Added config to api for auth

2025-09-29 12:03:49 +02:00
parent 679785dd1c
commit 12f245ae06
1 changed files with 19 additions and 7 deletions
--- a/src/alpine_bits_python/api.py
+++ b/src/alpine_bits_python/api.py
@@ -1,6 +1,7 @@
 from fastapi import FastAPI, HTTPException, BackgroundTasks, Request, Depends, APIRouter, Form, File, UploadFile
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.security import HTTPBearer, HTTPBasicCredentials, HTTPBasic
+from .config_loader import load_config
 from fastapi.responses import HTMLResponse, PlainTextResponse, Response
 from .models import WixFormSubmission
 from .auth import validate_api_key, validate_wix_signature, generate_api_key
@@ -24,9 +25,13 @@ from .alpinebits_server import AlpineBitsServer, Version
 import urllib.parse


+
 # HTTP Basic auth for AlpineBits
 security_basic = HTTPBasic()

+# Load config at startup
+config = load_config()
+
 # Configure logging
 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
@@ -317,18 +322,25 @@ async def validate_basic_auth(credentials: HTTPBasicCredentials = Depends(securi
    Validate basic authentication for AlpineBits protocol.
    Returns username if valid, raises HTTPException if not.
    """
-    # In production, validate against your user database
-    # For demo purposes, we'll accept any non-empty credentials
+    # Accept any username/password pair present in config['alpine_bits_auth']
    if not credentials.username or not credentials.password:
        raise HTTPException(
            status_code=401,
            detail="ERROR: Authentication required",
            headers={"WWW-Authenticate": "Basic"},
        )
-    
-    # In a real implementation, you'd validate these credentials
-    # For now, we'll just return the username
-    logger.info(f"AlpineBits authentication successful for user: {credentials.username}")
+    valid = False
+    for entry in config['alpine_bits_auth']:
+        if credentials.username == entry['username'] and credentials.password == entry['password']:
+            valid = True
+            break
+    if not valid:
+        raise HTTPException(
+            status_code=401,
+            detail="ERROR: Invalid credentials",
+            headers={"WWW-Authenticate": "Basic"},
+        )
+    logger.info(f"AlpineBits authentication successful for user: {credentials.username} (from config)")
    return credentials.username


@@ -466,7 +478,7 @@ async def alpinebits_server_handshake(
        if "multipart/form-data" not in content_type and "application/x-www-form-urlencoded" not in content_type:
            raise HTTPException(
                status_code=400,
-                detail="ERROR: Content-Type must be multipart/form-data"
+                detail="ERROR: Content-Type must be multipart/form-data or application/x-www-form-urlencoded"
            )
        
        # Parse multipart data