- 01-infra/nginx-configs: add MinIO /minio/ and /minio-console/ location blocks (port 9000 S3 API, port 9001 Console UI, path stripping via rewrite) - 03-apiservice: integrate MinIO minio-python SDK for file upload - requirements.txt: add minio==7.2.11 - app/core/config.py: add MINIO_ENDPOINT, ACCESS_KEY, SECRET_KEY, BUCKET_FINANCE, USE_SSL - app/services/minio_client.py: new — upload_file(), get_presigned_url(), delete_file() - app/routes/pages.py: replace local /data/uploads/ write with MinIO upload to finance bucket - docker-compose.yml: pass MinIO env vars to container - .env.example: document MinIO vars - 07-minio/.env.example: add MINIO_SVC_ACCESS_KEY/SECRET_KEY section - 07-minio/README.md: add Python minio SDK and Airflow DAG usage guide - CLAUDE.md: project context (servers, SSH, paths, service distribution) - document-obsidiant/: initial Obsidian docs for all services
252 lines
5.8 KiB
Markdown
252 lines
5.8 KiB
Markdown
---
|
|
tags:
|
|
- project/sriphat
|
|
- apiservice
|
|
- fastapi
|
|
- python
|
|
created: 2026-05-07
|
|
status: active
|
|
folder: 03-apiservice
|
|
---
|
|
|
|
# API Service (03-apiservice)
|
|
|
|
> **Docker Compose:** `03-apiservice/docker-compose.yml`
|
|
> **Env File:** `03-apiservice/.env`
|
|
> **Language:** Python / FastAPI
|
|
|
|
## Overview
|
|
|
|
Custom FastAPI service สำหรับ:
|
|
- รับข้อมูล Checkpoint จาก HIS (Hospital Information System)
|
|
- จัดการ API Keys แบบ permission-based
|
|
- Admin UI สำหรับบริหาร API Clients
|
|
- รองรับ Keycloak SSO สำหรับหน้าเว็บ Admin
|
|
|
|
## Container
|
|
|
|
| รายการ | ค่า |
|
|
|--------|-----|
|
|
| **Container** | `apiservice` |
|
|
| **Image** | `03-apiservice-apiservice:latest` (build local) |
|
|
| **Port** | `8040:8040` |
|
|
| **URL** | `https://ai.sriphat.com/apiservice` |
|
|
| **Health Check** | `http://localhost:8040/apiservice/docs` |
|
|
|
|
---
|
|
|
|
## API Endpoints (หลัก)
|
|
|
|
### Data Feed Endpoints
|
|
|
|
```
|
|
POST /apiservice/api/v1/feed/checkpoint
|
|
```
|
|
|
|
**Payload ตัวอย่าง:**
|
|
```json
|
|
[
|
|
{
|
|
"id": 1,
|
|
"hn": 123,
|
|
"vn": 456,
|
|
"location": "OPD",
|
|
"type": "Scan",
|
|
"timestamp_in": "2026-02-16T10:00:00",
|
|
"timestamp_out": null,
|
|
"waiting_time": null,
|
|
"bu": "SRIPHAT"
|
|
}
|
|
]
|
|
```
|
|
|
|
**Required Permission:** `feed.checkpoint:write`
|
|
|
|
### Admin Endpoints
|
|
|
|
```
|
|
GET /apiservice/admin/ # Admin dashboard
|
|
POST /apiservice/admin/api-keys/generate # สร้าง API Key ใหม่
|
|
GET /apiservice/admin/api-clients # รายการ API Clients
|
|
```
|
|
|
|
### Documentation
|
|
|
|
```
|
|
GET /apiservice/docs # Swagger UI
|
|
GET /apiservice/redoc # ReDoc
|
|
```
|
|
|
|
---
|
|
|
|
## Database Schema
|
|
|
|
API Service ใช้ PostgreSQL (Infra) และ Supabase:
|
|
|
|
### Tables (PostgreSQL Infra)
|
|
|
|
| Table | ใช้สำหรับ |
|
|
|-------|---------|
|
|
| `fastapi.ApiClient` | ข้อมูล API Client (ระบบที่ขอใช้ API) |
|
|
| `fastapi.ApiKey` | API Keys ที่เข้ารหัสแล้ว |
|
|
|
|
### Tables (Supabase)
|
|
|
|
| Table | Schema | ใช้สำหรับ |
|
|
|-------|--------|---------|
|
|
| `RawWaitingTime` | `operationbi` | ข้อมูล waiting time ดิบ |
|
|
| `RawOpdCheckpoint` | — | ข้อมูล OPD checkpoint |
|
|
|
|
---
|
|
|
|
## Authentication
|
|
|
|
### 1. API Key Authentication (สำหรับ System Integration)
|
|
|
|
```bash
|
|
# Request header
|
|
Authorization: Bearer <api-key>
|
|
|
|
