Anvil: Web apps with nothing but Python Transcripts
Chapter: Adding APIs and HTTP Endpoints
Lecture: Generating the API key
0:00 Well, we saw that our authorized method
0:01 is basically doing what it should
0:03 it's verifying all the data's there
0:05 it's logging in the user, getting access to them
0:08 telling us that worked or it didn't work.
0:10 The last bit is, remember we added this API key
0:13 over here in the right, but it's not set.
0:17 How do we set it?
0:18 Well, we could set it when we first create the user
0:21 but that's not technically necessary.
0:22 You'll see it's super easy to do right here.
0:25 You only need the API key if you're going
0:27 to try to call the API anyway and in order to do that
0:30 you first have to authorize
0:32 using this little method we built.
0:34 So lets do it like this, we'll say if we have the user
0:37 we're going to test if they have an API key.
0:41 Look at how sweet that autocomplete is. Thank you.
0:44 All right, so we're going to test if there's an API key
0:47 say if there's not an API key, rather.
0:49 We want to generate it for them.
0:52 And I'll say how to do that in a sec and then
0:55 change this to api_key.
0:59 It's just going to be the user's API key.
1:01 So, that's what we want to return.
1:03 But what do we do if it's not here?
1:04 Well, we just regenerate it.
1:06 So, we're going to go over here and say import uuid
1:09 uuid is a library for generating
1:11 unique identifiers and so on.
1:13 So, we're going to go to this and say UUID4
1:16 like this when we set this here
1:18 it's actually going to save it back to the database
1:20 and then we're just going to return.
1:23 So, lets do a print generated new API key.
1:27 I'm going to put it in here.
1:31 So the first time you should see this generated
1:33 but the second time it'll be already there
1:35 so it won't show up again.
1:37 Actually, it's a little harder to see
1:38 lets do it like this.
1:40 We don't have to go back to the logs.
1:47 Here we go, we'll just return that back to the caller.
1:50 Okay, here we are. The first time I call it
1:52 there's not going to be an API key.
1:55 Clear this out, it's a fresh session.
1:59 We hit send, it comes back.
2:02 You see our API key is here, this is the UUID.
2:06 And the mode is created. Let's run it again.
2:11 There you go, existing. It's already there.
2:13 And we can double check that, if we go with the Firefox
2:16 and we go to our data tables.
2:19 Notice now, there's our API key.
2:21 So that's how we're going to work in this little API
2:23 that I built. We're going to have this authorized method.
2:26 And come in, we're going to log in and get their API key.
2:29 Once they have this, they can just save this API key
2:32 to their device however they want to do that
2:35 and just exchange it over here to add measurements.
2:37 That's our plan.
2:38 We're just going to send this over.
2:39 It should be all well and good.
2:41 These other methods over here are going
2:43 to just expect that API key, use that to get the user.
2:46 We'll just do a little query, user aware that API key
2:48 equals whatever they pass in.