password is a setting
yeah not terribly elegant, but still better closes #2
This commit is contained in:
parent
82fcc75429
commit
1b78cd9fee
2 changed files with 4 additions and 3 deletions
|
@ -1,3 +1,4 @@
|
|||
STORAGE_DIR="/home/puz/my/hackmeeting/numeretti/pizzicore/storage/"
|
||||
APP_NAME="Numeretti hackmeeting"
|
||||
QUEUES_NUMBER=2
|
||||
ADMIN_PASSWORD="superSecure123"
|
||||
|
|
|
@ -18,6 +18,7 @@ class Settings(BaseSettings):
|
|||
app_name: str = "Numeretti"
|
||||
storage_dir: Path = Path("/var/lib/pizzicore")
|
||||
queues_number: int = 1
|
||||
admin_password: str = "changeme!"
|
||||
|
||||
class Config:
|
||||
env_file = "pizzicore.env"
|
||||
|
@ -125,9 +126,8 @@ class Value(BaseModel):
|
|||
|
||||
|
||||
def get_current_role(credentials: HTTPBasicCredentials = Depends(security)):
|
||||
# XXX: read user/pass from config
|
||||
correct_username = secrets.compare_digest(credentials.username, "avanti")
|
||||
correct_password = secrets.compare_digest(credentials.password, "prossimo")
|
||||
correct_username = secrets.compare_digest(credentials.username, "admin")
|
||||
correct_password = secrets.compare_digest(credentials.password, settings.admin_password)
|
||||
if not (correct_username and correct_password):
|
||||
raise HTTPException(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
|
|
Loading…
Reference in a new issue