Simple user auth using ssowat. Meal creation only for logged in users
This commit is contained in:
@@ -1,10 +1,11 @@
|
||||
import locale
|
||||
import os
|
||||
from contextlib import asynccontextmanager
|
||||
from datetime import datetime, timedelta
|
||||
from typing import Annotated
|
||||
|
||||
import starlette.status as status
|
||||
from fastapi import Depends, FastAPI, Request
|
||||
from fastapi import Depends, FastAPI, HTTPException, Request
|
||||
from fastapi.responses import RedirectResponse
|
||||
from fastapi.staticfiles import StaticFiles
|
||||
from fastapi.templating import Jinja2Templates
|
||||
@@ -33,6 +34,15 @@ def get_session():
|
||||
with Session(engine) as session:
|
||||
yield session
|
||||
|
||||
def get_user(request: Request) -> dict | None:
|
||||
if os.environ.get("MEAL_MANAGER_FAKE_USER", False):
|
||||
return {"username": "fake_user"}
|
||||
if "ynh_user" in request.headers:
|
||||
return {
|
||||
"username": request.headers["ynh_user"],
|
||||
}
|
||||
else:
|
||||
return None
|
||||
|
||||
def create_db_and_tables():
|
||||
Base.metadata.create_all(engine)
|
||||
@@ -51,9 +61,9 @@ templates = Jinja2Templates(directory="src/meal_manager/templates")
|
||||
|
||||
SessionDep = Annotated[Session, Depends(get_session)]
|
||||
|
||||
|
||||
UserDep = Annotated[dict, Depends(get_user)]
|
||||
@app.get("/")
|
||||
async def index(request: Request, session: SessionDep):
|
||||
async def index(request: Request, session: SessionDep, user : UserDep):
|
||||
"""Displays coming events and a button to register new ones"""
|
||||
now = datetime.now()
|
||||
# TODO: Once we refactored to use SQLAlchemy directly, we can probably do a nicer filtering on the date alone
|
||||
@@ -66,7 +76,7 @@ async def index(request: Request, session: SessionDep):
|
||||
return templates.TemplateResponse(
|
||||
request=request,
|
||||
name="index.html",
|
||||
context={"events": events, "current_page": "home", "now": now},
|
||||
context={"events": events, "current_page": "home", "now": now, "user": user},
|
||||
)
|
||||
|
||||
|
||||
@@ -155,7 +165,9 @@ async def delete_subscription(request: Request, session: SessionDep, household_i
|
||||
|
||||
|
||||
@app.get("/event/add")
|
||||
async def add_event_form(request: Request, session: SessionDep):
|
||||
async def add_event_form(request: Request, user: UserDep):
|
||||
if not user:
|
||||
raise HTTPException(status_code=401, detail="Only allowed for logged in users")
|
||||
return templates.TemplateResponse(request=request, name="add_event.html")
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user