Rewrote authentication method to be simpler.

pull/7/head
Ferry Boender 10 years ago
parent e145ebcd35
commit 87d24dd7b1
  1. 20
      src/webapp.py

@ -294,27 +294,29 @@ class ScriptFormWebApp(WebAppHandler):
401 HTTP back to the client. 401 HTTP back to the client.
""" """
form_config = self.scriptform.get_form_config() form_config = self.scriptform.get_form_config()
self.username = None username = None
# If a 'users' element was present in the form configuration file, the # If a 'users' element was present in the form configuration file, the
# user must be authenticated. # user must be authenticated.
if form_config.users: if form_config.users:
authorized = False
auth_header = self.headers.getheader("Authorization") auth_header = self.headers.getheader("Authorization")
if auth_header is not None: if auth_header is not None:
# Validate the username and password
auth_unpw = auth_header.split(' ', 1)[1] auth_unpw = auth_header.split(' ', 1)[1]
username, password = base64.decodestring(auth_unpw).split(":") username, password = base64.decodestring(auth_unpw).split(":")
pw_hash = hashlib.sha256(password).hexdigest() pw_hash = hashlib.sha256(password).hexdigest()
# Validate the username and password
if username in form_config.users and \ if username in form_config.users and \
pw_hash == form_config.users[username]: pw_hash == form_config.users[username]:
self.username = username # Valid username and password. Return the username.
authorized = True return username
# Authentication needed, but not provided or wrong username/pw.
headers = {"WWW-Authenticate": 'Basic realm="Private Area"'}
raise HTTPError(401, 'Authenticate', headers)
if not authorized: # No authentication required. Return None as the username.
headers = {"WWW-Authenticate": 'Basic realm="Private Area"'} return None
raise HTTPError(401, 'Authenticate', headers)
return self.username
def h_list(self): def h_list(self):
""" """

Loading…
Cancel
Save