implement authentication middleware as middleware

helldivers-2 · Apr 30, 2024 · 6992565 · 6992565
1 parent e07125b
commit 6992565
Showing 1 changed file with 24 additions and 0 deletions.
diff --git a/src/utils/middleware/authentication.py b/src/utils/middleware/authentication.py
@@ -1,11 +1,35 @@
 import bcrypt
 
+from fastapi import status
+from fastapi.requests import Request
+from fastapi.responses import JSONResponse
+
 from src.cfg.settings import security
 
 TOKEN = security["token"]
 hashed = bcrypt.hashpw(bytes(TOKEN, "utf-8"), bcrypt.gensalt())
 
 
+async def authenticate(request: Request, call_next):
+    authenticated_prefixes = "admin"
+    response = None
+    headers = dict(request.scope["headers"])
+    if (
+        authenticated_prefixes in request.url.path
+        and "authorization" in request.headers
+    ):
+        if verify_password(request.headers["Authorization"]):
+            response = await call_next(request)
+        else:
+            response = JSONResponse(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                content={"error": "Unauthorized"},
+            )
+    else:
+        response = await call_next(request)
+    return response
+
+
 def verify_length(token):
     length = len(token)
     if length <= 7 or length >= 25: