advent22/api/advent22_api/routers/_security.py

48 lines
1 KiB
Python
Raw Normal View History

import secrets
from datetime import date
from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials
from ..core.config import Config
security = HTTPBasic()
async def user_is_admin(
credentials: HTTPBasicCredentials = Depends(security),
config: Config = Depends(Config.get_config),
) -> bool:
username_correct = secrets.compare_digest(credentials.username, config.admin.name)
password_correct = secrets.compare_digest(
credentials.password, config.admin.password
)
return username_correct and password_correct
async def require_admin(
is_admin: bool = Depends(user_is_admin),
) -> None:
if not is_admin:
raise HTTPException(status.HTTP_401_UNAUTHORIZED)
async def user_visible_days() -> int:
today = date.today()
if today.month == 12:
return today.day
if today.month in (1, 2, 3):
return 24
return 0
async def user_can_view_day(
day: int,
) -> bool:
return day < await user_visible_days()