decart-python/decart/tokens/client.py at 994f3b0486b4e96bdbb3c707d4c19fa18c9c1a94 · DecartAI/decart-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
from typing import TYPE_CHECKING, Any

import aiohttp

from ..errors import TokenCreateError
from .._user_agent import build_user_agent
from .types import CreateTokenResponse

if TYPE_CHECKING:
    from ..client import DecartClient


class TokensClient:
    """
    Client for creating client tokens.
    Client tokens are short-lived API keys safe for client-side use.

    Example:
        ```python
        client = DecartClient(api_key=os.getenv("DECART_API_KEY"))
        token = await client.tokens.create()
        # Returns: CreateTokenResponse(api_key="ek_...", expires_at="...")

        # With metadata:
        token = await client.tokens.create(metadata={"role": "viewer"})
        ```
    """

    def __init__(self, parent: "DecartClient") -> None:
        self._parent = parent

    async def _get_session(self) -> aiohttp.ClientSession:
        return await self._parent._get_session()

    async def create(
        self,
        *,
        metadata: dict[str, Any] | None = None,
    ) -> CreateTokenResponse:
        """
        Create a client token.

        Args:
            metadata: Optional custom key-value pairs to attach to the token.

        Returns:
            A short-lived API key safe for client-side use.

        Example:
            ```python
            token = await client.tokens.create()
            # Returns: CreateTokenResponse(api_key="ek_...", expires_at="...")

            # With metadata:
            token = await client.tokens.create(metadata={"role": "viewer"})
            ```

        Raises:
            TokenCreateError: If token creation fails (401, 403, etc.)
        """
        session = await self._get_session()
        endpoint = f"{self._parent.base_url}/v1/client/tokens"

        headers = {
            "X-API-KEY": self._parent.api_key,
            "User-Agent": build_user_agent(self._parent.integration),
        }

        body = {"metadata": metadata} if metadata is not None else {}

        async with session.post(
            endpoint,
            headers=headers,
            json=body,
        ) as response:
            if not response.ok:
                error_text = await response.text()
                raise TokenCreateError(
                    f"Failed to create token: {response.status} - {error_text}",
                    data={"status": response.status},
                )
            data = await response.json()
            return CreateTokenResponse(
                api_key=data["apiKey"],
                expires_at=data["expiresAt"],
            )