New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an API #176
Add an API #176
Conversation
Just wanted to thank you for putting in the work for this PR. I think that before we add an API we should stabilize what our method for handling new "custom" events will be, so while I'm not ready to merge quite yet, I think we'll be there soon. Going to leave this open for the time being. |
I propose we do this a bit differently: instead of having a complex API token setup, we simply add a "refreshable" API URL for every service (and in that URL is a token, but that token is tied to . In the service's management page, we can show that URL — along with a button to "regenerate" it. So for example, a service might have the following API URL: This approach might be simpler because it allows us to not think about authorization as much, and it means that API tokens don't need to be coupled to users. |
It will work for me because I'm the only user of my shynet instance and I have only a few services. |
I really want to keep Shynet small and focused, so maybe we just make it one refreshable API token per user instead? I really hesitate to introduce an additional model. |
One token per user is a good idea. I will apply changes. |
Great. Let’s create a new view for token management. We can also show the token on the service management page. |
Is there anything else I should change in this PR? |
Alright, thanks again for making this PR. I just played around with it in my local environment, and I think we're nearly there! Still, there are a few more things we need:
I can make the interface look a bit more consistent/prettier myself before we merge, so don't worry too much about that. Thanks! |
I moved API token info to security tab and rename it to 'Personal API token'. |
I tried to add django-cors-headers but it generated conflict in poetry.lock. |
In my local dev environment, I get the following error when I try to query the API for a particular service:
|
Once that error is fixed, I think we're good to go. |
Sorry for this. Commit was lost in different branch somehow. |
Usually I use Django REST Framework for API but in this case it could be overkill.
If there are plans for full API I can rewrite it using DRF.
I added additional argument to service.get_core_stats() to return less data.
Tokens can be managed only from Django admin.