arpakitlib 1.8.19__py3-none-any.whl → 1.8.21__py3-none-any.whl

arpakitlib/_arpakit_project_template_v_5/example.env

@@ -11,12 +11,10 @@
 # api_port=
 # api_init_sqlalchemy_db=
 # api_init_json_db=
-# api_api_keys=
-# api_user_tokens=
+# api_correct_api_keys=
 # api_enable_sqladmin=
 # api_start_operation_executor_worker=
 # api_start_scheduled_operation_creator_worker=
-# api_create_story_log_func_before_in_exception_handler=
 # sqladmin_secret_key=
 # sqladmin_auth_keys=
 # sqladmin_port=

arpakitlib/_arpakit_project_template_v_5/project/additional_model/common.py

@@ -1,8 +1,5 @@
-from typing import Any
-
 from pydantic import ConfigDict, BaseModel
 
 
 class BaseAM(BaseModel):
     model_config = ConfigDict(extra="forbid", arbitrary_types_allowed=True, from_attributes=True)
-    additional_data: dict[str, Any] = {}

arpakitlib/_arpakit_project_template_v_5/project/api/auth.py

@@ -1,4 +1,4 @@
-from typing import Callable
+from typing import Callable, Any
 
 import fastapi
 import fastapi.exceptions
@@ -8,10 +8,10 @@ import sqlalchemy
 from fastapi import Security
 from fastapi.security import APIKeyHeader
 from pydantic import BaseModel, ConfigDict
+from sqlalchemy.orm import joinedload
 
 from arpakitlib.ar_func_util import is_async_func, is_sync_func
 from arpakitlib.ar_json_util import transfer_data_to_json_str_to_data
-from arpakitlib.ar_type_util import raise_for_type
 from project.api.const import APIErrorCodes
 from project.api.exception import APIException
 from project.core.settings import get_cached_settings
@@ -22,70 +22,27 @@ from project.sqlalchemy_db_.sqlalchemy_model import ApiKeyDBM, UserTokenDBM
 class APIAuthData(BaseModel):
     model_config = ConfigDict(extra="forbid", arbitrary_types_allowed=True, from_attributes=True)
 
-    require_api_key_string: bool = False
-    require_user_token_string: bool = False
-
-    require_correct_api_key: bool = False
-    require_correct_user_token: bool = False
-
-    require_mode_type: str | None = None
-    require_not_mode_type: str | None = None
-
-    current_mode_type: str | None = None
-
     api_key_string: str | None = None
     user_token_string: str | None = None
 
     is_api_key_correct: bool | None = None
-    is_user_token_correct: bool | None = None
 
     api_key_dbm: ApiKeyDBM | None = None
     user_token_dbm: UserTokenDBM | None = None
 
+    prod_mode: bool = False
 
-def api_auth(
-        *,
-        require_api_key_string: bool = False,
-        require_user_token_string: bool = False,
-
-        require_correct_api_key: bool = False,
-        require_correct_user_token: bool = False,
+    extra_data: dict[str, Any] = {}
 
-        require_mode_type: str | None = None,
-        require_not_mode_type: str | None = None,
 
-        is_api_key_correct_func: Callable | None = None,
-        is_user_token_correct_func: Callable | None = None,
-        correct_api_keys: str | list[str] | None = None,
-        correct_user_tokens: str | list[str] | None = None,
+def api_auth(
+        *,
+        middlewares: list[Callable] | None = None
 ) -> Callable:
-    if isinstance(correct_api_keys, str):
-        correct_api_keys = [correct_api_keys]
-    if correct_api_keys is not None:
-        raise_for_type(correct_api_keys, list)
-
-    if is_api_key_correct_func is None and correct_api_keys is not None:
-        is_api_key_correct_func = (
-            lambda *args, **kwargs_: kwargs_["api_auth_data"].api_key_string in correct_api_keys
-        )
-
-    if isinstance(correct_user_tokens, str):
-        correct_user_tokens = [correct_user_tokens]
-    if correct_user_tokens is not None:
-        raise_for_type(correct_user_tokens, list)
-
-    if is_user_token_correct_func is None and correct_user_tokens is not None:
-        is_user_token_correct_func = (
-            lambda *args, **kwargs_: kwargs_["api_auth_data"].user_token_string in correct_user_tokens
-        )
+    if middlewares is None:
+        middlewares = []
 
