Complete Task 1.3 - Authentication System Implementation

✅ Implemented comprehensive authentication system:
- Abstract AuthHandler base class with pluggable architecture
- APIKeyAuth for API key authentication (string auto-conversion)
- JWTAuth for JWT token authentication with expiration handling
- NoAuth for testing and public instances
- Full integration with WikiJSClient for automatic header management

🔧 Fixed packaging issues:
- Updated pyproject.toml with required project metadata fields
- Fixed utility function exports in utils/__init__.py
- Package now installs correctly in virtual environments

🧪 Validated with comprehensive tests:
- All authentication methods working correctly
- Proper error handling for invalid credentials
- Type validation and security features

📊 Progress: Phase 1 MVP Development now 60% complete
🎯 Next: Task 1.4 - Pages API implementation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

wikijs/auth/api_key.py

@@ -0,0 +1,89 @@
+"""API key authentication for wikijs-python-sdk.
+
+This module implements API key authentication for Wiki.js instances.
+API keys are typically used for server-to-server authentication.
+"""
+
+from typing import Dict, Optional
+
+from .base import AuthHandler
+
+
+class APIKeyAuth(AuthHandler):
+    """API key authentication handler for Wiki.js.
+    
+    This handler implements authentication using an API key, which is
+    included in the Authorization header as a Bearer token.
+    
+    Args:
+        api_key: The API key string from Wiki.js admin panel.
+        
+    Example:
+        >>> auth = APIKeyAuth("your-api-key-here")
+        >>> client = WikiJSClient("https://wiki.example.com", auth=auth)
+    """
+
+    def __init__(self, api_key: str) -> None:
+        """Initialize API key authentication.
+        
+        Args:
+            api_key: The API key from Wiki.js admin panel.
+            
+        Raises:
+            ValueError: If api_key is empty or None.
+        """
+        if not api_key or not api_key.strip():
+            raise ValueError("API key cannot be empty")
+        
+        self._api_key = api_key.strip()
+
+    def get_headers(self) -> Dict[str, str]:
+        """Get authentication headers with API key.
+        
+        Returns:
+            Dict[str, str]: Headers containing the Authorization header.
+        """
+        return {
+            "Authorization": f"Bearer {self._api_key}",
+            "Content-Type": "application/json"
+        }
+
+    def is_valid(self) -> bool:
+        """Check if API key is valid.
+        
+        For API keys, we assume they're valid if they're not empty.
+        Actual validation happens on the server side.
+        
+        Returns:
+            bool: True if API key exists, False otherwise.
+        """
+        return bool(self._api_key and self._api_key.strip())
+
+    def refresh(self) -> None:
+        """Refresh authentication credentials.
+        
+        API keys don't typically need refreshing, so this is a no-op.
+        If the API key becomes invalid, a new one must be provided.
+        """
+        # API keys don't refresh - they're static until manually replaced
+        pass
+
+    @property
+    def api_key(self) -> str:
+        """Get the masked API key for logging/debugging.
+        
+        Returns:
+            str: Masked API key showing only first 4 and last 4 characters.
+        """
+        if len(self._api_key) <= 8:
+            return "*" * len(self._api_key)
+        
+        return f"{self._api_key[:4]}{'*' * (len(self._api_key) - 8)}{self._api_key[-4:]}"
+
+    def __repr__(self) -> str:
+        """String representation of the auth handler.
+        
+        Returns:
+            str: Safe representation with masked API key.
+        """
+        return f"APIKeyAuth(api_key='{self.api_key}')"