@solidxai/core 0.1.8-beta.1 → 0.1.8-beta.10

package/src/services/api-key.service.ts

@@ -0,0 +1,111 @@
+import {
+    ForbiddenException,
+    Injectable,
+    Logger,
+    NotFoundException,
+    UnauthorizedException,
+} from '@nestjs/common';
+import { createHash, randomBytes } from 'crypto';
+import { CreateApiKeyDto } from 'src/dtos/create-api-key.dto';
+import { UpdateApiKeyDto } from 'src/dtos/update-api-key.dto';
+import { UserApiKey } from 'src/entities/user-api-key.entity';
+import { User } from 'src/entities/user.entity';
+import { ActiveUserData } from 'src/interfaces/active-user-data.interface';
+import { UserApiKeyRepository } from 'src/repository/user-api-key.repository';
+import { PermissionMetadataService } from 'src/services/permission-metadata.service';
+
+@Injectable()
+export class ApiKeyService {
+    private readonly logger = new Logger(ApiKeyService.name);
+
+    constructor(
+        private readonly apiKeyRepository: UserApiKeyRepository,
+        private readonly permissionMetadataService: PermissionMetadataService,
+    ) {}
+
+    async generate(userId: number, dto: CreateApiKeyDto): Promise<{ apiKey: string; record: UserApiKey }> {
+        const user = await this.apiKeyRepository.manager.findOne(User, {
+            where: { id: userId },
+            select: ['id', 'isAllowedToGenerateApiKeys'],
+        });
+
+        if (!user?.isAllowedToGenerateApiKeys) {
+            throw new ForbiddenException('You are not allowed to generate API keys');
+        }
+
+        const rawKey = 'sldx_' + randomBytes(32).toString('hex');
+        const hashedKey = this.hash(rawKey);
+        const maskedKey = 'sldx_****' + rawKey.slice(-4);
+
+        const record = this.apiKeyRepository.create({
+            name: dto.name,
+            hashedKey,
+            maskedKey,
+            isActive: true,
+            expiresAt: dto.expiresAt ? new Date(dto.expiresAt) : null,
+            user,
+        });
+
+        await this.apiKeyRepository.save(record);
+
+        // Strip hashedKey from the returned record — maskedKey is all the UI needs
+        delete (record as any).hashedKey;
+
+        return { apiKey: rawKey, record };
+    }
+
+    async validate(rawKey: string): Promise<ActiveUserData> {
+        const hashedKey = this.hash(rawKey);
+
+        // Bypass security rules for auth validation — must find the key regardless of caller context
+        const keyRecord = await this.apiKeyRepository.findOne({
+            where: { hashedKey, isActive: true },
+            relations: ['user', 'user.roles'],
+        });
+
+        if (!keyRecord) {
+            throw new UnauthorizedException();
+        }
+
+        if (keyRecord.expiresAt && keyRecord.expiresAt < new Date()) {
+            throw new UnauthorizedException('API key expired');
+        }
+
+        // Fire-and-forget — does not need security rule context
+        this.apiKeyRepository.update(keyRecord.id, { lastUsedAt: new Date() }).catch((err) => {
+            this.logger.warn(`Failed to update lastUsedAt for key ${keyRecord.id}: ${err.message}`);
+        });
+
+        const roles = (keyRecord.user.roles ?? []).map((r) => r.name);
+        const permissions = await this.permissionMetadataService.findAllUsingRoles(roles);
+
+        return {
+            sub: keyRecord.user.id,
+            username: keyRecord.user.username,
+            email: keyRecord.user.email,
+            roles,
+            permissions: permissions.map((p) => p.name),
+        };
+    }
+
+    async updateKey(id: number, userId: number, dto: UpdateApiKeyDto): Promise<void> {
+        const keyRecord = await this.apiKeyRepository.findOne({
+            where: { id, user: { id: userId } },
+        });
+
+        if (!keyRecord) {
+            throw new NotFoundException('API key not found');
+        }
+
+        await this.apiKeyRepository.manager
+            .createQueryBuilder()
+            .update(UserApiKey)
+            .set({ isActive: dto.isActive })
+            .where('id = :id', { id })
+            .execute();
+    }
+
+    private hash(rawKey: string): string {
+        return createHash('sha256').update(rawKey).digest('hex');
+    }
+}

