feat: Allow multi API creation via the UI (#12845)

2025-12-17 18:12:04 +00:00 · 2025-01-29 07:42:01 -05:00
parent c25c613a04
commit ad3250ceb0
33 changed files with 1036 additions and 207 deletions
--- a/packages/cli/src/controllers/api-keys.controller.ts
+++ b/packages/cli/src/controllers/api-keys.controller.ts
@@ -1,9 +1,13 @@
-import { type RequestHandler } from 'express';
+import { CreateOrUpdateApiKeyRequestDto } from '@n8n/api-types';
+import type { RequestHandler } from 'express';

-import { Delete, Get, Post, RestController } from '@/decorators';
+import { ApiKeyRepository } from '@/databases/repositories/api-key.repository';
+import { Body, Delete, Get, Param, Patch, Post, RestController } from '@/decorators';
+import { BadRequestError } from '@/errors/response-errors/bad-request.error';
 import { EventService } from '@/events/event.service';
+import { License } from '@/license';
 import { isApiEnabled } from '@/public-api';
-import { ApiKeysRequest, AuthenticatedRequest } from '@/requests';
+import { AuthenticatedRequest } from '@/requests';
 import { PublicApiKeyService } from '@/services/public-api-key.service';

 export const isApiEnabledMiddleware: RequestHandler = (_, res, next) => {
@@ -19,18 +23,36 @@ export class ApiKeysController {
 	constructor(
 		private readonly eventService: EventService,
 		private readonly publicApiKeyService: PublicApiKeyService,
+		private readonly apiKeysRepository: ApiKeyRepository,
+		private readonly license: License,
 	) {}

 	/**
 	 * Create an API Key
 	 */
 	@Post('/', { middlewares: [isApiEnabledMiddleware] })
-	async createAPIKey(req: AuthenticatedRequest) {
-		const newApiKey = await this.publicApiKeyService.createPublicApiKeyForUser(req.user);
+	async createAPIKey(
+		req: AuthenticatedRequest,
+		_res: Response,
+		@Body payload: CreateOrUpdateApiKeyRequestDto,
+	) {
+		const currentNumberOfApiKeys = await this.apiKeysRepository.countBy({ userId: req.user.id });
+
+		if (currentNumberOfApiKeys >= this.license.getApiKeysPerUserLimit()) {
+			throw new BadRequestError('You have reached the maximum number of API keys allowed.');
+		}
+
+		const newApiKey = await this.publicApiKeyService.createPublicApiKeyForUser(req.user, {
+			label: payload.label,
+		});

 		this.eventService.emit('public-api-key-created', { user: req.user, publicApi: false });

-		return newApiKey;
+		return {
+			...newApiKey,
+			apiKey: this.publicApiKeyService.redactApiKey(newApiKey.apiKey),
+			rawApiKey: newApiKey.apiKey,
+		};
 	}

 	/**
@@ -46,11 +68,28 @@ export class ApiKeysController {
 	 * Delete an API Key
 	 */
 	@Delete('/:id', { middlewares: [isApiEnabledMiddleware] })
-	async deleteAPIKey(req: ApiKeysRequest.DeleteAPIKey) {
-		await this.publicApiKeyService.deleteApiKeyForUser(req.user, req.params.id);
+	async deleteAPIKey(req: AuthenticatedRequest, _res: Response, @Param('id') apiKeyId: string) {
+		await this.publicApiKeyService.deleteApiKeyForUser(req.user, apiKeyId);

 		this.eventService.emit('public-api-key-deleted', { user: req.user, publicApi: false });

 		return { success: true };
 	}
+
+	/**
+	 * Patch an API Key
+	 */
+	@Patch('/:id', { middlewares: [isApiEnabledMiddleware] })
+	async updateAPIKey(
+		req: AuthenticatedRequest,
+		_res: Response,
+		@Param('id') apiKeyId: string,
+		@Body payload: CreateOrUpdateApiKeyRequestDto,
+	) {
+		await this.publicApiKeyService.updateApiKeyForUser(req.user, apiKeyId, {
+			label: payload.label,
+		});
+
+		return { success: true };
+	}
 }