llmapikey

tiennm99/llmapikey

Fork 0

mirror of https://github.com/tiennm99/llmapikey.git synced 2026-06-17 12:48:54 +00:00

Commit Graph

Author	SHA1	Message	Date
tiennm99	b710537f63	refactor(keys): rename openrouter_key_hash to openrouter_delete_hash The column holds OpenRouter's delete handle (data.hash) used to revoke a key, not a hash of the key. Migration 0003 renames the column; update repository, admin revoke action, and the reconcile script.	2026-06-14 14:14:20 +07:00
tiennm99	3eda216dc6	feat(keys): store raw OpenRouter key and make it retrievable Persist the raw key (migration 0002 adds openrouter_key) so users can copy it again from the dashboard instead of a one-time-only reveal; admin console shows the full key. Retain openrouter_key_hash for revocation. Keys remain in the unexposed llmapikey schema (deny-all RLS, server-only direct connection). - activate() stores the raw key; dashboard + generate-key return the full key. - key-display warning updated (no longer shown-once). - admin table renders the full key.	2026-06-14 14:10:46 +07:00
tiennm99	616f133989	feat: add gated admin console for api_keys registry (list/search/filter/revoke/mint) - env-allowlist authz via ADMIN_GITHUB_USER_IDS on numeric provider_id (no migration) - server-side re-gated revoke + manual-mint actions - parameterized search/filter/paginate queries - shared mint-key extraction (DRY) from generate-key - notFound() for non-admins (404 never leaks route existence) - 3 unit-test suites (authz/queries/integration)	2026-06-13 21:16:57 +07:00

Author

SHA1

Message

Date

tiennm99

b710537f63

refactor(keys): rename openrouter_key_hash to openrouter_delete_hash

The column holds OpenRouter's delete handle (data.hash) used to revoke a key,
not a hash of the key. Migration 0003 renames the column; update repository,
admin revoke action, and the reconcile script.

2026-06-14 14:14:20 +07:00

tiennm99

3eda216dc6

feat(keys): store raw OpenRouter key and make it retrievable

Persist the raw key (migration 0002 adds openrouter_key) so users can copy it
again from the dashboard instead of a one-time-only reveal; admin console shows
the full key. Retain openrouter_key_hash for revocation. Keys remain in the
unexposed llmapikey schema (deny-all RLS, server-only direct connection).

- activate() stores the raw key; dashboard + generate-key return the full key.
- key-display warning updated (no longer shown-once).
- admin table renders the full key.

2026-06-14 14:10:46 +07:00

tiennm99

616f133989

feat: add gated admin console for api_keys registry (list/search/filter/revoke/mint)

- env-allowlist authz via ADMIN_GITHUB_USER_IDS on numeric provider_id (no migration)
- server-side re-gated revoke + manual-mint actions
- parameterized search/filter/paginate queries
- shared mint-key extraction (DRY) from generate-key
- notFound() for non-admins (404 never leaks route existence)
- 3 unit-test suites (authz/queries/integration)

2026-06-13 21:16:57 +07:00

3 Commits