package/src/services/authentication.service.ts

@@ -41,6 +41,7 @@ import { EventDetails, EventType } from "../interfaces";
 import { ActiveUserData } from '../interfaces/active-user-data.interface';
 import { HashingService } from './hashing.service';
 import { InvalidatedRefreshTokenError, RefreshTokenIdsStorageService } from './refresh-token-ids-storage.service';
+import { SsoCodeStorageService } from './sso-code-storage.service';
 import { RoleMetadataService } from './role-metadata.service';
 import { SettingService } from './setting.service';
 import { UserActivityHistoryService } from './user-activity-history.service';
@@ -78,6 +79,7 @@ export class AuthenticationService {
         private readonly settingService: SettingService,
         private readonly roleMetadataService: RoleMetadataService,
         private readonly userActivityHistoryService: UserActivityHistoryService,
+        private readonly ssoCodeStorage: SsoCodeStorageService,
 
         @InjectDataSource()
         private readonly dataSource: DataSource,
@@ -152,6 +154,10 @@ export class AuthenticationService {
             const defaultRole = this.settingService.getConfigValue<SolidCoreSetting>('defaultRole');
 
             var { user, pwd, autoGeneratedPwd } = await this.populateForSignup(new User(), signUpDto, activateUserOnRegistration, onForcePasswordChange);
+            const privateDto = signUpDto as { isAllowedToGenerateApiKeys?: boolean };
+            if (privateDto.isAllowedToGenerateApiKeys !== undefined) {
+                user.isAllowedToGenerateApiKeys = privateDto.isAllowedToGenerateApiKeys;
+            }
             const savedUser = await this.userRepository.save(user);
             // Also assign a default role to the newly created user. 
             const userRoles = signUpDto.roles ?? [];
@@ -879,11 +885,15 @@ export class AuthenticationService {
         }
     }
 
-    private async buildLoginTokenResponse(user: User) {
-        const { accessToken, refreshToken } = await this.generateTokens(user);
+    private buildUserPayload(user: User) {
         const { id, username, email, mobile, lastLoginProvider } = user;
         const roles = user.roles.map((role) => role.name);
-        return { accessToken, refreshToken, user: { id, username, email, mobile, lastLoginProvider, roles } };
+        return { id, username, email, mobile, lastLoginProvider, roles };
+    }
+
+    private async buildLoginTokenResponse(user: User) {
+        const { accessToken, refreshToken } = await this.generateTokens(user);
+        return { accessToken, refreshToken, user: this.buildUserPayload(user) };
     }
 
     async changePassword(changePasswordDto: ChangePasswordDto, activeUser: ActiveUserData) {
@@ -1414,6 +1424,28 @@ export class AuthenticationService {
         return response;
     }
 
+    async generateSsoCode(activeUser: ActiveUserData, rawAccessToken: string): Promise<{ ssoCode: string }> {
+        const refreshTokenState = await this.refreshTokenIdsStorage.getCurrentRefreshTokenState(activeUser.sub);
+        if (!refreshTokenState?.currentRefreshToken) {
+            throw new UnauthorizedException('No active session found');
+        }
+        const ssoCode = await this.ssoCodeStorage.generateCode(
+            activeUser.sub,
+            rawAccessToken,
+            refreshTokenState.currentRefreshToken,
+        );
+        return { ssoCode };
+    }
+
+    async exchangeSsoCode(code: string) {
+        const { userId, accessToken, refreshToken } = await this.ssoCodeStorage.consumeCode(code);
+        const user = await this.userRepository.findOne({ where: { id: userId }, relations: { roles: true } });
+        if (!user) {
+            throw new UnauthorizedException('User not found');
+        }
+        return { accessToken, refreshToken, user: this.buildUserPayload(user) };
+    }
+
 }
 
