diff options
| author | altaf-creator <dev@altafcreator.com> | 2026-01-21 16:09:33 +0800 |
|---|---|---|
| committer | altaf-creator <dev@altafcreator.com> | 2026-01-21 16:09:33 +0800 |
| commit | 1ea49d7ed8a59a9a0b995eca9ea5d8574b0e0d95 (patch) | |
| tree | 146f9730f9286ec93b8023fc0d2715df0804e01d /backend/main.py | |
| parent | ef65a11fe44116fe81f5af5062587890b18914a8 (diff) | |
password
Diffstat (limited to 'backend/main.py')
| -rw-r--r-- | backend/main.py | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/backend/main.py b/backend/main.py index ff6ec38..77c84b0 100644 --- a/backend/main.py +++ b/backend/main.py @@ -19,6 +19,7 @@ from dotenv import load_dotenv from os import getenv import yaml import notif # import notif.py +import bcrypt # ## API, db, and scheduler initialisation app = fastapi.FastAPI(title="Victoria Hall LaundryWeb", description="LaundryWeb Backend API", version="0.1") @@ -481,6 +482,15 @@ def notif_subscribe(data: notif.PushSubscriptionData, response: fastapi.Response @app.post("/admin_login", response_class=PlainTextResponse) def admin_login(data: PlaintextPasswordData, response: fastapi.Response): print(data.password) + + pwd = data.password.encode('utf-8') + stored_hash_pwd = getenv("ADMIN_PASSWORD_HASH") + + if bcrypt.checkpw(pwd, stored_hash_pwd): + response.status_code = fastapi.status.HTTP_202_ACCEPTED + return "Authenticated!!!11" + + response.status_code = fastapi.status.HTTP_403_FORBIDDEN return data.password @@ -490,3 +500,13 @@ def override_status(data: OverrideMachineData, response: fastapi.Response, admin if not admin_auth: response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED return "Unauthorised." + + +# --- change admin password +@app.post("/admin_change_password", response_class=PlainTextResponse) +def admin_change_password(data: PlaintextPasswordData, response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None): + if not admin_auth: + response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED + return "Unauthorised." + + pass |