feat: replace SQLAdmin with Keycloak-protected API management page

- Disable SQLAdmin basic auth (comment out mount_admin, statics, redirect)
- Add /api-management page (Keycloak admin role required)
- Add admin_api_keys.py: REST endpoints for list/create clients and keys
- Add api_management.html: manage API clients, keys, permissions with copy-once key display
- Update index.html: API Management link -> /api-management
- Update auth middleware: add /api-management and /admin/users to PROTECTED_PATHS
- Add CHANGES-2026-06-04.md dev notes
This commit is contained in:
jigoong
2026-06-04 18:22:22 +07:00
parent e4d32b86cb
commit 3a5f9e9001
8 changed files with 807 additions and 20 deletions

View File

@@ -34,14 +34,16 @@ class WebAuthenticationMiddleware(BaseHTTPMiddleware):
"/docs",
"/redoc",
"/openapi.json",
"/data-management"
"/data-management",
"/api-management",
"/admin/users",
]
# Routes that are excluded from user authentication
EXCLUDED_PATHS = [
"/auth", # Authentication endpoints
"/api/v1", # API endpoints (use API Key)
"/admin", # SQLAdmin (has own auth)
"/admin", # Admin API endpoints (use require_role dependency)
]
async def dispatch(self, request: Request, call_next):