feat: add API key purging functionality and improve key management

Author: danfmaia

README.md

@@ -122,6 +122,44 @@ The CodeQuery API consists of two components:
    make logs   # View container logs
    ```
 
+### API Key Management
+
+The Gateway service provides functionality to manage your API keys. Here's how to perform common operations:
+
+#### Generating a New API Key
+
+```bash
+# Generate a key with default settings (30-day expiration, 60 requests/minute)
+curl -X POST https://codequery.dev/api-keys/generate
+
+# Generate a key with custom settings
+curl -X POST -H "Content-Type: application/json" -d '{
+  "expiration_days": 90,
+  "requests_per_minute": 100
+}' https://codequery.dev/api-keys/generate
+```
+
+#### Purging Your API Key
+
+When you no longer need an API key, you can purge it from the server. This will:
+
+- Delete the API key from the system
+- Remove all associated data
+- Invalidate any active ngrok tunnels for this key
+
+To purge your API key:
+
+```bash
+# Replace 'your-api-key' with your actual API key
+curl -X DELETE -H "X-API-KEY: your-api-key" https://codequery.dev/api-keys/your-api-key
+```
+
+Note:
+
+- You can only purge your own API key
+- Once purged, a key cannot be recovered
+- Make sure to generate a new key before purging if you plan to continue using the service
+
 ### Environment Variables
 
 The `.env` file created by `make init` contains all necessary configuration. The main variables you'll need to set are:
@@ -168,7 +206,7 @@ For more detailed information about the API endpoints and advanced usage, see th
   3. **Domain Setup**: Consider using a custom domain for access.
   4. **SSL/TLS Configuration**: Use services like Let's Encrypt to secure the server.
 
-## API Endpoints
+## Main API Endpoints
 
 ### 1. **Retrieve Project Structure**
 

gateway/gateway.py

@@ -86,30 +86,24 @@ async def api_key_validator(request: Request, call_next):
             """
             Middleware to validate API keys and dynamically set the ngrok URL for each request.
             """
-            # Skip authentication for root and API key generation endpoints
-            if request.url.path == "/" or request.url.path == "/api-keys/generate":
+            # Skip authentication for root, API key generation, and purge endpoints
+            if request.url.path == "/" or request.url.path == "/api-keys/generate" or request.url.path.startswith("/api-keys/") and request.method == "DELETE":
                 return await call_next(request)
 
             api_key = request.headers.get("x-api-key")
             if not api_key:
                 return JSONResponse(status_code=401, content={"detail": "Missing API Key"})
 
             try:
-                # First check in-memory keys for faster validation
-                if api_key not in self.api_keys:
-                    # If not in memory, try loading from S3
-                    api_keys = self.s3_manager.load_encrypted_api_keys() or {}
-                    if api_key not in api_keys:
-                        return JSONResponse(status_code=401, content={"detail": "Invalid API Key"})
-
-                    # Add to in-memory cache if found in S3
-                    self.api_keys[api_key] = f"User{len(self.api_keys) + 1}"
-
-                # Load the latest key data from S3 for expiration and rate limit checks
+                # First check in S3 for faster validation
                 api_keys = self.s3_manager.load_encrypted_api_keys() or {}
                 if api_key not in api_keys:
                     return JSONResponse(status_code=401, content={"detail": "Invalid API Key"})
 
+                # Update in-memory cache if needed
+                if api_key not in self.api_keys:
+                    self.api_keys[api_key] = f"User{len(self.api_keys) + 1}"
+
                 key_data = api_keys[api_key]
                 current_time = datetime.datetime.utcnow()
 
@@ -434,6 +428,100 @@ async def generate_api_key(request: Request):
                     detail="Failed to generate API key. Please try again later."
                 )
 
