"""
Example of using HTTP Auth directly to require authentication before
rendering a page for a client.
This is an example of extremely low-level authentication. Most applications
are better served by using L{nevow.guard} instead of manually managing HTTP
Auth. See the C{guarded/} example for more information.
"""
try:
from twisted.web import http
except ImportError:
from twisted.protocols import http
from nevow import rend,loaders,tags,inevow
class AuthorizationRequired(rend.Page):
## We are a directory-like resource because we are at the root
addSlash = True
def renderHTTP(self, ctx):
request = inevow.IRequest(ctx)
username, password = request.getUser(), request.getPassword()
if (username, password) == ('', ''):
request.setHeader('WWW-Authenticate', 'Basic realm="Whatever"')
request.setResponseCode(http.UNAUTHORIZED)
return "Authentication required."
## They provided a username and password, so let's let them in! horray
self.data_username, self.data_password = username, password
return rend.Page.renderHTTP(self, ctx)
docFactory = loaders.stan(tags.html[
tags.body[
tags.h1["Welcome user!"],
tags.div["You said: ",
tags.span(data=tags.directive('username'), render=str),
" ",
tags.span(data=tags.directive('password'), render=str)]]])
|