Exemplo n.º 1
0
def check_auth(users, encrypt=None):
    """If an authorization header contains credentials, return True, else False."""
    if 'authorization' in cherrypy.request.headers:
        # make sure the provided credentials are correctly set
        ah = httpauth.parseAuthorization(cherrypy.request.headers['authorization'])
        if ah is None:
            raise cherrypy.HTTPError(400, 'Bad Request')
        
        if not encrypt:
            encrypt = httpauth.DIGEST_AUTH_ENCODERS[httpauth.MD5]
        
        if callable(users):
            users = users() # expect it to return a dictionary
        
        if not isinstance(users, dict):
            raise ValueError, "Authentication users must be a dictionary"
        
        # fetch the user password
        password = users.get(ah["username"], None)
        
        # validate the authorization by re-computing it here
        # and compare it with what the user-agent provided
        if httpauth.checkResponse(ah, password, method=cherrypy.request.method,
                                  encrypt=encrypt):
            return True
    
    return False
Exemplo n.º 2
0
def check_auth(users, encrypt=None, realm=None):
    """If an authorization header contains credentials, return True, else False."""
    request = cherrypy.serving.request
    if 'authorization' in request.headers:
        ah = httpauth.parseAuthorization(request.headers['authorization'])
        if ah is None:
            raise cherrypy.HTTPError(400, 'Bad Request')
        if not encrypt:
            encrypt = httpauth.DIGEST_AUTH_ENCODERS[httpauth.MD5]
        if hasattr(users, '__call__'):
            try:
                users = users()
                if not isinstance(users, dict):
                    raise ValueError(
                        'Authentication users must be a dictionary')
                password = users.get(ah['username'], None)
            except TypeError:
                password = users(ah['username'])

        else:
            if not isinstance(users, dict):
                raise ValueError('Authentication users must be a dictionary')
            password = users.get(ah['username'], None)
        if httpauth.checkResponse(ah,
                                  password,
                                  method=request.method,
                                  encrypt=encrypt,
                                  realm=realm):
            request.login = ah['username']
            return True
        request.login = False
    return False
Exemplo n.º 3
0
def check_auth(users, encrypt = None, realm = None):
    request = cherrypy.serving.request
    if 'authorization' in request.headers:
        ah = httpauth.parseAuthorization(request.headers['authorization'])
        if ah is None:
            raise cherrypy.HTTPError(400, 'Bad Request')
        if not encrypt:
            encrypt = httpauth.DIGEST_AUTH_ENCODERS[httpauth.MD5]
        if hasattr(users, '__call__'):
            try:
                users = users()
                if not isinstance(users, dict):
                    raise ValueError('Authentication users must be a dictionary')
                password = users.get(ah['username'], None)
            except TypeError:
                password = users(ah['username'])

        else:
            if not isinstance(users, dict):
                raise ValueError('Authentication users must be a dictionary')
            password = users.get(ah['username'], None)
        if httpauth.checkResponse(ah, password, method=request.method, encrypt=encrypt, realm=realm):
            request.login = ah['username']
            return True
        request.login = False
    return False
Exemplo n.º 4
0
def check_auth(users, encrypt=None, realm=None):
    """If an authorization header contains credentials, return True or False.
    """
    request = cherrypy.serving.request
    if 'authorization' in request.headers:
        # make sure the provided credentials are correctly set
        ah = httpauth.parseAuthorization(request.headers['authorization'])
        if ah is None:
            raise cherrypy.HTTPError(400, 'Bad Request')

        if not encrypt:
            encrypt = httpauth.DIGEST_AUTH_ENCODERS[httpauth.MD5]

        if hasattr(users, '__call__'):
            try:
                # backward compatibility
                users = users()  # expect it to return a dictionary

                if not isinstance(users, dict):
                    raise ValueError(
                        'Authentication users must be a dictionary')

                # fetch the user password
                password = users.get(ah['username'], None)
            except TypeError:
                # returns a password (encrypted or clear text)
                password = users(ah['username'])
        else:
            if not isinstance(users, dict):
                raise ValueError('Authentication users must be a dictionary')

            # fetch the user password
            password = users.get(ah['username'], None)

        # validate the authorization by re-computing it here
        # and compare it with what the user-agent provided
        if httpauth.checkResponse(ah,
                                  password,
                                  method=request.method,
                                  encrypt=encrypt,
                                  realm=realm):
            request.login = ah['username']
            return True

        request.login = False
    return False
Exemplo n.º 5
0
def check_auth(users, encrypt=None, realm=None):
    """If an authorization header contains credentials, return True or False.
    """
    request = cherrypy.serving.request
    if 'authorization' in request.headers:
        # make sure the provided credentials are correctly set
        ah = httpauth.parseAuthorization(request.headers['authorization'])
        if ah is None:
            raise cherrypy.HTTPError(400, 'Bad Request')

        if not encrypt:
            encrypt = httpauth.DIGEST_AUTH_ENCODERS[httpauth.MD5]

        if hasattr(users, '__call__'):
            try:
                # backward compatibility
                users = users()  # expect it to return a dictionary

                if not isinstance(users, dict):
                    raise ValueError(
                        "Authentication users must be a dictionary")

                # fetch the user password
                password = users.get(ah["username"], None)
            except TypeError:
                # returns a password (encrypted or clear text)
                password = users(ah["username"])
        else:
            if not isinstance(users, dict):
                raise ValueError("Authentication users must be a dictionary")

            # fetch the user password
            password = users.get(ah["username"], None)

        # validate the authorization by re-computing it here
        # and compare it with what the user-agent provided
        if httpauth.checkResponse(ah, password, method=request.method,
                                  encrypt=encrypt, realm=realm):
            request.login = ah["username"]
            return True

        request.login = False
    return False
Exemplo n.º 6
0
def check_auth(users, encrypt=None, realm=None):
    """If an authorization header contains credentials, return True, else False."""
    if 'authorization' in cherrypy.request.headers:
        # make sure the provided credentials are correctly set
        ah = httpauth.parseAuthorization(cherrypy.request.headers['authorization'])
        if ah is None:
            raise cherrypy.HTTPError(400, 'Bad Request')

        if not encrypt:
            encrypt = httpauth.DIGEST_AUTH_ENCODERS[httpauth.MD5]

        if callable(users):
            try:
                # backward compatibility
                users = users() # expect it to return a dictionary

                if not isinstance(users, dict):
                    raise ValueError, "Authentication users must be a dictionary"

                # fetch the user password
                password = users.get(ah["username"], None)
            except TypeError:
                # returns a password (encrypted or clear text)
                password = users(ah["username"])
        else:
            if not isinstance(users, dict):
                raise ValueError, "Authentication users must be a dictionary"

            # fetch the user password
            password = users.get(ah["username"], None)

        # validate the authorization by re-computing it here
        # and compare it with what the user-agent provided
        if httpauth.checkResponse(ah, password, method=cherrypy.request.method,
                                  encrypt=encrypt, realm=realm):
            cherrypy.request.login = ah["username"]
            return True

        if ah.get('username') or ah.get('password'):
            logging.info('Attempt to login with wrong credentials from %s',
                         cherrypy.request.headers['Remote-Addr'])
        cherrypy.request.login = False
    return False