advent22/api/advent22_api/routers/_security.py

60 lines
1.2 KiB
Python

import secrets
from datetime import date
from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials
from ..core.config import Config
security = HTTPBasic()
async def user_is_admin(
credentials: HTTPBasicCredentials = Depends(security),
cfg: Config = Depends(Config.get_config),
) -> bool:
"""
True iff der user "admin" ist
"""
username_correct = secrets.compare_digest(credentials.username, cfg.admin.name)
password_correct = secrets.compare_digest(credentials.password, cfg.admin.password)
return username_correct and password_correct
async def require_admin(
is_admin: bool = Depends(user_is_admin),
) -> None:
"""
HTTP 401 iff der user nicht "admin" ist
"""
if not is_admin:
raise HTTPException(status.HTTP_401_UNAUTHORIZED)
async def user_visible_doors() -> int:
"""
Anzahl der user-sichtbaren Türchen
"""
today = date.today()
if today.month == 12:
return today.day
if today.month in (1, 2, 3):
return 24
return 0
async def user_can_view_door(
day: int,
) -> bool:
"""
True iff das Türchen von Tag `day` user-sichtbar ist
"""
return day < await user_visible_doors()