Add authentification for accessing detailed map

BenCretois · BenCretois · commit 9cc2944b8e63 · 2025-09-08T16:44:27.000+02:00
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -8,7 +8,7 @@ services:
     #image: ghcr.io/ninanor/dashboard-dashboard:main@sha-9a71d5a
     environment:
       - AUTH_USERNAME=${AUTH_USERNAME}
-      - AUTH_PASSWORD=${AUTH_PASSWORD}
+      - AUTH_PASSWORD=${AUTH_PASSWORD}  # Also used for detailed map access
       - BASE_DATA_DIR=${BASE_DATA_DIR}
   reverseproxy:
     build: proxy
diff --git a/src/components/auth.py b/src/components/auth.py
@@ -0,0 +1,99 @@
+"""
+Authentication component for detailed map access.
+"""
+
+import os
+import streamlit as st
+from config.settings import DETAILED_MAP_PASSWORD
+
+
+def get_detailed_map_password() -> str:
+    """Get the detailed map password from environment variable or config."""
+    return os.environ.get("AUTH_PASSWORD", DETAILED_MAP_PASSWORD)
+
+
+def check_detailed_map_access() -> bool:
+    """
+    Check if the user has access to the detailed map.
+    Returns True if authorized, False otherwise.
+    """
+    # Initialize session state for detailed map access
+    if "detailed_map_authorized" not in st.session_state:
+        st.session_state.detailed_map_authorized = False
+    
+    return st.session_state.detailed_map_authorized
+
+
+def render_detailed_map_auth() -> bool:
+    """
+    Render the detailed map authentication interface.
+    Returns True if user is authorized for detailed map access.
+    """
+    # Check if already authorized
+    if check_detailed_map_access():
+        return True
+    
+    # Show authentication interface
+    with st.expander("🔐 Detailed Map Access", expanded=False):
+        st.markdown("""
+        **Project Team Access**: Enter your dashboard password to access detailed device locations.
+        
+        ⚠️ **Note**: This will show exact device coordinates for project management purposes.
+        """)
+        
+        password = st.text_input(
+            "Password",
+            type="password",
+            help="Enter your dashboard password to unlock detailed map view",
+            key="detailed_map_password"
+        )
+        
+        col1, col2 = st.columns([1, 3])
+        
+        with col1:
+            if st.button("🔓 Unlock Detailed Map", type="primary"):
+                if password == get_detailed_map_password():
+                    st.session_state.detailed_map_authorized = True
+                    st.success("✅ Access granted! Detailed map is now available.")
+                    st.rerun()
+                else:
+                    st.error("❌ Invalid password")
+        
+        with col2:
+            if st.session_state.detailed_map_authorized:
+                if st.button("🔒 Lock Detailed Map"):
+                    st.session_state.detailed_map_authorized = False
+                    st.info("🔒 Detailed map access revoked")
+                    st.rerun()
+    
+    return check_detailed_map_access()
+
+
+def get_map_zoom_level() -> int:
+    """
+    Get the appropriate zoom level based on user authorization.
+    Returns detailed zoom level if authorized, otherwise privacy-protected level.
+    """
+    from config.settings import MAX_ZOOM_LEVEL, DETAILED_MAP_MAX_ZOOM
+    
+    if check_detailed_map_access():
+        return DETAILED_MAP_MAX_ZOOM
+    else:
+        return MAX_ZOOM_LEVEL
+
+
+def get_map_access_status() -> dict:
+    """
+    Get the current map access status and settings.
+    Returns a dictionary with access information.
+    """
+    from config.settings import MAX_ZOOM_LEVEL, DETAILED_MAP_MAX_ZOOM
+    
+    is_authorized = check_detailed_map_access()
+    
+    return {
+        "is_authorized": is_authorized,
+        "current_max_zoom": DETAILED_MAP_MAX_ZOOM if is_authorized else MAX_ZOOM_LEVEL,
+        "access_level": "Detailed (Project Team)" if is_authorized else "Privacy Protected (Public)",
+        "zoom_description": f"Up to level {DETAILED_MAP_MAX_ZOOM}" if is_authorized else f"Limited to level {MAX_ZOOM_LEVEL}"
+    }
diff --git a/src/components/map_viz.py b/src/components/map_viz.py
@@ -12,9 +12,9 @@
     DEFAULT_ZOOM, 
     MAP_HEIGHT, 
     MAP_WIDTH,
-    MAX_ZOOM_LEVEL,
     MIN_ZOOM_LEVEL
 )
+from components.auth import get_map_zoom_level
 
 
 def render_device_map(
@@ -27,8 +27,8 @@ def render_device_map(
         st.warning("⚠️ No site information available")
         return None
 
-    # Use provided settings or fall back to config defaults
-    use_max_zoom = max_zoom if max_zoom is not None else MAX_ZOOM_LEVEL
+    # Use provided settings or get dynamic zoom level based on user authorization
+    use_max_zoom = max_zoom if max_zoom is not None else get_map_zoom_level()
 
     # Create map centered on device locations
     center_lat = site_info["Latitude"].mean()
diff --git a/src/config/settings.py b/src/config/settings.py
@@ -25,8 +25,14 @@
 MAP_WIDTH = 1200
 
 # Privacy protection settings
-MAX_ZOOM_LEVEL = 7              # Maximum zoom level (prevents very detailed viewing) - hardcoded for privacy
+MAX_ZOOM_LEVEL = 7              # Maximum zoom level for public access (prevents very detailed viewing)
 MIN_ZOOM_LEVEL = 3              # Minimum zoom level
+DETAILED_MAP_MAX_ZOOM = 18      # Maximum zoom level for authorized users (full detail)
+
+# Detailed map access configuration
+# Password can be set via AUTH_PASSWORD environment variable (recommended for production)
+# This same variable is used for basic authentication in the reverse proxy
+DETAILED_MAP_PASSWORD = "tabmon2025"  # Fallback password for detailed map access
 
 # Chart settings
 HEATMAP_COLORSCALE = "Viridis"
diff --git a/src/map_dashboard.py b/src/map_dashboard.py
@@ -14,6 +14,7 @@
 from components.metrics import render_status_metrics
 from components.sidebar import render_complete_sidebar
 from components.tables import render_status_table, render_summary_table
+from components.auth import render_detailed_map_auth, get_map_access_status
 from components.ui_styles import (
     load_custom_css,
     render_info_section_header,
@@ -84,8 +85,22 @@ def render_map_tab(device_data: pd.DataFrame, data_service: DataService):
     """Render the interactive map tab."""
     st.markdown("### Device Locations and Status")
     
-    # Privacy notice
-    st.info("🔒 **Privacy Protection**: Map zoom is limited to protect sensitive device location details.")
+    # Authentication interface for detailed map access
+    is_authorized = render_detailed_map_auth()
+    
+    # Show current access status
+    access_status = get_map_access_status()
+    
+    if is_authorized:
+        st.success(
+            f"🔓 **{access_status['access_level']}** - "
+            f"Zoom {access_status['zoom_description']} available"
+        )
+    else:
+        st.info(
+            f"🔒 **{access_status['access_level']}** - "
+            f"Zoom {access_status['zoom_description']} for privacy protection"
+        )
 
     # Filters for map view
     filtered_data, active_filters = render_complete_filters(
