HTTP authentication and Nevow cred checker
Hello, With Twisted and Nevow I'm building an XML-RPC server that does HTTP authentication. So a basic XML-RPC client can login using https://user:passwd@host. I can get the credentials with HTTP authentication, but how can I check the credentials. I'd tried calling guard.SessionWrapper.login(....), but I get the error: "exceptions.TypeError: unbound method login() must be called with SessionWrapper instance as first argument (got NevowRequest instance instead)". So I'm guessing that request.getSession() is wrong and I must get the session of the guard (or something similar). Or I'm calling the wrong function to check the creds. In the guarded.py example from Nevow the credentials get checked thru a html form, but that is not what I want. Below is an example part of my code: class RootPage(rend.Page): ## We are a directory-like resource because we are at the root addSlash = True ## Doesn't work def tryLogin(self, ctx, request): session = request.getSession() segments = inevow.ICurrentSegments(ctx) httpAuthCredentials = (self.data_username,self.data_password) return guard.SessionWrapper.login(request, session, httpAuthCredentials, segments).addCallback(self._loginSucceeded).addErrback( self.loginFailed) def renderHTTP(self, ctx): request = inevow.IRequest(ctx) username, password = request.getUser(), request.getPassword() ## No REAL authentication yet, must implement it. if (username, password) == ('', ''): request.setHeader('WWW-Authenticate', 'Basic realm='+cfg.app_name) request.setResponseCode(http.UNAUTHORIZED) return "Authentication required." ## They provided a username and password, so let's let them in! horray self.data_username, self.data_password = username, password self.tryLogin(ctx, request) return rend.Page.renderHTTP(self, ctx) docFactory = loaders.stan(tags.html[ tags.body[ tags.h1["Welcome user!"], tags.div["You said: ", tags.span(data=tags.directive('username'), render=str), " ", tags.span(data=tags.directive('password'), render=str), tags.a(href=guard.LOGOUT_AVATAR)["Logout"] ]]]) Regards, Kim Chee Leong
participants (2)
-
Jean-Paul Calderone
-
KC Leong