I've put together a small and simple decorator that lets web.py code
require HTTP "basic" authentication before running a function or
method. (HTTP authentication is when the browser pops up that
"username/password" dialog box).
To use it, you import the module, set up some sort of function that
can validate usernames/passwords (or use the dead-simple dictionary
based default function), and then just invoke the decorator before
each GET/PUT/DELETE method that you want to protect. You can call the
authUserName function to get the user name for use in your
application.
Applied to the "Hello, world!" example, it looks like this:
# begin code
import web
import basicauth
def myVerifier(username, password, realm):
return (username == "falken" and password == "joshua") \
or (username == "lightman" and password == "pencil")
# (obviously you want something better in the real world...)
auth = basicauth.auth(verify = myVerifier)
urls = ( '/(.*)', 'hello' )
class hello:
@auth
def GET(self, name):
i = web.input(times=1)
if not name: name = basicauth.authUserName() # The name passed
in the headers
for c in xrange(int(i.times)):
print 'Hello,', web.websafe(name)+'!'
web.run(urls, globals())
# end code
Please check it out at http://www.goldfoot.com/basicauth.py (a
temporary location only) and let me know what you think. Because this
uses decorators, it needs Python 2.4 or later.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web.py" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/webpy?hl=en
-~----------~----~----~----~------~----~------~--~---
