Clean the http-based auth module

This commit is contained in:
Guillaume Ayoub 2013-04-26 01:14:33 +02:00
parent 494ffbd762
commit 22077aa7a1
3 changed files with 22 additions and 17 deletions

12
config
View File

@ -38,7 +38,7 @@ stock = utf-8
[auth]
# Authentication method
# Value: None | htpasswd | IMAP | LDAP | PAM | courier
# Value: None | htpasswd | IMAP | LDAP | PAM | courier | http
type = None
# Usernames used for public collections, separated by a comma
@ -83,11 +83,11 @@ pam_group_membership =
courier_socket =
# HTTP authentication request URL endpoint
auth_url =
# POST param to use for username
user_param = username
# POST param to use for password
password_param = password
http_url =
# POST parameter to use for username
http_user_parameter =
# POST parameter to use for password
http_password_parameter =
[rights]

View File

@ -20,19 +20,24 @@
"""
HTTP authentication.
Make a request to an authentication server with the username/password.
Authentication based on the ``requests`` module.
Post a request to an authentication server with the username/password.
Anything other than a 200/201 response is considered auth failure.
"""
import requests
from .. import config, log
AUTH_URL = config.get("auth", "auth_url")
USER_PARAM = config.get("auth", "user_param")
PASSWORD_PARAM = config.get("auth", "password_param")
AUTH_URL = config.get("auth", "http_url")
USER_PARAM = config.get("auth", "http_user_parameter")
PASSWORD_PARAM = config.get("auth", "http_password_parameter")
def is_authenticated(user, password):
"""Check if ``user``/``password`` couple is valid."""
log.LOGGER.debug("HTTP-based auth on %s." % AUTH_URL)
payload = {USER_PARAM: user, PASSWORD_PARAM: password}
r = requests.post(AUTH_URL, data=payload)
return r.status_code in [200, 201]
return requests.post(AUTH_URL, data=payload).status_code in (200, 201)

View File

@ -51,9 +51,6 @@ INITIAL_CONFIG = {
"stock": "utf-8"},
"auth": {
"type": "None",
"auth_url": "",
"user_param": "username",
"password_param": "password",
"public_users": "public",
"private_users": "private",
"htpasswd_filename": "/etc/radicale/users",
@ -69,7 +66,10 @@ INITIAL_CONFIG = {
"ldap_password": "",
"ldap_scope": "OneLevel",
"pam_group_membership": "",
"courier_socket": ""},
"courier_socket": "",
"http_url": "",
"http_user_parameter": "",
"http_password_parameter": ""},
"rights": {
"type": "None",
"file": ""},