API-Key - Fix - Nicht mehr mehrere

JOURNAL.md

@@ -1,5 +1,41 @@
 # v2-Docker Projekt Journal
 
+## Letzte Änderungen (22.06.2025 - 13:07 Uhr)
+
+### Doppeltes API Key System entfernt ✅
+
+**Problem:**
+- Zwei verschiedene API Keys wurden angezeigt:
+  - `system_api_key` Tabelle: Globaler System API Key
+  - `client_configs` Tabelle: Account Forger spezifischer API Key
+- Verwirrung welcher Key verwendet werden soll
+
+**Lösung:**
+- Da Admin Panel exklusiv für Account Forger ist, nur noch ein API Key System
+- `api_key` Spalte aus `client_configs` entfernt
+- UI zeigt nur noch den System API Key als "API Key für Account Forger"
+- License Server validiert bereits gegen `system_api_key`
+
+**Geänderte Dateien:**
+- `templates/license_config.html` - Entfernt doppelte API Key Anzeige
+- `migrations/remove_duplicate_api_key.sql` - Migration erstellt
+- Datenbank aktualisiert
+
+### Orphaned API Tabellen entfernt ✅
+
+**Entfernte Tabellen:**
+- `api_keys` - Ungenutzte API Key Tabelle (war leer)
+- `api_clients` - Alternative API Client Verwaltung (war leer)
+- `rate_limits` - Abhängige Tabelle (war leer)
+- `license_events` - Abhängige Tabelle (war leer)
+
+**Resultat:**
+- Nur noch `system_api_key` Tabelle existiert
+- Keine verwirrenden Duplikate mehr
+- Saubere, eindeutige API Key Verwaltung
+
+---
+
 ## Letzte Änderungen (22.06.2025 - 12:18 Uhr)
 
 ### Lizenzserver Session Management - Vollständig implementiert ✅

v2_adminpanel/migrations/cleanup_orphaned_api_tables.sql

@@ -0,0 +1,17 @@
+-- Cleanup orphaned API-related tables
+-- Since admin panel is exclusively for Account Forger, we only need system_api_key table
+
+-- Drop tables that depend on api_clients
+DROP TABLE IF EXISTS rate_limits CASCADE;
+DROP TABLE IF EXISTS license_events CASCADE;
+
+-- Drop orphaned API tables
+DROP TABLE IF EXISTS api_clients CASCADE;
+DROP TABLE IF EXISTS api_keys CASCADE;
+
+-- Add comments to document the single API key system
+COMMENT ON TABLE system_api_key IS 'Single API key table for Account Forger authentication. This is the ONLY API key system in use.';
+
+-- Log the cleanup
+INSERT INTO audit_log (username, action, entity_type, details, ip_address)
+VALUES ('SYSTEM', 'CLEANUP', 'database', 'Removed orphaned API tables: api_keys, api_clients, rate_limits, license_events', '127.0.0.1');

v2_adminpanel/migrations/remove_duplicate_api_key.sql

@@ -0,0 +1,9 @@
+-- Remove duplicate API key from client_configs table
+-- Since admin panel is exclusively for Account Forger, we only need system_api_key
+
+-- Remove the api_key column from client_configs
+ALTER TABLE client_configs DROP COLUMN IF EXISTS api_key;
+
+-- Update description
+COMMENT ON TABLE client_configs IS 'Configuration for Account Forger client (versions, timeouts)';
+COMMENT ON TABLE system_api_key IS 'Single API key for Account Forger authentication';

v2_adminpanel/routes/admin_routes.py

@@ -934,7 +934,7 @@ def license_config():
         
         # Get client configuration
         cur.execute("""
-            SELECT id, client_name, api_key, heartbeat_interval, session_timeout,
+            SELECT id, client_name, heartbeat_interval, session_timeout,
                    current_version, minimum_version, created_at, updated_at
             FROM client_configs
             WHERE client_name = 'Account Forger'

v2_adminpanel/templates/license_config.html

@@ -21,26 +21,15 @@
                     <div class="col-md-6">
                         <label class="form-label">Aktuelle Version</label>
                         <input type="text" class="form-control" name="current_version" 
-                               value="{{ client_config[5] if client_config else '1.0.0' }}" 
+                               value="{{ client_config[4] if client_config else '1.0.0' }}" 
                                pattern="^\d+\.\d+\.\d+$" required>
                     </div>
                     <div class="col-md-6">
                         <label class="form-label">Minimum Version</label>
                         <input type="text" class="form-control" name="minimum_version" 
-                               value="{{ client_config[6] if client_config else '1.0.0' }}" 
+                               value="{{ client_config[5] if client_config else '1.0.0' }}" 
                                pattern="^\d+\.\d+\.\d+$" required>
                     </div>
-                    <div class="col-12">
-                        <label class="form-label">API Key</label>
-                        <div class="input-group">
-                            <input type="text" class="form-control" value="{{ client_config[2] if client_config else 'Nicht konfiguriert' }}" readonly>
-                            {% if client_config %}
-                            <button class="btn btn-outline-secondary" type="button" onclick="copyToClipboard('{{ client_config[2] }}')">
-                                <i class="bi bi-clipboard"></i> Kopieren
-                            </button>
-                            {% endif %}
-                        </div>
-                    </div>
                     <div class="col-12">
                         <button type="submit" class="btn btn-primary">Speichern</button>
                     </div>
@@ -103,10 +92,14 @@
     <div class="col-12">
         <div class="card">
             <div class="card-header bg-warning text-dark">
-                <h5 class="mb-0"><i class="bi bi-key"></i> System API Key</h5>
+                <h5 class="mb-0"><i class="bi bi-key"></i> API Key für Account Forger</h5>
             </div>
             <div class="card-body">
                 {% if system_api_key %}
+                <div class="alert alert-info mb-3">
+                    <i class="bi bi-info-circle"></i> Dies ist der einzige API Key, den Account Forger benötigt. 
+                    Verwenden Sie diesen Key im Header <code>X-API-Key</code> für alle API-Anfragen.
+                </div>
                 <div class="row mb-3">
                     <div class="col-md-12">
                         <label class="form-label fw-bold">Aktueller API Key:</label>