feat: single source of truth of models + encrypted vault keys

2026-05-05 11:18:55 -05:00 · 2025-09-05 10:11:54 +02:00
parent 980bb85af4
commit 780fabb3e6
22 changed files with 269 additions and 413 deletions
--- a/flowsint-api/app/api/routes/analysis.py
+++ b/flowsint-api/app/api/routes/analysis.py
@@ -4,7 +4,7 @@ from typing import List
 from datetime import datetime
 from sqlalchemy.orm import Session
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Analysis, Profile
+from flowsint_core.core.models import Analysis, Profile
 from app.api.deps import get_current_user
 from app.api.schemas.analysis import AnalysisRead, AnalysisCreate, AnalysisUpdate

--- a/flowsint-api/app/api/routes/auth.py
+++ b/flowsint-api/app/api/routes/auth.py
@@ -5,7 +5,7 @@ from flowsint_core.core.auth import verify_password
 from flowsint_core.core.auth import create_access_token, get_password_hash
 from sqlalchemy.orm import Session
 from app.api.schemas.profile import ProfileCreate
-from app.models.models import Profile
+from flowsint_core.core.models import Profile
 from flowsint_core.core.postgre_db import get_db

 router = APIRouter()
--- a/flowsint-api/app/api/routes/chat.py
+++ b/flowsint-api/app/api/routes/chat.py
@@ -11,7 +11,7 @@ from typing import Dict, List, Optional
 from datetime import datetime
 from sqlalchemy.orm import Session
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Chat, ChatMessage, Profile
+from flowsint_core.core.models import Chat, ChatMessage, Profile
 from app.api.deps import get_current_user
 from app.api.schemas.chat import ChatCreate, ChatRead

--- a/flowsint-api/app/api/routes/events.py
+++ b/flowsint-api/app/api/routes/events.py
@@ -1,12 +1,12 @@
 from fastapi import APIRouter, Depends, HTTPException, Request
 from sqlalchemy.orm import Session
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Log, Sketch
+from flowsint_core.core.models import Log, Sketch
 from flowsint_core.core.events import event_emitter
 from sse_starlette.sse import EventSourceResponse
 from flowsint_core.core.types import Event
 from app.api.deps import get_current_user
-from app.models.models import Profile, Sketch
+from flowsint_core.core.models import Profile, Sketch
 import json
 import asyncio
 from datetime import datetime, timedelta
--- a/flowsint-api/app/api/routes/flows.py
+++ b/flowsint-api/app/api/routes/flows.py
@@ -10,7 +10,7 @@ from flowsint_types import Domain, Phrase, Ip, SocialProfile, Organization, Emai
 from flowsint_core.core.types import Node, Edge, FlowStep, FlowBranch
 from sqlalchemy.orm import Session
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Flow, Profile
+from flowsint_core.core.models import Flow, Profile
 from app.api.deps import get_current_user
 from app.api.schemas.flow import FlowRead, FlowCreate, FlowUpdate
 from flowsint_types import (
--- a/flowsint-api/app/api/routes/investigations.py
+++ b/flowsint-api/app/api/routes/investigations.py
@@ -4,7 +4,7 @@ from typing import List
 from datetime import datetime
 from sqlalchemy.orm import Session, selectinload
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Analysis, Investigation, Profile, Sketch
+from flowsint_core.core.models import Analysis, Investigation, Profile, Sketch
 from app.api.deps import get_current_user
 from app.api.schemas.investigation import (
    InvestigationRead,
--- a/flowsint-api/app/api/routes/keys.py
+++ b/flowsint-api/app/api/routes/keys.py
@@ -1,24 +1,17 @@
 from uuid import UUID, uuid4
 from fastapi import APIRouter, HTTPException, Depends, status
 from typing import List
+from flowsint_core.core.vault import Vault
 from sqlalchemy.orm import Session
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Profile, Key
+from flowsint_core.core.models import Profile, Key
 from app.api.deps import get_current_user
 from app.api.schemas.key import KeyRead, KeyCreate
-from datetime import datetime

 router = APIRouter()


