class SeamlessMiddleware(object):
def __init__(self, app, secret, max_age=60, realm=''):
self.app = app
self.signer = Signer(secret)
self.max_age = max_age
self.realm = realm
def _not_authorized(self, environ, start_response, error=''):
start_response('401 Not Authorized', [
('WWW-Authenticate', 'seamless realm="{}"'.format(self.realm)),
])
return error
def __call__(self, environ, start_response):
auth = environ.get('HTTP_AUTHORIZATION', '')
if not auth.startswith('seamless '):
print auth
print environ
return self._not_authorized(environ, start_response, 'bad authorization header format\n')
token = auth.split(' ', 1)[1]
try:
user = self.signer.unsign(token, max_age=self.max_age)
except itsdangerous.SignatureExpired as e:
return self._not_authorized(environ, start_response, 'token expired\n')
except itsdangerous.BadData as e:
print e
return self._not_authorized(environ, start_response, 'invalid token\n')
environ['HTTP_X_SEAMLESS_USER'] = user
return self.app(environ, start_response)
def __init__(self, app, secret, max_age=60, realm=''):
self.app = app
self.signer = Signer(secret)
self.max_age = max_age
self.realm = realm
