advent22/api/advent22_api/routers/user.py

import secrets

from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials

from ..core.config import Config

router = APIRouter(prefix="/user", tags=["user"])
security = HTTPBasic()


async def user_is_admin(
    credentials: HTTPBasicCredentials = Depends(security),
    config: Config = Depends(Config.get_config),
) -> bool:
    username_correct = secrets.compare_digest(credentials.username, config.admin.name)

    password_correct = secrets.compare_digest(
        credentials.password, config.admin.password
    )

    return username_correct and password_correct


async def require_admin(
    is_admin: bool = Depends(user_is_admin),
) -> None:
    if not is_admin:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED)


@router.get("/admin")
def check_admin(
    _: None = Depends(require_admin),
) -> bool:
    return True
Berechtigungen 2022-11-15 23:43:13 +00:00			`import secrets`

HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`from fastapi import APIRouter, Depends, HTTPException, status`
			`from fastapi.security import HTTPBasic, HTTPBasicCredentials`

router integration: stuck apparently, a @staticmethod that Depends on another @staticmethod in the same class is bad 2023-09-08 19:08:13 +00:00			`from ..core.config import Config`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00
			`router = APIRouter(prefix="/user", tags=["user"])`
			`security = HTTPBasic()`


Berechtigungen 2022-11-15 23:43:13 +00:00			`async def user_is_admin(`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`credentials: HTTPBasicCredentials = Depends(security),`
router integration: stuck apparently, a @staticmethod that Depends on another @staticmethod in the same class is bad 2023-09-08 19:08:13 +00:00			`config: Config = Depends(Config.get_config),`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`) -> bool:`
python "black" formatting 2023-09-03 16:44:18 +00:00			`username_correct = secrets.compare_digest(credentials.username, config.admin.name)`
Berechtigungen 2022-11-15 23:43:13 +00:00
			`password_correct = secrets.compare_digest(`
			`credentials.password, config.admin.password`
			`)`

			`return username_correct and password_correct`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00

			`async def require_admin(`
Berechtigungen 2022-11-15 23:43:13 +00:00			`is_admin: bool = Depends(user_is_admin),`
HTTPBasic Auth 2022-11-15 22:17:32 +00:00			`) -> None:`
			`if not is_admin:`
			`raise HTTPException(status.HTTP_401_UNAUTHORIZED)`


			`@router.get("/admin")`
			`def check_admin(`
			`_: None = Depends(require_admin),`
Berechtigungen 2022-11-15 23:43:13 +00:00			`) -> bool:`
			`return True`