-    if require_correct_api_key is True:
-        require_api_key_string = True
-
-    if require_correct_user_token is True:
-        require_user_token_string = True
-
-    async def func(
+    async def async_func(
             *,
             ac: fastapi.security.HTTPAuthorizationCredentials | None = fastapi.Security(
                 fastapi.security.HTTPBearer(auto_error=False)
@@ -97,16 +54,10 @@ def api_auth(
     ) -> APIAuthData:
 
         api_auth_data = APIAuthData(
-            require_api_key_string=require_api_key_string,
-            require_user_token_string=require_user_token_string,
-            require_correct_api_key=require_correct_api_key,
-            require_correct_user_token=require_correct_user_token,
-            require_mode_type=require_mode_type,
-            require_not_mode_type=require_not_mode_type,
-            current_mode_type=get_cached_settings().mode_type
+            prod_mode=get_cached_settings().prod_mode
         )
 
-        # parse api_key
+        # parse api_key_string
 
         api_auth_data.api_key_string = api_key_string
 
@@ -116,6 +67,8 @@ def api_auth(
             api_auth_data.api_key_string = request.headers["api-key"]
         if not api_auth_data.api_key_string and "apikey" in request.headers.keys():
             api_auth_data.api_key_string = request.headers["apikey"]
+        if not api_auth_data.api_key_string and "api_key_string" in request.headers.keys():
+            api_auth_data.api_key_string = request.headers["api_key_string"]
 
         if not api_auth_data.api_key_string and "api_key" in request.query_params.keys():
             api_auth_data.api_key_string = request.query_params["api_key"]
@@ -123,13 +76,15 @@ def api_auth(
             api_auth_data.api_key_string = request.query_params["api-key"]
         if not api_auth_data.api_key_string and "apikey" in request.query_params.keys():
             api_auth_data.api_key_string = request.query_params["apikey"]
+        if not api_auth_data.api_key_string and "api_key_string" in request.query_params.keys():
+            api_auth_data.api_key_string = request.query_params["api_key_string"]
 
         if api_auth_data.api_key_string:
             api_auth_data.api_key_string = api_auth_data.api_key_string.strip()
         if not api_auth_data.api_key_string:
             api_auth_data.api_key_string = None
 
-        # parse user token
+        # parse user_token_string
 
         api_auth_data.user_token_string = ac.credentials if ac and ac.credentials and ac.credentials.strip() else None
 
@@ -158,196 +113,205 @@ def api_auth(
         if not api_auth_data.user_token_string:
             api_auth_data.user_token_string = None
 
-        # require_mode_type
+        # is_api_key_correct
 
-        if require_mode_type is not None:
-            if get_cached_settings().mode_type != require_mode_type:
-                raise APIException(
-                    status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
-                    error_code=APIErrorCodes.cannot_authorize,
-                    error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+        if api_auth_data.api_key_string is not None:
+            if get_cached_settings().api_correct_api_keys is None:
+                api_auth_data.is_api_key_correct = None
+            else:
+                api_auth_data.is_api_key_correct = (
+                        api_auth_data.api_key_string in get_cached_settings().api_correct_api_keys
                 )
 
-        # require_not_mode_type
-
-        if require_not_mode_type is not None:
-            if get_cached_settings().mode_type == require_not_mode_type:
-                raise APIException(
-                    status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
-                    error_code=APIErrorCodes.cannot_authorize,
-                    error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
-                )
+        # api_key_dbm
 
-        # require_api_key_string
+        if api_auth_data.api_key_string is not None:
+            if get_cached_sqlalchemy_db() is not None:
+                async with get_cached_sqlalchemy_db().new_async_session() as async_session:
+                    api_auth_data.api_key_dbm = await async_session.scalar(
+                        sqlalchemy.select(ApiKeyDBM).where(ApiKeyDBM.value == api_auth_data.api_key_string)
+                    )
 
