Spaces:
Running
Running
deploy at 2024-08-25 07:42:37.050643
Browse files
main.py
CHANGED
|
@@ -191,9 +191,16 @@ class SimpleAuthBackend(AuthenticationBackend):
|
|
| 191 |
return None
|
| 192 |
return AuthCredentials(["authenticated"]), SimpleUser("admin")
|
| 193 |
|
| 194 |
-
|
|
|
|
| 195 |
middlewares = [
|
| 196 |
-
Middleware(
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 197 |
Middleware(AuthenticationMiddleware, backend=SimpleAuthBackend()),
|
| 198 |
]
|
| 199 |
|
|
@@ -224,6 +231,16 @@ app, rt = fast_app(
|
|
| 224 |
same_site="None",
|
| 225 |
)
|
| 226 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 227 |
|
| 228 |
sesskey = get_key(fname=sess_key_path)
|
| 229 |
print(f"Session key: {sesskey}")
|
|
@@ -452,6 +469,14 @@ async def login(request: Request):
|
|
| 452 |
if username == ADMIN_NAME and compare_digest(ADMIN_PWD.encode("utf-8"), password.encode("utf-8")):
|
| 453 |
request.session["auth"] = True
|
| 454 |
response = RedirectResponse("/admin", status_code=303)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 455 |
return response
|
| 456 |
|
| 457 |
return RedirectResponse("/login?error=True", status_code=303)
|
|
@@ -659,7 +684,8 @@ def download_csv(request: Request):
|
|
| 659 |
|
| 660 |
@app.route("/admin")
|
| 661 |
async def admin(request: Request):
|
| 662 |
-
|
|
|
|
| 663 |
return RedirectResponse("/login", status_code=303)
|
| 664 |
|
| 665 |
page = int(request.query_params.get("page", 1))
|
|
|
|
| 191 |
return None
|
| 192 |
return AuthCredentials(["authenticated"]), SimpleUser("admin")
|
| 193 |
|
| 194 |
+
|
| 195 |
+
# Modify the middleware setup
|
| 196 |
middlewares = [
|
| 197 |
+
Middleware(
|
| 198 |
+
SessionMiddleware,
|
| 199 |
+
secret_key=SECRET_KEY,
|
| 200 |
+
max_age=3600,
|
| 201 |
+
same_site='None', # Try 'Lax' if 'None' doesn't work
|
| 202 |
+
https_only=False, # Set to True if your site uses HTTPS
|
| 203 |
+
),
|
| 204 |
Middleware(AuthenticationMiddleware, backend=SimpleAuthBackend()),
|
| 205 |
]
|
| 206 |
|
|
|
|
| 231 |
same_site="None",
|
| 232 |
)
|
| 233 |
|
| 234 |
+
# Add this function for debugging
|
| 235 |
+
@app.middleware("http")
|
| 236 |
+
async def debug_request_middleware(request: Request, call_next):
|
| 237 |
+
print(f"Request headers: {request.headers}")
|
| 238 |
+
print(f"Request cookies: {request.cookies}")
|
| 239 |
+
response = await call_next(request)
|
| 240 |
+
print(f"Response headers: {response.headers}")
|
| 241 |
+
if hasattr(response, 'cookies'):
|
| 242 |
+
print(f"Response cookies: {response.cookies}")
|
| 243 |
+
return response
|
| 244 |
|
| 245 |
sesskey = get_key(fname=sess_key_path)
|
| 246 |
print(f"Session key: {sesskey}")
|
|
|
|
| 469 |
if username == ADMIN_NAME and compare_digest(ADMIN_PWD.encode("utf-8"), password.encode("utf-8")):
|
| 470 |
request.session["auth"] = True
|
| 471 |
response = RedirectResponse("/admin", status_code=303)
|
| 472 |
+
response.set_cookie(
|
| 473 |
+
"admin_auth",
|
| 474 |
+
request.session,
|
| 475 |
+
max_age=3600,
|
| 476 |
+
httponly=True,
|
| 477 |
+
samesite='Lax', # Try 'Lax' if 'None' doesn't work
|
| 478 |
+
secure=False, # Set to True if your site uses HTTPS
|
| 479 |
+
)
|
| 480 |
return response
|
| 481 |
|
| 482 |
return RedirectResponse("/login?error=True", status_code=303)
|
|
|
|
| 684 |
|
| 685 |
@app.route("/admin")
|
| 686 |
async def admin(request: Request):
|
| 687 |
+
auth = request.cookies.get("admin_auth", None)
|
| 688 |
+
if auth is None:
|
| 689 |
return RedirectResponse("/login", status_code=303)
|
| 690 |
|
| 691 |
page = int(request.query_params.get("page", 1))
|