Obfuscate api keys

[pablodanswer]

Description

We must stop sending API keys to the client side!

All API keys will now only be stored in Request models and passed around server side.

How will this work?

When updating a model with an API key, we cannot pass the API key to the update request, so we must be able to specify requests without API keys (here, we specifiy api_key_set to ensure that we acutally update the value if necessary.

Separately we can use the term contains_api_key to signify that an api key exists for a given model we're returning

How Has This Been Tested?

[Describe the tests you ran to verify your changes]

Accepted Risk

[Any know risks or failure modes to point out to reviewers]

Related Issue(s)

[If applicable, link to the issue(s) this PR addresses]

Checklist:

• All of the automated tests pass
• All PR comments are addressed and marked resolved
• If there are migrations, they have been rebased to latest main
• If there are new dependencies, they are added to the requirements
• If there are new environment variables, they are added to all of the deployment methods
• If there are new APIs that don't require auth, they are added to PUBLIC_ENDPOINT_SPECS
• Docker images build and basic functionalities work
• Author has done a final read through of the PR right before merge

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
internal-search	❌ Failed (Inspect)			Sep 20, 2024 2:20am