Mercurial > hg > bitsyauth
annotate bitsyauth/minimal.py @ 12:2efb1b30da4a
fix typos; now works, more or less
author | egj@socialplanning.org |
---|---|
date | Tue, 05 Jan 2010 18:18:35 +0000 |
parents | 6fc4f426b8d4 |
children |
rev | line source |
---|---|
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
1 from webob import Request |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
2 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
3 import os |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
4 |
12 | 5 def getpw(basedir, user): |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
6 file = os.path.join(basedir, user, '.password') |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
7 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
8 try: |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
9 fp = open(file) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
10 except IOError: |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
11 return None |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
12 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
13 pw = fp.read().strip() |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
14 fp.close() |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
15 return pw |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
16 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
17 # from paste.auth.digest |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
18 try: |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
19 from hashlib import md5 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
20 except ImportError: |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
21 from md5 import md5 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
22 def hash(user, pw, realm): |
12 | 23 return md5("%s:%s:%s" % (user, realm, pw)).hexdigest() |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
24 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
25 class BitsyblogFilespaceAuth(object): |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
26 def __init__(self, realm, basedir): |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
27 self.realm = realm |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
28 self.basedir = basedir |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
29 def __call__(self, user, pw): |
12 | 30 stored = getpw(self.basedir, user) |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
31 if stored is None: |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
32 return False |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
33 return hash(user, pw, self.realm) == stored |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
34 |
12 | 35 def filter_factory(global_conf, realm=None, basedir=None): |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
36 #from paste.util.import_string import eval_import |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
37 #authfunc = eval_import(authfunc) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
38 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
39 authfunc = BitsyblogFilespaceAuth(realm, basedir) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
40 |
12 | 41 def filter(app): |
42 return BasicAuthMiddleware(app, realm, authfunc) | |
43 return filter | |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
44 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
45 class BasicAuthMiddleware(object): |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
46 def __init__(self, app, realm, auth_checker): |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
47 self.app = app |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
48 self.realm = realm |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
49 self.auth_checker = auth_checker |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
50 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
51 def __call__(self, environ, start_response): |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
52 req = Request(environ) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
53 |
12 | 54 header = req.authorization |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
55 if not header: |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
56 return self.app(environ, start_response) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
57 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
58 (method, auth) = header.split(' ', 1) |
12 | 59 if method.lower() != 'basic': |
11
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
60 return self.app(environ, start_response) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
61 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
62 auth = auth.strip().decode('base64') |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
63 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
64 username, password = auth.split(':', 1) |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
65 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
66 if self.auth_checker(username, password): |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
67 environ['REMOTE_USER'] = username |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
68 |
6fc4f426b8d4
add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own
ejucovy@socialplanning
parents:
diff
changeset
|
69 return self.app(environ, start_response) |