[Twisted-web] HTTP basic auth
karnaugh at karnaugh.za.net
Tue Jan 8 05:09:43 EST 2008
On 08/01/2008 11:49 Vincent Bernat wrote:
> twisted.web2 authentication seems to be a good start, but I am using Nevow.
> Has someone already done a HTTP basic auth with nevow? In fact, my case is
> very similar to the one here:
> But, as I said, Nevow's guard.py seems best suited for web app
> authentication, not for web services. Can anyone confirm/infirm?
Guard is for web based applications authentication, yes. If you're
doing something other than this, you probably do want HTTP auth.
Doing HTTP authentication yourself for a web service should be as
simple as returning a 403 error until you get a positive
authentication. There may be some implementations around for doing
this as a resource using t.cred.
Digging through some of my older work with t.w turned up the following
(obviously extinct and horrific code, but shows what you're looking for)
def authenticateUser(self, request, passinfo):
user, password = request.getUser(),
if user==passinfo['username'] and password==passinfo['password']:
def render(self,request, realm, passinfo):
if self.authenticateUser(request, passinfo):
return self.documentRender(self, request)
request.setHeader('WWW-authenticate', 'basic realm="%s"'
Colin Alston ~ http://www.karnaugh.za.net/
"To the world you may be one person, to one person you may be the
world" ~ Rachel Ann Nunes.
More information about the Twisted-web