scheduler / utils /auth.py
umangchaudhry's picture
Upload 31 files
0d04b76 verified
Raw
History Blame Contribute Delete
1.48 kB
"""
Authentication helpers — session-cookie-based for FastAPI.
Supports admin and provider login. Sessions stored in-memory keyed by token.
"""
import os
import secrets
import threading
from core import data_manager
def get_secret(key: str) -> str:
return os.environ.get(key)
# In-memory session store: token -> session dict
_lock = threading.Lock()
_sessions: dict[str, dict] = {}
def check_credentials(username: str, password: str) -> bool:
admin_user = get_secret("ADMIN_USERNAME")
admin_pass = get_secret("ADMIN_PASSWORD")
return bool(admin_user) and bool(admin_pass) and username == admin_user and password == admin_pass
def check_provider_credentials(name: str, password: str) -> dict | None:
provider = data_manager.get_provider_by_name(name)
if provider and provider.get("password") == password:
return provider
return None
def create_session(user_role: str, current_user: str, provider_id: str | None = None) -> str:
token = secrets.token_urlsafe(32)
with _lock:
_sessions[token] = {
"user_role": user_role,
"current_user": current_user,
"provider_id": provider_id,
}
return token
def get_session(token: str | None) -> dict | None:
if not token:
return None
with _lock:
return _sessions.get(token)
def destroy_session(token: str | None) -> None:
if not token:
return
with _lock:
_sessions.pop(token, None)