-        if require_api_key_string and not api_auth_data.api_key_string:
-            raise APIException(
-                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
-                error_code=APIErrorCodes.cannot_authorize,
-                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
-            )
+        # user_token_dbm
 
-        # require_token_string
+        if api_auth_data.user_token_string is not None:
+            if get_cached_sqlalchemy_db() is not None:
+                async with get_cached_sqlalchemy_db().new_async_session() as async_session:
+                    api_auth_data.user_token_dbm = await async_session.scalar(
+                        sqlalchemy.select(UserTokenDBM)
+                        .options(joinedload(UserTokenDBM.user))
+                        .where(UserTokenDBM.value == api_auth_data.user_token_string)
+                    )
 
-        if require_user_token_string and not api_auth_data.user_token_string:
-            raise APIException(
-                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
-                error_code=APIErrorCodes.cannot_authorize,
-                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
-            )
+        # middlewares
 
-        # is_api_key_correct_func
+        for middleware in middlewares:
+            api_auth_data.extra_data[middleware.__name__] = True
 
-        if is_api_key_correct_func is not None:
-            if is_async_func(is_api_key_correct_func):
-                await is_api_key_correct_func(
+        for middleware in middlewares:
+            if is_async_func(middleware):
+                await middleware(
                     api_auth_data=api_auth_data,
                     request=request
                 )
-            elif is_sync_func(is_api_key_correct_func):
-                is_api_key_correct_func(
+            elif is_sync_func(middleware):
+                middleware(
                     api_auth_data=api_auth_data,
                     request=request
                 )
             else:
-                raise TypeError("unknown validate_api_key_func type")
+                raise TypeError(f"unknown middleware type, {middleware.__name__}")
 
-        # is_user_token_correct_func
+        return api_auth_data
 
-        if is_user_token_correct_func is not None:
-            if is_async_func(is_user_token_correct_func):
-                await is_user_token_correct_func(
-                    api_auth_data=api_auth_data,
-                    request=request
-                )
-            elif is_sync_func(is_user_token_correct_func):
-                is_user_token_correct_func(
-                    api_auth_data=api_auth_data,
-                    request=request
-                )
-            else:
-                raise TypeError("unknown validate_token_func type")
+    return async_func
 
-        # require_correct_api_key
 
-        if require_correct_api_key:
-            if not api_auth_data.is_api_key_correct:
-                raise APIException(
-                    status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
-                    error_code=APIErrorCodes.cannot_authorize,
-                    error_description="not api_auth_data.is_api_key_correct",
-                    error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump()),
-                )
+def require_prod_mode_api_middleware():
+    def func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
+        if not get_cached_settings().prod_mode:
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=f"prod_mode is required, {get_cached_settings().prod_mode=}",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
 
-        # require_correct_token
+    func.__name__ = require_prod_mode_api_middleware.__name__
 
-        if require_correct_user_token:
-            if not api_auth_data.is_user_token_correct:
-                raise APIException(
-                    status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
-                    error_code=APIErrorCodes.cannot_authorize,
-                    error_description="not api_auth_data.is_user_token_correct",
-                    error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
-                )
+    return func
 
-        return api_auth_data
+
+def require_not_prod_mode_api_middleware():
+    def func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
+        if get_cached_settings().prod_mode:
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=f"not prod_mode is required, {get_cached_settings().prod_mode=}",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
+
+    func.__name__ = require_not_prod_mode_api_middleware.__name__
 
     return func
 
 
-def correct_api_keys_from_settings__is_api_key_correct_func() -> Callable:
-    async def async_func(
-            *,
-            api_auth_data: APIAuthData,
-            request: fastapi.requests.Request,
-    ):
-        if get_cached_settings().api_correct_api_keys is None:
-            api_auth_data.is_api_key_correct = False
-            return
+def require_api_key_string_api_middleware():
+    def func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
         if api_auth_data.api_key_string is None:
-            api_auth_data.is_api_key_correct = False
-            return
-        if api_auth_data.api_key_string.strip() not in get_cached_settings().api_correct_api_keys:
-            api_auth_data.is_api_key_correct = False
-            return
-        api_auth_data.is_api_key_correct = True
-        return
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description="api_key_string is required",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
 