# หรือ query param
|
|
?api_key=<api-key>
|
|
```
|
|
|
|
API Key สร้างได้จาก Admin UI โดยกำหนด permissions:
|
|
- `feed.checkpoint:write` — บันทึกข้อมูล checkpoint
|
|
- (สามารถเพิ่ม permissions เพิ่มเติมได้)
|
|
|
|
### 2. Keycloak SSO (สำหรับ Admin Web UI)
|
|
|
|
```bash
|
|
# Environment variables
|
|
KEYCLOAK_SERVER_URL=http://keycloak:8080
|
|
KEYCLOAK_REALM=master
|
|
KEYCLOAK_CLIENT_ID=apiservice
|
|
KEYCLOAK_CLIENT_SECRET=<secret>
|
|
KEYCLOAK_REDIRECT_URI=http://localhost:8040/apiservice/auth/callback
|
|
```
|
|
|
|
---
|
|
|
|
## File Structure
|
|
|
|
```
|
|
03-apiservice/
|
|
├── app/
|
|
│ ├── api/v1/
|
|
│ │ ├── routes.py # API endpoints
|
|
│ │ └── schemas.py # Pydantic schemas
|
|
│ ├── core/
|
|
│ │ └── config.py # Settings / Config
|
|
│ ├── db/
|
|
│ │ ├── models.py # SQLAlchemy models
|
|
│ │ ├── init_db.py # Database initialization
|
|
│ │ └── session.py # DB session
|
|
│ ├── middleware/ # Custom middleware
|
|
│ ├── models/ # Additional models
|
|
│ ├── routes/ # Additional routes
|
|
│ ├── security/
|
|
│ │ ├── api_key.py # API Key handling
|
|
│ │ ├── keycloak_auth.py # Keycloak integration
|
|
│ │ ├── permissions.py # Permission system
|
|
│ │ └── dependencies.py # FastAPI dependencies
|
|
│ ├── services/ # Business logic
|
|
│ ├── templates/ # HTML templates (Admin UI)
|
|
│ └── utils/
|
|
│ └── supabase_client.py
|
|
├── data/uploads/ # File uploads
|
|
├── docker-compose.yml
|
|
├── requirements.txt
|
|
└── .env
|
|
```
|
|
|
|
---
|
|
|
|
## Environment Variables
|
|
|
|
```bash
|
|
# Application
|
|
APP_NAME=APIsService
|
|
ROOT_PATH=/apiservice
|
|
TIMEZONE=Asia/Bangkok
|
|
|
|
# PostgreSQL (Infra DB)
|
|
DB_HOST=postgres
|
|
DB_PORT=5432
|
|
DB_USER=postgres
|
|
DB_PASSWORD=<secret>
|
|
DB_NAME=postgres
|
|
DB_SSLMODE=prefer
|
|
|
|
# Supabase DB (สำหรับ RawOpdCheckpoint)
|
|
SUPABASE_DB_HOST=sdp-supabase-db
|
|
SUPABASE_DB_PORT=5432
|
|
SUPABASE_DB_USER=postgres.1
|
|
SUPABASE_DB_NAME=postgres
|
|
|
|
# Supabase API
|
|
SUPABASE_API_URL=http://sdp-kong:8000
|
|
SUPABASE_API_KEY=<anon-or-service-role-key>
|
|
|
|
# Admin
|
|
ADMIN_SECRET_KEY=<secret>
|
|
ADMIN_USERNAME=admin
|
|
ADMIN_PASSWORD=<secret>
|
|
API_KEY_ENC_SECRET=<encryption-key>
|
|
|
|
# Keycloak
|
|
KEYCLOAK_SERVER_URL=http://keycloak:8080
|
|
KEYCLOAK_REALM=master
|
|
KEYCLOAK_CLIENT_ID=apiservice
|
|
KEYCLOAK_CLIENT_SECRET=<secret>
|
|
KEYCLOAK_REDIRECT_URI=<redirect-url>
|
|
|
|
# Airflow Integration
|
|
AIRFLOW_API_URL=http://airflow-webserver:8080
|
|
AIRFLOW_API_TOKEN=<token>
|
|
AIRFLOW_DAG_ID_FINANCE=process_finance_excel
|
|
|
|
# Debug
|
|
DEBUG_AUTH=false
|
|
LOG_LEVEL=debug
|
|
```
|
|
|
|
---
|
|
|
|
## Build & Deploy
|
|
|
|
```bash
|
|
# Build image
|
|
cd 03-apiservice
|
|
docker compose --env-file ../.env.global build
|
|
|
|
# Start service
|
|
docker compose --env-file ../.env.global up -d
|
|
|
|
# View logs
|
|
docker logs apiservice -f
|
|
|
|
# Restart
|
|
docker restart apiservice
|
|
```
|
|
|
|
---
|
|
|
|
## Airflow Integration
|
|
|
|
API Service มี integration กับ Apache Airflow:
|
|
- ส่ง trigger ไปยัง Airflow DAG
|
|
- DAG `process_finance_excel` สำหรับประมวลผล Excel files
|
|
|
|
ดูรายละเอียดที่ `03-apiservice/AIRFLOW_INTEGRATION.md`
|
|
|
|
---
|
|
|
|
## Related
|
|
|
|
- [[00-Project-Overview]]
|
|
- [[01-Infrastructure]]
|
|
- [[02-Supabase]]
|
|
- [[04-Airflow]]
|
|
- [[07-Security-Strategy]]
|