diff options
| author | altaf-creator <dev@altafcreator.com> | 2026-01-23 22:02:56 +0800 |
|---|---|---|
| committer | altaf-creator <dev@altafcreator.com> | 2026-01-23 22:02:56 +0800 |
| commit | f4d2f64e75ea782441d2512717d9ad26c8c21ecc (patch) | |
| tree | 2702df26b955133f036cd79ad0a017f3c18ffdd7 /backend | |
| parent | 17f87de3dca57dfa8ecf8dab8abc267a3f7c7cc2 (diff) | |
admin machine status
Diffstat (limited to 'backend')
| -rw-r--r-- | backend/main.py | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/backend/main.py b/backend/main.py index 6d47fe3..e242389 100644 --- a/backend/main.py +++ b/backend/main.py @@ -492,6 +492,13 @@ def delete_cookie_scheduler(cookie): pass +def authenticate_admin_check(cookie): + cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (cookie,)) + rows = cursor.fetchall() + + return len(rows) > 0 + + # --- admin login @app.post("/admin_login", response_class=PlainTextResponse) def admin_login(data: PlaintextPasswordData, response: fastapi.Response): @@ -525,10 +532,8 @@ def admin_login(data: PlaintextPasswordData, response: fastapi.Response): @app.post("/admin_check", response_class=PlainTextResponse) def admin_check(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None): print("admin check request, ", admin_auth) - cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (admin_auth,)) - rows = cursor.fetchall() - if len(rows) > 0: + if authenticate_admin_check(admin_auth): response.status_code = fastapi.status.HTTP_202_ACCEPTED return "Authorised." else: @@ -543,10 +548,7 @@ def override_status(data: OverrideMachineData, response: fastapi.Response, admin response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED return "Unauthorised." - cursor.execute("SELECT * FROM admin_cookies WHERE cookie = ?", (admin_auth,)) - rows = cursor.fetchall() - - if len(rows) > 0: + if authenticate_admin_check(admin_auth): if (data.disabled): machine_status[data.block - 1][data.machine_id - 1] = Status.OUTOFSERVICE.name else: @@ -574,4 +576,21 @@ def admin_change_password(data: PlaintextPasswordData, response: fastapi.Respons response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED return "Unauthorised." - pass + if authenticate_admin_check(admin_auth): + pass + else: + pass + + +# --- get all blocks machine status for admin +@app.post("/admin_machine_status") +def admin_machine_status(response: fastapi.Response, admin_auth: Annotated[str | None, fastapi.Cookie()] = None): + if not admin_auth: + response.status_code = fastapi.status.HTTP_401_UNAUTHORIZED + return """{"reply": "Unauthorised."}""" + + if authenticate_admin_check(admin_auth): + return machine_status + else: + response.status_code = fastapi.status.HTTP_403_FORBIDDEN + return """{"reply": "Forbidden."}""" |