webscout 2025.10.15__py3-none-any.whl → 2025.10.17__py3-none-any.whl

webscout/auth/api_key_manager.py

@@ -1,189 +0,0 @@
-# webscout/auth/api_key_manager.py
-
-import secrets
-import string
-from datetime import datetime, timezone, timedelta
-from typing import Optional, Tuple
-import hashlib
-import logging
-
-from .models import User, APIKey
-from .database import DatabaseManager
-
-logger = logging.getLogger(__name__)
-
-
-class APIKeyManager:
-    """Manages API key generation, validation, and lifecycle."""
-    
-    def __init__(self, database_manager: DatabaseManager):
-        self.db = database_manager
-        self.key_prefix = "ws_"  # webscout prefix
-        self.key_length = 32  # Length of the random part
-    
-    def generate_api_key(self) -> str:
-        """Generate a secure API key."""
-        # Generate random string
-        alphabet = string.ascii_letters + string.digits
-        random_part = ''.join(secrets.choice(alphabet) for _ in range(self.key_length))
-        
-        # Add prefix
-        api_key = f"{self.key_prefix}{random_part}"
-        
-        return api_key
-    
-    def hash_api_key(self, api_key: str) -> str:
-        """Hash an API key for secure storage (optional, for extra security)."""
-        return hashlib.sha256(api_key.encode()).hexdigest()
-    
-    async def create_api_key(
-        self,
-        username: str,
-        telegram_id: str,
-        name: Optional[str] = None,
-        rate_limit: int = 10,
-        expires_in_days: Optional[int] = None
-    ) -> Tuple[APIKey, User]:
-        """Create a new API key and associated user if needed. Only one API key per user allowed."""
-
-        # Check if user already exists by telegram_id
-        user = await self.db.get_user_by_telegram_id(telegram_id)
-
-        if user:
-            # Check if user already has an API key
-            existing_keys = await self.db.get_api_keys_by_user(user.id)
-            active_keys = [key for key in existing_keys if key.is_active and not key.is_expired()]
-
-            if active_keys:
-                raise ValueError(f"User with Telegram ID {telegram_id} already has an active API key. Only one API key per user is allowed.")
-        else:
-            # Check if username is already taken
-            existing_user = await self.db.get_user_by_username(username)
-            if existing_user:
-                raise ValueError(f"Username '{username}' is already taken")
-
-            # Create new user
-            user = User(
-                username=username,
-                telegram_id=telegram_id,
-                created_at=datetime.now(timezone.utc),
-                updated_at=datetime.now(timezone.utc)
-            )
-            try:
-                user = await self.db.create_user(user)
-                logger.info(f"Created new user: {user.username} (Telegram ID: {telegram_id})")
-            except ValueError as e:
-                # User might already exist, try to get it
-                if "already exists" in str(e):
-                    user = await self.db.get_user_by_telegram_id(telegram_id)
-                    if not user:
-                        raise e
-                else:
-                    raise e
-        
-        # Generate API key
-        api_key_value = self.generate_api_key()
-        
-        # Calculate expiration
-        expires_at = None
-        if expires_in_days:
-            expires_at = datetime.now(timezone.utc) + timedelta(days=expires_in_days)
-        
-        # Create API key object
-        api_key = APIKey(
-            key=api_key_value,
-            user_id=user.id,
-            name=name,
-            created_at=datetime.now(timezone.utc),
-            expires_at=expires_at,
-            rate_limit=rate_limit,
-            is_active=True
-        )
-        
-        # Store in database
-        try:
-            api_key = await self.db.create_api_key(api_key)
-            logger.info(f"Created API key for user {user.username}: {api_key.id}")
-            return api_key, user
-        except ValueError as e:
-            # Key collision (very unlikely), try again
-            if "already exists" in str(e):
-                logger.warning("API key collision detected, regenerating...")
-                return await self.create_api_key(username, telegram_id, name, rate_limit, expires_in_days)
-            raise e
-    
-    async def validate_api_key(self, api_key: str) -> Tuple[bool, Optional[APIKey], Optional[str]]:
-        """
-        Validate an API key.
