working auth

ktvmanager/lib/auth.py

@@ -1,13 +1,15 @@
 from functools import wraps
-from flask import request, jsonify, Blueprint
+from flask import request, jsonify, Blueprint, make_response
 from ktvmanager.lib.get_users import get_users
 
 auth_blueprint = Blueprint("auth", __name__)
 
 def check_auth(username, password):
     users = get_users()
-    stored_password = users.get(username)
-    return stored_password == password
+    for user in users:
+        if user['userName'] == username and user['password'] == password:
+            return True
+    return False
 
 def requires_basic_auth(f):
     @wraps(f)
@@ -20,9 +22,17 @@ def requires_basic_auth(f):
 
 def check_login(username, password):
     users = get_users()
-    try:
-        user_password = users[username]
-        assert user_password == password
-        return jsonify({"auth": "Success"})
-    except KeyError:
+    for user in users:
+        if user['userName'] == username and user['password'] == password:
+            response = make_response(jsonify({"auth": "Success"}))
+            user_id = str(user.get('id'))
+            if user_id:
+                response.set_cookie(
+                    'user',
+                    user_id,
+                    domain='tv-ui.k-world.me.uk',
+                    path='/',
+                    samesite=None
+                )
+            return response
     return jsonify({"auth": "Fail"})

ktvmanager/lib/get_users.py

@@ -1,7 +1,10 @@
 from ktvmanager.lib.database import _execute_query
 
 def get_users():
-    query = "SELECT userName, password FROM users"
+    query = "SELECT id, userName, password FROM users"
     results = _execute_query(query)
-    users = {user['userName']: user['password'] for user in results}
+    users = [
+        {'id': user['id'], 'userName': user['userName'], 'password': user['password']}
+        for user in results
+    ]
     return users