1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
import os
from fastapi import APIRouter, Request
from fastapi.responses import RedirectResponse
from fastapi.templating import Jinja2Templates
from argon2 import PasswordHasher
from argon2.exceptions import VerifyMismatchError
templates = Jinja2Templates(directory="templates")
router = APIRouter()
OWNER_PASSWORD_HASH = os.getenv("OWNER_PASSWORD_HASH", "")
ph = PasswordHasher()
@router.get("/login")
async def login_form(request: Request):
if request.session.get("authenticated"):
return RedirectResponse("/", status_code=303)
return templates.TemplateResponse(request=request, name="login.html", context={"request": request})
@router.post("/login")
async def login(request: Request):
if request.session.get("authenticated"):
return RedirectResponse("/", status_code=303)
form = await request.form()
password = form.get("password", "")
if not OWNER_PASSWORD_HASH:
error = "Server not configured: OWNER_PASSWORD_HASH not set"
return templates.TemplateResponse(
request=request,
name="login.html",
context={"request": request, "error": error},
status_code=500
)
try:
ph.verify(OWNER_PASSWORD_HASH, password)
request.session["authenticated"] = True
return RedirectResponse("/", status_code=303)
except VerifyMismatchError:
pass
return templates.TemplateResponse(
request=request,
name="login.html",
context={"request": request, "error": "Invalid password"},
status_code=401
)
@router.post("/logout")
async def logout(request: Request):
request.session.clear()
return RedirectResponse("/login", status_code=303)
|
