avana/numeretti
3
0
Fork 0
Code Issues 2 Pull requests Releases Activity

password is a setting

Browse source 
yeah not terribly elegant, but still better

closes #2
This commit is contained in:
boyska 2022-08-17 19:34:53 +02:00
parent 82fcc75429
commit 1b78cd9fee
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pizzicore/pizzicore.env.sample
View file

@ -1,3 +1,4 @@
STORAGE_DIR="/home/puz/my/hackmeeting/numeretti/pizzicore/storage/" STORAGE_DIR="/home/puz/my/hackmeeting/numeretti/pizzicore/storage/"
APP_NAME="Numeretti hackmeeting" APP_NAME="Numeretti hackmeeting"
QUEUES_NUMBER=2 QUEUES_NUMBER=2
ADMIN_PASSWORD="superSecure123"

6
pizzicore/pizzicore.py
View file

@ -18,6 +18,7 @@ class Settings(BaseSettings):
app_name: str = "Numeretti" app_name: str = "Numeretti"
storage_dir: Path = Path("/var/lib/pizzicore") storage_dir: Path = Path("/var/lib/pizzicore")
queues_number: int = 1 queues_number: int = 1
admin_password: str = "changeme!"
class Config: class Config:
env_file = "pizzicore.env" env_file = "pizzicore.env"
@ -125,9 +126,8 @@ class Value(BaseModel):
def get_current_role(credentials: HTTPBasicCredentials = Depends(security)): def get_current_role(credentials: HTTPBasicCredentials = Depends(security)):
# XXX: read user/pass from config correct_username = secrets.compare_digest(credentials.username, "admin")
correct_username = secrets.compare_digest(credentials.username, "avanti") correct_password = secrets.compare_digest(credentials.password, settings.admin_password)
correct_password = secrets.compare_digest(credentials.password, "prossimo")
if not (correct_username and correct_password): if not (correct_username and correct_password):
raise HTTPException( raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED, status_code=status.HTTP_401_UNAUTHORIZED,