feat: authed users in env

src/auth/config.py

@@ -9,5 +9,7 @@ class AuthConfig(CustomBaseSettings):
     OIDC_AUDIENCE: str = ""
     CLIENT_ID: str = ""
 
+    AUTHORISED_USERS: list[str] = []
+
 
 auth_settings = AuthConfig()

src/auth/service.py

@@ -52,7 +52,7 @@ claims_dependency = Annotated[dict[str, Any], Depends(get_current_user)]
 
 
 async def is_authed_user(claims: claims_dependency) -> bool:
-	authed_users: list[str] = ["chris@sr2.uk"]
+	authed_users: list[str] = auth_settings.AUTHORISED_USERS
 	user_email = claims.get("email", None)
 	if not user_email or user_email not in authed_users:
 		raise HTTPException(status_code=403, detail="Not authenticated")

template.env

@@ -16,3 +16,5 @@ MISP_OUTPUT_FILE=""
 ALLOWED_TLP='["tlp:clear", "tlp:white", "tlp:green"]'
 IGNORED_TLP='["tlp:red", "tlp:amber+strict", "tlp:amber"]'
 UNBOUND_CERT_DIR=""
+
+AUTHORISED_USERS='[]'