25 lines
734 B
Python
25 lines
734 B
Python
import secrets
|
|
|
|
from fastapi import Depends, HTTPException, status
|
|
from fastapi.security import HTTPBasic, HTTPBasicCredentials
|
|
|
|
import config
|
|
|
|
security = HTTPBasic()
|
|
|
|
|
|
def require_admin(
|
|
credentials: HTTPBasicCredentials = Depends(security),
|
|
) -> None:
|
|
ok_user = secrets.compare_digest(
|
|
credentials.username.encode(), config.ADMIN_USERNAME.encode()
|
|
)
|
|
ok_pass = secrets.compare_digest(
|
|
credentials.password.encode(), config.ADMIN_PASSWORD.encode()
|
|
)
|
|
if not (ok_user and ok_pass):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Неверный логин или пароль",
|
|
headers={"WWW-Authenticate": "Basic"},
|
|
)
|