feat(auth): add DB-based token authentication for dashboard-created clients
Add client_tokens table with auto-generated sk-{hex} tokens so clients
created in the dashboard get working API keys. Auth flow: DB token lookup
first, then env token fallback, then permissive mode. Includes token
management CRUD endpoints and copy-once reveal modal in the frontend.
This commit is contained in:
@@ -11,7 +11,7 @@ mod websocket;
|
||||
|
||||
use axum::{
|
||||
Router,
|
||||
routing::{get, post, put},
|
||||
routing::{delete, get, post, put},
|
||||
};
|
||||
use serde::Serialize;
|
||||
|
||||
@@ -87,6 +87,14 @@ pub fn router(state: AppState) -> Router {
|
||||
.delete(clients::handle_delete_client),
|
||||
)
|
||||
.route("/api/clients/{id}/usage", get(clients::handle_client_usage))
|
||||
.route(
|
||||
"/api/clients/{id}/tokens",
|
||||
get(clients::handle_get_client_tokens).post(clients::handle_create_client_token),
|
||||
)
|
||||
.route(
|
||||
"/api/clients/{id}/tokens/{token_id}",
|
||||
delete(clients::handle_delete_client_token),
|
||||
)
|
||||
.route("/api/providers", get(providers::handle_get_providers))
|
||||
.route(
|
||||
"/api/providers/{name}",
|
||||
|
||||
Reference in New Issue
Block a user