datasette-secrets 0.1a0__py3-none-any.whl → 0.1a1__py3-none-any.whl

datasette_secrets/__init__.py

@@ -13,7 +13,7 @@ MAX_NOTE_LENGTH = 100
 pm.add_hookspecs(hookspecs)
 
 
-async def get_secret(datasette, secret_name):
+async def get_secret(datasette, secret_name, actor_id=None):
     secrets_by_name = {secret.name: secret for secret in await get_secrets(datasette)}
     if secret_name not in secrets_by_name:
         return None
@@ -24,16 +24,31 @@ async def get_secret(datasette, secret_name):
     # Now look it up in the database
     config = get_config(datasette)
     db = get_database(datasette)
-    encrypted = (
+    db_secret = (
         await db.execute(
-            "select encrypted from datasette_secrets where name = ? order by version desc limit 1",
+            "select id, encrypted from datasette_secrets where name = ? order by version desc limit 1",
             (secret_name,),
         )
     ).first()
-    if not encrypted:
+    if not db_secret:
         return None
     key = Fernet(config["encryption_key"].encode("utf-8"))
-    decrypted = key.decrypt(encrypted["encrypted"])
+    decrypted = key.decrypt(db_secret["encrypted"])
+    # Update the last used timestamp and actor_id
+    params = (actor_id, db_secret["id"])
+    if not actor_id:
+        params = (db_secret["id"],)
+    await db.execute_write(
+        """
+        update datasette_secrets
+        set last_used_at = datetime('now'),
+            last_used_by = {}
+        where id = ?
+        """.format(
+            "?" if actor_id else "null"
+        ),
+        params,
+    )
     return decrypted.decode("utf-8")
 
 
@@ -51,7 +66,6 @@ create table if not exists datasette_secrets (
     version integer not null default 1,
     encrypted blob,
     encryption_key_name text not null,
-    redacted text,
     created_at text,
     created_by text,
     updated_at text,

{datasette_secrets-0.1a0.dist-info → datasette_secrets-0.1a1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: datasette-secrets
-Version: 0.1a0
+Version: 0.1a1
 Summary: Manage secrets such as API keys for use with other Datasette plugins
 Author: Datasette
 License: Apache-2.0
@@ -135,12 +135,14 @@ To obtain the current value of the secret, use the `await get_secret()` method:
 ```python
 from datasette_secrets import get_secret
 
-secret = await get_secret(datasette, "OPENAI_API_KEY")
+# Third argument is the actor_id, optional
+secret = await get_secret(datasette, "OPENAI_API_KEY", "root")
 ```
 If the Datasette administrator set a `DATASETTE_SECRETS_OPENAI_API_KEY` environment variable, that will be returned.
 
 Otherwise the encrypted value in the database table will be decrypted and returned - or `None` if there is no configured secret.
 
+The `last_used_at` column is updated every time a secret is accessed. The `last_used_by` column will be set to the actor ID passed to `get_secret()`, or `null` if no actor ID was passed.
 
 ## Development
 

datasette_secrets-0.1a1.dist-info/RECORD

@@ -0,0 +1,10 @@
+datasette_secrets/__init__.py,sha256=u5Hu7mYtbszNmzTyBmsQoyg2V0aS9rJs_NdanZQmgGg,9923
+datasette_secrets/hookspecs.py,sha256=57v14e2Y4o5eZyAgCLpuzp1KZn7CjwLXeKwfq6Zvux8,205
+datasette_secrets/templates/secrets_index.html,sha256=Zr8wmVngxzABB69hM052W8IOHgGIlJLM9KKnDxAYmQI,1510
+datasette_secrets/templates/secrets_update.html,sha256=SQs_TmrCw-eanePGiEnRiqH6OKy_G5iJJcEfg_z6RFg,1463
+datasette_secrets-0.1a1.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
+datasette_secrets-0.1a1.dist-info/METADATA,sha256=UneJmupjhs_jQAB20WaCsQvAWqfH0YIMombKkjQXN50,6417
+datasette_secrets-0.1a1.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
+datasette_secrets-0.1a1.dist-info/entry_points.txt,sha256=2083uWbPpGntxRulh8_hVaelQO-xdtjedG6rGzwPUH0,40
+datasette_secrets-0.1a1.dist-info/top_level.txt,sha256=ZBJKQk-DdDU9Vnwu4x79X9aaEulwGJMoLx62IZJPDaQ,18
+datasette_secrets-0.1a1.dist-info/RECORD,,

datasette_secrets-0.1a0.dist-info/RECORD

@@ -1,10 +0,0 @@
-datasette_secrets/__init__.py,sha256=0hepqbZLfwETYcTA6fU2raP3F1igb_Z5OaqwdjByCYY,9514
-datasette_secrets/hookspecs.py,sha256=57v14e2Y4o5eZyAgCLpuzp1KZn7CjwLXeKwfq6Zvux8,205
-datasette_secrets/templates/secrets_index.html,sha256=Zr8wmVngxzABB69hM052W8IOHgGIlJLM9KKnDxAYmQI,1510
-datasette_secrets/templates/secrets_update.html,sha256=SQs_TmrCw-eanePGiEnRiqH6OKy_G5iJJcEfg_z6RFg,1463
-datasette_secrets-0.1a0.dist-info/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
-datasette_secrets-0.1a0.dist-info/METADATA,sha256=s_AUhTHJOv70M7vKmu-FzEy37FA5DwNpFW76Y7vs0rA,6179
-datasette_secrets-0.1a0.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
-datasette_secrets-0.1a0.dist-info/entry_points.txt,sha256=2083uWbPpGntxRulh8_hVaelQO-xdtjedG6rGzwPUH0,40
-datasette_secrets-0.1a0.dist-info/top_level.txt,sha256=ZBJKQk-DdDU9Vnwu4x79X9aaEulwGJMoLx62IZJPDaQ,18
-datasette_secrets-0.1a0.dist-info/RECORD,,