+        @self.app.delete("/api-keys/{api_key}")
+        async def purge_api_key(api_key: str, request: Request):
+            """
+            Purge all data associated with a specific API key.
+            This includes removing the key from api_keys.json and ngrok_urls.json.
+            Users can purge their own keys, while admin can purge any key.
+            """
+            try:
+                # URL decode the API key
+                api_key = unquote_plus(api_key)
+
+                # Get the request API key
+                request_api_key = request.headers.get("x-api-key")
+                if not request_api_key:
+                    raise HTTPException(
+                        status_code=401,
+                        detail="Missing API Key"
+                    )
+
+                # Get the admin key from environment variables
+                admin_key = os.getenv("ADMIN_API_KEY")
+
+                # Load current API keys
+                api_keys = self.s3_manager.load_encrypted_api_keys() or {}
+
+                # Check if the key exists
+                if api_key not in api_keys:
+                    raise HTTPException(
+                        status_code=404,
+                        detail=f"API key {api_key} not found"
+                    )
+
+                # Check authorization:
+                # 1. Admin can purge any key except admin key
+                # 2. Users can only purge their own key
+                if request_api_key != admin_key and request_api_key != api_key:
+                    raise HTTPException(
+                        status_code=401,
+                        detail="Unauthorized. You can only purge your own API key."
+                    )
+
+                # Check if trying to delete admin key
+                if api_key == admin_key:
+                    raise HTTPException(
+                        status_code=403,
+                        detail="Cannot purge admin API key"
+                    )
+
+                # Store key data for audit log
+                purged_key_data = api_keys[api_key]
+
+                # Remove the key from api_keys.json
+                del api_keys[api_key]
+                self.s3_manager.store_encrypted_api_keys(api_keys)
+
+                # Remove the key from ngrok_urls.json
+                try:
+                    self.s3_manager.update_ngrok_url(api_key, None)
+                except Exception as e:
+                    self.logger.error(
+                        f"Error removing ngrok URL for {api_key}: {str(e)}")
+                    # Continue with the purge even if ngrok URL removal fails
+
+                # Invalidate the in-memory cache
+                self.invalidate_ngrok_cache(api_key)
+
+                # Log the purge operation for audit trail
+                self.logger.info(
+                    "API key purged: %s, Created: %s, Last Used: %s, Total Requests: %d",
+                    api_key,
+                    purged_key_data.get("created_at"),
+                    purged_key_data.get("last_used"),
+                    purged_key_data.get("total_requests", 0)
+                )
+
+                return {
+                    "status": "success",
+                    "message": f"API key {api_key} purged successfully",
+                    "purged_data": {
+                        "created_at": purged_key_data.get("created_at"),
+                        "last_used": purged_key_data.get("last_used"),
+                        "total_requests": purged_key_data.get("total_requests", 0)
+                    }
+                }
+
+            except HTTPException:
+                raise
+            except Exception as e:
+                self.logger.error(f"Error purging API key: {str(e)}")
+                raise HTTPException(
+                    status_code=500,
+                    detail=f"Failed to purge API key: {str(e)}"
+                ) from e
+
 
 # Create an instance of the GatewayAPI class
 gateway_instance = GatewayAPI()

gateway/template.env

@@ -10,4 +10,5 @@ EC2_HOST=""  # Your EC2 instance's public DNS (e.g., ec2-xx-xx-xxx-xxx.compute.a
 KEY_PATH="./secrets/codequery-keypair.pem"  # Path to your SSH private key for EC2 access
 
 # API Configuration
-API_KEYS=  # Comma-separated list of initial API keys (optional)
+API_KEYS=  # Comma-separated list of initial API keys (optional)
+ADMIN_API_KEY=  # Admin API key for managing other API keys

