A Python library for API key validation
Project description
API Key Gateway
A Python library that provides an @apikey_login decorator to validate API keys with service-aware authentication.
Features
- Automatically adds
--apikey/-aCLI parameter to decorated functions - Validates API keys using argon2id hashing algorithm for strong security
- Service-aware validation: Keys are scoped to specific services
- Fetches valid public keys from a remote JSON endpoint
- Easy to use decorator interface with service parameter
Installation
uv install apikey-gateway
Usage
The apikey_login decorator requires a service parameter to scope keys to specific services.
from apikey_gateway import apikey_login
@apikey_login(service="media-match")
def media_app():
print("API key validated for media-match service!")
# Your media application logic here
@apikey_login(service="analytics")
def analytics_app():
print("API key validated for analytics service!")
# Your analytics application logic here
if __name__ == "__main__":
media_app() # or analytics_app()
Run with:
python app.py --apikey your-secret-key
How It Works
- The application specifies the
servicename when using the@apikey_logindecorator - The user provides a secret API key via the
--apikey/-aCLI parameter - The library computes an argon2id hash (public key) from the secret key
- It fetches the list of valid public keys from
https://api.jsonbin.io/v3/b/691ec6a543b1c97be9b8ea6d - Valid keys are filtered to only those belonging to the specified service
- If the computed public key matches any valid service-specific public key, access is granted
JSON Format
The remote JSON follows a service-aware structure where keys are organized by service name:
Service-Aware Structure
{
"service1": {
"key_id_1": "argon2id_hash_here",
"key_id_2": "another_hash_here"
},
"service2": "single_key_hash_here"
}
- Top-level keys are service names
- Each service can have either multiple keys (as a dictionary) or a single key (as a string)
- The library automatically handles both formats when fetching keys
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file apikey_gateway-1.0.0.tar.gz.
File metadata
- Download URL: apikey_gateway-1.0.0.tar.gz
- Upload date:
- Size: 4.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
06c9563a6d6a72bc6a257ba0e3625472a99f1dae2881342d85e51b251bd9762b
|
|
| MD5 |
e9325c8802efa0b8bcdbff969a0d1fd3
|
|
| BLAKE2b-256 |
bea3bd0339e1df650e17561c3cb4fb040efe0c7552131bec76deed59aed98fdd
|
File details
Details for the file apikey_gateway-1.0.0-py3-none-any.whl.
File metadata
- Download URL: apikey_gateway-1.0.0-py3-none-any.whl
- Upload date:
- Size: 5.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
61181c841b380e37875d120e274f327f46a2543c4a55786e08a93bb750a8ae9f
|
|
| MD5 |
75147eae647ba629c1ddcf339e7226ff
|
|
| BLAKE2b-256 |
840e08bcc0e9b219262a7b0e36b8e290c7acaa1d6cc6cf4ef381d636a2abfaa5
|
