Merge branch 'main' into discord-webhook

Signed-off-by: Hassan Abouelela <[email protected]>

# Conflicts:
#	backend/routes/forms/submit.py

1 files changed, 12 insertions, 2 deletions

diff --git a/backend/middleware.py b/backend/middleware.py
index 2267a9a..f74091b 100644
--- a/backend/middleware.py
+++ b/backend/middleware.py
@@ -4,9 +4,9 @@ import ssl
 from motor.motor_asyncio import AsyncIOMotorClient
 from starlette.middleware.base import BaseHTTPMiddleware
 from starlette.requests import Request
-from starlette.responses import Response
+from starlette.responses import JSONResponse, Response
 
-from backend.constants import DATABASE_URL, MONGO_DATABASE
+from backend.constants import DATABASE_URL, DOCS_PASSWORD, MONGO_DATABASE
 
 
 class DatabaseMiddleware(BaseHTTPMiddleware):
@@ -19,3 +19,13 @@ class DatabaseMiddleware(BaseHTTPMiddleware):
         request.state.db = db
         response = await call_next(request)
         return response
+
+
+class ProtectedDocsMiddleware(BaseHTTPMiddleware):
+    async def dispatch(self, request: Request, call_next: t.Callable) -> Response:
+        if DOCS_PASSWORD and request.url.path.startswith("/docs"):
+            if request.cookies.get("docs_password") != DOCS_PASSWORD:
+                return JSONResponse({"status": "unauthorized"}, status_code=403)
+
+        resp = await call_next(request)
+        return resp