Anvil: Web Apps with Nothing but Python Transcripts
Chapter: Adding APIs and HTTP Endpoints
Lecture: Generating the API key

Learn more about this course
Login or purchase this course to watch this video and the rest of the course contents.
0:00 Well, we saw that our authorized method is basically doing what it should it's verifying all the data's there
0:06 it's logging in the user, getting access to them telling us that worked or it didn't work. The last bit is, remember we added this API key
0:14 over here in the right, but it's not set. How do we set it? Well, we could set it when we first create the user but that's not technically necessary.
0:23 You'll see it's super easy to do right here. You only need the API key if you're going to try to call the API anyway and in order to do that
0:31 you first have to authorize using this little method we built. So lets do it like this, we'll say if we have the user
0:38 we're going to test if they have an API key. Look at how sweet that autocomplete is. Thank you. All right, so we're going to test if there's an API key
0:48 say if there's not an API key, rather. We want to generate it for them. And I'll say how to do that in a sec and then change this to api_key.
1:00 It's just going to be the user's API key. So, that's what we want to return. But what do we do if it's not here? Well, we just regenerate it.
1:07 So, we're going to go over here and say import uuid uuid is a library for generating unique identifiers and so on.
1:14 So, we're going to go to this and say UUID4 like this when we set this here it's actually going to save it back to the database
1:21 and then we're just going to return. So, lets do a print generated new API key. I'm going to put it in here.
1:32 So the first time you should see this generated but the second time it'll be already there so it won't show up again.
1:38 Actually, it's a little harder to see lets do it like this. We don't have to go back to the logs.
1:48 Here we go, we'll just return that back to the caller. Okay, here we are. The first time I call it there's not going to be an API key.
1:56 Clear this out, it's a fresh session. We hit send, it comes back. You see our API key is here, this is the UUID.
2:07 And the mode is created. Let's run it again. There you go, existing. It's already there. And we can double check that, if we go with the Firefox
2:17 and we go to our data tables. Notice now, there's our API key. So that's how we're going to work in this little API
2:24 that I built. We're going to have this authorized method. And come in, we're going to log in and get their API key.
2:30 Once they have this, they can just save this API key to their device however they want to do that and just exchange it over here to add measurements.
2:38 That's our plan. We're just going to send this over. It should be all well and good. These other methods over here are going
2:44 to just expect that API key, use that to get the user. We'll just do a little query, user aware that API key equals whatever they pass in.


Talk Python's Mastodon Michael Kennedy's Mastodon