 function parseUniqueConstraintError(detail: string): string {

package/src/services/chatter-message.service.ts

@@ -53,6 +53,13 @@ export class ChatterMessageService extends CRUDService<ChatterMessage> {
         chatterMessage.messageBody = postDto.messageBody;
         chatterMessage.coModelEntityId = postDto.coModelEntityId;
         chatterMessage.coModelName = postDto.coModelName;
+        chatterMessage.modelUserKey = postDto.modelUserKey ?? null;
+
+        const model = await this.modelMetadataRepo.findOne({
+            where: { singularName: lowerFirst(postDto.coModelName) },
+            relations: { userKeyField: true }
+        });
+        chatterMessage.modelDisplayName = model?.displayName ?? null;
 
         const activeUser = this.requestContextService.getActiveUser();
 

package/src/services/export-transaction.service.ts

@@ -274,32 +274,6 @@ export class ExportTransactionService extends CRUDService<ExportTransaction> {
           }
         }
 
-        // Include userKey from each related field
-        for (const [relatedFieldName, userKeyFieldName] of relatedModelsUserKeyMap.entries()) {
-          const relatedData = record[relatedFieldName];
-          const displayKey = fieldNameToDisplayName.get(relatedFieldName) ?? relatedFieldName;
-
-          if (Array.isArray(relatedData)) {
-            // For many-to-many or one-to-many
-            const values = relatedData
-              .map(item => {
-                let val = item?.[userKeyFieldName];
-                const relatedFieldMeta = modelFields.find(f => f.name === relatedFieldName);
-                if ((relatedFieldMeta?.type === 'datetime' || relatedFieldMeta?.type === 'date') && val) {
-                  val = new Date(val).toISOString();
-                }
-                return val;
-              })
-              .filter(Boolean);
-            newRecord[displayKey] = values.join(', ');
-          } else if (relatedData && typeof relatedData === 'object') {
-            // For many-to-one or one-to-one
-            newRecord[relatedFieldName] = relatedData?.[userKeyFieldName] ?? null;
-          } else {
-            newRecord[displayKey] = null;
-          }
-        }
-
         // Include userKey from each related field (with displayName)
         for (const [relatedFieldName, userKeyFieldName] of relatedModelsUserKeyMap.entries()) {
           const relatedData = record[relatedFieldName];

package/src/services/field-metadata.service.ts

@@ -18,7 +18,6 @@ import { ERROR_MESSAGES } from 'src/constants/error-messages';
 import qs from 'qs';
 import { ResolveS3UrlDto } from 'src/dtos/resolve-s3-url.dto';
 import { MediaStorageProviderMetadataRepository } from 'src/repository/media-storage-provider-metadata.repository';
-import { ConfigService } from '@nestjs/config';
 import { S3FileService } from './file';
 import { MediaStorageProviderMetadata } from 'src/entities/media-storage-provider-metadata.entity';
 
@@ -27,7 +26,6 @@ import { MediaStorageProviderMetadata } from 'src/entities/media-storage-provide
 export class FieldMetadataService implements OnApplicationBootstrap {
     constructor(
         private readonly fieldMetadataRepo: FieldMetadataRepository,
-        private readonly configService: ConfigService,
         private readonly fileService: S3FileService,
         private readonly mediaStorageProviderMetadataRepository: MediaStorageProviderMetadataRepository,
 
