1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>3.3 Now something More Complicated - Authentication</title>
<META NAME="description" CONTENT="3.3 Now something More Complicated - Authentication">
<META NAME="keywords" CONTENT="modpython">
<META NAME="resource-type" CONTENT="document">
<META NAME="distribution" CONTENT="global">
<link rel="STYLESHEET" href="modpython.css">
<link rel="first" href="modpython.html">
<link rel="contents" href="contents.html" title="Contents">
<link rel="index" href="genindex.html" title="Index">
<LINK REL="next" href="tut-pub.html">
<LINK REL="previous" href="tut-what-it-do.html">
<LINK REL="up" href="tutorial.html">
<LINK REL="next" href="tut-pub.html">
</head>
<body>
<DIV CLASS="navigation">
<table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td><A href="tut-what-it-do.html"><img src="icons/previous.gif"
border="0" height="32"
alt="Previous Page" width="32"></A></td>
<td><A href="tutorial.html"><img src="icons/up.gif"
border="0" height="32"
alt="Up One Level" width="32"></A></td>
<td><A href="tut-pub.html"><img src="icons/next.gif"
border="0" height="32"
alt="Next Page" width="32"></A></td>
<td align="center" width="100%">Mod_python Manual</td>
<td><A href="contents.html"><img src="icons/contents.gif"
border="0" height="32"
alt="Contents" width="32"></A></td>
<td><img src="icons/blank.gif"
border="0" height="32"
alt="" width="32"></td>
<td><A href="genindex.html"><img src="icons/index.gif"
border="0" height="32"
alt="Index" width="32"></A></td>
</tr></table>
<b class="navlabel">Previous:</b> <a class="sectref" href="tut-what-it-do.html">3.2 So what Exactly</A>
<b class="navlabel">Up:</b> <a class="sectref" href="tutorial.html">3. Tutorial</A>
<b class="navlabel">Next:</b> <a class="sectref" href="tut-pub.html">3.4 Publisher Handler Makes</A>
<br><hr>
</DIV>
<!--End of Navigation Panel-->
<H1><A NAME="SECTION005300000000000000000"> </A>
<BR>
3.3 Now something More Complicated - Authentication
</H1>
<P>
Now that you know how to write a primitive handler, let's try
something more complicated.
<P>
Let's say we want to password-protect this directory. We want the
login to be "spam", and the password to be "eggs".
<P>
First, we need to tell Apache to call our <i>authentication</i> handler when
authentication is needed. We do this by adding the
<code>PythonAuthenHandler</code>. So now our config looks like this:
<P>
<dl><dd><pre class="verbatim">
<Directory /mywebdir>
AddHandler python-program .py
PythonHandler myscript
PythonAuthenHandler myscript
</Directory>
</pre></dl>
<P>
Notice that the same script is specified for two different
handlers. This is fine, because if you remember, mod_python will look
for different functions within that script for the different handlers.
<P>
Next, we need to tell Apache that we are using Basic HTTP
authentication, and only valid users are allowed (this is fairly basic
Apache stuff, so I'm not going to go into details here). Our config
looks like this now:
<P>
<dl><dd><pre class="verbatim">
<Directory /mywebdir>
AddHandler python-program .py
PythonHandler myscript
PythonAuthenHandler myscript
AuthType Basic
AuthName "Restricted Area"
require valid-user
</Directory>
</pre></dl>
<P>
Now we need to write an authentication handler function in
<span class="file">myscript.py</span>. A basic authentication handler would look like this:
<P>
<dl><dd><pre class="verbatim">
def authenhandler(req):
pw = req.get_basic_auth_pw()
user = req.connection.user
if user == "spam" and pw == "eggs":
return apache.OK
else:
return apache.HTTP_UNAUTHORIZED
</pre></dl>
<P>
Let's look at this line by line:
<P>
<UL>
<LI><dl><dd><pre class="verbatim">
def authenhandler(req):
</pre></dl>
<P>
This is the handler function declaration. This one is called
<code>authenhandler</code> because, as we already described above, mod_python takes
the name of the directive (<code>PythonAuthenHandler</code>), drops the word
"Python" and converts it lower case.
<P>
</LI>
<LI><dl><dd><pre class="verbatim">
pw = req.get_basic_auth_pw()
</pre></dl>
<P>
This is how we obtain the password. The basic HTTP authentication
transmits the password in base64 encoded form to make it a little bit
less obvious. This function decodes the password and returns it as a
string.
<P>
</LI>
<LI><dl><dd><pre class="verbatim">
user = req.connection.user
</pre></dl>
<P>
This is how you obtain the username that the user entered. In case
you're wondering, the <tt class="member">connection</tt> member of the <tt class="class">Request</tt>
object is an object that contains information specific to a
<i class="dfn">connection</i>. With HTTP Keep-Alive, a single connection
can serve multiple requests.
<P>
<b>NOTE:</b> The two lines above MUST be in that order. The reason is that
<code>connection.user</code> is assigned a value by the <tt class="method">get_basic_auth_pw()</tt>
function. If you try to use the <code>connection.user</code> value without calling
<tt class="method">get_basic_auth_pw()</tt> first, it will be <tt class="constant">None</tt>.
<P>
</LI>
<LI><dl><dd><pre class="verbatim">
if user == "spam" and pw == "eggs":
return apache.OK
</pre></dl>
<P>
We compare the values provided by the user, and if they are what we
were expecting, we tell Apache to go ahead and proceed by returning
<tt class="constant">apache.OK</tt>. Apache will then proceed to the next handler. (which in
this case would be <tt class="function">handler()</tt> if it's a <code>.py</code> file).
<P>
</LI>
<LI><dl><dd><pre class="verbatim">
else:
return apache.HTTP_UNAUTHORIZED
</pre></dl>
<P>
Else, we tell Apache to return <tt class="constant">HTTP_UNAUTHORIZED</tt> to the client.
<P>
</LI>
</UL>
<P>
<DIV CLASS="navigation">
<p><hr>
<table align="center" width="100%" cellpadding="0" cellspacing="2">
<tr>
<td><A href="tut-what-it-do.html"><img src="icons/previous.gif"
border="0" height="32"
alt="Previous Page" width="32"></A></td>
<td><A href="tutorial.html"><img src="icons/up.gif"
border="0" height="32"
alt="Up One Level" width="32"></A></td>
<td><A href="tut-pub.html"><img src="icons/next.gif"
border="0" height="32"
alt="Next Page" width="32"></A></td>
<td align="center" width="100%">Mod_python Manual</td>
<td><A href="contents.html"><img src="icons/contents.gif"
border="0" height="32"
alt="Contents" width="32"></A></td>
<td><img src="icons/blank.gif"
border="0" height="32"
alt="" width="32"></td>
<td><A href="genindex.html"><img src="icons/index.gif"
border="0" height="32"
alt="Index" width="32"></A></td>
</tr></table>
<b class="navlabel">Previous:</b> <a class="sectref" href="tut-what-it-do.html">3.2 So what Exactly</A>
<b class="navlabel">Up:</b> <a class="sectref" href="tutorial.html">3. Tutorial</A>
<b class="navlabel">Next:</b> <a class="sectref" href="tut-pub.html">3.4 Publisher Handler Makes</A>
<hr>
<span class="release-info">Release 2.7.10, documentation updated on December 07, 2003.</span>
</DIV>
<!--End of Navigation Panel-->
</BODY>
</HTML>
|
