From 3a1e822b6371ae59c5303a6038f0232873eff0f5 Mon Sep 17 00:00:00 2001
From: luxferre <chris@sr2.uk>
Date: Thu, 7 May 2026 12:56:30 +0100
Subject: [PATCH] feat: authed users in env

---
 src/auth/config.py  | 2 ++
 src/auth/service.py | 2 +-
 template.env        | 2 ++
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/auth/config.py b/src/auth/config.py
index 99803fd..43819a0 100644
--- a/src/auth/config.py
+++ b/src/auth/config.py
@@ -9,5 +9,7 @@ class AuthConfig(CustomBaseSettings):
     OIDC_AUDIENCE: str = ""
     CLIENT_ID: str = ""
 
+    AUTHORISED_USERS: list[str] = []
+
 
 auth_settings = AuthConfig()
diff --git a/src/auth/service.py b/src/auth/service.py
index 52a5275..68fd855 100644
--- a/src/auth/service.py
+++ b/src/auth/service.py
@@ -52,7 +52,7 @@ claims_dependency = Annotated[dict[str, Any], Depends(get_current_user)]
 
 
 async def is_authed_user(claims: claims_dependency) -> bool:
-	authed_users: list[str] = ["chris@sr2.uk"]
+	authed_users: list[str] = auth_settings.AUTHORISED_USERS
 	user_email = claims.get("email", None)
 	if not user_email or user_email not in authed_users:
 		raise HTTPException(status_code=403, detail="Not authenticated")
diff --git a/template.env b/template.env
index 70e4f43..d36e29d 100644
--- a/template.env
+++ b/template.env
@@ -16,3 +16,5 @@ MISP_OUTPUT_FILE=""
 ALLOWED_TLP='["tlp:clear", "tlp:white", "tlp:green"]'
 IGNORED_TLP='["tlp:red", "tlp:amber+strict", "tlp:amber"]'
 UNBOUND_CERT_DIR=""
+
+AUTHORISED_USERS='[]'
\ No newline at end of file