ENH: Add Authorization Based on API Keys by zdomke · Pull Request #31 · slaclab/react-squirrel-backend

zdomke · 2026-02-26T00:45:50Z

Description

Add dependencies for checking API Key authorization for all necessary endpoints. Check read access and write access as each is needed. Nearly all endpoints are covered with either read or write permissions. Below are the endpoints that are left open:

/
- Returns basic API information (message, path to docs, path to health, version)
/health
- Simply returns {"status": "healthy"} to signify the API is up
/v1/health/heartbeat
- Returns basic API health info (time of last heartbeat, time that API has been alive)
/v1/api-keys/bootstrap
- Self-sealing opening allows for generation of an initial API Key
- Does not work if there are other active keys

Add special dependencies for checking API Key authorization for WebSockets. WebSockets handle headers differently and have different error code structures/codes.

Also I moved the Response Models for the /health route to their own file in app/schemas/health.py.

Motivation

Closes #21

Where Has This Been Documented?

Waiting on #22

Screenshots

OpenAPI docs showing auth is required for endpoints

Pre-merge checklist

Code works interactively
Code contains descriptive docstrings
New/changed functions and methods are covered in the test suite where possible
Test suite passes locally
Test suite passes on GitHub Actions

zdomke · 2026-02-27T00:34:16Z

Note that this branch is based on #29

…t later

shilorigins

All tests in test_dependencies.py are passing, but I'm getting test_api/test_api_keys.pyfailures for tests that passed in #29. Did you rerun the full suite?

zdomke · 2026-03-25T20:32:25Z

All tests in test_dependencies.py are passing, but I'm getting test_api/test_api_keys.pyfailures for tests that passed in #29. Did you rerun the full suite?

Oh good catch. I should have noticed this.

What happened is that I had to wrap all of the api_key endpoints in these envelope objects (see 0bee7fb) so that the frontend & backend could interact. In doing this I forgot to update the tests themselves. I will update the tests now, knowing that both commits should be reverted when I work on slaclab/react-squirrel#77.

shilorigins

Woohoo!

zdomke self-assigned this Feb 26, 2026

zdomke mentioned this pull request Feb 26, 2026

[BUG] - API Endpoints Don't Return Response Models #32

Open

zdomke marked this pull request as ready for review February 27, 2026 00:31

zdomke requested review from a team and shaikhhasib February 27, 2026 00:31

zdomke mentioned this pull request Mar 2, 2026

[FEATURE] - Add Backend Key Management Scripts #36

Closed

zdomke force-pushed the zdomke/key-auth branch 2 times, most recently from d6f1a45 to 90bec6f Compare March 24, 2026 17:59

zdomke mentioned this pull request Mar 24, 2026

ENH: Add API Keys Page slaclab/react-squirrel#78

Merged

6 tasks

zdomke added 14 commits March 24, 2026 11:34

ENH: Add key authorization dependencies

a449324

TST: Adding tests for dependencies

a5d3cd0

ENH: Require auth for /api-keys route

47cc746

ENH: Require auth for /health route

e398859

MNT: Move /health responses to app/schemas/health.py

a104eb0

ENH: Require auth for /jobs route

03e1b95

ENH: Require auth for /pvs route

ad4905a

ENH: Require auth for /snapshots route

e55c37c

ENH: Require auth for /tags route

64acd68

ENH: Require auth for /ws route

44b4241

ENH: Add authorization dependency for websockets

6b985dd

TST: Adding tests for websocket auth dependencies

c034206

TST: Override get_api_key for tests that use client fixture

8835dd4

FIX: Wrap API Key results in envelope for frontend consistency; rever…

0bee7fb

…t later

zdomke force-pushed the zdomke/key-auth branch from 90bec6f to 0bee7fb Compare March 24, 2026 18:34

zdomke force-pushed the zdomke/api-keys branch from 8af9514 to 0e93f0d Compare March 24, 2026 18:35

shilorigins reviewed Mar 25, 2026

View reviewed changes

FIX: Unwrap API Key results from envelope in tests; revert later

af2d4ec

Base automatically changed from zdomke/api-keys to main March 25, 2026 20:40

shilorigins approved these changes Mar 25, 2026

View reviewed changes

zdomke merged commit 301c550 into main Mar 25, 2026
1 check passed

zdomke deleted the zdomke/key-auth branch March 25, 2026 21:41

zdomke restored the zdomke/key-auth branch March 25, 2026 23:03

zdomke mentioned this pull request Mar 25, 2026

FIX: Fixing Incorrect Parameter Name #53

Merged

zdomke deleted the zdomke/key-auth branch March 26, 2026 22:34

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ENH: Add Authorization Based on API Keys#31

ENH: Add Authorization Based on API Keys#31
zdomke merged 15 commits intomainfrom
zdomke/key-auth

zdomke commented Feb 26, 2026 •

edited

Loading

Uh oh!

zdomke commented Feb 27, 2026 •

edited

Loading

Uh oh!

shilorigins left a comment

Uh oh!

zdomke commented Mar 25, 2026

Uh oh!

shilorigins left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

zdomke commented Feb 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Motivation

Where Has This Been Documented?

Screenshots

OpenAPI docs showing auth is required for endpoints

Pre-merge checklist

Uh oh!

zdomke commented Feb 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

shilorigins left a comment

Choose a reason for hiding this comment

Uh oh!

zdomke commented Mar 25, 2026

Uh oh!

shilorigins left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

zdomke commented Feb 26, 2026 •

edited

Loading

zdomke commented Feb 27, 2026 •

edited

Loading