advent22/api/advent22_api/routers/_security.py

import secrets
from datetime import date

from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPBasic, HTTPBasicCredentials

from ..core.config import Config, get_config

security = HTTPBasic()


async def user_is_admin(
    credentials: HTTPBasicCredentials = Depends(security),
    cfg: Config = Depends(get_config),
) -> bool:
    """
    True iff der user "admin" ist
    """

    username_correct = secrets.compare_digest(credentials.username, cfg.admin.name)
    password_correct = secrets.compare_digest(credentials.password, cfg.admin.password)

    return username_correct and password_correct


async def require_admin(
    is_admin: bool = Depends(user_is_admin),
) -> None:
    """
    HTTP 401 iff der user nicht "admin" ist
    """

    if not is_admin:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED)


async def user_visible_doors() -> int:
    """
    Anzahl der user-sichtbaren Türchen
    """

    today = date.today()

    if today.month == 12:
        return today.day

    if today.month in (1, 2, 3):
        return 24

    return 0


async def user_can_view_day(
    day: int,
) -> bool:
    """
    True iff das Türchen von Tag `day` user-sichtbar ist
    """

    if day < 1:
        raise HTTPException(status.HTTP_422_UNPROCESSABLE_ENTITY)

    return day <= await user_visible_doors()