advent22/api/advent22_api/routers/user.py

import secrets

from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials

from ..config import Config, get_config

router = APIRouter(prefix="/user", tags=["user"])
security = HTTPBasic()


async def user_is_admin(
    credentials: HTTPBasicCredentials = Depends(security),
    config: Config = Depends(get_config),
) -> bool:
    username_correct = secrets.compare_digest(
        credentials.username, config.admin.name
    )

    password_correct = secrets.compare_digest(
        credentials.password, config.admin.password
    )

    return username_correct and password_correct


async def require_admin(
    is_admin: bool = Depends(user_is_admin),
) -> None:
    if not is_admin:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED)


@router.get("/admin")
def check_admin(
    _: None = Depends(require_admin),
) -> bool:
    return True
Berechtigungen 2022-11-15 23:43:13 +00:00			`import secrets`

HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`from fastapi import APIRouter, Depends, HTTPException, status`
			`from fastapi.security import HTTPBasic, HTTPBasicCredentials`

			`from ..config import Config, get_config`

			`router = APIRouter(prefix="/user", tags=["user"])`
			`security = HTTPBasic()`


Berechtigungen 2022-11-15 23:43:13 +00:00			`async def user_is_admin(`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`credentials: HTTPBasicCredentials = Depends(security),`
			`config: Config = Depends(get_config),`
			`) -> bool:`
Berechtigungen 2022-11-15 23:43:13 +00:00			`username_correct = secrets.compare_digest(`
			`credentials.username, config.admin.name`
			`)`

			`password_correct = secrets.compare_digest(`
			`credentials.password, config.admin.password`
			`)`

			`return username_correct and password_correct`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00

			`async def require_admin(`
Berechtigungen 2022-11-15 23:43:13 +00:00			`is_admin: bool = Depends(user_is_admin),`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`) -> None:`
			`if not is_admin:`
			`raise HTTPException(status.HTTP_401_UNAUTHORIZED)`


			`@router.get("/admin")`
			`def check_admin(`
			`_: None = Depends(require_admin),`
Berechtigungen 2022-11-15 23:43:13 +00:00			`) -> bool:`
			`return True`