inital commit

server/app/api/v1/admin.py

@@ -0,0 +1,37 @@
+from __future__ import annotations
+
+from fastapi import APIRouter, Depends
+from sqlalchemy.orm import Session
+
+from app.api.v1.schemas import ApiKeyCreateRequest, ApiKeyCreateResponse
+from app.auth.dependencies import ApiPrincipal, require_scope
+from app.audit.logging import audit_from_principal
+from app.db.session import get_session
+from app.security.api_keys import create_api_key
+
+router = APIRouter(prefix="/admin", tags=["admin"])
+
+
+@router.post("/api-keys", response_model=ApiKeyCreateResponse)
+def create_personal_api_key(
+    payload: ApiKeyCreateRequest,
+    session: Session = Depends(get_session),
+    principal: ApiPrincipal = Depends(require_scope("admin:settings")),
+):
+    created = create_api_key(session, user=principal.user, name=payload.name, scopes=payload.scopes or ["campaign:read"])
+    audit_from_principal(
+        session,
+        principal,
+        action="api_key.created",
+        object_type="api_key",
+        object_id=created.model.id,
+        details={"name": created.model.name, "prefix": created.model.prefix, "scopes": created.model.scopes},
+        commit=True,
+    )
+    return ApiKeyCreateResponse(
+        id=created.model.id,
+        name=created.model.name,
+        prefix=created.model.prefix,
+        scopes=created.model.scopes,
+        secret=created.secret,
+    )