-        
-        Returns:
-            Tuple of (is_valid, api_key_object, error_message)
-        """
-        if not api_key:
-            return False, None, "API key is required"
-        
-        if not api_key.startswith(self.key_prefix):
-            return False, None, "Invalid API key format"
-        
-        try:
-            # Get API key from database
-            key_obj = await self.db.get_api_key(api_key)
-            
-            if not key_obj:
-                return False, None, "API key not found"
-            
-            if not key_obj.is_active:
-                return False, None, "API key is inactive"
-            
-            if key_obj.is_expired():
-                return False, None, "API key has expired"
-            
-            # Update last used timestamp
-            key_obj.last_used_at = datetime.now(timezone.utc)
-            key_obj.usage_count += 1
-            
-            try:
-                await self.db.update_api_key(key_obj)
-            except Exception as e:
-                logger.warning(f"Failed to update API key usage: {e}")
-            
-            return True, key_obj, None
-            
-        except Exception as e:
-            logger.error(f"Error validating API key: {e}")
-            return False, None, "Internal error during validation"
-    
-    async def revoke_api_key(self, api_key: str) -> bool:
-        """Revoke an API key by marking it as inactive."""
-        try:
-            key_obj = await self.db.get_api_key(api_key)
-            
-            if not key_obj:
-                return False
-            
-            key_obj.is_active = False
-            key_obj.updated_at = datetime.now(timezone.utc)
-            
-            await self.db.update_api_key(key_obj)
-            logger.info(f"Revoked API key: {key_obj.id}")
-            return True
-            
-        except Exception as e:
-            logger.error(f"Error revoking API key: {e}")
-            return False
-    
-    async def get_user_api_keys(self, user_id: str) -> list[APIKey]:
-        """Get all API keys for a user."""
-        try:
-            return await self.db.get_api_keys_by_user(user_id)
-        except Exception as e:
-            logger.error(f"Error getting user API keys: {e}")
-            return []
-    
-    async def cleanup_expired_keys(self) -> int:
-        """Clean up expired API keys (mark as inactive)."""
-        # This would require a method to get all API keys, which we haven't implemented
-        # For now, we'll just return 0
-        # In a production system, you'd want to implement this properly
-        logger.info("Cleanup expired keys called (not implemented)")
-        return 0

webscout/auth/auth_system.py

@@ -1,85 +0,0 @@
-"""
-Authentication system initialization for the Webscout API.
-"""
-
-import os
-import sys
-from typing import Optional
-from fastapi import FastAPI
-
-from webscout.Litlogger import Logger, LogLevel, LogFormat, ConsoleHandler
-from .database import DatabaseManager
-from .api_key_manager import APIKeyManager
-from .rate_limiter import RateLimiter
-from .middleware import AuthMiddleware
-
-# Setup logger
-logger = Logger(
-    name="webscout.api",
-    level=LogLevel.INFO,
-    handlers=[ConsoleHandler(stream=sys.stdout)],
-    fmt=LogFormat.DEFAULT
-)
-
-# Global authentication system instances
-db_manager: Optional[DatabaseManager] = None
-api_key_manager: Optional[APIKeyManager] = None
-rate_limiter: Optional[RateLimiter] = None
-auth_middleware: Optional[AuthMiddleware] = None
-
-
-def initialize_auth_system(app: FastAPI, auth_required: bool = True, rate_limit_enabled: bool = True) -> None:
-    """Initialize the authentication system."""
-    global db_manager, api_key_manager, rate_limiter, auth_middleware
-
-    try:
-        # Initialize database manager (always needed for request logging)
-        mongo_url = os.getenv("MONGODB_URL")
-        data_dir = os.getenv("WEBSCOUT_DATA_DIR", "data")
-
-        db_manager = DatabaseManager(mongo_url, data_dir)
-
-        if not auth_required:
-            logger.info("Auth system is disabled (no-auth mode): initializing only database for request logging.")
