import secrets from fastapi import APIRouter, Depends, HTTPException, status from fastapi.security import HTTPBasic, HTTPBasicCredentials from ..config import Config, get_config router = APIRouter(prefix="/user", tags=["user"]) security = HTTPBasic() async def user_is_admin( credentials: HTTPBasicCredentials = Depends(security), config: Config = Depends(get_config), ) -> bool: username_correct = secrets.compare_digest(credentials.username, config.admin.name) password_correct = secrets.compare_digest( credentials.password, config.admin.password ) return username_correct and password_correct async def require_admin( is_admin: bool = Depends(user_is_admin), ) -> None: if not is_admin: raise HTTPException(status.HTTP_401_UNAUTHORIZED) @router.get("/admin") def check_admin( _: None = Depends(require_admin), ) -> bool: return True