[TurboGears] Re: HTTP Basic authentication

[Rune Hansen]

On 9. okt. 2006, at 18.29, Steve Holden wrote:

>
> I've just spent half a day stumbling around looking for the most
> sensible way to allow realm-based HTTP basic authentication inside  
> a TG
> application, and I have to say I'm none the wiser.
>
> Can anyone point me at a succinct discussion of this topic, or a  
> recipe
> for providing this feature?
>
Hi Steve,
Been a while since I've looked at the identity code so there might be  
a more "stright forward" way than mine.
But, this works.

     @expose(template="yourapp.templates.login")
     def login(self, forward_url=None, previous_url=None, *args, **kw):
         if not identity.current.anonymous and  
identity.was_login_attempted() and not identity.get_identity_errors():
             raise redirect(forward_url)
         forward_url=None
         previous_url= cherrypy.request.path
         if not cherrypy.request.headers.get("Authorization",False):
             msg= _("BasicAuth required")
             previous_url= cherrypy.request.path
             cherrypy.response.headers['WWW-Authenticate'] = 'Basic  
realm="Your restricted area"'
             cherrypy.response.status=401
         else:
             if identity.was_login_attempted():
                 msg=_("The credentials you supplied were not correct  
or "
                        "did not grant access to this resource.")
             elif identity.get_identity_errors():
                 msg=_("You must provide your credentials before  
accessing "
                        "this resource.")
             else:
                 msg=_("Please log in.")
                 forward_url= cherrypy.request.headers.get("Referer",  
"/")
             cherrypy.response.status=403
         return dict(message=msg, previous_url=previous_url,  
logging_in=True,
                     original_parameters=cherrypy.request.params,
                     forward_url=forward_url)

Auth will "fall back" to normal login in case BasicAuth fails. You  
could of course just raise 401 again.

regards
/rune


> regards
>   Steve
> -- 
> Steve Holden       +44 150 684 7255  +1 800 494 3119
> Holden Web LLC/Ltd          http://www.holdenweb.com
> Skype: holdenweb       http://holdenweb.blogspot.com
> Recent Ramblings     http://del.icio.us/steve.holden
>
> >


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"TurboGears" group.
To post to this group, send email to turbogears@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---