Replied in your stackoverflow question, hope it helps you http://stackoverflow.com/questions/23872416/how-to-use-very-simple-http-auth-based-authentication-in-turbogears2/23877152#23877152
On Mon, May 26, 2014 at 8:15 PM, Alexander Blinne < [email protected]> wrote: > Hi group, > > i am trying to use basic http authentication with turbogears and did not > yet succeed. I have also posted this on stackoverflow ( > http://stackoverflow.com/questions/23872416/how-to-use-very-simple-http-auth-based-authentication-in-turbogears2) > but I noticed this group right now and thought it could not hurt to ask > here also. > > Basically i have completely disabled authentication in config/app_.cfg.py > and wrap the application by > > repoze.who.middleware.PluggableAuthenticationMiddleware with the following > function: > > ===== config/auth.py ===== > from logging import getLogger > > from repoze.who.middleware import PluggableAuthenticationMiddleware > from repoze.who.classifiers import default_challenge_decider, > default_request_classifier > > from repoze.who.plugins.basicauth import BasicAuthPlugin > from repoze.who.plugins.htpasswd import HTPasswdPlugin, plain_check > > def add_auth(app): > htpasswd = HTPasswdPlugin('/.../htpasswd', check_md5) > authenticators = [('htpasswd', htpasswd)] > > base_auth = BasicAuthPlugin('Inventory DB') > challengers = [('base_auth', base_auth)] > identifiers = [('base_auth', base_auth)] > > mdproviders = [] > > log_stream = getLogger('auth') > > app_with_mw = PluggableAuthenticationMiddleware( > app, > identifiers, > authenticators, > challengers, > mdproviders, > default_request_classifier, > default_challenge_decider, > log_stream, > ) > return app_with_mw > ===== ===== > > which is wrapped around the app as the last step in make_app: > > ===== config/middleware.py ===== > from invdb.config.app_cfg import base_config > from invdb.config.environment import load_environment > from auth import add_auth > > __all__ = ['make_app'] > make_base_app = base_config.setup_tg_wsgi_app(load_environment) > def make_app(global_conf, full_stack=True, **app_conf): > app = make_base_app(global_conf, full_stack=True, **app_conf) > app = add_auth(app) > return app > ===== ===== > > I have tested my home_made check_md5-function on its own and even replaced it > by lambda x, y: True. Even then a 401 Error is reported upon trying to access > a controller with allow_only = not_anonymous(msg=l_('restricted access')). > > Does anyone have an idea what is missing? > > Sincerely, > Alexander Blinne > > -- > You received this message because you are subscribed to the Google Groups > "TurboGears" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/turbogears. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/turbogears. For more options, visit https://groups.google.com/d/optout.
