digest
HTTP digest authentication middleware
The digest module is accessible via the authkit.authenticate module.
This implementation is identical to the paste.auth.digest implemenation.
- Note:: If users are prompted to sign in this also seems to have the effect of
- signing them out.
Attributes
Functions
f digest_password(realm, username, password) ...
construct the appropriate hashcode needed for HTTP digest
f make_digest_auth_handler(app, auth_conf, app_conf=None, global_conf=None, prefix='authkit.digest') ...
Classes
C AuthDigestAuthenticator(...) ...
implementation of RFC 2617 - HTTP Digest Authentication
This class contains 5 members.
C AuthDigestHandler(...) ...
middleware for HTTP Digest authentication (RFC 2617)
This component follows the procedure below:
- If the REMOTE_USER environment variable is already populated; then this middleware is a no-op, and the request is passed along to the application.
- If the HTTP_AUTHORIZATION header was not provided or specifies an algorithem other than digest, then a HTTPUnauthorized response is generated with the challenge.
- If the response is malformed or or if the user's credientials do not pass muster, another HTTPUnauthorized is raised.
- If all goes well, and the user's credintials pass; then REMOTE_USER environment variable is filled in and the AUTH_TYPE is listed as 'digest'.
Parameters:
application
The application object is called only upon successful authentication, and can assume environ['REMOTE_USER'] is set. If the REMOTE_USER is already set, this middleware is simply pass-through.realm
This is a identifier for the authority that is requesting authorization. It is shown to the user and should be unique within the domain it is being used.authfunc
This is a callback function which performs the actual authentication; the signature of this callback is:
authfunc(realm, username) -> hashcodeThis module provides a 'digest_password' helper function which can help construct the hashcode; it is recommended that the hashcode is stored in a database, not the user's actual password (since you only need the hashcode).
This class contains 2 members.
C DigestAuthHandler(...) ...
middleware for HTTP Digest authentication (RFC 2617)
This component follows the procedure below:
- If the REMOTE_USER environment variable is already populated; then this middleware is a no-op, and the request is passed along to the application.
- If the HTTP_AUTHORIZATION header was not provided or specifies an algorithem other than digest, then a HTTPUnauthorized response is generated with the challenge.
- If the response is malformed or or if the user's credientials do not pass muster, another HTTPUnauthorized is raised.
- If all goes well, and the user's credintials pass; then REMOTE_USER environment variable is filled in and the AUTH_TYPE is listed as 'digest'.
Parameters:
application
The application object is called only upon successful authentication, and can assume environ['REMOTE_USER'] is set. If the REMOTE_USER is already set, this middleware is simply pass-through.realm
This is a identifier for the authority that is requesting authorization. It is shown to the user and should be unique within the domain it is being used.authfunc
This is a callback function which performs the actual authentication; the signature of this callback is:
authfunc(realm, username) -> hashcodeThis module provides a 'digest_password' helper function which can help construct the hashcode; it is recommended that the hashcode is stored in a database, not the user's actual password (since you only need the hashcode).
This class contains 2 members.
C DigestUserSetter(...) ...
This class contains 2 members.
C TryToAddUsername(...) ...
This class contains 2 members.
C middleware(...) ...
middleware for HTTP Digest authentication (RFC 2617)
This component follows the procedure below:
- If the REMOTE_USER environment variable is already populated; then this middleware is a no-op, and the request is passed along to the application.
- If the HTTP_AUTHORIZATION header was not provided or specifies an algorithem other than digest, then a HTTPUnauthorized response is generated with the challenge.
- If the response is malformed or or if the user's credientials do not pass muster, another HTTPUnauthorized is raised.
- If all goes well, and the user's credintials pass; then REMOTE_USER environment variable is filled in and the AUTH_TYPE is listed as 'digest'.
Parameters:
application
The application object is called only upon successful authentication, and can assume environ['REMOTE_USER'] is set. If the REMOTE_USER is already set, this middleware is simply pass-through.realm
This is a identifier for the authority that is requesting authorization. It is shown to the user and should be unique within the domain it is being used.authfunc
This is a callback function which performs the actual authentication; the signature of this callback is:
authfunc(realm, username) -> hashcodeThis module provides a 'digest_password' helper function which can help construct the hashcode; it is recommended that the hashcode is stored in a database, not the user's actual password (since you only need the hashcode).
This class contains 2 members.
See the source for more information.