diff options
| author | cce <devnull@localhost> | 2006-01-01 20:58:49 +0000 |
|---|---|---|
| committer | cce <devnull@localhost> | 2006-01-01 20:58:49 +0000 |
| commit | 71e140a32dfaa515e1ae204ec5cd0f84ccac7a51 (patch) | |
| tree | 825af9f12fe67f0b703f2d99f31f12a12d8c087d /paste/auth/basic.py | |
| parent | 6c3cf1e9c877b1b0af5cf7fde1d9a43c7fadae6c (diff) | |
| download | paste-71e140a32dfaa515e1ae204ec5cd0f84ccac7a51.tar.gz | |
- fixed logic/definition problem /w multi-entry headers;
__call__ now always returns a string value
- renamed resolve to values in HTTPHeader to better
reflect the public-interface for this (esp for multi-entry headers)
- a few bugs in mult-entry headers
- added common CGI headers to httpheaders; I know they don't
really belong here, but error checking is nice
- updated auth.digest and auth.basic to use httpheaders
(this is what prompted the above changes)
- added WWW_AUTHENTICATe header which will build a response to
a digest challenge
- fixed capitalization error in fileapp and added corresponding test
Diffstat (limited to 'paste/auth/basic.py')
| -rw-r--r-- | paste/auth/basic.py | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/paste/auth/basic.py b/paste/auth/basic.py index a255c59..cfacb28 100644 --- a/paste/auth/basic.py +++ b/paste/auth/basic.py @@ -12,7 +12,7 @@ use ``digest`` authentication. >>> from paste.wsgilib import dump_environ >>> from paste.util.httpserver import serve ->>> from paste.auth.basic import AuthBasicHandler +>>> # from paste.auth.basic import AuthBasicHandler >>> realm = 'Test Realm' >>> def authfunc(username, password): ... return username == password @@ -22,6 +22,7 @@ serving on... .. [1] http://www.w3.org/Protocols/HTTP/1.0/draft-ietf-http-spec.html#BasicAA """ from paste.httpexceptions import HTTPUnauthorized +from paste.httpheaders import * class AuthBasicAuthenticator: """ @@ -33,17 +34,18 @@ class AuthBasicAuthenticator: self.authfunc = authfunc def build_authentication(self): - head = [('WWW-Authenticate','Basic realm="%s"' % self.realm)] + head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm) return HTTPUnauthorized(headers=head) - def authenticate(self, authorization): + def authenticate(self, environ): + authorization = AUTHORIZATION(environ) if not authorization: return self.build_authentication() - (authmeth, auth) = authorization.split(" ",1) + (authmeth, auth) = authorization.split(' ',1) if 'basic' != authmeth.lower(): return self.build_authentication() auth = auth.strip().decode('base64') - username, password = auth.split(':') + username, password = auth.split(':',1) if self.authfunc(username, password): return username return self.build_authentication() @@ -82,13 +84,12 @@ class AuthBasicHandler: self.authenticate = AuthBasicAuthenticator(realm, authfunc) def __call__(self, environ, start_response): - username = environ.get('REMOTE_USER','') + username = REMOTE_USER(environ) if not username: - authorization = environ.get('HTTP_AUTHORIZATION','') - result = self.authenticate(authorization) + result = self.authenticate(environ) if isinstance(result, str): - environ['AUTH_TYPE'] = 'basic' - environ['REMOTE_USER'] = result + AUTH_TYPE.update(environ, 'basic') + REMOTE_USER.update(environ, result) else: return result.wsgi_application(environ, start_response) return self.application(environ, start_response) |