Spaces:

vespa-engine
/

fasthtml-vespa

Running

App Files Files Community

thomasht86 commited on Aug 24, 2024

Commit

ca1e31f

verified ·

1 Parent(s): 1e0c0d5

deploy at 2024-08-24 20:17:44.188098

Browse files

Files changed (1) hide show

main.py +37 -37

main.py CHANGED Viewed

@@ -46,6 +46,9 @@ from starlette.middleware import Middleware
 from starlette.middleware.base import BaseHTTPMiddleware
 from starlette.middleware.sessions import SessionMiddleware
 from starlette.middleware.cors import CORSMiddleware
 from vespa.application import Vespa
 import json
 import os
@@ -59,8 +62,9 @@ from enum import Enum
 from typing import Tuple as T
 from urllib.parse import quote
 import uuid
-DEV_MODE = False
 if DEV_MODE:
     print("Running in DEV_MODE - Hot reload enabled")
@@ -123,9 +127,7 @@ def user_auth_before(req, sess):
     # be secure to use.
     print(f"Session Data before route: {sess}")
     auth = req.scope["auth"] = sess.get("auth", None)
-    print(f"Auth: {auth}")
-    if not auth:
-        return login_redir
 spinner_css = Style("""
@@ -179,16 +181,22 @@ class DebugSessionMiddleware(SessionMiddleware):
         await super().__call__(scope, receive, send)
         print(f"DebugSessionMiddleware: After processing - Scope: {scope}")
 middlewares = [
-    Middleware(
-        SessionMiddleware,
-        secret_key=get_key(fname=sess_key_path),
-        max_age=3600,
-    ),
-    Middleware(XFrameOptionsMiddleware),
-    #Middleware(SessionLoggingMiddleware),
-    #Middleware(DebugSessionMiddleware, secret_key=get_key(fname=sess_key_path)),
 ]
 bware = Beforeware(
     user_auth_before,
     skip=[
@@ -208,7 +216,7 @@ bware = Beforeware(
 )
 app, rt = fast_app(
-    before=bware,
     live=DEV_MODE,
     hdrs=headers,
     middleware=middlewares,
@@ -436,29 +444,21 @@ def get_login_form(sess, error: bool = False):
 @app.post("/login")
-def post(login: Login, sess):
-    if not compare_digest(ADMIN_PWD.encode("utf-8"), login.pwd.encode("utf-8")):
-        # Incorrect password - add error message
-        return RedirectResponse("/login?error=True", status_code=303)
-    sess["auth"] = True
-    response = RedirectResponse("/admin", status_code=303)
-    print(sess)
-    # Explicitly set the session cookie
-    response.set_cookie(
-        key="session",
-        value=sess,
-        httponly=True,
-        secure=True,
-        samesite="Lax"
-    )
-    return response
-@app.get("/logout")
-def logout(sess):
-    sess["auth"] = False
     return RedirectResponse("/")
@@ -656,12 +656,12 @@ def download_csv(auth):
     )
-@app.get("/admin")
-def get_admin(auth, sess, page: int = 1):
-    # Check if the user is authenticated
-    if not sess.get("auth"):
         return RedirectResponse("/login", status_code=303)
     limit = 15
     offset = (page - 1) * limit
     total_queries_result = list(
@@ -737,7 +737,7 @@ def get_admin(auth, sess, page: int = 1):
     return (
         Title("Admin"),
-        get_navbar(auth),
         Main(
             Div(
                 A(

 from starlette.middleware.base import BaseHTTPMiddleware
 from starlette.middleware.sessions import SessionMiddleware
 from starlette.middleware.cors import CORSMiddleware
+from starlette.middleware.authentication import AuthenticationMiddleware
+from starlette.authentication import AuthenticationBackend, AuthenticationError, SimpleUser, AuthCredentials
+from starlette.responses import RedirectResponse
 from vespa.application import Vespa
 import json
 import os
 from typing import Tuple as T
 from urllib.parse import quote
 import uuid
+import secrets
+DEV_MODE = True
 if DEV_MODE:
     print("Running in DEV_MODE - Hot reload enabled")
     # be secure to use.
     print(f"Session Data before route: {sess}")
     auth = req.scope["auth"] = sess.get("auth", None)
 spinner_css = Style("""
         await super().__call__(scope, receive, send)
         print(f"DebugSessionMiddleware: After processing - Scope: {scope}")
+# Generate a secure secret key
+SECRET_KEY = secrets.token_urlsafe(32)
+# Custom authentication backend
+class SimpleAuthBackend(AuthenticationBackend):
+    async def authenticate(self, request):
+        if "auth" not in request.session:
+            return None
+        return AuthCredentials(["authenticated"]), SimpleUser("admin")
+# Simplified middleware setup
 middlewares = [
+    Middleware(SessionMiddleware, secret_key=SECRET_KEY, max_age=3600),
+    Middleware(AuthenticationMiddleware, backend=SimpleAuthBackend()),
 ]
 bware = Beforeware(
     user_auth_before,
     skip=[
 )
 app, rt = fast_app(
+    #before=bware,
     live=DEV_MODE,
     hdrs=headers,
     middleware=middlewares,
 @app.post("/login")
+async def login(request):
+    form = await request.form()
+    username = form.get("name")
+    password = form.get("pwd")
+    if username == ADMIN_NAME and compare_digest(ADMIN_PWD.encode("utf-8"), password.encode("utf-8")):
+        request.session["auth"] = True
+        return RedirectResponse("/admin", status_code=303)
+    return RedirectResponse("/login?error=True", status_code=303)
+@app.route("/logout")
+async def logout(request):
+    request.session.pop("auth", None)
     return RedirectResponse("/")
     )
+@app.route("/admin")
+async def admin(request):
+    if not request.user.is_authenticated:
         return RedirectResponse("/login", status_code=303)
+    page = int(request.query_params.get("page", 1))
     limit = 15
     offset = (page - 1) * limit
     total_queries_result = list(
     return (
         Title("Admin"),
+        get_navbar(request.user.is_authenticated),
         Main(
             Div(
                 A(