gateway/tests/test_gateway.py

@@ -642,3 +642,165 @@ def test_ngrok_url_update_error(self):
         self.assertEqual(response.status_code, 500)
         self.assertEqual(response.json(), {
                          "detail": "Error updating ngrok URL"})
+
+    @patch.dict('os.environ', {'ADMIN_API_KEY': 'admin-key'})
+    def test_purge_api_key(self):
+        """Test API key purge endpoint."""
+        # Set up test data
+        test_key = "test-key-to-purge"
+        test_key_data = {
+            "created_at": "2024-02-14T10:00:00",
+            "last_used": "2024-02-14T11:00:00",
+            "expires_at": None,
+            "rate_limit": {
+                "requests_per_minute": 60,
+                "current_minute": None,
+                "minute_requests": 0
+            },
+            "total_requests": 10
+        }
+
+        # Set up S3 manager mock
+        patcher = patch.object(self.gateway_instance, 's3_manager')
+        mock_s3_manager = patcher.start()
+        mock_s3_manager.load_encrypted_api_keys.return_value = {
+            test_key: test_key_data,
+            "admin-key": {
+                "created_at": "2024-02-14T10:00:00",
+                "last_used": None,
+                "expires_at": None,
+                "rate_limit": {
+                    "requests_per_minute": 60,
+                    "current_minute": None,
+                    "minute_requests": 0
+                },
+                "total_requests": 0
+            }
+        }
+        self.addCleanup(patcher.stop)
+
+        # Test successful self-purge by user
+        headers = {"x-api-key": test_key}
+        response = self.client.delete(f"/api-keys/{test_key}", headers=headers)
+        self.assertEqual(response.status_code, 200)
+        response_data = response.json()
+        self.assertEqual(response_data["status"], "success")
+        self.assertEqual(response_data["purged_data"]["total_requests"], 10)
+
+        # Verify S3 manager calls for self-purge
+        mock_s3_manager.store_encrypted_api_keys.assert_called()
+        mock_s3_manager.update_ngrok_url.assert_called_with(test_key, None)
+
+        # Reset call counts and mock data
+        mock_s3_manager.store_encrypted_api_keys.reset_mock()
+        mock_s3_manager.update_ngrok_url.reset_mock()
+        mock_s3_manager.load_encrypted_api_keys.return_value = {
+            test_key: test_key_data,
+            "admin-key": {
+                "created_at": "2024-02-14T10:00:00",
+                "last_used": None,
+                "expires_at": None,
+                "rate_limit": {
+                    "requests_per_minute": 60,
+                    "current_minute": None,
+                    "minute_requests": 0
+                },
+                "total_requests": 0
+            }
+        }
+
+        # Test successful purge by admin
+        headers = {"x-api-key": "admin-key"}
+        response = self.client.delete(f"/api-keys/{test_key}", headers=headers)
+        self.assertEqual(response.status_code, 200)
+        response_data = response.json()
+        self.assertEqual(response_data["status"], "success")
+        self.assertEqual(response_data["purged_data"]["total_requests"], 10)
+
+        # Verify S3 manager calls
+        mock_s3_manager.store_encrypted_api_keys.assert_called()
+        mock_s3_manager.update_ngrok_url.assert_called_with(test_key, None)
+
+    @patch.dict('os.environ', {'ADMIN_API_KEY': 'admin-key'})
+    def test_purge_api_key_unauthorized(self):
+        """Test API key purge endpoint with unauthorized access."""
+        # Set up test data
+        test_key = "test-key-to-purge"
+        other_key = "other-key"
+        test_key_data = {
+            "created_at": "2024-02-14T10:00:00",
+            "last_used": None,
+            "expires_at": None,
+            "rate_limit": {
+                "requests_per_minute": 60,
+                "current_minute": None,
+                "minute_requests": 0
+            },
+            "total_requests": 0
+        }
+
+        # Set up S3 manager mock
+        patcher = patch.object(self.gateway_instance, 's3_manager')
+        mock_s3_manager = patcher.start()
+        mock_s3_manager.load_encrypted_api_keys.return_value = {
+            test_key: test_key_data,
+            other_key: test_key_data
+        }
+        self.addCleanup(patcher.stop)
+
+        # Test with another user's key (not admin, not self)
+        headers = {"x-api-key": other_key}
+        response = self.client.delete(f"/api-keys/{test_key}", headers=headers)
+        self.assertEqual(response.status_code, 401)
+        self.assertEqual(
+            response.json()["detail"], "Unauthorized. You can only purge your own API key.")
+
+        # Test without API key
+        response = self.client.delete(f"/api-keys/{test_key}")
+        self.assertEqual(response.status_code, 401)
+        self.assertEqual(response.json()["detail"], "Missing API Key")
+
+    @patch.dict('os.environ', {'ADMIN_API_KEY': 'admin-key'})
+    def test_purge_admin_key(self):
+        """Test attempt to purge admin API key."""
+        # Set up S3 manager mock
+        patcher = patch.object(self.gateway_instance, 's3_manager')
+        mock_s3_manager = patcher.start()
+        mock_s3_manager.load_encrypted_api_keys.return_value = {
+            "admin-key": {
+                "created_at": "2024-02-14T10:00:00",
+                "last_used": None,
+                "expires_at": None,
+                "rate_limit": {
+                    "requests_per_minute": 60,
+                    "current_minute": None,
+                    "minute_requests": 0
+                },
+                "total_requests": 0
+            }
+        }
+        self.addCleanup(patcher.stop)
+
+        # Test attempt to purge admin key
+        headers = {"x-api-key": "admin-key"}
+        response = self.client.delete("/api-keys/admin-key", headers=headers)
+        self.assertEqual(response.status_code, 403)
+        self.assertEqual(
+            response.json()["detail"], "Cannot purge admin API key")
+
+    @patch.dict('os.environ', {'ADMIN_API_KEY': 'admin-key'})
+    def test_purge_nonexistent_key(self):
+        """Test attempt to purge a non-existent API key."""
+        # Set up S3 manager mock
+        patcher = patch.object(self.gateway_instance, 's3_manager')
+        mock_s3_manager = patcher.start()
+        mock_s3_manager.load_encrypted_api_keys.return_value = {}
+        self.addCleanup(patcher.stop)
+
+        # Test purge of non-existent key
+        headers = {"x-api-key": "admin-key"}
+        response = self.client.delete(
+            "/api-keys/nonexistent-key", headers=headers)
+        self.assertEqual(response.status_code, 404)
+        self.assertEqual(
+            response.json()["detail"], "API key nonexistent-key not found")