Clean the http-based auth module

This commit is contained in:
Guillaume Ayoub 2013-04-26 01:14:33 +02:00
parent 494ffbd762
commit 22077aa7a1
3 changed files with 22 additions and 17 deletions

12
config
View File

@ -38,7 +38,7 @@ stock = utf-8
[auth] [auth]
# Authentication method # Authentication method
# Value: None | htpasswd | IMAP | LDAP | PAM | courier # Value: None | htpasswd | IMAP | LDAP | PAM | courier | http
type = None type = None
# Usernames used for public collections, separated by a comma # Usernames used for public collections, separated by a comma
@ -83,11 +83,11 @@ pam_group_membership =
courier_socket = courier_socket =
# HTTP authentication request URL endpoint # HTTP authentication request URL endpoint
auth_url = http_url =
# POST param to use for username # POST parameter to use for username
user_param = username http_user_parameter =
# POST param to use for password # POST parameter to use for password
password_param = password http_password_parameter =
[rights] [rights]

View File

@ -20,19 +20,24 @@
""" """
HTTP authentication. HTTP authentication.
Make a request to an authentication server with the username/password. Authentication based on the ``requests`` module.
Post a request to an authentication server with the username/password.
Anything other than a 200/201 response is considered auth failure. Anything other than a 200/201 response is considered auth failure.
""" """
import requests import requests
from .. import config, log from .. import config, log
AUTH_URL = config.get("auth", "auth_url") AUTH_URL = config.get("auth", "http_url")
USER_PARAM = config.get("auth", "user_param") USER_PARAM = config.get("auth", "http_user_parameter")
PASSWORD_PARAM = config.get("auth", "password_param") PASSWORD_PARAM = config.get("auth", "http_password_parameter")
def is_authenticated(user, password): def is_authenticated(user, password):
"""Check if ``user``/``password`` couple is valid."""
log.LOGGER.debug("HTTP-based auth on %s." % AUTH_URL)
payload = {USER_PARAM: user, PASSWORD_PARAM: password} payload = {USER_PARAM: user, PASSWORD_PARAM: password}
r = requests.post(AUTH_URL, data=payload) return requests.post(AUTH_URL, data=payload).status_code in (200, 201)
return r.status_code in [200, 201]

View File

@ -51,9 +51,6 @@ INITIAL_CONFIG = {
"stock": "utf-8"}, "stock": "utf-8"},
"auth": { "auth": {
"type": "None", "type": "None",
"auth_url": "",
"user_param": "username",
"password_param": "password",
"public_users": "public", "public_users": "public",
"private_users": "private", "private_users": "private",
"htpasswd_filename": "/etc/radicale/users", "htpasswd_filename": "/etc/radicale/users",
@ -69,7 +66,10 @@ INITIAL_CONFIG = {
"ldap_password": "", "ldap_password": "",
"ldap_scope": "OneLevel", "ldap_scope": "OneLevel",
"pam_group_membership": "", "pam_group_membership": "",
"courier_socket": ""}, "courier_socket": "",
"http_url": "",
"http_user_parameter": "",
"http_password_parameter": ""},
"rights": { "rights": {
"type": "None", "type": "None",
"file": ""}, "file": ""},