fix #2 by HTTP Authentication

alswl · Jul 5, 2014 · c9556dc · c9556dc
1 parent d2d3845
commit c9556dc
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 6 deletions.
diff --git a/kuku/app.py b/kuku/app.py
@@ -1,10 +1,14 @@
 # coding=utf-8
 
+import sys
+import os
+sys.path.insert(0, os.path.abspath(os.path.join(__file__, os.path.pardir, os.path.pardir)))
+
 import tornado.ioloop
 import tornado.web
 
-from handlers import dir
-import settings
+from kuku.handlers import dir
+from kuku import settings
 
 
 re_safe_name_with_slash = ur'[ \w\u2e80-\u9fff\-_\.,/]'
@@ -26,7 +30,7 @@ def get(self):
     (r'/(%s+)' % re_safe_name_with_slash, tornado.web.StaticFileHandler, {'path': settings.UPLOAD_PATH}),
 ]
 
-application = tornado.web.Application(route, template_path=settings.TEMPLATE_PATH)
+application = tornado.web.Application(route, template_path=settings.TEMPLATE_PATH, debug=settings.DEBUG)
 
 
 if __name__ == "__main__":

diff --git a/kuku/handlers/decorators.py b/kuku/handlers/decorators.py
@@ -0,0 +1,27 @@
+# coding=utf-8
+
+import base64
+
+from kuku import settings
+
+
+def require_basic_auth(func):
+
+    def wrap(handler, *args, **kwargs):
+        auth_header = handler.request.headers.get('Authorization')
+        if auth_header is None or not auth_header.startswith('Basic '):
+            handler.set_status(401)
+            handler.set_header('WWW-Authenticate', 'Basic realm=Restricted')
+            handler._transforms = []
+            handler.finish()
+            return
+        auth_decoded = base64.decodestring(auth_header[6:])
+        username, password = auth_decoded.split(':', 2)
+        if (username, password) not in settings.ACCOUNTS:
+            handler.set_status(403)
+            handler.write('403')
+            return
+        return func(handler, *args, **kwargs)
+
+    return wrap
+
diff --git a/kuku/handlers/dir.py b/kuku/handlers/dir.py
@@ -5,7 +5,8 @@
 import tornado.ioloop
 import tornado.web
 
-import settings
+from kuku import settings
+from kuku.handlers import decorators
 
 
 def is_in_upload(path):
@@ -19,6 +20,7 @@ def is_security_path(path):
 
 class DirHandler(tornado.web.RequestHandler):
 
+    @decorators.require_basic_auth
     def get(self, path):
         if not is_security_path(path):
             raise tornado.web.HTTPError(404)

diff --git a/kuku/settings.py b/kuku/settings.py
@@ -4,8 +4,7 @@
 
 DEBUG = True
 
-ADMIN = 'alswl'
-PASSWORD = '123456'
+ACCOUNTS = [('alswl', '123456'), ('admin', 'admin888')]
 
 ROOT_PATH = os.path.abspath(os.path.dirname(__file__))
 TEMPLATE_PATH = os.path.abspath(os.path.join(ROOT_PATH, 'templates'))