HTTPBasic Auth

This commit is contained in:
Jörn-Michael Miehe 2022-11-15 22:17:32 +00:00
parent 8a279a2a11
commit 742023d191
4 changed files with 44 additions and 4 deletions

View file

@ -5,8 +5,13 @@ from .dav_common import dav_get_textfile_content
from .settings import SETTINGS from .settings import SETTINGS
class User(BaseModel):
name: str
password: str
class Config(BaseModel): class Config(BaseModel):
admin_password: str admin: User
solution: str solution: str

View file

@ -1,9 +1,10 @@
from fastapi import APIRouter from fastapi import APIRouter
from . import abspacken, days, general from . import abspacken, days, general, user
router = APIRouter(prefix="/api") router = APIRouter(prefix="/api")
router.include_router(abspacken.router) router.include_router(abspacken.router)
router.include_router(days.router) router.include_router(days.router)
router.include_router(general.router) router.include_router(general.router)
router.include_router(user.router)

View file

@ -1,6 +1,8 @@
import asyncio import asyncio
from fastapi import APIRouter, HTTPException, status from fastapi import APIRouter, Depends, HTTPException, status
from .user import require_admin
router = APIRouter(prefix="/abspacken", tags=["abspacken"]) router = APIRouter(prefix="/abspacken", tags=["abspacken"])
@ -15,7 +17,8 @@ async def get_kurix(kgs: float) -> float:
@router.post("/uwe") @router.post("/uwe")
async def uwe( async def uwe(
kgs: float = 10, kgs: float = 10,
firma: str = "Vodafone" firma: str = "Vodafone",
_: None = Depends(require_admin),
) -> str: ) -> str:
kurix = await get_kurix(kgs) kurix = await get_kurix(kgs)

View file

@ -0,0 +1,31 @@
from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials
from ..config import Config, get_config
router = APIRouter(prefix="/user", tags=["user"])
security = HTTPBasic()
async def is_admin(
credentials: HTTPBasicCredentials = Depends(security),
config: Config = Depends(get_config),
) -> bool:
if config.admin.name == credentials.username:
if config.admin.password == credentials.password:
return True
return False
async def require_admin(
is_admin: bool = Depends(is_admin),
) -> None:
if not is_admin:
raise HTTPException(status.HTTP_401_UNAUTHORIZED)
@router.get("/admin")
def check_admin(
_: None = Depends(require_admin),
) -> None:
return None