shukivaknin/gniza4linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix auth middleware: use insert(0) on FrozenList before app starts

Browse Source 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
shuki
2026-03-06 06:18:05 +02:00
parent 1800babbc2
commit ebe5645fb9
1 changed files with 22 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
tui/__main__.py
View File

@@ -120,34 +120,33 @@ def main():
public_url=public_url,
)
# Add HTTP Basic Auth middleware if API key is configured
# Add HTTP Basic Auth if API key is configured
if web_key:
@aio_web.middleware
async def basic_auth_middleware(request, handler):
auth_header = request.headers.get("Authorization", "")
if auth_header.startswith("Basic "):
try:
decoded = base64.b64decode(auth_header[6:]).decode("utf-8")
req_user, req_pass = decoded.split(":", 1)
if (
secrets.compare_digest(req_user, web_user)
and secrets.compare_digest(req_pass, web_key)
):
return await handler(request)
except Exception:
pass
return aio_web.Response(
status=401,
headers={"WWW-Authenticate": 'Basic realm="GNIZA"'},
text="Authentication required",
)
_orig_make_app = server._make_app
async def _authed_make_app():
app = await _orig_make_app()
@aio_web.middleware
async def basic_auth(request, handler):
auth_header = request.headers.get("Authorization", "")
if auth_header.startswith("Basic "):
try:
decoded = base64.b64decode(auth_header[6:]).decode("utf-8")
req_user, req_pass = decoded.split(":", 1)
if (
secrets.compare_digest(req_user, web_user)
and secrets.compare_digest(req_pass, web_key)
):
return await handler(request)
except Exception:
pass
return aio_web.Response(
status=401,
headers={"WWW-Authenticate": 'Basic realm="GNIZA"'},
text="Authentication required",
)
app.middlewares.insert(0, basic_auth)
app.middlewares.insert(0, basic_auth_middleware)
return app
server._make_app = _authed_make_app