From 1603b7fe3a744a6d9c39456053c8978642c90536 Mon Sep 17 00:00:00 2001
From: Karl <karl@k-world.me.uk>
Date: Tue, 15 Jul 2025 09:54:01 +0100
Subject: [PATCH] working auth

---
 ktvmanager/lib/auth.py      | 28 +++++++++++++++++++---------
 ktvmanager/lib/get_users.py |  7 +++++--
 2 files changed, 24 insertions(+), 11 deletions(-)

diff --git a/ktvmanager/lib/auth.py b/ktvmanager/lib/auth.py
index 8ef35fd..77518b3 100644
--- a/ktvmanager/lib/auth.py
+++ b/ktvmanager/lib/auth.py
@@ -1,13 +1,15 @@
 from functools import wraps
-from flask import request, jsonify, Blueprint
+from flask import request, jsonify, Blueprint, make_response
 from ktvmanager.lib.get_users import get_users
 
 auth_blueprint = Blueprint("auth", __name__)
 
 def check_auth(username, password):
     users = get_users()
-    stored_password = users.get(username)
-    return stored_password == password
+    for user in users:
+        if user['userName'] == username and user['password'] == password:
+            return True
+    return False
 
 def requires_basic_auth(f):
     @wraps(f)
@@ -20,9 +22,17 @@ def requires_basic_auth(f):
 
 def check_login(username, password):
     users = get_users()
-    try:
-        user_password = users[username]
-        assert user_password == password
-        return jsonify({"auth": "Success"})
-    except KeyError:
-        return jsonify({"auth": "Fail"})
\ No newline at end of file
+    for user in users:
+        if user['userName'] == username and user['password'] == password:
+            response = make_response(jsonify({"auth": "Success"}))
+            user_id = str(user.get('id'))
+            if user_id:
+                response.set_cookie(
+                    'user',
+                    user_id,
+                    domain='tv-ui.k-world.me.uk',
+                    path='/',
+                    samesite=None
+                )
+            return response
+    return jsonify({"auth": "Fail"})
\ No newline at end of file
diff --git a/ktvmanager/lib/get_users.py b/ktvmanager/lib/get_users.py
index 3eac1da..f6d321f 100644
--- a/ktvmanager/lib/get_users.py
+++ b/ktvmanager/lib/get_users.py
@@ -1,7 +1,10 @@
 from ktvmanager.lib.database import _execute_query
 
 def get_users():
-    query = "SELECT userName, password FROM users"
+    query = "SELECT id, userName, password FROM users"
     results = _execute_query(query)
-    users = {user['userName']: user['password'] for user in results}
+    users = [
+        {'id': user['id'], 'userName': user['userName'], 'password': user['password']}
+        for user in results
+    ]
     return users
\ No newline at end of file