-            api_key_manager = None
-            rate_limiter = None
-            auth_middleware = None
-        else:
-            # Initialize API key manager
-            api_key_manager = APIKeyManager(db_manager)
-
-            # Initialize rate limiter
-            rate_limiter = RateLimiter(db_manager)
-
-            # Initialize auth middleware with configuration
-            auth_middleware = AuthMiddleware(
-                api_key_manager,
-                rate_limiter,
-                auth_required=auth_required,
-                rate_limit_enabled=rate_limit_enabled
-            )
-
-            # Add auth middleware to app
-            app.middleware("http")(auth_middleware)
-
-        # Add startup event to initialize database
-        async def startup_event():
-            if db_manager:
-                await db_manager.initialize()
-                logger.info("Database system initialized successfully")
-                logger.info(f"Auth required: {auth_required}, Rate limiting: {rate_limit_enabled}")
-
-        # Store startup function for later use
-        app.state.startup_event = startup_event
-
-        logger.info("Authentication system setup completed")
-
-    except Exception as e:
-        logger.error(f"Failed to initialize authentication system: {e}")
-        # Fall back to legacy auth if new system fails
-        logger.warning("Falling back to legacy authentication system")
-
-
-def get_auth_components():
-    """Get the initialized authentication components."""
-    return api_key_manager, db_manager, rate_limiter

webscout/auth/config.py

@@ -1,175 +0,0 @@
-"""
-Configuration management for the Webscout API server.
-"""
-
-import os
-from typing import List, Dict, Optional, Any
-from webscout.Litlogger import Logger, LogLevel, LogFormat, ConsoleHandler
-import sys
-
-# Configuration constants
-DEFAULT_PORT = 8000
-DEFAULT_HOST = "0.0.0.0"
-
-# Setup logger
-logger = Logger(
-    name="webscout.api",
-    level=LogLevel.INFO,
-    handlers=[ConsoleHandler(stream=sys.stdout)],
-    fmt=LogFormat.DEFAULT
-)
-
-
-def _get_supabase_url() -> Optional[str]:
-    """Get Supabase URL from environment variables or GitHub secrets."""
-    # Try environment variable first
-    url = os.getenv("SUPABASE_URL")
-    if url:
-        logger.info("📍 Using SUPABASE_URL from environment")
-        return url
-    
-    # Try to get from GitHub secrets (if running in GitHub Actions)
-    github_url = os.getenv("GITHUB_SUPABASE_URL")  # GitHub Actions secret
-    if github_url:
-        logger.info("📍 Using SUPABASE_URL from GitHub secrets")
-        return github_url
-    
-    # Don't log error during import - only when actually needed
-    return None
-
-
-def _get_supabase_anon_key() -> Optional[str]:
-    """Get Supabase anon key from environment variables or GitHub secrets."""
-    # Try environment variable first
-    key = os.getenv("SUPABASE_ANON_KEY")
-    if key:
-        logger.info("🔑 Using SUPABASE_ANON_KEY from environment")
-        return key
-    
-    # Try to get from GitHub secrets (if running in GitHub Actions)
-    github_key = os.getenv("GITHUB_SUPABASE_ANON_KEY")  # GitHub Actions secret
-    if github_key:
-        logger.info("🔑 Using SUPABASE_ANON_KEY from GitHub secrets")
-        return github_key
-    
-    # Don't log error during import - only when actually needed
-    return None
-
-
-class ServerConfig:
-    """Centralized configuration management for the API server."""
-
-    def __init__(self):
-        self.api_key: Optional[str] = None
-        self.provider_map: Dict[str, Any] = {}
-        self.default_provider: str = "ChatGPT"
-        self.base_url: Optional[str] = None
-        self.host: str = DEFAULT_HOST
-        self.port: int = DEFAULT_PORT
-        self.debug: bool = False
-        self.cors_origins: List[str] = ["*"]
-        self.max_request_size: int = 10 * 1024 * 1024  # 10MB
-        self.request_timeout: int = 300  # 5 minutes
-        self.auth_required: bool = os.getenv("WEBSCOUT_AUTH_REQUIRED", "false").lower() == "true"  # Default to no auth
-        self.rate_limit_enabled: bool = os.getenv("WEBSCOUT_RATE_LIMIT_ENABLED", "false").lower() == "true"  # Default to no rate limit
-        self.default_rate_limit: int = 60  # Default rate limit for no-auth mode
-        self.request_logging_enabled: bool = os.getenv("WEBSCOUT_REQUEST_LOGGING", "true").lower() == "true"  # Enable request logging by default
-        
-        # Database configuration - lazy initialization
-        self._supabase_url: Optional[str] = None
-        self._supabase_anon_key: Optional[str] = None
-        self._supabase_url_checked: bool = False
-        self._supabase_anon_key_checked: bool = False
-        self.mongodb_url: Optional[str] = os.getenv("MONGODB_URL")
-
-    @property
-    def supabase_url(self) -> Optional[str]:
-        """Get Supabase URL with lazy initialization."""
