diff options
| author | Jef van Schendel <mail@jefvanschendel.nl> | 2012-10-21 02:17:57 +0200 |
|---|---|---|
| committer | Jef van Schendel <mail@jefvanschendel.nl> | 2012-10-21 02:17:57 +0200 |
| commit | d329882503950eb0b758a6b58b0fa3e6c1eb96e3 (patch) | |
| tree | 1f512adec8d12c05965daf337cc41a40415bec00 | |
| parent | c40cb686de2c5ea242af81ac749d9239ac6a2dab (diff) | |
| parent | ac4c5aef5775d5c4a3d8ebd5528e6d2db8062174 (diff) | |
| download | mediagoblin-d329882503950eb0b758a6b58b0fa3e6c1eb96e3.tar.lz mediagoblin-d329882503950eb0b758a6b58b0fa3e6c1eb96e3.tar.xz mediagoblin-d329882503950eb0b758a6b58b0fa3e6c1eb96e3.zip | |
Merge branch 'master' of gitorious.org:mediagoblin/mediagoblin
| -rw-r--r-- | mediagoblin/plugins/httpapiauth/__init__.py | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/mediagoblin/plugins/httpapiauth/__init__.py b/mediagoblin/plugins/httpapiauth/__init__.py new file mode 100644 index 00000000..d3d2065e --- /dev/null +++ b/mediagoblin/plugins/httpapiauth/__init__.py @@ -0,0 +1,58 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +import logging +import base64 + +from werkzeug.exceptions import BadRequest, Unauthorized + +from mediagoblin.plugins.api.tools import Auth + +_log = logging.getLogger(__name__) + + +def setup_http_api_auth(): + _log.info('Setting up HTTP API Auth...') + + +class HTTPAuth(Auth): + def trigger(self, request): + if request.authorization: + return True + + return False + + def __call__(self, request, *args, **kw): + _log.debug('Trying to authorize the user agent via HTTP Auth') + if not request.authorization: + return False + + user = request.db.User.query.filter_by( + username=request.authorization['username']).first() + + if user.check_login(request.authorization['password']): + request.user = user + return True + else: + raise Unauthorized() + + return False + + + +hooks = { + 'setup': setup_http_api_auth, + 'auth': HTTPAuth()} |