@@ -1291,7 +1289,6 @@ export class FieldMetadataService implements OnApplicationBootstrap {
     }
 
     async resolveS3Url(resolveS3UrlDto: ResolveS3UrlDto) {
-        let url = "";
         const normalizedKey = this.normalizeS3Key(resolveS3UrlDto.s3Key);
 
         let resolvedBucketName = resolveS3UrlDto.bucketName;
@@ -1308,14 +1305,11 @@ export class FieldMetadataService implements OnApplicationBootstrap {
         }
         this.logger.debug(`INSIDE::resolveS3Url:: resolvedBucketName: ${resolvedBucketName}`)
 
-        if (resolveS3UrlDto.isPrivate == "true") {
-            const expiryInSeconds = 60 * 60;
-            url = await this.fileService.getUrl(`${resolvedBucketName}:${normalizedKey}`, { expiresIn: expiryInSeconds });
-        } else {
-            url = `https://${resolvedBucketName}.s3.${this.configService.get(
-                'S3_AWS_REGION_NAME',
-            )}.amazonaws.com/${normalizedKey}`;
-        }
+        const expiryInSeconds = resolveS3UrlDto.isPrivate == "true" ? 60 * 60 : 0;
+        const url = await this.fileService.getUrl(`${resolvedBucketName}:${normalizedKey}`, {
+            expiresIn: expiryInSeconds,
+        });
+
         return { url: url }
     }
 
@@ -1332,4 +1326,3 @@ export class FieldMetadataService implements OnApplicationBootstrap {
     }
 }
 
-

package/src/services/file/disk-file.service.ts

@@ -44,7 +44,7 @@ export class DiskFileService implements IFileService {
   async write(filePath: string, data: Buffer | string, options?: WriteOptions): Promise<string> {
     await this.ensureDirectoryExists(filePath);
     await fsPromises.writeFile(filePath, data);
-    return `${this.baseUrl}/${filePath}`;
+    return this.buildUrl(filePath);
   }
 
   /**
@@ -57,7 +57,7 @@ export class DiskFileService implements IFileService {
     const writeStream = fs.createWriteStream(filePath);
     await pipeline(stream, writeStream);
     this.logger.debug(`File saved via stream: ${filePath}`);
-    return `${this.baseUrl}/${filePath}`;
+    return this.buildUrl(filePath);
   }
 
   /**
@@ -97,13 +97,10 @@ export class DiskFileService implements IFileService {
   }
 
   /**
-   * Get an accessible URL/path for the file
-   * For disk storage, returns the file path as-is
+   * Get an accessible URL for the file
    */
   async getUrl(filePath: string, options?: UrlOptions): Promise<string> {
-    // For disk storage, we simply return the path
-    // The caller is responsible for constructing a full URL if needed
-    return filePath;
+    return this.buildUrl(filePath);
   }
 
   /**
@@ -117,4 +114,15 @@ export class DiskFileService implements IFileService {
       await fsPromises.mkdir(dir, { recursive: true });
     }
   }
+
+  private buildUrl(filePath: string): string {
+    const normalizedBaseUrl = this.baseUrl.replace(/\/+$/, '');
+    const normalizedPath = filePath.replace(/^\/+/, '');
+
+    if (!normalizedBaseUrl) {
+      return `/${normalizedPath}`;
+    }
+
+    return `${normalizedBaseUrl}/${normalizedPath}`;
+  }
 }

package/src/services/media.service.ts

@@ -53,51 +53,29 @@ export class MediaService extends CRUDService<Media> {
     if (data.records) {
 
