# HG changeset patch # User ejucovy@socialplanning # Date 1262714068 18000 # Node ID 6fc4f426b8d4928ce59cf63e1427df910f76f8a5 # Parent 16c33fd5fb20dacd2a13fcb0ad42b1058b732453 add untested minimal bitsyauth filter that checks basicauth headers against bitsyblog passwords but doesn't issue any challenges of its own diff -r 16c33fd5fb20 -r 6fc4f426b8d4 bitsyauth/minimal.py --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/bitsyauth/minimal.py Tue Jan 05 12:54:28 2010 -0500 @@ -0,0 +1,67 @@ +from webob import Request + +import os + +def pw(basedir, user): + file = os.path.join(basedir, user, '.password') + + try: + fp = open(file) + except IOError: + return None + + pw = fp.read().strip() + fp.close() + return pw + +# from paste.auth.digest +try: + from hashlib import md5 +except ImportError: + from md5 import md5 +def hash(user, pw, realm): + return md5("%s:%s:%s" (user, realm, pw)).hexdigest() + +class BitsyblogFilespaceAuth(object): + def __init__(self, realm, basedir): + self.realm = realm + self.basedir = basedir + def __call__(self, user, pw): + stored = pw(self.basedir, user) + if stored is None: + return False + return hash(user, pw, self.realm) == stored + +def filter_factory(app, global_conf, realm, basedir): + #from paste.util.import_string import eval_import + #authfunc = eval_import(authfunc) + + authfunc = BitsyblogFilespaceAuth(realm, basedir) + + return BasicAuthMiddleware(app, realm, authfunc) + +class BasicAuthMiddleware(object): + def __init__(self, app, realm, auth_checker): + self.app = app + self.realm = realm + self.auth_checker = auth_checker + + def __call__(self, environ, start_response): + req = Request(environ) + + header = req.headers.get('AUTHORIZATION') + if not header: + return self.app(environ, start_response) + + (method, auth) = header.split(' ', 1) + if method != 'basic': + return self.app(environ, start_response) + + auth = auth.strip().decode('base64') + + username, password = auth.split(':', 1) + + if self.auth_checker(username, password): + environ['REMOTE_USER'] = username + + return self.app(environ, start_response)