Changeset 1682
- Timestamp:
- 06/22/07 11:06:43
- Files:
-
- trunk/cherrypy/lib/auth.py (modified) (1 diff)
- trunk/cherrypy/test/test_httpauth.py (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/cherrypy/lib/auth.py
r1614 r1682 15 15 16 16 if callable(users): 17 users = users() # expect it to return a dictionary 18 19 if not isinstance(users, dict): 20 raise ValueError, "Authentication users must be a dictionary" 21 22 # fetch the user password 23 password = users.get(ah["username"], None) 17 try: 18 # backward compatibility 19 users = users() # expect it to return a dictionary 20 21 if not isinstance(users, dict): 22 raise ValueError, "Authentication users must be a dictionary" 23 24 # fetch the user password 25 password = users.get(ah["username"], None) 26 except TypeError: 27 # returns a password (encrypted or clear text) 28 password = users(ah["username"]) 29 else: 30 if not isinstance(users, dict): 31 raise ValueError, "Authentication users must be a dictionary" 32 33 # fetch the user password 34 password = users.get(ah["username"], None) 24 35 25 36 # validate the authorization by re-computing it here trunk/cherrypy/test/test_httpauth.py
r1614 r1682 2 2 test.prefer_parent_path() 3 3 4 import md5 4 import md5, sha 5 5 6 6 import cherrypy … … 23 23 index.exposed = True 24 24 25 class BasicProtected2: 26 def index(self): 27 return "Hello %s, you've been authorized." % cherrypy.request.login 28 index.exposed = True 29 25 30 def fetch_users(): 26 31 return {'test': 'test'} 32 33 def sha_password_encrypter(password): 34 return sha.new(password).hexdigest() 35 36 def fetch_password(username): 37 return sha.new('test').hexdigest() 27 38 28 39 conf = {'/digest': {'tools.digest_auth.on': True, … … 31 42 '/basic': {'tools.basic_auth.on': True, 32 43 'tools.basic_auth.realm': 'localhost', 33 'tools.basic_auth.users': {'test': md5.new('test').hexdigest()}}} 44 'tools.basic_auth.users': {'test': md5.new('test').hexdigest()}}, 45 '/basic2': {'tools.basic_auth.on': True, 46 'tools.basic_auth.realm': 'localhost', 47 'tools.basic_auth.users': fetch_password, 48 'tools.basic_auth.encrypt': sha_password_encrypter}} 49 34 50 root = Root() 35 51 root.digest = DigestProtected() 36 52 root.basic = BasicProtected() 53 root.basic2 = BasicProtected2() 37 54 cherrypy.tree.mount(root, config=conf) 38 55 cherrypy.config.update({'environment': 'test_suite'}) … … 57 74 58 75 self.getPage('/basic/', [('Authorization', 'Basic dGVzdDp0ZXN0')]) 76 self.assertStatus('200 OK') 77 self.assertBody("Hello test, you've been authorized.") 78 79 def testBasic2(self): 80 self.getPage("/basic2/") 81 self.assertStatus('401 Unauthorized') 82 self.assertHeader('WWW-Authenticate', 'Basic realm="localhost"') 83 84 self.getPage('/basic2/', [('Authorization', 'Basic dGVzdDp0ZX60')]) 85 self.assertStatus('401 Unauthorized') 86 87 self.getPage('/basic2/', [('Authorization', 'Basic dGVzdDp0ZXN0')]) 59 88 self.assertStatus('200 OK') 60 89 self.assertBody("Hello test, you've been authorized.")
