C3L-NOC/spaceapi Changeset - 43d0202c6c60 · Chaos Computer Club Lëtzebuerg Projects

Changeset - 43d0202c6c60

Parent rev.

Child rev.

[Not reviewed]

default

0 2 0

Dennis Fink - 3 years ago 2022-03-05 17:07:39
dennis.fink@c3l.lu

Add new views, that use BasicAuth instead of DigestAuth

Somehow the httpx library fails with DigestAuth, altough it officialy supports
it. We use it in the spaceapi matrix bot.

2 files changed with 85 insertions and 2 deletions:

spaceapi/auth.py

spaceapi/views.py

0 comments (0 inline, 0 general)

spaceapi/auth.py

➞

Show inline comments

 from flask import current_app
 from flask_httpauth import HTTPDigestAuth
 from flask_httpauth import HTTPBasicAuth, HTTPDigestAuth
 from werkzeug.security import safe_str_cmp
 basicauth = HTTPBasicAuth()
 httpauth = HTTPDigestAuth()
@@ @@ -9,3 +11,12 @@ def get_pw(username): @@
     if username in current_app.config["HTTP_DIGEST_AUTH_USERS"]:
         return current_app.config["HTTP_DIGEST_AUTH_USERS"][username]
     return None
 @basicauth.verify_password
 def verify_password(username, password):
     if username in current_app.config["HTTP_DIGEST_AUTH_USERS"]:
         return safe_str_cmp(
             current_app.config["HTTP_DIGEST_AUTH_USERS"][username], password
+        )
     return None

spaceapi/views.py

➞

Show inline comments

@@ @@ -9,7 +9,7 @@ from flask import ( @@
     url_for,
+)
 from .auth import httpauth
+from .auth import basicauth, httpauth
 from .utils import ActiveStatus, ActiveStatusv14, request_wants_json
 root_views = Blueprint("root", __name__)
@@ @@ -118,3 +118,75 @@ def present(): @@
         return redirect(url_for("root.index"))
     return render_template("present.html")
 @root_views.route("/basicopen", methods=("GET", "POST"))
 @basicauth.login_required
 def basicopen():
     if request.method == "POST":
         active = ActiveStatus()
         activev14 = ActiveStatusv14()
         try:
             if (
                 httpauth.username()
                 in current_app.config["STATE_TRIGGER_PERSON_ALLOWED"]
             ):
                 trigger_person = httpauth.username()
             else:
                 trigger_person = None
         except KeyError:
             trigger_person = None
         if "close" in request.form:
             new_state = False
         elif "open" in request.form:
             new_state = True
         if "message" in request.form:
             message = request.form.get("message")
         else:
             message = None
         active.set_new_state(
             value=new_state, trigger_person=trigger_person, message=message
+        )
         activev14.set_new_state(
             value=new_state, trigger_person=trigger_person, message=message
+        )
         active.save_last_state()
         activev14.save_last_state()
         return redirect(url_for("root.index"))
     return render_template("open.html")
 @root_views.route("/basicpresent", methods=("GET", "POST"))
 @basicauth.login_required
 def basicpresent():
     if request.method == "POST":
         active = ActiveStatus()
         activev14 = ActiveStatusv14()
         if active["state"]["open"]:
             user = (
                 httpauth.username()
                 if "user" not in request.form
                 else request.form["user"]
+            )
             if "present" in request.form:
                 active.add_user_present(user)
                 activev14.add_user_present(user)
             elif "leave" in request.form:
                 active.remove_user_present(user)
                 activev14.remove_user_present(user)
             else:
                 return redirect(url_for("root.index"))
             active.save_last_state()
             activev14.save_last_state()
         return redirect(url_for("root.index"))
     return render_template("present.html")

0 comments (0 inline, 0 general)