Models

DRF knox authtoken model and manager.

class smarter.lib.drf.models.SmarterAuthToken(*args, **kwargs)

Bases: AuthToken, MetaDataWithOwnershipModel

Represents a Smarter API Key used for authenticating and authorizing access to the Smarter platform.

This model extends Knox’s AuthToken and includes additional metadata and management features for API keys, such as naming, description, activation status, and usage tracking.

Parameters:

key_id (UUIDField): Unique identifier for the API key. name (str): Human-readable name for the API key. description (str, optional): Optional description of the API key’s purpose. last_used_at (datetime, optional): Timestamp of the last usage of the API key. is_active (bool): Indicates whether the API key is currently active.

Usage Example:

# Creating an API key for a staff user
user = User.objects.get(username="admin")
token, key = SmarterAuthToken.objects.create(
    user=user,
    name="Production Key",
    description="Key for production API access"
)

# Activating or deactivating the key
token.activate()
token.deactivate()

# Toggling active status
token.toggle_active()

# Tracking usage
token.accessed()

Note

• API keys can only be created for staff users. Attempting to create a key for a non-staff user will raise a SmarterBusinessRuleViolation.

• The identifier property returns a masked version of the key digest for display purposes.

Warning

• Ensure that API keys are managed securely. Deactivated keys cannot be used for authentication.

Related Models

• User: The owner of the API key.

• MetaDataModel: Provides created/modified timestamps and SAM metadata.

param digest:

Primary key: Digest

type digest:

Unknown

param token_key:

Token key

type token_key:

Unknown

param created:

Created

type created:

Unknown

param expiry:

Expiry

type expiry:

Unknown

param created_at:

Created at

type created_at:

Unknown

param updated_at:

Updated at

type updated_at:

Unknown

param name:

Name. Name in camelCase, e.g., ‘apiKey’, no special characters.

type name:

Unknown

param description:

Description. A brief description of this resource. Be verbose, but not too verbose.

type description:

Unknown

param version:

Version. Semantic version in the format MAJOR.MINOR.PATCH, e.g., ‘1.0.0’.

type version:

Unknown

param annotations:

Annotations. Key-value pairs for annotating this resource.

type annotations:

Unknown

param key_id:

Key id

type key_id:

Unknown

param last_used_at:

Last used at

type last_used_at:

Unknown

param is_active:

Is active

type is_active:

Unknown

param tags:

Tags

type tags:

Unknown

Relationship fields:

param user:

User (related name: auth_token_set)

type user:

Unknown

param authtoken_ptr:

Primary key: Authtoken ptr (related name: smarterauthtoken)

type authtoken_ptr:

Unknown

param user_profile:

User profile (related name: smarterauthtoken)

type user_profile:

Unknown

Reverse relationships:

param llmclientapikey:

All LLMClient API Keys of this API Key (related name of api_key)

type llmclientapikey:

Unknown

exception DoesNotExist

Bases: DoesNotExist

exception MultipleObjectsReturned

Bases: MultipleObjectsReturned

exception NotUpdated

Bases: NotUpdated

accessed()

Update the last used time.

activate()

Activate the API key.

annotations

JSONField

Annotations. Key-value pairs for annotating this resource.

Type:

Type

authtoken_ptr

OneToOneField to AuthToken

Primary key: Authtoken ptr (related name: smarterauthtoken)

Type:

Type

authtoken_ptr_id

Internal field, use authtoken_ptr instead.

created_at

DateTimeField

Created at

Timestamp indicating when the model instance was created.

This field is automatically set to the current date and time when the instance is first created. It is indexed in the database for efficient querying.

Type:

Type

deactivate()

Deactivate the API key.

description

TextField

Description. A brief description of this resource. Be verbose, but not too verbose.

Type:

Type

classmethod get_cached_objects(invalidate=False, user_profile=None, user=None, name=None, **kwargs)

Retrieve API keys with caching based on user profile and optional name filter using caching.

Parameters:

• invalidate (Optional[bool]) – If True, invalidate the cache for this query.

• user_profile (Optional[UserProfile]) – The user profile for which to retrieve API keys.

• user (Optional[User]) – The user for which to retrieve API keys (used if user_profile is not provided).

• name (Optional[str]) – Optional name filter to retrieve API keys with a specific name.

Returns:

A queryset of SmarterAuthToken objects matching the criteria.

Return type:

QuerySet

property identifier

is_active

BooleanField

Is active

Type:

Type

key_id

UUIDField

Key id

Type:

Type

last_used_at

DateTimeField

Last used at

Type:

Type

llmclientapikey_set

Reverse ForeignKey from LLMClientAPIKey

All LLMClient API Keys of this API Key (related name of api_key)

Type:

Type

property manifest_url: str | None

Returns the URL to the plugin’s manifest.

This property constructs the URL to the plugin’s manifest based on its kind and RFC 1034-compliant name. The URL follows the pattern: /plugins/{kind}/{name}/manifest/, where {kind} is the RFC 1034-compliant kind of the plugin, and {name} is the RFC 1034-compliant name of the plugin.

Example:

self.rfc1034_compliant_kind  # 'static'
self.rfc1034_compliant_name  # 'example-plugin
self.manifest_url  # '/plugins/static/example-plugin/manifest/'

name

CharField

Name. Name in camelCase, e.g., ‘apiKey’, no special characters.

Type:

Type

objects: MetaDataWithOwnershipModelManager = <smarter.lib.drf.models.SmarterAuthTokenManager object>

save(*args, **kwargs)

Save the current instance. Override this in a subclass if you want to control the saving process.

The ‘force_insert’ and ‘force_update’ parameters can be used to insist that the “save” must be an SQL insert or update (or equivalent for non-SQL backends), respectively. Normally, they should not be set.

tags

JSONField

Tags

Type:

Type

toggle_active()

Toggle the active status of the API key.

updated_at

DateTimeField

Updated at

Timestamp indicating when the model instance was last updated.

This field is automatically updated to the current date and time whenever the instance is saved. It is indexed in the database for efficient querying.

Type:

Type

user_profile

ForeignKey to UserProfile

User profile (related name: smarterauthtoken)

Type:

Type

user_profile_id

Internal field, use user_profile instead.

version

CharField

Version. Semantic version in the format MAJOR.MINOR.PATCH, e.g., ‘1.0.0’.

Type:

Type

class smarter.lib.drf.models.SmarterAuthTokenManager(*args, **kwargs)

Bases: MetaDataWithOwnershipModelManager

API Key manager. This is a custom manager derived from a combination of Knox’s AuthTokenManager and and Smarter’s SmarterQuerySetWithPermissions Queryset to provide both knox token management functionality as well as Smarter’s permission-based querying behavior.

create(user, expiry=None, prefix=None, name=None, description=None, is_active=True, **kwargs)

Create a new object with the given kwargs, saving it to the database and returning the created object.

Return type:

tuple[SmarterAuthToken, str]