This commit is contained in:
Edward Betts 2024-01-21 15:56:22 +00:00
commit 533c7767e8
3 changed files with 33 additions and 1 deletions

29
agenda/auth.py Normal file
View file

@ -0,0 +1,29 @@
"""Authentication via UniAuth."""
import flask
import werkzeug
from itsdangerous.url_safe import URLSafeTimedSerializer
max_age = 60 * 60 * 24 * 90
def verify_auth_token(token: str) -> str | None:
"""Verify the authentication token."""
serializer = URLSafeTimedSerializer(flask.current_app.config["SECRET_KEY"])
try:
username = serializer.loads(token, salt="auth", max_age=max_age)
except Exception:
return None
assert isinstance(username, str)
return username
def require_authentication() -> werkzeug.Response | None:
"""Require authentication."""
token = flask.request.cookies.get("auth_token")
return (
None
if token and verify_auth_token(token)
else flask.redirect(flask.current_app.config["UNIAUTH_LOGIN_URL"])
)

View file

@ -21,8 +21,8 @@ def next_launch_api(rocket_dir: str, limit: int = 200) -> list[Launch]:
params: dict[str, str | int] = {"limit": limit}
r = requests.get(url, params=params)
open(filename, "w").write(r.text)
data = r.json()
open(filename, "w").write(r.text)
return [summarize_launch(launch) for launch in data["results"]]

View file

@ -15,6 +15,7 @@ import werkzeug
import werkzeug.debug.tbtools
import yaml
import agenda.auth
import agenda.data
import agenda.error_mail
import agenda.holidays
@ -27,6 +28,8 @@ app = flask.Flask(__name__)
app.debug = False
app.config.from_object("config.default")
app.before_request(agenda.auth.require_authentication)
agenda.error_mail.setup_error_mail(app)