From 41e2daa2650e8118a427092a1407adfdd72790ac Mon Sep 17 00:00:00 2001
From: nexy7574 <git@nexy7574.co.uk>
Date: Thu, 6 Jun 2024 00:37:21 +0100
Subject: [PATCH] Support multiple accounts

---
 src/server.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/server.py b/src/server.py
index 7122b01..b6feed4 100644
--- a/src/server.py
+++ b/src/server.py
@@ -31,11 +31,19 @@ USERNAME = os.getenv("WEB_USERNAME", os.urandom(32).hex())
 PASSWORD = os.getenv("WEB_PASSWORD", os.urandom(32).hex())
 
 
+accounts = {
+    USERNAME: PASSWORD
+}
+if os.path.exists("./web-accounts.json"):
+    with open("./web-accounts.json") as f:
+        accounts.update(json.load(f))
+
+
 def check_credentials(credentials: HTTPBasicCredentials = Depends(security)):
     err = HTTPException(status_code=401, detail="Unauthorized")
-    if credentials.username != USERNAME:
+    if credentials.username not in accounts:
         raise err
-    if not secrets.compare_digest(credentials.password, PASSWORD):
+    if not secrets.compare_digest(credentials.password, accounts[credentials.username]):
         raise err
     return credentials