def create_user(username, password, *, allow='work/basic_auth.cdv', overwrite=False, **fields):
"""
Create (or update if overwrite=True) a user in the CDV file for basic auth.
Stores password as b64 field (base64 encoded).
You can pass extra fields as kwargs.
"""
if not username or not password:
raise ValueError("Both username and password are required")
# Check existence if not overwriting
if not overwrite:
users = gw.cdv.load_all(allow)
if username in users:
raise ValueError(f"User '{username}' already exists in '{allow}' (set overwrite=True to update)")
pw_b64 = base64.b64encode(password.encode("utf-8")).decode("ascii")
user_fields = {"b64": pw_b64}
user_fields.update(fields)
gw.cdv.update(allow, username, **user_fields)
gw.info(f"[auth] Created/updated user '{username}' in '{allow}'")