feat: replace SQLAdmin with Keycloak-protected API management page

- Disable SQLAdmin basic auth (comment out mount_admin, statics, redirect)
- Add /api-management page (Keycloak admin role required)
- Add admin_api_keys.py: REST endpoints for list/create clients and keys
- Add api_management.html: manage API clients, keys, permissions with copy-once key display
- Update index.html: API Management link -> /api-management
- Update auth middleware: add /api-management and /admin/users to PROTECTED_PATHS
- Add CHANGES-2026-06-04.md dev notes
This commit is contained in:
jigoong
2026-06-04 18:22:22 +07:00
parent e4d32b86cb
commit 3a5f9e9001
8 changed files with 807 additions and 20 deletions

View File

@@ -95,6 +95,22 @@ async def admin_users_page(
)
@router.get("/api-management", response_class=HTMLResponse)
async def api_management_page(
request: Request,
current_user: dict = Depends(require_role(Roles.ADMIN))
):
"""API Key management page - Admin only"""
return templates.TemplateResponse(
"api_management.html",
{
"request": request,
"root_path": settings.ROOT_PATH,
"user": current_user
}
)
@router.post("/data-management/finance/upload")
async def upload_finance_file(
request: Request,