[Twisted-web] Authentication with twisted.web

Donovan Preston twisted-web@twistedmatrix.com
Thu, 29 Jan 2004 11:43:17 -0500


On Jan 29, 2004, at 10:48 AM, Alex Levy wrote:

> On Thu, 2004-01-29 at 09:36, Paul Moore wrote:
>> I want to build a web application which requires users to log on. I'm 
>> happy
>> building the user authentication side of things, but I'm not sure how 
>> to get
>> the site to require authentication. I'm looking for what I think is 
>> "Basic"
>> authentication - the one that causes the browser to pop up an "enter 
>> username
>> and password" dialog box.
>
> A Google search for "site:twistedmatrix.com basic http authentication"
> turns up a number of useful links, but until Pyramid's back on its 
> feet,
> you've got to go cache-hunting.
>
> Here's a few tidbits that'll probably help:
>
> In Resource.render():
>>>> request.setHeader('WWW-authenticate', 'basic realm="foo"')
>
> Wherever else:
>>>> u = request.getUser()
>>>> p = request.getPassword()
>
> Hope this helps.

Just to let you know, Glyph also added basic http authentication login 
support to nevow.guard the other day, for Quotient. I think all you 
have to do is, on your ANONYMOUS resource, set the response code to 
UNAUTHORIZED. When the user provides a username and password, those 
credentials are passed to your realm. Maybe glyph can shed more light, 
but I don't think he is on this list. I'll ask him about it.

dp