rewrite

2025-11-04 09:56:37 +01:00
parent 32ef62e4ac
commit addb21bc3e
34 changed files with 3864 additions and 367 deletions
--- a/auth/auth_middleware.py
+++ b/auth/auth_middleware.py
@@ -1,53 +1,39 @@
-import os
-import functools
-from flask import request, Response
-import configparser
+"""Auth middleware - Updated for database"""

-# Docker paths
-CONFIG_DIR = './config'
-AUTH_CFG = os.path.join(CONFIG_DIR, 'auth', 'auth.cfg')
+from functools import wraps
+from flask import session, redirect, url_for
+from database.models import User

-# Ensure config directory exists
-os.makedirs(os.path.dirname(AUTH_CFG), exist_ok=True)

-# Load auth credentials with fallback defaults
-BASIC_AUTH_USERNAME = "admin"
-BASIC_AUTH_PASSWORD = "admin"
-
-try:
-    if os.path.exists(AUTH_CFG):
-        auth_config = configparser.ConfigParser()
-        auth_config.read(AUTH_CFG)
-        if auth_config.has_section('auth'):
-            BASIC_AUTH_USERNAME = auth_config.get('auth', 'username', fallback='admin')
-            BASIC_AUTH_PASSWORD = auth_config.get('auth', 'password', fallback='admin')
-            print(f"[AUTH] Loaded credentials from {AUTH_CFG}", flush=True)
-        else:
-            print(f"[AUTH] No [auth] section in {AUTH_CFG}, using defaults", flush=True)
-    else:
-        print(f"[AUTH] {AUTH_CFG} not found, using defaults", flush=True)
-except Exception as e:
-    print(f"[AUTH] Error loading config: {e}, using defaults", flush=True)
-
-def check_auth(username, password):
-    return username == BASIC_AUTH_USERNAME and password == BASIC_AUTH_PASSWORD
-
-def authenticate():
-    return Response(
-        'Could not verify your access level for that URL.\n'
-        'You have to login with proper credentials',
-        401,
-        {'WWW-Authenticate': 'Basic realm="Login Required"'}
-    )
-
-def requires_auth(f):
-    @functools.wraps(f)
+def login_required(f):
+    """Require login for view"""
+    @wraps(f)
    def decorated_function(*args, **kwargs):
-        auth = request.authorization
-        if not auth or not check_auth(auth.username, auth.password):
-            return authenticate()
+        if 'user_id' not in session:
+            return redirect(url_for('auth.login', next=request.url))
+        
+        # Verify user still exists
+        user = User.query.get(session['user_id'])
+        if not user:
+            session.clear()
+            return redirect(url_for('auth.login'))
+        
        return f(*args, **kwargs)
    return decorated_function

+
 def setup_auth(app):
-    pass
+    """Setup auth for Flask app"""
+    
+    @app.before_request
+    def before_request():
+        """Before each request - update session user info"""
+        if 'user_id' in session:
+            user = User.query.get(session['user_id'])
+            if user:
+                # Sync session data
+                session['username'] = user.username
+                session['is_admin'] = user.is_admin
+            else:
+                # User was deleted
+                session.clear()