-        if not self._supabase_url_checked:
-            self._supabase_url = _get_supabase_url()
-            self._supabase_url_checked = True
-        return self._supabase_url
-
-    @property
-    def supabase_anon_key(self) -> Optional[str]:
-        """Get Supabase anon key with lazy initialization."""
-        if not self._supabase_anon_key_checked:
-            self._supabase_anon_key = _get_supabase_anon_key()
-            self._supabase_anon_key_checked = True
-        return self._supabase_anon_key
-
-    def update(self, **kwargs) -> None:
-        """Update configuration with provided values."""
-        for key, value in kwargs.items():
-            if hasattr(self, key) and value is not None:
-                setattr(self, key, value)
-                logger.info(f"Config updated: {key} = {value}")
-
-    def validate(self) -> None:
-        """Validate configuration settings."""
-        if self.port < 1 or self.port > 65535:
-            raise ValueError(f"Invalid port number: {self.port}")
-
-        if self.default_provider not in self.provider_map and self.provider_map:
-            available_providers = list(set(v.__name__ for v in self.provider_map.values()))
-            logger.warning(f"Default provider '{self.default_provider}' not found. Available: {available_providers}")
-
-
-class AppConfig:
-    """Legacy configuration class for backward compatibility."""
-    api_key: Optional[str] = None
-    provider_map = {}
-    tti_provider_map = {}  # Add TTI provider map
-    default_provider = "ChatGPT"
-    default_tti_provider = "PollinationsAI"  # Add default TTI provider
-    base_url: Optional[str] = None
-    auth_required: bool = os.getenv("WEBSCOUT_AUTH_REQUIRED", "false").lower() == "true"  # Default to no auth
-    rate_limit_enabled: bool = os.getenv("WEBSCOUT_RATE_LIMIT_ENABLED", "false").lower() == "true"  # Default to no rate limit
-    default_rate_limit: int = 60  # Default rate limit for no-auth mode
-    request_logging_enabled: bool = os.getenv("WEBSCOUT_REQUEST_LOGGING", "true").lower() == "true"  # Enable request logging by default
-    
-    # Database configuration - lazy initialization
-    _supabase_url: Optional[str] = None
-    _supabase_anon_key: Optional[str] = None
-    _supabase_url_checked: bool = False
-    _supabase_anon_key_checked: bool = False
-    mongodb_url: Optional[str] = os.getenv("MONGODB_URL")
-
-    @classmethod
-    def get_supabase_url(cls) -> Optional[str]:
-        """Get Supabase URL with lazy initialization."""
-        if not cls._supabase_url_checked:
-            cls._supabase_url = _get_supabase_url()
-            cls._supabase_url_checked = True
-        return cls._supabase_url
-
-    @classmethod
-    def get_supabase_anon_key(cls) -> Optional[str]:
-        """Get Supabase anon key with lazy initialization."""
-        if not cls._supabase_anon_key_checked:
-            cls._supabase_anon_key = _get_supabase_anon_key()
-            cls._supabase_anon_key_checked = True
-        return cls._supabase_anon_key
-
-    # For backward compatibility, provide properties that call the methods
-    @property
-    def supabase_url(self) -> Optional[str]:
-        return self.__class__.get_supabase_url()
-
-    @property
-    def supabase_anon_key(self) -> Optional[str]:
-        return self.__class__.get_supabase_anon_key()
-
-    @classmethod
-    def set_config(cls, **data):
-        """Set configuration values."""
-        for key, value in data.items():
-            setattr(cls, key, value)
-        # Sync with new config system
-        try:
-            from .server import get_config
-            config = get_config()
-            config.update(**data)
-        except ImportError:
-            # Handle case where server module is not available
-            pass