From 46142c828695b5198b685ad05b47745bd47045d4 Mon Sep 17 00:00:00 2001
From: Erik Taubeneck <erik.taubeneck@gmail.com>
Date: Thu, 13 Jun 2024 15:45:43 -0700
Subject: [PATCH] Helper party api key (#37)

* add helper_parties and helper_party_network tables

* add helper_party_api_keys table

* add development api keys to .env.development

* hashed_api_key should be non null

* add modified_at and modified_reason to api keys
---
 server/.env.development                       |  5 +++
 server/data/supabaseTypes.ts                  | 38 +++++++++++++++++++
 .../20240609010604_helper_party_api_keys.sql  | 14 +++++++
 server/supabase/seed.sql                      |  8 ++++
 4 files changed, 65 insertions(+)
 create mode 100644 server/supabase/migrations/20240609010604_helper_party_api_keys.sql

diff --git a/server/.env.development b/server/.env.development
index f4f24ee..24722f8 100644
--- a/server/.env.development
+++ b/server/.env.development
@@ -1,6 +1,11 @@
 # DO NOT ADD SECRETS TO THIS FILE. This is a good place for defaults.
 # If you want to add secrets use `.env.development.local` instead.
 
+# local dev API keys
+HELPER_PARTY_1_API_KEY="f9c1cced33c932da94d520682d30b1a558711865d32634008488abf38d6f75a0"
+HELPER_PARTY_2_API_KEY="d64fd1cc084e2633d8e0719cb4691e81b1961949bc2aadecee14fdf53bd6f139"
+HELPER_PARTY_3_API_KEY="46198655cdac1d67e3e6aaf905c9d6702c899c607c2baedf353fc3106ec92929"
+
 # for local dev, we turn off auth, unless specifically working on auth
 BYPASS_AUTH=true
 DUMMY_EMAIL="demo@draft.test"
diff --git a/server/data/supabaseTypes.ts b/server/data/supabaseTypes.ts
index 40cee22..4a5ab61 100644
--- a/server/data/supabaseTypes.ts
+++ b/server/data/supabaseTypes.ts
@@ -55,6 +55,44 @@ export type Database = {
         }
         Relationships: []
       }
+      helper_party_api_keys: {
+        Row: {
+          created_at: string
+          expires_at: string
+          hashed_api_key: string
+          helper_party_uuid: string
+          modified_at: string | null
+          modified_reason: string | null
+          uuid: string
+        }
+        Insert: {
+          created_at?: string
+          expires_at?: string
+          hashed_api_key: string
+          helper_party_uuid: string
+          modified_at?: string | null
+          modified_reason?: string | null
+          uuid?: string
+        }
+        Update: {
+          created_at?: string
+          expires_at?: string
+          hashed_api_key?: string
+          helper_party_uuid?: string
+          modified_at?: string | null
+          modified_reason?: string | null
+          uuid?: string
+        }
+        Relationships: [
+          {
+            foreignKeyName: "helper_party_api_keys_helper_party_uuid_fkey"
+            columns: ["helper_party_uuid"]
+            isOneToOne: false
+            referencedRelation: "helper_parties"
+            referencedColumns: ["uuid"]
+          },
+        ]
+      }
       helper_party_network_members: {
         Row: {
           created_at: string
diff --git a/server/supabase/migrations/20240609010604_helper_party_api_keys.sql b/server/supabase/migrations/20240609010604_helper_party_api_keys.sql
new file mode 100644
index 0000000..56f3b9a
--- /dev/null
+++ b/server/supabase/migrations/20240609010604_helper_party_api_keys.sql
@@ -0,0 +1,14 @@
+create table
+helper_party_api_keys (
+uuid uuid default gen_random_uuid() primary key,
+helper_party_uuid uuid references helper_parties not null,
+hashed_api_key text not null,
+created_at timestamp default current_timestamp not null,
+expires_at timestamp default current_timestamp + interval '1 year' not null,
+modified_at timestamp default null,
+modified_reason text default null
+);
+
+alter table helper_party_api_keys enable row level security;
+
+-- do not add any authenticated access to api_keys, require service_role and handle in application
diff --git a/server/supabase/seed.sql b/server/supabase/seed.sql
index 2c0a999..6305f10 100644
--- a/server/supabase/seed.sql
+++ b/server/supabase/seed.sql
@@ -20,3 +20,11 @@ INSERT INTO public.helper_party_networks (uuid, display_name) VALUES ('a8c892ae-
 INSERT INTO public.helper_party_network_members (helper_party_uuid, helper_party_network_uuid) VALUES ('de218b52-1ec7-4a4d-9bf9-f9070b2c3a93', 'a8c892ae-8cee-472f-95f0-e25b1fec9759');
 INSERT INTO public.helper_party_network_members (helper_party_uuid, helper_party_network_uuid) VALUES ('b8848f0f-65c4-499f-82b4-1e3a119ba31e', 'a8c892ae-8cee-472f-95f0-e25b1fec9759');
 INSERT INTO public.helper_party_network_members (helper_party_uuid, helper_party_network_uuid) VALUES ('91993b4a-4131-4b9f-a132-d4a5839e3c6c', 'a8c892ae-8cee-472f-95f0-e25b1fec9759');
+
+--
+-- Data for Name: helper_party_api_keys; Type: TABLE DATA; Schema: public; Owner: postgres
+--
+
+INSERT INTO public.helper_party_api_keys (uuid, helper_party_uuid, hashed_api_key) VALUES ('13d80a42-4b40-4987-a338-b394674ab399', 'de218b52-1ec7-4a4d-9bf9-f9070b2c3a93', '243262243130244470514a2e527665766e57614a4f5835782f505a534f6a674f335866444737505178585851656e3866796e52467563516d66414547');
+INSERT INTO public.helper_party_api_keys (uuid, helper_party_uuid, hashed_api_key) VALUES ('1d61b974-7ac8-4baa-b0b0-a83cd29c46e2', 'b8848f0f-65c4-499f-82b4-1e3a119ba31e', '243262243130247770623576564767534f61772f516441334a51734c2e7373494e3652714369355a554a414e2e7343796d4673394c475247584c5375');
+INSERT INTO public.helper_party_api_keys (uuid, helper_party_uuid, hashed_api_key) VALUES ('31c229e3-8150-4f9b-91e6-ac413198f4ff', '91993b4a-4131-4b9f-a132-d4a5839e3c6c', '24326224313024724746664c3146614b4b6e68715169714e6b58573165485a37662f6d3857563271364a336845564139352e5746465677616b774d71');