ENH: Add API Key Management Scripts

[zdomke]

Description

Add scripts for managing API Keys that don't require prior authentication. Previously only included a "bootstrap" endpoint for creating the first key. I'm removing the bootstrap endpoint as these scripts are a more reliable way to create keys.

create_key.py

This script allows developers to create a new key in the database. They will need to give the key an App Name and read and/or write access. If no access is given, the script fails.

Sample output

react-squirrel-backend % python scripts/create_key.py "My Token" -w -r
API Key created successfully!
  App Name:   My Token
  ID:         97f69807-4eee-4760-8a87-404a1b5a2514
  Access:     read, write
  Created At: 2026-03-24 22:47:45.91
  Token: sq_lB28pGZcNgfxHi10X-8s7PqllblRYs7JOYGL_7Qfpjg

list_keys.py

This script will print out information on all stored keys. There is an optional flag for filtering the results to only show active keys. The data is formatted as a table listing all stored information (no tokens/hashes).

Sample output

react-squirrel-backend % python scripts/list_keys.py -a               
+--------------------------------------+-----------------------+----------+------------+-------------+------------------------+------------------------+
| id                                   | appName               | isActive | readAccess | writeAccess | createdAt              | updatedAt              |
+--------------------------------------+-----------------------+----------+------------+-------------+------------------------+------------------------+
| c2d8bd20-4cef-4143-b9bb-966ca84ef6f0 | Initial Bootstrap Key | True     | True       | True        | 2026-03-02 17:47:49.33 | 2026-03-02 17:47:49.33 |
| 6527f205-b934-4e00-b839-9dae33f31933 | My latest key         | True     | True       | True        | 2026-03-23 21:54:56.71 | 2026-03-23 21:54:56.71 |
| 1818bf21-ecfe-438a-8e86-945efcc96943 | Test Key              | True     | True       | True        | 2026-03-24 00:14:24.71 | 2026-03-24 00:14:24.71 |
+--------------------------------------+-----------------------+----------+------------+-------------+------------------------+------------------------+

deactivate_key.py

This script allows developers to deactivate a key in the database using its ID.

Sample output

react-squirrel-backend % python scripts/deactivate_key.py 97f69807-4eee-4760-8a87-404a1b5a2514
API Key deactivated successfully
  App Name:   My Token2
  ID:         97f69807-4eee-4760-8a87-404a1b5a2514
  Access:     read, write
  Created At: 2026-03-24 22:47:45.91
  Updated At: 2026-03-24 23:19:45.36

Motivation

Closes #36

[shilorigins]

I'm getting this error invoking create_key.py from the same dir and other dirs:

  File "/Users/devagr/src/react-squirrel-backend/scripts/create_key.py", line 5, in <module>
    from app.db.session import async_session_maker
ModuleNotFoundError: No module named 'app'

[zdomke]

I'm getting this error invoking create_key.py from the same dir and other dirs:

  File "/Users/devagr/src/react-squirrel-backend/scripts/create_key.py", line 5, in <module>
    from app.db.session import async_session_maker
ModuleNotFoundError: No module named 'app'

Ah, I was only testing in my .venv for the backend. I didn't test for this scenario.

Should I not rely on having a virtual environment for this script? If not, I can add a line to the scripts to add app to the PATH:

...
from argparse import ArgumentParser
from pathlib import Path

sys.path.insert(0, str(Path(__file__).resolve().parent.parent))

from app.db.session import async_session_maker
from app.schemas.api_key import ApiKeyCreateDTO
...

Another option that should be available is running the scripts in the docker container. Example below creates a read-only key called my-app:

docker exec squirrel-api python scripts/create_key.py my-app -r

What are your thoughts @shilorigins? Add to the PATH?