tobias/radicale
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow auth backends to provide login and password

Browse Source 
This is used to implement an auth backend that takes the credentials from an HTTP header (e.g. accounts are managed by an reverse proxy)
This commit is contained in:
Unrud
2017-05-31 02:05:55 +02:00
parent 8bc45aeb24
commit 09bde14e50
3 changed files with 32 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
radicale/auth.py
View File

@ -67,6 +67,10 @@ def load(configuration, logger):
logger.debug("Authentication type is %s", auth_type)
if auth_type == "None":
class_ = NoneAuth
elif auth_type == "remote_user":
class_ = RemoteUserAuth
elif auth_type == "http_x_remote_user":
class_ = HttpXRemoteUserAuth
elif auth_type == "htpasswd":
class_ = Auth
else:
@ -79,6 +83,14 @@ class BaseAuth:
self.configuration = configuration
self.logger = logger
def get_external_login(self, environ):
"""Optionally provide the login and password externally.
Returns a tuple (login, password) or ().
"""
return ()
def is_authenticated(self, user, password):
"""Validate credentials.
@ -201,3 +213,13 @@ class Auth(BaseAuth):
if login_ok & password_ok:
return True
return False
class RemoteUserAuth(NoneAuth):
def get_external_login(self, environ):
return environ.get("REMOTE_USER", ""), ""
class HttpXRemoteUserAuth(NoneAuth):
def get_external_login(self, environ):
return environ.get("HTTP_X_REMOTE_USER", ""), ""