class AuthFilter(BaseFilter):
def __init__(self, prev, environ, **config):
BaseFilter.__init__(self, prev, environ, **config)
self._auth = Cork(".auth")
# connect
self.connect("/auth/{action}")
self.connect("/auth/{action}/{username}")
def login(self, environ, req, username=None, password=None, **kw):
if self._auth.login(environ, username, password):
return self.register(environ, REG_KEY+":"+"login", username)
raise HTTPUnauthorized("Unauthorized user!")
def logout(self, environ, req, **kw):
self._auth.logout(environ)
self.register(environ, REG_KEY+":"+"logout", True)
def __is_authenticated(self, environ, roles=None):
# fetch current user
try:
cur = self._auth.current_user(environ)
except AuthException, e:
raise HTTPUnauthorized("Unauthorized user!")
# is authenticated?
if cur \
and roles \
and cur.role in roles:
return cur
# seems not!
self.register(environ, REG_KEY+":*", "Untrusted user")
raise BreakException(None)
def init_auth():
auth = Cork('.auth', initialize=True)
# ..
auth._store.roles['admin'] = 100
auth._store.roles['user'] = 50
auth._store.save_roles()
# ..
for username in ['admin', 'user']:
password = username
auth._store.users[username] = {
'role': 'admin',
'hash': auth._hash(username, password),
}
auth._store.save_users()
def __init__(self, prev, environ, **config):
BaseFilter.__init__(self, prev, environ, **config)
self._auth = Cork(".auth")
# connect
self.connect("/auth/{action}")
self.connect("/auth/{action}/{username}")
