dwindown/yellow-bank-soal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: avoid admin password handler name collision

Browse Source
This commit is contained in:
dwindown
2026-04-01 15:16:12 +07:00
parent 16ab13e911
commit 68f635eac1
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/admin.py
View File

@@ -71,8 +71,8 @@ class EnvCredentialProvider(Provider):
expire_seconds: int = 3600, expire_seconds: int = 3600,
template: str = "providers/login/login.html", template: str = "providers/login/login.html",
) -> None: ) -> None:
self.username = username self._username = username
self.password = password self._password = password
self.login_path = login_path self.login_path = login_path
self.logout_path = logout_path self.logout_path = logout_path
self.login_title = login_title self.login_title = login_title
@@ -107,8 +107,8 @@ class EnvCredentialProvider(Provider):
remember_me: Optional[str] = Form(None), remember_me: Optional[str] = Form(None),
): ):
if not ( if not (
secrets.compare_digest(username, self.username) secrets.compare_digest(username, self._username)
and secrets.compare_digest(password, self.password) and secrets.compare_digest(password, self._password)
): ):
return templates.TemplateResponse( return templates.TemplateResponse(
self.template, self.template,
@@ -137,7 +137,7 @@ class EnvCredentialProvider(Provider):
path=request.app.admin_path, path=request.app.admin_path,
httponly=True, httponly=True,
) )
await request.app.redis.set(constants.LOGIN_USER.format(token=token), self.username, ex=expire) await request.app.redis.set(constants.LOGIN_USER.format(token=token), self._username, ex=expire)
return response return response
async def authenticate(self, request: Request, call_next: RequestResponseEndpoint): async def authenticate(self, request: Request, call_next: RequestResponseEndpoint):
@@ -185,7 +185,7 @@ class EnvCredentialProvider(Provider):
resources=Depends(get_resources), resources=Depends(get_resources),
): ):
_ = admin _ = admin
if not secrets.compare_digest(old_password, self.password): if not secrets.compare_digest(old_password, self._password):
return templates.TemplateResponse( return templates.TemplateResponse(
"providers/login/password.html", "providers/login/password.html",
context={ context={