fix: avoid admin password handler name collision

2026-04-01 15:16:12 +07:00
parent 16ab13e911
commit 68f635eac1
1 changed files with 6 additions and 6 deletions
--- a/app/admin.py
+++ b/app/admin.py
@@ -71,8 +71,8 @@ class EnvCredentialProvider(Provider):
        expire_seconds: int = 3600,
        template: str = "providers/login/login.html",
    ) -> None:
-        self.username = username
-        self.password = password
+        self._username = username
+        self._password = password
        self.login_path = login_path
        self.logout_path = logout_path
        self.login_title = login_title
@@ -107,8 +107,8 @@ class EnvCredentialProvider(Provider):
        remember_me: Optional[str] = Form(None),
    ):
        if not (
-            secrets.compare_digest(username, self.username)
-            and secrets.compare_digest(password, self.password)
+            secrets.compare_digest(username, self._username)
+            and secrets.compare_digest(password, self._password)
        ):
            return templates.TemplateResponse(
                self.template,
@@ -137,7 +137,7 @@ class EnvCredentialProvider(Provider):
            path=request.app.admin_path,
            httponly=True,
        )
-        await request.app.redis.set(constants.LOGIN_USER.format(token=token), self.username, ex=expire)
+        await request.app.redis.set(constants.LOGIN_USER.format(token=token), self._username, ex=expire)
        return response

    async def authenticate(self, request: Request, call_next: RequestResponseEndpoint):
@@ -185,7 +185,7 @@ class EnvCredentialProvider(Provider):
        resources=Depends(get_resources),
    ):
        _ = admin
-        if not secrets.compare_digest(old_password, self.password):
+        if not secrets.compare_digest(old_password, self._password):
            return templates.TemplateResponse(
                "providers/login/password.html",
                context={