# HG changeset patch # User Dennis Fink # Date 2022-03-05 17:07:39 # Node ID 43d0202c6c60386b43659a8c7af65e6d1c05f669 # Parent 8ecea309a05271fadbcb8eb6d1df0f7f912debd0 Add new views, that use BasicAuth instead of DigestAuth Somehow the httpx library fails with DigestAuth, altough it officialy supports it. We use it in the spaceapi matrix bot. diff --git a/spaceapi/auth.py b/spaceapi/auth.py --- a/spaceapi/auth.py +++ b/spaceapi/auth.py @@ -1,6 +1,8 @@ from flask import current_app -from flask_httpauth import HTTPDigestAuth +from flask_httpauth import HTTPBasicAuth, HTTPDigestAuth +from werkzeug.security import safe_str_cmp +basicauth = HTTPBasicAuth() httpauth = HTTPDigestAuth() @@ -9,3 +11,12 @@ def get_pw(username): if username in current_app.config["HTTP_DIGEST_AUTH_USERS"]: return current_app.config["HTTP_DIGEST_AUTH_USERS"][username] return None + + +@basicauth.verify_password +def verify_password(username, password): + if username in current_app.config["HTTP_DIGEST_AUTH_USERS"]: + return safe_str_cmp( + current_app.config["HTTP_DIGEST_AUTH_USERS"][username], password + ) + return None diff --git a/spaceapi/views.py b/spaceapi/views.py --- a/spaceapi/views.py +++ b/spaceapi/views.py @@ -9,7 +9,7 @@ from flask import ( url_for, ) -from .auth import httpauth +from .auth import basicauth, httpauth from .utils import ActiveStatus, ActiveStatusv14, request_wants_json root_views = Blueprint("root", __name__) @@ -118,3 +118,75 @@ def present(): return redirect(url_for("root.index")) return render_template("present.html") + + +@root_views.route("/basicopen", methods=("GET", "POST")) +@basicauth.login_required +def basicopen(): + if request.method == "POST": + active = ActiveStatus() + activev14 = ActiveStatusv14() + + try: + if ( + httpauth.username() + in current_app.config["STATE_TRIGGER_PERSON_ALLOWED"] + ): + trigger_person = httpauth.username() + else: + trigger_person = None + except KeyError: + trigger_person = None + + if "close" in request.form: + new_state = False + elif "open" in request.form: + new_state = True + + if "message" in request.form: + message = request.form.get("message") + else: + message = None + + active.set_new_state( + value=new_state, trigger_person=trigger_person, message=message + ) + activev14.set_new_state( + value=new_state, trigger_person=trigger_person, message=message + ) + active.save_last_state() + activev14.save_last_state() + return redirect(url_for("root.index")) + + return render_template("open.html") + + +@root_views.route("/basicpresent", methods=("GET", "POST")) +@basicauth.login_required +def basicpresent(): + if request.method == "POST": + + active = ActiveStatus() + activev14 = ActiveStatusv14() + + if active["state"]["open"]: + user = ( + httpauth.username() + if "user" not in request.form + else request.form["user"] + ) + if "present" in request.form: + active.add_user_present(user) + activev14.add_user_present(user) + elif "leave" in request.form: + active.remove_user_present(user) + activev14.remove_user_present(user) + else: + return redirect(url_for("root.index")) + + active.save_last_state() + activev14.save_last_state() + + return redirect(url_for("root.index")) + + return render_template("present.html")