-    return async_func
+    func.__name__ = require_api_key_string_api_middleware.__name__
 
+    return func
 
-def correct_tokens_from_settings__is_user_token_correct_func() -> Callable:
-    async def async_func(
-            *,
-            api_auth_data: APIAuthData,
-            request: fastapi.requests.Request,
-    ):
-        if get_cached_settings().api_correct_tokens is None:
-            api_auth_data.is_api_key_correct = False
-            return
+
+def require_user_token_string_api_middleware():
+    def func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
         if api_auth_data.user_token_string is None:
-            api_auth_data.is_api_key_correct = False
-            return
-        if api_auth_data.user_token_string.strip() not in get_cached_settings().api_correct_tokens:
-            api_auth_data.is_api_key_correct = False
-            return
-        api_auth_data.is_api_key_correct = True
-        return
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description="user_token_string is required",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
 
-    return async_func
+    func.__name__ = require_user_token_string_api_middleware.__name__
 
+    return func
 
-def correct_api_key_from_sqlalchemy_db__is_api_key_correct_func() -> Callable:
-    async def async_func(
-            *,
-            api_auth_data: APIAuthData,
-            request: fastapi.requests.Request,
-    ):
-        if api_auth_data.api_key_string is None:
-            api_auth_data.is_api_key_correct = False
-            return
 
-        async with get_cached_sqlalchemy_db().new_async_session() as session:
-            api_auth_data.api_key_dbm = await session.scalar(
-                sqlalchemy.select(ApiKeyDBM).where(ApiKeyDBM.value == api_auth_data.api_key_string)
+def require_correct_api_key_api_middleware():
+    def func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
+        if not api_auth_data.is_api_key_correct:
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description="correct api_key_string is required",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
             )
 
-        if api_auth_data.api_key_dbm is None or not api_auth_data.api_key_dbm.is_enabled:
-            api_auth_data.is_api_key_correct = False
-            return
+    func.__name__ = require_correct_api_key_api_middleware.__name__
+
+    return func
 
-        api_auth_data.is_api_key_correct = True
-        return True
+
+def require_api_key_dbm_api_middleware(*, require_active: bool = True):
+    async def async_func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
+        if api_auth_data.api_key_dbm is None:
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=f"api_key_dbm is required, {require_active=}",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
+        if require_active and not api_auth_data.api_key_dbm.is_active:
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=f"api_key_dbm is required, {require_active=}",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
+
+    async_func.__name__ = require_api_key_dbm_api_middleware.__name__
 
     return async_func
 
 
-def correct_user_token_from_sqlalchemy_db__is_user_token_correct_func(
-        *, require_user_roles: list[str] | None = None
-) -> Callable:
-    async def async_func(
-            *,
-            api_auth_data: APIAuthData,
-            request: fastapi.requests.Request,
-    ):
-        if api_auth_data.user_token_string is None:
-            api_auth_data.is_user_token_correct = False
-            return
+def require_correct_api_key_or_api_key_dbm_api_middleware(*, require_active_api_key_dbm: bool = True):
+    async def async_func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
+        if not api_auth_data.is_api_key_correct and (
+                api_auth_data.api_key_dbm is None
+                or (require_active_api_key_dbm and not api_auth_data.api_key_dbm.is_active)
+        ):
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=(
+                    f"correct api_key is required or api_key_dbm is required, {require_active_api_key_dbm=}"
+                ),
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
+
+    async_func.__name__ = require_correct_api_key_or_api_key_dbm_api_middleware.__name__
+
+    return async_func
 
-        with get_cached_sqlalchemy_db().new_session() as session:
-            api_auth_data.user_token_dbm = session.query(
-                UserTokenDBM
-            ).filter(
-                UserTokenDBM.value == api_auth_data.user_token_string
-            ).one_or_none()
 
