-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add MONGO-CR authentication support #4
Conversation
Also, this PR makes config_port optional as pymongo will default to use port 27017 if a port number is not given. |
@@ -8,7 +10,8 @@ | |||
|
|||
|
|||
def teardown(): | |||
DBTest.connection.drop_database(database_name()) | |||
DBTest.authenticate(database_name(), username='authuser', password='pass1') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this line supposed to be in here? Or is it a leftover from testing?
I'm a bit confused about the usage of humbledb.use_authentication - it seems redundant to the config_auth setting itself? |
It was more of a design choice because there was no way to avoid skipping On Wed, Jun 18, 2014 at 4:18 PM, shakefu notifications@github.com wrote:
[image: Paul Nues on about.me] Paul Nues |
Would it be possible to try to connect or perform an auth'd command in setup() in the test_auth suite and catch the exception? I think they give you an explicit "unauthorized" message, in the OperationFailure, IIRC. |
Also, I found it useful have an explicit configuration toggle for On Wed, Jun 18, 2014 at 4:27 PM, Paul N paul@team.about.me wrote:
[image: Paul Nues on about.me] Paul Nues |
In production we should be using a pyconfig.Setting for auth, which would just as easily flip to enable/disable auth: config_auth = pyconfig.setting('db.site.config_auth', None) Edit: Crappy pyconfig key name, but you get the idea. |
…eased unit test coverage. Updated unit tests to run auth specific tests if auth is enabled.
.. versionadded: 5.2.0 | ||
""" | ||
# Having no credentials makes this call a noop. | ||
if not cls.config_auth: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pretty sure this line should be:
if not cls.config_auth and not username and password:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm. What's there now should be right.
Most of the time, we will have a Document that does not have it's own
config_auth parameter. In this case, the username and password coming in
will be empty. If the username and password come in empty, then the
default Mongo.config_auth will be used. If no Mongo.config_auth was
declared from the beginning, then it's assumed that all database
connections won't be authenticated. All authenticate() calls will be
ignored.
On Thu, Jun 19, 2014 at 11:45 AM, shakefu notifications@github.com wrote:
In humbledb/mongo.py:
@@ -113,6 +121,38 @@ def reconnect(cls):
cls._connection.disconnect()
cls._connection = cls._new_connection()
- def authenticate(cls, database, username=None, password=None):
""" Delegates authentication to be the responsibility of the
context manager.
.. versionadded: 5.2.0
"""
# Having no credentials makes this call a noop.
if not cls.config_auth:
Pretty sure this line should be:
if not cls.config_auth and not username and password:
—
Reply to this email directly or view it on GitHub
https://github.com/shakefu/humbledb/pull/4/files#r13985911.
[image: Paul Nues on about.me]
Paul Nues
about.me/paul.nues
http://about.me/paul.nues
Let's find a better solution for this. |
The following Pull Request includes code changes that will add MONGO-CR authentication support.