module routers._security for user/admin stuff

This commit is contained in:
Jörn-Michael Miehe 2023-09-08 19:33:43 +00:00
parent 29f02d2545
commit 973f7546b6
3 changed files with 66 additions and 43 deletions

View file

@ -0,0 +1,47 @@
import secrets
from datetime import date
from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials
from ..core.config import Config
security = HTTPBasic()
async def user_is_admin(
credentials: HTTPBasicCredentials = Depends(security),
config: Config = Depends(Config.get_config),
) -> bool:
username_correct = secrets.compare_digest(credentials.username, config.admin.name)
password_correct = secrets.compare_digest(
credentials.password, config.admin.password
)
return username_correct and password_correct
async def require_admin(
is_admin: bool = Depends(user_is_admin),
) -> None:
if not is_admin:
raise HTTPException(status.HTTP_401_UNAUTHORIZED)
async def user_visible_days() -> int:
today = date.today()
if today.month == 12:
return today.day
if today.month in (1, 2, 3):
return 24
return 0
async def user_can_view_day(
day: int,
) -> bool:
return day < await user_visible_days()

View file

@ -7,7 +7,7 @@ from PIL import Image
from ..core.config import Config from ..core.config import Config
from ..core.depends import get_image, get_part, shuffle_solution from ..core.depends import get_image, get_part, shuffle_solution
from ..core.image_helpers import api_return_image from ..core.image_helpers import api_return_image
from .user import user_is_admin from ._security import user_can_view_day, user_is_admin, user_visible_days
router = APIRouter(prefix="/days", tags=["days"]) router = APIRouter(prefix="/days", tags=["days"])
@ -23,30 +23,30 @@ async def startup() -> None:
@router.get("/date") @router.get("/date")
async def get_date() -> str: async def get_date() -> str:
"""
Aktuelles Server-Datum
"""
return date.today().isoformat() return date.today().isoformat()
@router.get("/visible_days") @router.get("/visible_days")
async def get_visible_days() -> int: async def get_visible_days() -> int:
today = date.today() """
Sichtbare Türchen
"""
if today.month == 12: return await user_visible_days()
return today.day
if today.month in (1, 2, 3):
return 24
return 0
async def user_can_view(
day: int,
) -> bool:
return day < await get_visible_days()
@router.get("/part/{day}") @router.get("/part/{day}")
async def get_part_for_day(part: str = Depends(get_part)) -> str: async def get_part_for_day(
part: str = Depends(get_part),
) -> str:
"""
Heutiger Lösungsteil
"""
return part return part
@ -56,7 +56,7 @@ async def get_part_for_day(part: str = Depends(get_part)) -> str:
) )
async def get_image_for_day( async def get_image_for_day(
image: Image.Image = Depends(get_image), image: Image.Image = Depends(get_image),
can_view: bool = Depends(user_can_view), can_view: bool = Depends(user_can_view_day),
is_admin: bool = Depends(user_is_admin), is_admin: bool = Depends(user_is_admin),
) -> StreamingResponse: ) -> StreamingResponse:
""" """

View file

@ -1,32 +1,8 @@
import secrets from fastapi import APIRouter, Depends
from fastapi import APIRouter, Depends, HTTPException, status from ._security import require_admin
from fastapi.security import HTTPBasic, HTTPBasicCredentials
from ..core.config import Config
router = APIRouter(prefix="/user", tags=["user"]) router = APIRouter(prefix="/user", tags=["user"])
security = HTTPBasic()
async def user_is_admin(
credentials: HTTPBasicCredentials = Depends(security),
config: Config = Depends(Config.get_config),
) -> bool:
username_correct = secrets.compare_digest(credentials.username, config.admin.name)
password_correct = secrets.compare_digest(
credentials.password, config.admin.password
)
return username_correct and password_correct
async def require_admin(
is_admin: bool = Depends(user_is_admin),
) -> None:
if not is_admin:
raise HTTPException(status.HTTP_401_UNAUTHORIZED)
@router.get("/admin") @router.get("/admin")