FaSTTUBe
/
ftracker
54
1
Fork 0
Code Issues 2 Pull Requests Releases 1 Wiki Activity

Add rudimentary password data protection

This commit is contained in:
Oskar Winkels 2020-12-01 00:05:09 +01:00 committed by Oskar
parent e79cdb3e24
commit a73b9d6cdf
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config.ini
View File

@ -8,3 +8,8 @@ db_file = db.json
# Col1: First Name(s), Col2: Last Name(s), Col3 (optional): EMail # Col1: First Name(s), Col2: Last Name(s), Col3 (optional): EMail
# Remove or leave empty for no check # Remove or leave empty for no check
name_file = namensliste.csv name_file = namensliste.csv
# Username and password for data retrieval
admin_user = admin
admin_pass = topSecret

15
ftracker/core.py
View File

@ -94,3 +94,18 @@ def post_departure():
) )
return 'OK', 200 return 'OK', 200
@app.route('/data')
def get_data():
if not 'Authorization' in request.headers:
return 'Error: No Authorization', 401, {'WWW-Authenticate': 'Basic'}
if request.authorization.username != config['admin_user']:
return "Wrong username", 403
if request.authorization.password != config['admin_pass']:
return "Wrong password", 403
return json.dumps(db.all(), indent=4), 200