+def require_user_token_dbm_api_middleware(
+        *, require_active_user_token: bool = True,
+        require_user_roles: list[str] | None = None
+):
+    async def async_func(*, api_auth_data: APIAuthData, request: fastapi.requests.Request):
         if api_auth_data.user_token_dbm is None:
-            api_auth_data.is_user_token_correct = False
-            return
-        if not api_auth_data.user_token_dbm.is_enabled:
-            pass
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=f"user_key_dbm is required, {require_active_user_token=}, {require_user_roles=}",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
+        if require_active_user_token and not api_auth_data.user_token_dbm.is_active:
+            raise APIException(
+                status_code=fastapi.status.HTTP_401_UNAUTHORIZED,
+                error_code=APIErrorCodes.cannot_authorize,
+                error_description=f"user_key_dbm is required, {require_active_user_token=}, {require_user_roles=}",
+                error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+            )
+        if require_user_roles is not None:
+            if not api_auth_data.user_token_dbm.user.compare_roles(require_user_roles):
+                raise APIException(
+                    status_code=fastapi.status.HTTP_403_FORBIDDEN,
+                    error_code=APIErrorCodes.cannot_authorize,
+                    error_description=f"user_key_dbm is required, {require_active_user_token=}, {require_user_roles=}",
+                    error_data=transfer_data_to_json_str_to_data(api_auth_data.model_dump())
+                )
 
-        api_auth_data.is_user_token_correct = True
-        return
+    async_func.__name__ = require_user_token_dbm_api_middleware.__name__
 
     return async_func

arpakitlib/_arpakit_project_template_v_5/project/api/exception_handler.py

@@ -11,12 +11,10 @@ from arpakitlib.ar_datetime_util import now_utc_dt
 from arpakitlib.ar_dict_util import combine_dicts
 from arpakitlib.ar_exception_util import exception_to_traceback_str
 from arpakitlib.ar_func_util import raise_if_not_async_func, is_async_func, is_sync_func
-from arpakitlib.ar_json_util import transfer_data_to_json_str
 from project.api.const import APIErrorCodes
 from project.api.exception import APIException
 from project.api.response import APIJSONResponse
 from project.api.schema.out.common.error import ErrorCommonSO
-from project.core.settings import get_cached_settings
 from project.sqlalchemy_db_.sqlalchemy_db import get_cached_sqlalchemy_db
 from project.sqlalchemy_db_.sqlalchemy_model import StoryLogDBM
 
@@ -175,7 +173,7 @@ def logging_func_before_in_api_exception_handler(
         ):
             return
 
-        _logger.error(transfer_data_to_json_str(error_common_so.model_dump()), exc_info=False)
+        _logger.exception(exception)
 
     return func
 
@@ -237,10 +235,7 @@ def get_exception_handler() -> Callable:
     funcs_before = []
     async_funcs_after = []
 
-    if (
-            get_cached_settings().api_create_story_log_func_before_in_api_exception_handler
-            and get_cached_sqlalchemy_db() is not None
-    ):
+    if get_cached_sqlalchemy_db() is not None:
         funcs_before.append(
             create_story_log_func_before_in_api_exception_handler(
                 ignore_api_error_codes=[

arpakitlib/_arpakit_project_template_v_5/project/api/router/admin/get_arpakitlib_project_template_info.py

@@ -1,8 +1,11 @@
 import fastapi
 from fastapi import APIRouter
 
+from project.api.auth import require_user_token_dbm_api_middleware, APIAuthData, \
+    api_auth, require_correct_api_key_or_api_key_dbm_api_middleware
 from project.api.schema.out.common.error import ErrorCommonSO
 from project.api.schema.out.common.raw_data import RawDataCommonSO
+from project.sqlalchemy_db_.sqlalchemy_model import UserDBM
 from project.util.arpakitlib_project_template import get_arpakitlib_project_template_info
 
 api_router = APIRouter()
@@ -17,7 +20,14 @@ api_router = APIRouter()
 async def _(
         *,
         request: fastapi.requests.Request,
-        response: fastapi.responses.Response
+        response: fastapi.responses.Response,
+        api_auth_data: APIAuthData = fastapi.Depends(api_auth(middlewares=[
+            require_correct_api_key_or_api_key_dbm_api_middleware(require_active_api_key_dbm=True),
+            require_user_token_dbm_api_middleware(
+                require_active_user_token=True,
+                require_user_roles=[UserDBM.Roles.admin]
+            )
+        ]))
 ):
     arpakitlib_project_template_data = get_arpakitlib_project_template_info()
     return RawDataCommonSO(data=arpakitlib_project_template_data)

arpakitlib/_arpakit_project_template_v_5/project/api/router/admin/get_auth_data.py

