36 lines
1.3 KiB
Python
36 lines
1.3 KiB
Python
"""Authentification simple — session cookie."""
|
|
from fastapi import Depends, HTTPException, Request
|
|
from fastapi.responses import RedirectResponse
|
|
from starlette.middleware.sessions import SessionMiddleware
|
|
from app.config import APP_USER, APP_PASSWORD, SECRET_KEY
|
|
|
|
SESSION_KEY = "gsparc_user"
|
|
|
|
|
|
def init_auth(app):
|
|
"""Initialise le middleware de session sur l'app FastAPI."""
|
|
app.add_middleware(SessionMiddleware, secret_key=SECRET_KEY, session_cookie="gsparc_session")
|
|
|
|
|
|
def login_user(request: Request, username: str, password: str) -> bool:
|
|
"""Vérifie les credentials et crée une session."""
|
|
if username == APP_USER and password == APP_PASSWORD:
|
|
request.session[SESSION_KEY] = username
|
|
return True
|
|
return False
|
|
|
|
|
|
def logout_user(request: Request):
|
|
"""Détruit la session."""
|
|
request.session.clear()
|
|
|
|
|
|
async def require_auth(request: Request):
|
|
"""Dépendance FastAPI qui protège les routes."""
|
|
user = request.session.get(SESSION_KEY)
|
|
if not user:
|
|
# Si c'est une API, retourner 401 ; si c'est une page, rediriger vers login
|
|
if request.headers.get("accept", "").startswith("application/json"):
|
|
raise HTTPException(status_code=401, detail="Authentification requise")
|
|
raise HTTPException(status_code=303, headers={"Location": "/login"})
|
|
return user |