Authorization.py :  » Web-Frameworks » Aquarium » aquarium-2.3 » aquarium » parse » Python Open Source

Home
Python Open Source
1.3.1.2 Python
2.Ajax
3.Aspect Oriented
4.Blog
5.Build
6.Business Application
7.Chart Report
8.Content Management Systems
9.Cryptographic
10.Database
11.Development
12.Editor
13.Email
14.ERP
15.Game 2D 3D
16.GIS
17.GUI
18.IDE
19.Installer
20.IRC
21.Issue Tracker
22.Language Interface
23.Log
24.Math
25.Media Sound Audio
26.Mobile
27.Network
28.Parser
29.PDF
30.Project Management
31.RSS
32.Search
33.Security
34.Template Engines
35.Test
36.UML
37.USB Serial
38.Web Frameworks
39.Web Server
40.Web Services
41.Web Unit
42.Wiki
43.Windows
44.XML
Python Open Source » Web Frameworks » Aquarium 
Aquarium » aquarium 2.3 » aquarium » parse » Authorization.py
"""Parse the ``Authorization`` header."""

__docformat__ = "restructuredtext"

# Created: Wed Jul 20 10:56:16 PDT 2005
# Author: Shannon -jj Behrens, David Veach
# Email: jjinux@users.sourceforge.net
#
# Copyright (c) Shannon -jj Behrens, David Veach.  All rights reserved.

import base64
from crypt import crypt
import re


def isHTTPAuthenticated(header, getPasswordCallback):
    """Is a user HTTP authenticated?

    header
      This is the value of the ``Authorization`` header or None (e.g.
      ``ctx.wsa.getCgiEnv().get("HTTP_AUTHORIZATION")``).

    getPasswordCallback
      This is a callback that takes a username and returns the encrypted
      password for that username.  You may raise a KeyError if that user
      doesn't exist.

    Note, only ``basic`` authentication is supported at this time.

    If a user isn't HTTP authenticated, you'll probably want to do something
    like::

        ctx.iLib.forward("not_authorized",
                         auth='BASIC realm="My Web Site"')

    If they are not authenticated, return False.  Otherwise, return a tuple of
    ``(username, password)``.

    """
    if not header:
        return False
    try:
        match = re.match(r"^s*basic\s+(.*)$", header, re.I)
        credentials = base64.decodestring(match.group(1))
        (username, password) = credentials.split(':', 1)
        enc_password = getPasswordCallback(username)
        if crypt(password, enc_password) != enc_password:
            raise ValueError
        return (username, password)
    except (KeyError, AttributeError, ValueError):
        return False
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.