-def obfuscate_key(key: str) -> str:
-    """Obfuscate a key by showing only the last 4 characters, replacing others with asterisks."""
-    if len(key) <= 4:
-        return key
-    return "*" * (len(key) - 4) + key[-4:]
-
-
-# Get the list of all keys for a user
+# Get the list of all keys for a user, just the public method for viewing
@router.get("", response_model=List[KeyRead])
 def get_keys(
    db: Session = Depends(get_db), current_user: Profile = Depends(get_current_user)
@@ -28,7 +21,6 @@ def get_keys(
        KeyRead(
            id=key.id,
            owner_id=key.owner_id,
-            encrypted_key=obfuscate_key(key.encrypted_key),
            name=key.name,
            created_at=key.created_at,
        )
@@ -37,7 +29,7 @@ def get_keys(
    return response_data


-# Get a key by ID
+# Get a key by ID, just the public method for viewing
@router.get("/{id}", response_model=KeyRead)
 def get_key_by_id(
    id: UUID,
@@ -52,7 +44,6 @@ def get_key_by_id(
    response_data = KeyRead(
        id=key.id,
        owner_id=key.owner_id,
-        encrypted_key=obfuscate_key(key.encrypted_key),
        name=key.name,
        created_at=key.created_at,
    )
@@ -66,17 +57,19 @@ def create_key(
    db: Session = Depends(get_db),
    current_user: Profile = Depends(get_current_user),
 ):
-    new_key = Key(
-        id=uuid4(),
-        name=payload.name,
-        owner_id=current_user.id,
-        encrypted_key=payload.key,
-        created_at=datetime.utcnow(),
-    )
-    db.add(new_key)
-    db.commit()
-    db.refresh(new_key)
-    return new_key
+    try:
+        vault = Vault(db=db, owner_id=current_user.id)
+        key = vault.set_secret(vault_ref=payload.name, plain_key=payload.key)
+        if not key:
+            raise HTTPException(
+                status_code=500, detail="An error occured creating the key."
+            )
+        return key
+    except Exception as e:
+        print(e)
+        raise HTTPException(
+            status_code=500, detail="An error occured creating the key."
+        )


 # Delete a key by ID
--- a/flowsint-api/app/api/routes/scan.py
+++ b/flowsint-api/app/api/routes/scan.py
@@ -3,7 +3,7 @@ from fastapi import APIRouter, HTTPException, Depends, status
 from typing import List
 from sqlalchemy.orm import Session
 from flowsint_core.core.postgre_db import get_db
-from app.models.models import Scan, Profile
+from flowsint_core.core.models import Scan, Profile
 from app.api.deps import get_current_user
 from app.api.schemas.scan import ScanRead

--- a/flowsint-api/app/api/routes/sketches.py
+++ b/flowsint-api/app/api/routes/sketches.py
@@ -7,7 +7,7 @@ from flowsint_core.utils import flatten
 from typing import Dict, Any, List
 from sqlalchemy.orm import Session
 from app.api.schemas.sketch import SketchCreate, SketchRead, SketchUpdate
-from app.models.models import Sketch, Profile
+from flowsint_core.core.models import Sketch, Profile
 from sqlalchemy.orm import Session
 from uuid import UUID
 from flowsint_core.core.graph_db import neo4j_connection
--- a/flowsint-api/app/api/routes/transforms.py
+++ b/flowsint-api/app/api/routes/transforms.py
@@ -4,7 +4,7 @@ from pydantic import BaseModel
 from flowsint_core.core.registry import TransformRegistry
 from flowsint_core.core.celery import celery
 from flowsint_core.core.types import Node, Edge, FlowBranch
-from app.models.models import Profile
+from flowsint_core.core.models import Profile
 from app.api.deps import get_current_user