django-rest-framework-api-key icon indicating copy to clipboard operation
django-rest-framework-api-key copied to clipboard

Published 20 hours ago verified publisher icon manosim

Can't delete API Key

Open TurnrDev opened this issue 6 years ago • 2 comments

I reckon there should be a setting to override this. What's the point in assigning keys if I can't delete them when things change I can no longer trust the key is private? (Say if the key gets leaked)

TurnrDev avatar Mar 11 '18 20:03 TurnrDev

You can override the Admin in any of your admin.py file. Below is how l implemented it

from rest_framework_api_key.models import APIKey
from rest_framework_api_key.helpers import generate_key
from rest_framework_api_key.admin import ApiKeyAdmin

class ApiKeyAdmin(ApiKeyAdmin):
    def has_delete_permission(self, request, obj=None):
        return True

And that is it. You can see the delete from the drop down at Django Backend.

flexpeace avatar May 22 '18 19:05 flexpeace

Its worth adding that you should first unregister the original ApiKeyAdmin on the admin.py file you add this.

So the whole code will be something like this:

from rest_framework_api_key.admin import ApiKeyAdmin
from rest_framework_api_key.models import APIKey

class MyApiKeyAdmin(ApiKeyAdmin):
    def has_delete_permission(self, request, obj=None):
        return request.user.is_superuser


admin.site.unregister(APIKey)
admin.site.register(APIKey, MyApiKeyAdmin)

In my case I only gave this permission to superusers.

carlastabile avatar Jun 29 '18 14:06 carlastabile