ApiKey
API key for scripts and integrations.
Attributes: key_hash: Argon2 hash of the API key (excluded from serialization) user_id: Owner of the key name: Human-readable label for the key scopes: Optional permission scopes (e.g., ["read", "write"]) expires_at: Optional expiration date last_used_at: Last time the key was used (for auditing) is_active: Whether the key is currently active
Security: - key_hash is excluded from model_dump() and model_dump_json() - Never store or return plaintext keys - Raw key is only shown once at creation time
Example: key = ApiKey( key_hash="$argon2id$v=19$...", user_id="user-123", name="Production Deployment", scopes=["deploy"], expires_at=datetime(2025, 12, 31), )Source: api_key.py
Fields
Section titled “Fields”| Field | Type | Required | Description | Validators |
|---|---|---|---|---|
| key_hash | str | Argon2 hash of the API key | - | |
| user_id | str | Owner user ID | - | |
| name | str | Human-readable key label | - | |
| scopes | list[str] | Permission scopes for this key | - | |
| expires_at | None | Key expiration date (None = never expires) | - | |
| last_used_at | None | Last time the key was used | - | |
| is_active | bool | Whether the key is active | - |
Configuration
Section titled “Configuration”| Setting | Value |
|---|---|
| Submittable | False |
| Track Changes | True |
Controller
Section titled “Controller”Controller hooks are implemented in *_controller.py files.
Available lifecycle hooks:
validate()- Called before save, raise exceptions for validation errorsbefore_insert()- Called before inserting a new documentafter_insert()- Called after successfully insertingbefore_save()- Called before saving (insert or update)after_save()- Called after savingbefore_delete()- Called before deletingafter_delete()- Called after deleting