""" Authentication configuration for ID Agents Beta Testing ======================================================== Simple authentication system for beta testing with 10 users. Supports both username/password and invitation codes. """ import hashlib import secrets from typing import Dict, Optional, Tuple # Beta testing users with hashed passwords # Format: username -> (password_hash, full_name, role, email) BETA_USERS = { "dr_smith": { "password_hash": "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8", # 'idweek2025' "full_name": "Dr. Sarah Smith", "role": "Infectious Disease Physician", "email": "sarah.smith@hospital.edu", "access_level": "full" }, "id_fellow": { "password_hash": "a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3", # 'hello' "full_name": "Dr. Alex Johnson", "role": "ID Fellow", "email": "alex.johnson@medical.edu", "access_level": "full" }, "pharmacist": { "password_hash": "ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f", # 'stewardship' "full_name": "PharmD Lisa Chen", "role": "Clinical Pharmacist", "email": "lisa.chen@pharmacy.org", "access_level": "full" }, "ipc_nurse": { "password_hash": "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", # 'infection' "full_name": "RN Maria Garcia", "role": "Infection Prevention Coordinator", "email": "maria.garcia@hospital.com", "access_level": "full" }, "researcher": { "password_hash": "04f8996da763b7a969b1028ee3007569eaf3a635486ddab211d512c85b9df8fb", # 'research' "full_name": "Dr. Michael Kim", "role": "Clinical Researcher", "email": "michael.kim@research.org", "access_level": "full" }, "educator": { "password_hash": "1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b", # 'education' "full_name": "Dr. Jennifer Liu", "role": "Medical Educator", "email": "jennifer.liu@medical.edu", "access_level": "full" }, "student": { "password_hash": "b221d9dbb083a7f33428d7c2a3c3198ae925614d70210e28716ccaa7cd4ddb79", # 'learning' "full_name": "Medical Student Sam Wilson", "role": "4th Year Medical Student", "email": "sam.wilson@student.edu", "access_level": "limited" }, "admin": { "password_hash": "c6ee9e33cf5c6715a1d148fd73f7318884b41adcb916021e2bc0e800a5c5dd97", # 'idagents2025' "full_name": "Administrator", "role": "System Administrator", "email": "admin@idagents.com", "access_level": "admin" }, "guest1": { "password_hash": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", # 'guest123' "full_name": "Guest User 1", "role": "Beta Tester", "email": "guest1@testing.com", "access_level": "limited" }, "guest2": { "password_hash": "2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae", # 'guest456' "full_name": "Guest User 2", "role": "Beta Tester", "email": "guest2@testing.com", "access_level": "limited" } } # Invitation codes for easy access (single-use or limited-use) INVITATION_CODES = { "IDWEEK2025": { "username": "dr_smith", "uses_remaining": 5, "description": "ID Week 2025 VIP Access" }, "BETA-FELLOW": { "username": "id_fellow", "uses_remaining": 3, "description": "Fellowship Program Access" }, "PHARM-STEW": { "username": "pharmacist", "uses_remaining": 3, "description": "Pharmacy Stewardship Access" }, "IPC-NURSE": { "username": "ipc_nurse", "uses_remaining": 3, "description": "Infection Prevention Access" }, "RESEARCH-AI": { "username": "researcher", "uses_remaining": 3, "description": "Clinical Research Access" } } def hash_password(password: str) -> str: """Hash a password using SHA-256""" return hashlib.sha256(password.encode()).hexdigest() def verify_password(password: str, password_hash: str) -> bool: """Verify a password against its hash""" return hash_password(password) == password_hash def authenticate_user(username: str, password: str) -> Tuple[bool, Optional[Dict]]: """ Authenticate a user with username and password Returns: (success: bool, user_info: dict or None) """ if username not in BETA_USERS: return False, None user_data = BETA_USERS[username] if verify_password(password, user_data["password_hash"]): # Return sanitized user info (no password hash) user_info = { "username": username, "full_name": user_data["full_name"], "role": user_data["role"], "email": user_data["email"], "access_level": user_data["access_level"] } return True, user_info return False, None def authenticate_with_code(invitation_code: str) -> Tuple[bool, Optional[Dict]]: """ Authenticate using an invitation code Returns: (success: bool, user_info: dict or None) """ if invitation_code not in INVITATION_CODES: return False, None code_data = INVITATION_CODES[invitation_code] if code_data["uses_remaining"] <= 0: return False, None # Decrement uses INVITATION_CODES[invitation_code]["uses_remaining"] -= 1 # Get user info username = code_data["username"] user_data = BETA_USERS[username] user_info = { "username": username, "full_name": user_data["full_name"], "role": user_data["role"], "email": user_data["email"], "access_level": user_data["access_level"], "auth_method": "invitation_code" } return True, user_info def get_user_capabilities(access_level: str) -> Dict[str, bool]: """Get user capabilities based on access level""" capabilities = { "admin": { "can_create_agents": True, "can_modify_agents": True, "can_delete_agents": True, "can_access_all_tools": True, "can_see_debug_info": True, "can_download_configs": True, "can_upload_files": True, "max_agents": 50, "max_file_size_mb": 100 }, "full": { "can_create_agents": True, "can_modify_agents": True, "can_delete_agents": True, "can_access_all_tools": True, "can_see_debug_info": True, "can_download_configs": True, "can_upload_files": True, "max_agents": 10, "max_file_size_mb": 50 }, "limited": { "can_create_agents": True, "can_modify_agents": True, "can_delete_agents": False, "can_access_all_tools": False, "can_see_debug_info": False, "can_download_configs": False, "can_upload_files": False, "max_agents": 3, "max_file_size_mb": 10 } } return capabilities.get(access_level, capabilities["limited"]) # Pre-computed password hashes for reference (DO NOT USE IN PRODUCTION): # 'idweek2025' -> 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8 # 'hello' -> a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3 # 'stewardship' -> ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f # 'infection' -> 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92 # 'research' -> 04f8996da763b7a969b1028ee3007569eaf3a635486ddab211d512c85b9df8fb # 'education' -> 1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b (placeholder) # 'learning' -> b221d9dbb083a7f33428d7c2a3c3198ae925614d70210e28716ccaa7cd4ddb79 # 'idagents2025' -> c6ee9e33cf5c6715a1d148fd73f7318884b41adcb916021e2bc0e800a5c5dd97 # 'guest123' -> e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 (placeholder) # 'guest456' -> 2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae (placeholder)