I have the following "helper":
class AdminAuth:
@staticmethod
def authenticate():
auth = web.ctx.env.get('HTTP_AUTHORIZATION')
if auth is None:
web.header('WWW-Authenticate', 'Basic realm="Administration"')
web.ctx.status = '401 Unauthorized'
return False
else:
auth = re.sub('^Basic ', '', auth)
username, password = base64.decodestring(auth).split(':')
db = DBCursor()
if authenticate_user(db, username, password, close_db=True):
return True
else:
web.header('WWW-Authenticate', 'Basic realm="Administration"')
web.ctx.status = '401 Unauthorized'
return False
I call this from methods such as:
class page:
def GET(self):
auth = AdminAuth.authenticate()
if auth: ...
Now, I use web.ctx.env from within AdminAuth.authenticate which is
then called by page.GET. Can I be sure that web.ctx.env inside
AdminAuth.authenticate will *always* contain the request context
associated with originating call?
--Jonas Galvez
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web.py" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/webpy?hl=en
-~----------~----~----~----~------~----~------~--~---
