feat: replace SQLAdmin with Keycloak-protected API management page
- Disable SQLAdmin basic auth (comment out mount_admin, statics, redirect) - Add /api-management page (Keycloak admin role required) - Add admin_api_keys.py: REST endpoints for list/create clients and keys - Add api_management.html: manage API clients, keys, permissions with copy-once key display - Update index.html: API Management link -> /api-management - Update auth middleware: add /api-management and /admin/users to PROTECTED_PATHS - Add CHANGES-2026-06-04.md dev notes
This commit is contained in:
@@ -1,20 +1,16 @@
|
||||
from contextlib import asynccontextmanager
|
||||
import logging
|
||||
import os
|
||||
|
||||
from fastapi import FastAPI
|
||||
from fastapi.middleware.cors import CORSMiddleware
|
||||
from fastapi.staticfiles import StaticFiles
|
||||
from starlette.datastructures import Headers
|
||||
from starlette.middleware.base import BaseHTTPMiddleware
|
||||
from starlette.middleware.sessions import SessionMiddleware
|
||||
import sqladmin
|
||||
|
||||
from app.admin import mount_admin
|
||||
from app.api.v1.routes import router as v1_router
|
||||
from app.routes.pages import router as pages_router
|
||||
from app.routes.auth import router as auth_router
|
||||
from app.routes.admin_users import router as admin_users_router
|
||||
from app.routes.admin_api_keys import router as admin_api_keys_router
|
||||
from app.middleware.auth_middleware import WebAuthenticationMiddleware
|
||||
from app.core.config import settings
|
||||
from app.db.init_db import init_db
|
||||
@@ -26,7 +22,6 @@ logging.basicConfig(
|
||||
)
|
||||
logging.getLogger("uvicorn.error").setLevel(logging.DEBUG)
|
||||
logging.getLogger("uvicorn.access").setLevel(logging.INFO)
|
||||
logging.getLogger("sqladmin").setLevel(logging.DEBUG)
|
||||
logging.getLogger("sqlalchemy.engine").setLevel(logging.INFO)
|
||||
|
||||
|
||||
@@ -68,9 +63,6 @@ async def lifespan(_: FastAPI):
|
||||
yield
|
||||
|
||||
|
||||
sqladmin_dir = os.path.dirname(sqladmin.__file__)
|
||||
statics_path = os.path.join(sqladmin_dir, "statics")
|
||||
|
||||
app = FastAPI(title=settings.APP_NAME, root_path=settings.ROOT_PATH, lifespan=lifespan)
|
||||
|
||||
# Add exception handler to log all errors with traceback
|
||||
@@ -105,7 +97,4 @@ app.include_router(v1_router) # API endpoints - use API Key auth
|
||||
app.include_router(pages_router) # Web pages - use Keycloak auth
|
||||
app.include_router(auth_router) # Authentication routes
|
||||
app.include_router(admin_users_router) # Admin user management API
|
||||
|
||||
app.mount("/admin/statics", StaticFiles(directory=statics_path), name="admin_statics")
|
||||
app.mount("/apiservice/admin/statics", StaticFiles(directory=statics_path), name="proxy_admin_statics")
|
||||
mount_admin(app)
|
||||
app.include_router(admin_api_keys_router) # API key management - use Keycloak admin auth
|
||||
|
||||
Reference in New Issue
Block a user