advent22/api/advent22_api/routers/user.py

import secrets

from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials

from ..config import Config, get_config

router = APIRouter(prefix="/user", tags=["user"])
security = HTTPBasic()


async def user_is_admin(
    credentials: HTTPBasicCredentials = Depends(security),
    config: Config = Depends(get_config),
) -> bool:
    username_correct = secrets.compare_digest(
        credentials.username, config.admin.name
    )

    password_correct = secrets.compare_digest(
        credentials.password, config.admin.password
    )

    return username_correct and password_correct


async def require_admin(
    is_admin: bool = Depends(user_is_admin),
) -> None:
    if not is_admin:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED)


@router.get("/admin")
def check_admin(
    _: None = Depends(require_admin),
) -> bool:
    return True