@@ -2,9 +2,11 @@ import fastapi.requests
 from fastapi import APIRouter
 
 from arpakitlib.ar_json_util import transfer_data_to_json_str_to_data
-from project.api.auth import APIAuthData, api_auth
+from project.api.auth import APIAuthData, api_auth, require_user_token_dbm_api_middleware, \
+    require_correct_api_key_or_api_key_dbm_api_middleware
 from project.api.schema.out.common.error import ErrorCommonSO
 from project.api.schema.out.common.raw_data import RawDataCommonSO
+from project.sqlalchemy_db_.sqlalchemy_model import UserDBM
 
 api_router = APIRouter()
 
@@ -19,12 +21,12 @@ async def _(
         *,
         request: fastapi.requests.Request,
         response: fastapi.responses.Response,
-        api_auth_data: APIAuthData = fastapi.Depends(api_auth(
-            require_not_prod_mode=True,
-            try_find_api_key_dbm_from_sqlalchemy_db=True,
-            try_find_user_token_dbm_from_sqlalchemy_db=True,
-            require_api_key_dbm_from_sqlalchemy_db=True,
-            require_user_token_dbm_from_sqlalchemy_db=True
-        ))
+        api_auth_data: APIAuthData = fastapi.Depends(api_auth(middlewares=[
+            require_correct_api_key_or_api_key_dbm_api_middleware(require_active_api_key_dbm=True),
+            require_user_token_dbm_api_middleware(
+                require_active_user_token=True,
+                require_user_roles=[UserDBM.Roles.admin]
+            )
+        ]))
 ):
     return RawDataCommonSO(data=transfer_data_to_json_str_to_data(api_auth_data.model_dump()))

arpakitlib/_arpakit_project_template_v_5/project/api/router/admin/get_story_log.py

@@ -0,0 +1,46 @@
+import fastapi.requests
+import sqlalchemy
+from fastapi import APIRouter
+
+from project.api.auth import APIAuthData, api_auth, require_user_token_dbm_api_middleware, \
+    require_correct_api_key_or_api_key_dbm_api_middleware
+from project.api.schema.out.admin.story_log import StoryLogAdminSO
+from project.api.schema.out.common.error import ErrorCommonSO
+from project.sqlalchemy_db_.sqlalchemy_db import get_cached_sqlalchemy_db
+from project.sqlalchemy_db_.sqlalchemy_model import UserDBM, StoryLogDBM
+
+api_router = APIRouter()
+
+
+@api_router.get(
+    "",
+    name="Get story log",
+    status_code=fastapi.status.HTTP_200_OK,
+    response_model=StoryLogAdminSO | None | ErrorCommonSO,
+)
+async def _(
+        *,
+        request: fastapi.requests.Request,
+        response: fastapi.responses.Response,
+        api_auth_data: APIAuthData = fastapi.Depends(api_auth(middlewares=[
+            require_correct_api_key_or_api_key_dbm_api_middleware(require_active_api_key_dbm=True),
+            require_user_token_dbm_api_middleware(
+                require_active_user_token=True,
+                require_user_roles=[UserDBM.Roles.admin]
+            )
+        ])),
+        filter_id: int | None = fastapi.Query(default=None),
+        filter_long_id: str | None = fastapi.Query(default=None),
+):
+    if filter_id is None and filter_long_id is None:
+        return None
+
+    query = sqlalchemy.select(StoryLogDBM)
+    if filter_id is not None:
+        query = query.filter(StoryLogDBM.id == filter_id)
+    if filter_long_id is not None:
+        query = query.filter(StoryLogDBM.long_id == filter_long_id)
+
+    async with get_cached_sqlalchemy_db().new_async_session() as async_session:
+        result = await async_session.scalar(query)
+        return StoryLogAdminSO.from_dbm(simple_dbm=result)