-
Notifications
You must be signed in to change notification settings - Fork 41
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added new auth and session support to server
- Loading branch information
Fergal Walsh
authored and
Fergal Walsh
committed
Nov 29, 2013
1 parent
1e137ac
commit 30408e7
Showing
3 changed files
with
109 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
import pico | ||
from pico import PicoError | ||
|
||
|
||
class NotAuthorizedError(PicoError): | ||
def __init__(self, message=''): | ||
PicoError.__init__(self, message) | ||
self.response.status = "401 Not Authorized" | ||
self.response.set_header("WWW-Authenticate", "Basic") | ||
|
||
|
||
class InvalidSessionError(PicoError): | ||
def __init__(self, message=''): | ||
PicoError.__init__(self, message) | ||
self.response.status = "440 Invalid Session" | ||
|
||
|
||
class Bunch: | ||
def __init__(self, **kwds): | ||
self.__dict__.update(kwds) | ||
|
||
|
||
class object(pico.object): | ||
account_manager = None | ||
__headers__ = {'X-SESSION-ID': ''} | ||
|
||
def __init__(self): | ||
super(object, self).__init__() | ||
self.username = None | ||
if type(self.account_manager) == dict: | ||
self.account_manager = Bunch(**self.account_manager) | ||
request = pico.get_request() | ||
if 'HTTP_AUTHORIZATION' in request: | ||
try: | ||
auth_header = request.get('HTTP_AUTHORIZATION') | ||
scheme, data = auth_header.split(None, 1) | ||
assert(scheme == 'Basic') | ||
username, password = data.decode('base64').split(':', 1) | ||
self.user = self._get_user(username, password) | ||
except Exception, e: | ||
raise NotAuthorizedError(str(e)) | ||
elif 'HTTP_X_SESSION_ID' in request: | ||
session_id = request.get('HTTP_X_SESSION_ID') | ||
self.user = self._get_session(session_id) | ||
elif 'DUMMY_REQUEST' in request: | ||
pass | ||
else: | ||
raise NotAuthorizedError("No username or password supplied") | ||
|
||
def _get_user(self, username, password): | ||
if self.account_manager: | ||
return self.account_manager._get_user(username, password) | ||
|
||
def _get_session(self, session_id): | ||
if self.account_manager: | ||
return self.account_manager._get_session(session_id) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters