tmdinosaurcenter/kiosk-guestbook
1
0
Fork 0
mirror of https://github.com/tmdinosaurcenter/kiosk-guestbook.git synced 2026-06-04 03:50:14 -06:00
Code Issues Packages Projects Releases Wiki Activity

feat: add hardened HTTP Basic Auth for admin interface

Browse Source
This commit is contained in:
Steve Dogiakos
2026-03-10 10:07:09 -06:00
parent 047f1a8c8b
commit b2e7eeb570
2 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.py
+5 -2
View File
@@ -181,9 +181,12 @@ def index():
def require_admin_auth(f):
@wraps(f)
def decorated(*args, **kwargs):
admin_user = os.environ.get('ADMIN_USER')
admin_password = os.environ.get('ADMIN_PASSWORD')
if not admin_user or not admin_password:
logger.error("ADMIN_USER and ADMIN_PASSWORD must be set to enable the admin interface.")
abort(503)
auth = request.authorization
admin_user = os.environ.get('ADMIN_USER', '')
admin_password = os.environ.get('ADMIN_PASSWORD', '')
if not auth or auth.username != admin_user or auth.password != admin_password:
return Response(
'Authentication required.',