jonas/alpinebits_python
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

Added config to api for auth

Browse Source
This commit is contained in:
Jonas Linter
2025-09-29 12:03:49 +02:00
parent 679785dd1c
commit 12f245ae06
1 changed files with 19 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/alpine_bits_python/api.py
View File

@@ -1,6 +1,7 @@
from fastapi import FastAPI, HTTPException, BackgroundTasks, Request, Depends, APIRouter, Form, File, UploadFile from fastapi import FastAPI, HTTPException, BackgroundTasks, Request, Depends, APIRouter, Form, File, UploadFile
from fastapi.middleware.cors import CORSMiddleware from fastapi.middleware.cors import CORSMiddleware
from fastapi.security import HTTPBearer, HTTPBasicCredentials, HTTPBasic from fastapi.security import HTTPBearer, HTTPBasicCredentials, HTTPBasic
from .config_loader import load_config
from fastapi.responses import HTMLResponse, PlainTextResponse, Response from fastapi.responses import HTMLResponse, PlainTextResponse, Response
from .models import WixFormSubmission from .models import WixFormSubmission
from .auth import validate_api_key, validate_wix_signature, generate_api_key from .auth import validate_api_key, validate_wix_signature, generate_api_key
@@ -24,9 +25,13 @@ from .alpinebits_server import AlpineBitsServer, Version
import urllib.parse import urllib.parse
# HTTP Basic auth for AlpineBits # HTTP Basic auth for AlpineBits
security_basic = HTTPBasic() security_basic = HTTPBasic()
# Load config at startup
config = load_config()
# Configure logging # Configure logging
logging.basicConfig(level=logging.INFO) logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@@ -317,18 +322,25 @@ async def validate_basic_auth(credentials: HTTPBasicCredentials = Depends(securi
Validate basic authentication for AlpineBits protocol. Validate basic authentication for AlpineBits protocol.
Returns username if valid, raises HTTPException if not. Returns username if valid, raises HTTPException if not.
""" """
# In production, validate against your user database # Accept any username/password pair present in config['alpine_bits_auth']
# For demo purposes, we'll accept any non-empty credentials
if not credentials.username or not credentials.password: if not credentials.username or not credentials.password:
raise HTTPException( raise HTTPException(
status_code=401, status_code=401,
detail="ERROR: Authentication required", detail="ERROR: Authentication required",
headers={"WWW-Authenticate": "Basic"}, headers={"WWW-Authenticate": "Basic"},
) )
valid = False
# In a real implementation, you'd validate these credentials for entry in config['alpine_bits_auth']:
# For now, we'll just return the username if credentials.username == entry['username'] and credentials.password == entry['password']:
logger.info(f"AlpineBits authentication successful for user: {credentials.username}") valid = True
break
if not valid:
raise HTTPException(
status_code=401,
detail="ERROR: Invalid credentials",
headers={"WWW-Authenticate": "Basic"},
)
logger.info(f"AlpineBits authentication successful for user: {credentials.username} (from config)")
return credentials.username return credentials.username
@@ -466,7 +478,7 @@ async def alpinebits_server_handshake(
if "multipart/form-data" not in content_type and "application/x-www-form-urlencoded" not in content_type: if "multipart/form-data" not in content_type and "application/x-www-form-urlencoded" not in content_type:
raise HTTPException( raise HTTPException(
status_code=400, status_code=400,
detail="ERROR: Content-Type must be multipart/form-data" detail="ERROR: Content-Type must be multipart/form-data or application/x-www-form-urlencoded"
) )
# Parse multipart data # Parse multipart data