forked from kompetenzinventar/ki-backend
37 lines
872 B
Python
37 lines
872 B
Python
# SPDX-FileCopyrightText: WTF Kooperative eG <https://wtf-eg.de/>
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
import uuid
|
|
import yaml
|
|
|
|
from app import app, db
|
|
from ki.models import User, Token
|
|
|
|
|
|
def auth(username, password):
|
|
auth_file_path = app.config["KI_DATA_DIR"] + "/auth.yml"
|
|
|
|
with open(auth_file_path, "r") as auth_file_stream:
|
|
users = yaml.safe_load(auth_file_stream)
|
|
|
|
if username not in users:
|
|
return None
|
|
|
|
auth_user = users[username]
|
|
|
|
if auth_user["password"] != password:
|
|
return None
|
|
|
|
user = User.query.filter(User.auth_id.__eq__(username)).first()
|
|
|
|
if user is None:
|
|
user = User(auth_id=username)
|
|
db.session.add(user)
|
|
|
|
token = Token(token=str(uuid.uuid4()), user=user)
|
|
db.session.add(token)
|
|
db.session.commit()
|
|
|
|
return token
|