 8589 - Fully compliant Fully compliant requirements: Create backend function to generate API key Create backend function to store hashed API key
⏱️ Estimated effort to review: 4 🔵🔵🔵🔵⚪
🧪 No relevant tests
🔒 Security concerns API Key Security: The hash_api_key method in key_manager.py does not properly hash the API key, instead generating a random hash unrelated to the input key. This makes it impossible to properly validate API keys. Additionally, sensitive information like API keys and hashes are being logged via print statements, which could expose this data in logs.
⚡ Recommended focus areas for review Security Issue The hash_api_key method generates a new random hash key but doesn't use the input api_key parameter in the hashing process. This means the stored hash has no relation to the original API key. Debug Code Multiple print statements are left in the code which may expose sensitive information like API keys and hashes in logs Debug Code Console.log statement exposing API keys data to browser console

netlify · 2024-11-10T10:58:10Z

✅ Deploy Preview for auto-gpt-docs canceled.

Name	Link
🔨 Latest commit	`1aeeee9`
🔍 Latest deploy log	https://app.netlify.com/sites/auto-gpt-docs/deploys/6736bf091497ca0008074bf8

Torantulino · 2024-11-11T13:31:39Z

Love this! Could be worth explicitly stating it's an AutoGPT platform API key to distinguish it from those in your credentials.

github-actions · 2024-11-11T22:36:36Z

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

autogpt_platform/frontend/src/lib/autogpt-server-api/baseClient.ts

autogpt_platform/frontend/src/components/profile/api-keys-section.tsx

aarushik93 · 2024-11-12T01:19:48Z

thank you for this, this is great! Minor comments plus Toran's comment and its good to go 🥳

# Conflicts: # autogpt_platform/frontend/yarn.lock

github-actions · 2024-11-14T10:35:56Z

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

aarushik93 · 2024-11-14T12:30:24Z

I am putting in a feature flag before merging these two PRs

github-actions · 2024-11-14T15:21:15Z

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

github-actions · 2024-11-15T03:25:09Z

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

github-actions · 2024-11-15T10:18:53Z

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

Abhi1992002 added 4 commits November 9, 2024 08:46

add: api generator functions and endpoints

0a4842f

Rebase onto dev, refactor API manager location, remove suspended key …

22e6d33

…revoke, and update API code for Prisma compatibility

add: key_manager

0fde5e8

reversing changes og poetry.lock

dc95dc4

Abhi1992002 requested a review from a team as a code owner November 9, 2024 11:08

Abhi1992002 requested review from Pwuts and kcze and removed request for a team November 9, 2024 11:08

github-actions bot added platform/frontend AutoGPT Platform - Front end platform/backend AutoGPT Platform - Back end size/xl labels Nov 9, 2024

codiumai-pr-agent-pro bot added the Review effort [1-5]: 4 label Nov 9, 2024

Abhi1992002 added 2 commits November 10, 2024 16:15

add: changing hash mexhansim in API Manager

c6b9653

add: changing hash mexhansim in API Manager

3d8e613

Abhi1992002 force-pushed the feature/profile-api-key-generation branch from c5fb04a to a742591 Compare November 10, 2024 10:56

Pwuts changed the title ~~Feature/profile api key generation~~ feat(platform): User API key management Nov 10, 2024

Merge branch 'dev' into feature/api-key-generator

e2fba28

Torantulino requested review from aarushik93 and removed request for Pwuts November 11, 2024 13:30

github-actions bot added the conflicts Automatically applied to PRs with merge conflicts label Nov 11, 2024

Merge branch 'dev' into feature/api-key-generator

cf1c20e

aarushik93 reviewed Nov 12, 2024

View reviewed changes

autogpt_platform/frontend/src/lib/autogpt-server-api/baseClient.ts Outdated Show resolved Hide resolved

aarushik93 reviewed Nov 12, 2024

View reviewed changes

autogpt_platform/frontend/src/components/profile/api-keys-section.tsx Outdated Show resolved Hide resolved

Abhi1992002 added 2 commits November 13, 2024 21:34

fixing some simple bugs

52cc8c0

fix linting and adding better error handling

219719d

Abhi1992002 added 3 commits November 14, 2024 11:39

add : api key related requests and types

8651171

add: frontend for api key generation

6ba1388

# Conflicts: # autogpt_platform/frontend/yarn.lock

adding small changes and fix linting

1131788

Abhi1992002 force-pushed the feature/profile-api-key-generation branch from e850212 to 1131788 Compare November 14, 2024 06:15

Abhi1992002 and others added 2 commits November 14, 2024 11:49

reverse yarn.lock

53c0327

Merge branch 'dev' into feature/profile-api-key-generation

df3ce99

github-actions bot removed the conflicts Automatically applied to PRs with merge conflicts label Nov 14, 2024

aarushik93 self-requested a review November 14, 2024 10:46

aarushik93 self-assigned this Nov 14, 2024

Merge branch 'dev' into feature/profile-api-key-generation

5604935

github-actions bot added the conflicts Automatically applied to PRs with merge conflicts label Nov 14, 2024

Merge branch 'dev' into feature/profile-api-key-generation

1aeeee9

github-actions bot added size/l conflicts Automatically applied to PRs with merge conflicts and removed conflicts Automatically applied to PRs with merge conflicts size/xl labels Nov 15, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(platform): User API key management #8602

feat(platform): User API key management #8602

Abhi1992002 commented Nov 9, 2024

codiumai-pr-agent-pro bot commented Nov 9, 2024

netlify bot commented Nov 10, 2024 •

edited

Loading

Torantulino commented Nov 11, 2024

github-actions bot commented Nov 11, 2024

aarushik93 commented Nov 12, 2024

github-actions bot commented Nov 14, 2024

aarushik93 commented Nov 14, 2024 •

edited

Loading

github-actions bot commented Nov 14, 2024

github-actions bot commented Nov 15, 2024

github-actions bot commented Nov 15, 2024

feat(platform): User API key management #8602

Are you sure you want to change the base?

feat(platform): User API key management #8602

Conversation

Abhi1992002 commented Nov 9, 2024

Feature #8590

Changes 🏗️

Video

codiumai-pr-agent-pro bot commented Nov 9, 2024

PR Reviewer Guide 🔍

netlify bot commented Nov 10, 2024 • edited Loading

✅ Deploy Preview for auto-gpt-docs canceled.

Torantulino commented Nov 11, 2024

github-actions bot commented Nov 11, 2024

aarushik93 commented Nov 12, 2024

github-actions bot commented Nov 14, 2024

aarushik93 commented Nov 14, 2024 • edited Loading

github-actions bot commented Nov 14, 2024

github-actions bot commented Nov 15, 2024

github-actions bot commented Nov 15, 2024

netlify bot commented Nov 10, 2024 •

edited

Loading

aarushik93 commented Nov 14, 2024 •

edited

Loading