       for (const media of data.records) {
-        if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.Filesystem) {
-          media.relativeUri = `${this.settingService.getConfigValue<SolidCoreSetting>("baseUrl")}/${this.getFullFilePathForDisk(media.relativeUri)}`;
-        } else if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.AwsS3) {
-          media.relativeUri = this.getAwsS3FullFilePath(
-            media.relativeUri,
-            media.mediaStorageProviderMetadata.bucketName,
-            media.mediaStorageProviderMetadata.region
-          );
+        const mediaStorageProvider = media.mediaStorageProviderMetadata;
+
+        if (mediaStorageProvider?.type === MediaStorageProviderType.Filesystem) {
+          media.relativeUri = await this.diskFileService.getUrl(this.getFullFilePathForDisk(media.relativeUri));
+        } else if (mediaStorageProvider?.type === MediaStorageProviderType.AwsS3) {
+          media.relativeUri = await this.s3FileService.getUrl(`${mediaStorageProvider.bucketName}:${media.relativeUri}`, { region: mediaStorageProvider.region });
         }
       }
-      // data.records.forEach((media: Media) => {
-      //       if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.Filesystem) {
-      //   media.relativeUri = `${process.env.BASE_URL}/${this.getFileSysytemFullFilePath(media.relativeUri)}`;
-      // } else if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.AwsS3) {
-      //   media.relativeUri = this.getAwsS3FullFilePath(
-      //     media.relativeUri,
-      //     media.mediaStorageProviderMetadata.bucketName,
-      //     media.mediaStorageProviderMetadata.region
-      //   );
-      // }
-      // });
     }
     if (data.groupRecords) {
 
       for (const group of data.groupRecords) {
         for (const media of group.groupData.records) {
-          if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.Filesystem) {
-            media.relativeUri = `${this.settingService.getConfigValue<SolidCoreSetting>("baseUrl")}/${this.getFullFilePathForDisk(media.relativeUri)}`;
+          const mediaStorageProvider = media.mediaStorageProviderMetadata;
+
+          if (mediaStorageProvider?.type === MediaStorageProviderType.Filesystem) {
+            media.relativeUri = await this.diskFileService.getUrl(this.getFullFilePathForDisk(media.relativeUri));
           }
-          else if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.AwsS3) {
-            media.relativeUri = this.getAwsS3FullFilePath(media.relativeUri, media.mediaStorageProviderMetadata.bucketName, media.mediaStorageProviderMetadata.region);
+          else if (mediaStorageProvider?.type === MediaStorageProviderType.AwsS3) {
+            media.relativeUri = await this.s3FileService.getUrl(`${mediaStorageProvider.bucketName}:${media.relativeUri}`, { region: mediaStorageProvider.region });
           }
         }
       }
-
-      // data.groupRecords.forEach((group) => {
-      //   group.groupData.records.forEach((media) => {
-      //     if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.Filesystem) {
-      //       media.relativeUri = `${process.env.BASE_URL}/${this.getFileSysytemFullFilePath(media.relativeUri)}`;
-      //     }
-      //     else if (media.mediaStorageProviderMetadata?.type === MediaStorageProviderType.AwsS3) {
-      //       media.relativeUri = this.getAwsS3FullFilePath(media.relativeUri, media.mediaStorageProviderMetadata.bucketName, media.mediaStorageProviderMetadata.region);
-      //     }
-      //   });
-      // });
     }
     return data
   }
@@ -172,24 +150,12 @@ export class MediaService extends CRUDService<Media> {
       }
     }
     );
-    // if (media.mediaStorageProviderMetadata.type === 'filesystem') {
-    //     const fileStorageProvider = new FileStorageProvider(this.configService, this.fileService, this);
-
-    //     await fileStorageProvider.delete(media, media.fieldMetadata);
-
-    // } else if (media.mediaStorageProviderMetadata.type === 'aws-s3') {
-    //     const fileStorageProvider = new FileS3StorageProvider(this.configService, this.fileService, this);
-    //     await fileStorageProvider.delete(media, media.fieldMetadata);
-
-    // } else {
-    // }
     const storageProviderType = media.mediaStorageProviderMetadata.type as MediaStorageProviderType;
     const storageProvider = await getMediaStorageProvider(this.moduleRef, storageProviderType);
     await storageProvider.delete(modelEntity, media.fieldMetadata);
 
     return this.repo.remove(media);
   }
-  //TODO: Move this to a app builder config
 
   private getFullFilePathForDisk(fileName: string): string {
     const base = this.settingService.getConfigValue<SolidCoreSetting>("fileStorageDir")
@@ -200,11 +166,6 @@ export class MediaService extends CRUDService<Media> {
     return `${base}/${fileName}`;
   }
 
