Fix: Allow to create more than one api key if the user has more than one (#1822)

Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>

app/dashboard/views/api_key.py

@@ -18,6 +18,8 @@ class NewApiKeyForm(FlaskForm):
 
 def clean_up_unused_or_old_api_keys(user_id: int):
     total_keys = ApiKey.filter_by(user_id=user_id).count()
+    if total_keys <= config.MAX_API_KEYS:
+        return
     # Remove oldest unused
     for api_key in (
         ApiKey.filter_by(user_id=user_id, last_used=None)

tests/dashboard/test_api_keys.py

@@ -37,6 +37,17 @@ def test_create_delete_api_key(flask_client):
     assert ApiKey.filter(ApiKey.user_id == user.id).count() == 1
     assert api_key.name == "for test"
 
+    # create second api_key
+    create_r = flask_client.post(
+        url_for("dashboard.api_key"),
+        data={"form-name": "create", "name": "for test 2"},
+        follow_redirects=True,
+    )
+    assert create_r.status_code == 200
+    api_key_2 = ApiKey.filter_by(user_id=user.id).order_by(ApiKey.id.desc()).first()
+    assert ApiKey.filter(ApiKey.user_id == user.id).count() == 2
+    assert api_key_2.name == "for test 2"
+
     # delete api_key
     delete_r = flask_client.post(
         url_for("dashboard.api_key"),
@@ -44,7 +55,7 @@ def test_create_delete_api_key(flask_client):
         follow_redirects=True,
     )
     assert delete_r.status_code == 200
-    assert ApiKey.count() == nb_api_key
+    assert ApiKey.count() == nb_api_key + 1
 
 
 def test_delete_all_api_keys(flask_client):