From 1a547832db84ccaac9e0f7d949e3e196acbc452d Mon Sep 17 00:00:00 2001 From: Max Value Date: Mon, 6 Apr 2026 23:12:36 +0100 Subject: [PATCH] added auth --- director/__init__.py | 23 +++++++++++++++++++++-- requirements.txt | 3 +++ 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/director/__init__.py b/director/__init__.py index 18b5d5d..ab046d4 100644 --- a/director/__init__.py +++ b/director/__init__.py @@ -1,5 +1,9 @@ +from werkzeug.security import generate_password_hash, check_password_hash from flask import Flask, render_template, send_from_directory, request from flask_socketio import SocketIO, emit +from flask_httpauth import HTTPBasicAuth +from flask_cors import CORS +import json import os from .utils import deindex @@ -10,7 +14,22 @@ from director.database.read import read_views as database_read_views app = Flask(__name__, instance_relative_config=False) socketio = SocketIO(app, logger=False, engineio_logger=False) +auth = HTTPBasicAuth() +CORS(app) +# import authentication data + +with open(f"{app.root_path}/../../secrets.json", "r", encoding="utf-8") as f: + users = json.loads(f.read()) +users = {k: generate_password_hash(v) for (k, v) in users.items()} + +# password verifier + +def verify_password(username, password): + if username in users and check_password_hash(users.get(username), password): + return username + +auth.verify_password(verify_password) # root movements @@ -30,8 +49,8 @@ def info(screen): # admin screen pages -app.route("/admin", methods=["get"])(admin.admin_main) -app.route("/admin/", methods=["get", "post"])(admin.admin_table) +app.route("/admin", methods=["get"])(auth.login_required(admin.admin_main)) +app.route("/admin/", methods=["get", "post"])(auth.login_required(admin.admin_table)) # script pages diff --git a/requirements.txt b/requirements.txt index 34b5c1d..797b570 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,5 @@ flask_socketio +flask_httpauth +flask_cors +werkzeug flask -- 2.39.2