-  private getAwsS3FullFilePath(awsMediaurl: string, bucketName: string, regionName: string): string {
-    // https://lunarismedia.s3.ap-south-1.amazonaws.com/LUNARIS_CP_REGISTRATION_CREATIVE.jpg
-    return `https://${bucketName}.s3.${regionName}.amazonaws.com/${awsMediaurl}`;
-  }
-
   private getFileName(file: Express.Multer.File): string {
     return `${file.filename}-${file.originalname}`;
   }

package/src/services/settings/default-settings-provider.service.ts

@@ -34,8 +34,11 @@ const getSolidCoreSettings = (isProd: boolean) => ([
   { moduleName: "solid-core", key: "authScreenCenterBackgroundImage", value: null, level: SettingLevel.SystemAdminEditable },
   {
     moduleName: "solid-core", key: "solidXGenAiCodeBuilderConfig", value: JSON.stringify({
-      fastModel: { provider: "", availableProviders: [] },
-      defaultProvider: { provider: "", availableProviders: [] },
+      models: {
+        default: { providerKey: "", behavior: { streaming: false, custom: "" } },
+        fast: { providerKey: "", behavior: { streaming: false, custom: "" } },
+      },
+      providers: {},
     }), level: SettingLevel.SystemAdminEditable
   },
   { moduleName: "solid-core", key: "mcpEnabled", value: process.env.MCP_ENABLED || false, level: SettingLevel.SystemAdminReadonly },

package/src/services/sso-code-storage.service.ts

@@ -0,0 +1,36 @@
+import { CACHE_MANAGER } from '@nestjs/cache-manager';
+import { Inject, Injectable, UnauthorizedException } from '@nestjs/common';
+import { Cache } from 'cache-manager';
+import { randomBytes } from 'crypto';
+
+const SSO_CODE_TTL_MS = 60 * 1000; // 60 seconds
+
+interface SsoCodeEntry {
+    userId: number;
+    accessToken: string;
+    refreshToken: string;
+}
+
+@Injectable()
+export class SsoCodeStorageService {
+    constructor(@Inject(CACHE_MANAGER) private cacheManager: Cache) {}
+
+    async generateCode(userId: number, accessToken: string, refreshToken: string): Promise<string> {
+        const code = randomBytes(32).toString('hex');
+        await this.cacheManager.set(this.getKey(code), { userId, accessToken, refreshToken }, SSO_CODE_TTL_MS);
+        return code;
+    }
+
+    async consumeCode(code: string): Promise<SsoCodeEntry> {
+        const entry = await this.cacheManager.get<SsoCodeEntry>(this.getKey(code));
+        if (!entry) {
+            throw new UnauthorizedException('Invalid or expired SSO code');
+        }
+        await this.cacheManager.del(this.getKey(code));
+        return entry;
+    }
+
+    private getKey(code: string): string {
+        return `sso-code-${code}`;
+    }
+}

package/src/services/user.service.ts

@@ -102,8 +102,9 @@ export class UserService extends CRUDService<User> {
     if (!user) {
       throw new Error(ERROR_MESSAGES.USER_NOT_FOUND);
     }
-    const roles = updateDto.roles ? updateDto.roles : [];
-    await this.addRolesToUser(user.username, roles);
+    if (updateDto.roles != null) {
+      await this.addRolesToUser(user.username, updateDto.roles);
+    }
     await this.update(id, updateDto, files, true);
   }
 

