feature request: ability to generate API key without authing in web UI

[shortstack]

afaict, the only way to generate an API key is by logging into the web UI (grabs the current user and session data etc to generate an API key)

https://github.com/openrelik/openrelik-server/blob/main/src/api/v1/users.py#L73

i'm trying to automate this process entirely.... is there a chance that the /me/apikeys endpoint could support some kind of user/password auth flow to generate and return an API key without having to first be logged into the web UI?

[berggren]

Can you elaborate a bit on the use case?

• What automation are you looking for? To programatically create users?
• Is it only for the initial admin user you need this or for any user?
• Do you need to manage API keys for other users than yourself?

The API use outside of the Web client is currently designed around generating the API key first in the UI.

[shortstack]

yoooo!

• programmatically create a user (done via the install, no biggie)
• programmatically create an API key for the initial user

in this particular use case, it is using the admin user, creating an API key (via the web UI for now) and then carrying on. not worrying about other users right now.

that is the scope, but anything beyond that is for funsies.

i'm trying to entirely automate this process but this is the only piece blocking the fully automated part.

[berggren]

I have implemented a create-api-key command for the admin CLI. When it is merged I intend to add this to the install script as a flag where you can start the install with install.sh --create-api-key and the initial admin user will also get an API key created automatically (and displayed on screen just like the password).

Ref: #65

[shortstack]

YEEESSSSSS 🔥🤓

thank you!

[berggren]

Fixed in #65