chris/misp
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

feat: authed users in env

Browse source
This commit is contained in:
Chris Milne 2026-05-07 12:56:30 +01:00
parent 5f069285c2
commit 3a1e822b63
3 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/auth/config.py
View file

@ -9,5 +9,7 @@ class AuthConfig(CustomBaseSettings):
OIDC_AUDIENCE: str = "" OIDC_AUDIENCE: str = ""
CLIENT_ID: str = "" CLIENT_ID: str = ""
AUTHORISED_USERS: list[str] = []
auth_settings = AuthConfig() auth_settings = AuthConfig()

2
src/auth/service.py
View file

@ -52,7 +52,7 @@ claims_dependency = Annotated[dict[str, Any], Depends(get_current_user)]
async def is_authed_user(claims: claims_dependency) -> bool: async def is_authed_user(claims: claims_dependency) -> bool:
authed_users: list[str] = ["chris@sr2.uk"] authed_users: list[str] = auth_settings.AUTHORISED_USERS
user_email = claims.get("email", None) user_email = claims.get("email", None)
if not user_email or user_email not in authed_users: if not user_email or user_email not in authed_users:
raise HTTPException(status_code=403, detail="Not authenticated") raise HTTPException(status_code=403, detail="Not authenticated")

2
template.env
View file

@ -16,3 +16,5 @@ MISP_OUTPUT_FILE=""
ALLOWED_TLP='["tlp:clear", "tlp:white", "tlp:green"]' ALLOWED_TLP='["tlp:clear", "tlp:white", "tlp:green"]'
IGNORED_TLP='["tlp:red", "tlp:amber+strict", "tlp:amber"]' IGNORED_TLP='["tlp:red", "tlp:amber+strict", "tlp:amber"]'
UNBOUND_CERT_DIR="" UNBOUND_CERT_DIR=""
AUTHORISED_USERS='[]'