diff options
Diffstat (limited to 'libbe/util')
-rw-r--r-- | libbe/util/wsgi.py | 75 |
1 files changed, 0 insertions, 75 deletions
diff --git a/libbe/util/wsgi.py b/libbe/util/wsgi.py index fc460bc..2e97941 100644 --- a/libbe/util/wsgi.py +++ b/libbe/util/wsgi.py @@ -353,81 +353,6 @@ class UppercaseHeaderApp (WSGI_Middleware): return self.app(environ, start_response) -class AuthenticationApp (WSGI_Middleware): - """WSGI middleware for handling user authentication. - """ - def __init__(self, realm, setting='be-auth', users=None, *args, **kwargs): - super(AuthenticationApp, self).__init__(*args, **kwargs) - self.realm = realm - self.setting = setting - self.users = users - - def _call(self, environ, start_response): - environ['{}.realm'.format(self.setting)] = self.realm - try: - username = self.authenticate(environ) - environ['{}.user'.format(self.setting)] = username - environ['{}.user.name'.format(self.setting)] = self.users[username].name - return self.app(environ, start_response) - except Unauthorized, e: - return self.error(environ, start_response, - e.code, e.msg, e.headers) - - def authenticate(self, environ): - """Handle user-authentication sent in the "Authorization" header. - - This function implements ``Basic`` authentication as described in - HTTP/1.0 specification [1]_ . Do not use this module unless you - are using SSL, as it transmits unencrypted passwords. - - .. [1] http://www.w3.org/Protocols/HTTP/1.0/draft-ietf-http-spec.html#BasicAA - - Examples - -------- - - >>> users = Users() - >>> users.add_user(User('Aladdin', 'Big Al', password='open sesame')) - >>> app = AuthenticationApp(app=None, realm='Dummy Realm', users=users) - >>> app.authenticate({'HTTP_AUTHORIZATION':'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=='}) - 'Aladdin' - >>> app.authenticate({'HTTP_AUTHORIZATION':'Basic AAAAAAAAAAAAAAAAAAAAAAAAAA=='}) - - Notes - ----- - - Code based on authkit/authenticate/basic.py - (c) 2005 Clark C. Evans. - Released under the MIT License: - http://www.opensource.org/licenses/mit-license.php - """ - authorization = environ.get('HTTP_AUTHORIZATION', None) - if authorization is None: - raise Unauthorized('Authorization required') - try: - authmeth,auth = authorization.split(' ', 1) - except ValueError: - return None - if 'basic' != authmeth.lower(): - return None # non-basic HTTP authorization not implemented - auth = auth.strip().decode('base64') - try: - username,password = auth.split(':', 1) - except ValueError: - return None - if self.authfunc(environ, username, password): - return username - - def authfunc(self, environ, username, password): - if not username in self.users: - return False - if self.users[username].valid_login(password): - if self.logger is not None: - self.logger.log(self.log_level, - 'Authenticated {}'.format(self.users[username].name)) - return True - return False - - class WSGI_DataObject (WSGI_Object): """Useful WSGI utilities for handling data (POST, QUERY) and returning responses. |