def request_challenge_auth(self, environ, bits): if len(bits) == 2: auth = environ.get('HTTP_AUTHORIZATION') if auth and auth.type == 'basic': if auth.authenticated(environ, *bits): data = jsonbytes({'autheinticated': True, 'username': auth.username}) return self.response(data) h = ('WWW-Authenticate', str(WWWAuthenticate.basic("Fake Realm"))) raise HttpException(status=401, headers=[h]) else: raise HttpException(status=404)
def request_challenge_digest_auth(self, environ, bits): if len(bits) == 3: auth = environ.get('HTTP_AUTHORIZATION') if auth and auth.authenticated(environ, *bits[1:]): data = jsonbytes({'autheinticated': True, 'username': auth.username}) return self.response(data) nonce = hexmd5(to_bytes('%d' % time.time()) + os.urandom(10)) digest = WWWAuthenticate.digest("Fake Realm", nonce, opaque=hexmd5(os.urandom(10)), qop=bits[:1]) raise HttpException(status=401, headers=[('WWW-Authenticate', str(digest))]) else: raise HttpException(status=404)