API routes that read and modify the Data Sources database should be protected through authentication. The API has an @api_required decorator (located in /middleware/security.py) that can be added to each route so that only authenticated users can access the database. To protect a route with this decorator, add @api_required on the line above a given route.
@api_required decorator
The @api_required decorator requires a request header to include an Authorization key with the value formatted as Bearer [jwt_token]. The api_required function parses the request header, decodes and extracts the API key, and checks to see if the api_key is defined. If it isn’t, it’ll return a message requesting an API key.
Validating the API key
If there is an API key, it’s passed to the is_valid function. This function connects to the Data Source database’s users table and finds the user in the table with the matching API key. The function then checks that a valid user was returned from the database. If not, the function returns False to api_required, which sends a response stating that the API key was invalid.
Rate limits
The rate limit for querying the database currently maxes out at 3000 rows, which is larger than the row count of any table in the database right now.
Examples
Quick Search Data Sources
import requestsbase_url ="https://data-sources.pdap.io/"search_term ="review"# Replace with your search termlocation ="Pittsburgh"# Replace with your desired locationapi_key ="YOUR_API_KEY_HERE"# Replace with your actual API keyurl = f"{base_url}quick-search/{search_term}/{location}"# Create the Authorization headerheaders ={"Authorization": f"Bearer {api_key}"}# Make the GET request with the Authorization headerresponse = requests.get(url, headers=headers)
GET Agencies
import requestsbase_url ="https://data-sources.pdap.io/"api_key ="YOUR_API_KEY_HERE"# Replace with your actual API keyurl = f"{base_url}agencies"# Create the Authorization headerheaders ={"Authorization": f"Bearer {api_key}"}# Make the GET request with the Authorization headerresponse = requests.get(url, headers=headers)
Quick Search Data Sources
constaxios=require('axios');constbaseUrl="https://data-sources.pdap.io/";constsearch_term="review"; // Replace with your search termconstlocation="Pittsburgh"; // Replace with your desired locationconstapi_key="YOUR_API_KEY_HERE"; // Replace with your actual API keyconsturl=`${baseUrl}quick-search/${search_term}/${location}`;// Create the Authorization headerconstheaders= {'Authorization':`Bearer ${api_key}`};// Make the GET request with the Authorization headeraxios.get(url, { headers }).then(response => {console.log("Search results:");response.data.forEach(item => {console.log(`Data Source Name: ${item.name}`); }); }).catch(error => {console.error("An error occurred:",error.message); } });
GET agencies
constaxios=require('axios');constbaseUrl="https://data-sources.pdap.io/";constapi_key="YOUR_API_KEY_HERE"; // Replace with your actual API keyconsturl=`${baseUrl}agencies`;// Create the Authorization headerconstheaders= {'Authorization':`Bearer ${api_key}`};// Make the GET request with the Authorization headeraxios.get(url, { headers }).then(response => {console.log("Search results:");response.data.forEach(item => {console.log(`Agency: ${item.name}`); }); }).catch(error => {console.error("An error occurred:",error.message); } });