40 lines
1.4 KiB
Python
40 lines
1.4 KiB
Python
"""
|
|
Authentication utilities for QR Code Manager
|
|
"""
|
|
|
|
import os
|
|
import bcrypt
|
|
from functools import wraps
|
|
from flask import session, redirect, url_for, request, jsonify
|
|
|
|
# Admin configuration
|
|
ADMIN_USERNAME = os.environ.get('ADMIN_USERNAME', 'admin')
|
|
ADMIN_PASSWORD_HASH = None
|
|
|
|
def init_admin():
|
|
"""Initialize admin user with password from environment or default"""
|
|
global ADMIN_PASSWORD_HASH
|
|
admin_password = os.environ.get('ADMIN_PASSWORD', 'admin123')
|
|
ADMIN_PASSWORD_HASH = bcrypt.hashpw(admin_password.encode('utf-8'), bcrypt.gensalt())
|
|
print(f"Admin user initialized: {ADMIN_USERNAME}")
|
|
print(f"Default password: {admin_password if admin_password == 'admin123' else '***'}")
|
|
|
|
def verify_password(password, hashed):
|
|
"""Verify a password against its hash"""
|
|
return bcrypt.checkpw(password.encode('utf-8'), hashed)
|
|
|
|
def login_required(f):
|
|
"""Authentication decorator"""
|
|
@wraps(f)
|
|
def decorated_function(*args, **kwargs):
|
|
if 'logged_in' not in session:
|
|
if request.endpoint and request.endpoint.startswith('api'):
|
|
return jsonify({'error': 'Authentication required'}), 401
|
|
return redirect(url_for('auth.login'))
|
|
return f(*args, **kwargs)
|
|
return decorated_function
|
|
|
|
def get_admin_credentials():
|
|
"""Get admin credentials for authentication"""
|
|
return ADMIN_USERNAME, ADMIN_PASSWORD_HASH
|