32 lines
884 B
Python
32 lines
884 B
Python
from aiohttp import web
|
|
from aiohttp_basicauth import BasicAuthMiddleware
|
|
import bcrypt
|
|
import sys
|
|
|
|
password = b'password'
|
|
|
|
class CustomBasicAuth(BasicAuthMiddleware):
|
|
async def check_credentials(self, username, password, request):
|
|
if status := username == 'bob' and bcrypt.checkpw(password.encode('utf-8'),
|
|
request.app['hashed']):
|
|
request['user'] = username
|
|
return status
|
|
|
|
|
|
auth = CustomBasicAuth(force=False)
|
|
|
|
async def public_view(request):
|
|
return web.Response(text='Public view')
|
|
|
|
|
|
@auth.required
|
|
async def secret_view(request):
|
|
return web.Response(text=request['user'])
|
|
|
|
def server():
|
|
app = web.Application(middlewares=[auth])
|
|
app['hashed'] = bcrypt.hashpw(password, bcrypt.gensalt())
|
|
app.router.add_route('GET', '/public', public_view)
|
|
app.router.add_route('GET', '/secret', secret_view)
|
|
|
|
web.run_app(app) |