package/src/solid-core.module.ts

@@ -78,6 +78,7 @@ import { MqMessageQueue } from './entities/mq-message-queue.entity';
 import { MqMessage } from './entities/mq-message.entity';
 import { SmsTemplate } from './entities/sms-template.entity';
 import { AccessTokenGuard } from './guards/access-token.guard';
+import { ApiKeyGuard } from './guards/api-key.guard';
 import { AuthenticationGuard } from './guards/authentication.guard';
 import { PermissionsGuard } from './guards/permissions.guard';
 import { SolidRegistry } from './helpers/solid-registry';
@@ -126,6 +127,7 @@ import { TwilioSmsQueuePublisherRedis } from './jobs/redis/twilio-sms-publisher-
 import { TwilioSmsQueueSubscriberRedis } from './jobs/redis/twilio-sms-subscriber-redis.service';
 import { UserRegistrationListener } from './listeners/user-registration.listener';
 import { GoogleOauthStrategy } from './passport-strategies/google-oauth.strategy';
+import { ApiKeyService } from './services/api-key.service';
 import { AuthenticationService } from './services/authentication.service';
 import { BcryptService } from './services/bcrypt.service';
 import { UuidExternalIdEntityComputedFieldProvider } from './services/computed-fields/entity/uuid-externalid-entity-computed-field-provider.service';
@@ -140,6 +142,7 @@ import { MqMessageQueueService } from './services/mq-message-queue.service';
 import { MqMessageService } from './services/mq-message.service';
 import { PdfService } from './services/pdf.service';
 import { RefreshTokenIdsStorageService } from './services/refresh-token-ids-storage.service';
+import { SsoCodeStorageService } from './services/sso-code-storage.service';
 import { ListOfModelsSelectionProvider } from './services/selection-providers/list-of-models-selection-provider.service';
 import { TinyUrlService } from './services/short-url/tiny-url.service';
 import { SmsTemplateService } from './services/sms-template.service';
@@ -205,6 +208,7 @@ import { SecurityRule } from './entities/security-rule.entity';
 import { Setting } from './entities/setting.entity';
 import { UserActivityHistory } from './entities/user-activity-history.entity';
 import { UserViewMetadata } from './entities/user-view-metadata.entity';
+import { UserApiKey } from './entities/user-api-key.entity';
 import { User } from './entities/user.entity';
 import { HttpExceptionFilter } from './filters/http-exception.filter';
 import { ModelMetadataHelperService } from './helpers/model-metadata-helper.service';
@@ -284,6 +288,7 @@ import { SettingRepository } from './repository/setting.repository';
 import { SmsTemplateRepository } from './repository/sms-template.repository';
 import { UserActivityHistoryRepository } from './repository/user-activity-history.repository';
 import { UserViewMetadataRepository } from './repository/user-view-metadata.repository';
+import { UserApiKeyRepository } from './repository/user-api-key.repository';
 import { UserRepository } from './repository/user.repository';
 import { ViewMetadataRepository } from './repository/view-metadata.repository';
 import { PermissionMetadataSeederService } from './seeders/permission-metadata-seeder.service';
@@ -415,6 +420,7 @@ import { Entity } from 'typeorm';
       Setting,
       SmsTemplate,
       User,
+      UserApiKey,
       UserActivityHistory,
       UserViewMetadata,
       ViewMetadata,
@@ -627,9 +633,12 @@ import { Entity } from 'typeorm';
     LocaleListSelectionProvider,
     SoftDeleteAwareEventSubscriber,
     AccessTokenGuard,
+    ApiKeyGuard,
+    ApiKeyService,
     AuthenticationService,
     GoogleAuthenticationController,
     RefreshTokenIdsStorageService,
+    SsoCodeStorageService,
     GoogleOauthStrategy,
     UserRegistrationListener,
     TestQueuePublisher,
@@ -679,6 +688,7 @@ import { Entity } from 'typeorm';
     RoleMetadataService,
     PermissionMetadataSeederService,
     UserService,
+    UserApiKeyRepository,
     UserRepository,
     SettingService,
     ConcatComputedFieldProvider,