Package repoze :: Package who :: Package plugins :: Module basicauth
[hide private]

Source Code for Module repoze.who.plugins.basicauth

 1  import binascii 
 2   
 3  from paste.httpheaders import WWW_AUTHENTICATE 
 4  from paste.httpheaders import AUTHORIZATION 
 5  from paste.httpexceptions import HTTPUnauthorized 
 6   
 7  from zope.interface import implements 
 8   
 9  from repoze.who.interfaces import IIdentifier 
10  from repoze.who.interfaces import IChallenger 
11   
12 -class BasicAuthPlugin(object):
13 14 implements(IIdentifier, IChallenger) 15
16 - def __init__(self, realm):
17 self.realm = realm
18 19 # IIdentifier
20 - def identify(self, environ):
21 authorization = AUTHORIZATION(environ) 22 try: 23 authmeth, auth = authorization.split(' ', 1) 24 except ValueError: # not enough values to unpack 25 return None 26 if authmeth.lower() == 'basic': 27 try: 28 auth = auth.strip().decode('base64') 29 except binascii.Error: # can't decode 30 return None 31 try: 32 login, password = auth.split(':', 1) 33 except ValueError: # not enough values to unpack 34 return None 35 auth = {'login':login, 'password':password} 36 return auth 37 38 return None
39 40 # IIdentifier
41 - def remember(self, environ, identity):
42 # we need to do nothing here; the browser remembers the basic 43 # auth info as a result of the user typing it in. 44 pass
45
46 - def _get_wwwauth(self):
47 head = WWW_AUTHENTICATE.tuples('Basic realm="%s"' % self.realm) 48 return head
49 50 # IIdentifier
51 - def forget(self, environ, identity):
52 return self._get_wwwauth()
53 54 # IChallenger
55 - def challenge(self, environ, status, app_headers, forget_headers):
56 head = self._get_wwwauth() 57 if head[0] not in forget_headers: 58 head = head + forget_headers 59 return HTTPUnauthorized(headers=head)
60
61 - def __repr__(self):
62 return '<%s %s>' % (self.__class__.__name__, 63 id(self)) #pragma NO COVERAGE
64
65 -def make_plugin(realm='basic'):
66 plugin = BasicAuthPlugin(realm) 67 return plugin
68