23 lines
577 B
Python
23 lines
577 B
Python
import hashlib
|
|
|
|
from .errors import ApiError
|
|
|
|
|
|
def auth_route(handler):
|
|
"""Declare an authenticated route."""
|
|
async def _handler(request, *args, **kwargs):
|
|
try:
|
|
pwhash = request.headers['Authorization']
|
|
except KeyError:
|
|
raise ApiError('no password provided', 403)
|
|
|
|
correct = request.app.cfg.PASSWORD
|
|
hashed = hashlib.sha256(correct.encode()).hexdigest()
|
|
|
|
if pwhash != hashed:
|
|
raise ApiError('invalid password', 403)
|
|
|
|
return await handler(request, *args, **kwargs)
|
|
|
|
return _handler
|