48 lines
1 KiB
Python
48 lines
1 KiB
Python
|
import secrets
|
||
|
from datetime import date
|
||
|
|
||
|
from fastapi import Depends, HTTPException, status
|
||
|
from fastapi.security import HTTPBasic, HTTPBasicCredentials
|
||
|
|
||
|
from ..core.config import Config
|
||
|
|
||
|
security = HTTPBasic()
|
||
|
|
||
|
|
||
|
async def user_is_admin(
|
||
|
credentials: HTTPBasicCredentials = Depends(security),
|
||
|
config: Config = Depends(Config.get_config),
|
||
|
) -> bool:
|
||
|
username_correct = secrets.compare_digest(credentials.username, config.admin.name)
|
||
|
|
||
|
password_correct = secrets.compare_digest(
|
||
|
credentials.password, config.admin.password
|
||
|
)
|
||
|
|
||
|
return username_correct and password_correct
|
||
|
|
||
|
|
||
|
async def require_admin(
|
||
|
is_admin: bool = Depends(user_is_admin),
|
||
|
) -> None:
|
||
|
if not is_admin:
|
||
|
raise HTTPException(status.HTTP_401_UNAUTHORIZED)
|
||
|
|
||
|
|
||
|
async def user_visible_days() -> int:
|
||
|
today = date.today()
|
||
|
|
||
|
if today.month == 12:
|
||
|
return today.day
|
||
|
|
||
|
if today.month in (1, 2, 3):
|
||
|
return 24
|
||
|
|
||
|
return 0
|
||
|
|
||
|
|
||
|
async def user_can_view_day(
|
||
|
day: int,
|
||
|
) -> bool:
|
||
|
return day < await user_visible_days()
|