fixes revoke endpoint

defenseunicorns · Jul 3, 2024 · b19a0b8 · b19a0b8
1 parent 0c6203f
commit b19a0b8
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 19 deletions.
diff --git a/src/leapfrogai_api/routers/leapfrogai/auth.py b/src/leapfrogai_api/routers/leapfrogai/auth.py
@@ -85,19 +85,21 @@ async def create_api_key(
     return api_key_item
 
 
-@router.post("/revoke-api-key")
+@router.delete("/revoke-api-key/{api_key_id}")
 async def revoke_api_key(
     session: Session,
-    id: str,
+    api_key_id: str,
 ) -> RevokeAPIKey:
     """Revoke an API key."""
 
-    data, _count = await session.table("api_keys").delete().eq("id", id).execute()
+    data, _count = (
+        await session.table("api_keys").delete().eq("id", api_key_id).execute()
+    )
 
     if not data[1]:
-        return RevokeAPIKey(id=id, revoked=False, message="API key not found.")
+        return RevokeAPIKey(id=api_key_id, revoked=False, message="API key not found.")
 
-    return RevokeAPIKey(id=id, revoked=True, message="API key revoked.")
+    return RevokeAPIKey(id=api_key_id, revoked=True, message="API key revoked.")
 
 
 @router.get("/list-api-keys")
@@ -154,7 +156,7 @@ async def _generate_and_store_api_key(
             name=name,
             id=response[0]["id"],  # This is set by the database
             api_key=read_once_token,
-            created_at=response[0]["created_at"],
+            created_at=response[0]["created_at"],  # This is set by the database
             expires_at=response[0]["expires_at"],
         )
 

diff --git a/tests/integration/api/test_auth.py b/tests/integration/api/test_auth.py
@@ -53,18 +53,16 @@ def test_create_api_key(create_api_key):
     assert "expires_at" in create_api_key.json(), "Create should return an expires_at."
 
 
-# def test_revoke_api_key(create_api_key):
-#     """Test revoking an API key. Requires a running Supabase instance."""
+def test_revoke_api_key(create_api_key):
+    """Test revoking an API key. Requires a running Supabase instance."""
 
-#     uuid = create_api_key.json()["id"]
+    api_key_id = create_api_key.json()["id"]
 
-#     request = {
-#         "id": uuid,
-#     }
-
-#     response = client.post("/leapfrogai/v1/auth/revoke-api-key", json=request)
-#     assert response.status_code is status.HTTP_200_OK
-# assert "revoked" in response.json(), "Revoke should return a revoked."
-# assert response.json()["revoked"] is True, "Revoke should return a revoked as True."
-# assert "message" in response.json(), "Revoke should return a message."
-# assert response.json()["message"] == "API key revoked.", "Revoke should return a message as 'API key revoked.'."
+    response = client.delete(f"/leapfrogai/v1/auth/revoke-api-key/{api_key_id}")
+    assert response.status_code is status.HTTP_200_OK
+    assert "revoked" in response.json(), "Revoke should return a revoked."
+    assert response.json()["revoked"] is True, "Revoke should return a revoked as True."
+    assert "message" in response.json(), "Revoke should return a message."
+    assert (
+        response.json()["message"] == "API key revoked."
+    ), "Revoke should return a message as 'API key revoked.'."