Changeset 1353
- Timestamp:
- 09/11/06 13:28:34
- Files:
-
- trunk/cherrypy/lib/auth.py (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/cherrypy/lib/auth.py
r1352 r1353 1 2 1 import cherrypy 3 from cherrypy._cptools import Tool4 2 5 3 from httpauth import parseAuthorization, checkResponse, basicAuth, digestAuth 6 4 7 def check_auth(realm, users): 8 # Check if the user-agent provides an authorization header 9 # containing credentials5 6 def check_auth(users): 7 """If an authorization header contains credentials, return True, else False.""" 10 8 if 'authorization' in cherrypy.request.headers: 11 9 # make sure the provided credentials are correctly set … … 13 11 if ah is None: 14 12 raise cherrypy.HTTPError(400, 'Bad Request') 15 13 16 14 # fetch the user password 17 15 password = users.get(ah["username"], None) 18 16 19 17 # validate the authorization by re-computing it here 20 18 # and compare it with what the user-agent provided 21 19 if checkResponse(ah, password, method=cherrypy.request.method): 22 20 return True 23 21 24 22 return False 25 23 26 24 def basic_auth(realm, users): 27 if check_auth(realm, users): 25 """If auth fails, raise 401 with a basic authentication header. 26 27 realm: a string containing the authentication realm. 28 users: a dict of the form: {username: password}. 29 """ 30 if check_auth(users): 28 31 return 29 32 … … 32 35 33 36 raise cherrypy.HTTPError(401, "You are not authorized to access that resource") 34 37 35 38 def digest_auth(realm, users): 36 if check_auth(realm, users): 39 """If auth fails, raise 401 with a digest authentication header. 40 41 realm: a string containing the authentication realm. 42 users: a dict of the form: {username: password}. 43 """ 44 if check_auth(users): 37 45 return 38 46
