Merge pull request #500 from Unrud/loginuser

Map logins to internal users in Auth module
2016-08-31 14:40:08 +02:00 · 2016-08-31 14:40:08 +02:00 · db681da08e
commit db681da08e
parent 5f46cc24bd 689e5c9dd5
2 changed files with 18 additions and 8 deletions
--- a/radicale/init.py
+++ b/radicale/init.py
@ -167,7 +167,7 @@ class Application:
        super().__init__()
        self.configuration = configuration
        self.logger = logger
-        self.is_authenticated = auth.load(configuration, logger)
+        self.Auth = auth.load(configuration, logger)
        self.Collection = storage.load(configuration, logger)
        self.authorized = rights.load(configuration, logger)
        self.encoding = configuration.get("encoding", "request")
@ -287,10 +287,11 @@ class Application:
        authorization = environ.get("HTTP_AUTHORIZATION", None)
        if authorization and authorization.startswith("Basic"):
            authorization = authorization[len("Basic"):].strip()
-            user, password = self.decode(base64.b64decode(
+            login, password = self.decode(base64.b64decode(
                authorization.encode("ascii")), environ).split(":", 1)
            user = self.Auth.map_login_to_user(login)
        else:
-            user = environ.get("REMOTE_USER")
+            user = self.Auth.map_login_to_user(environ.get("REMOTE_USER", ""))
            password = None
        # If "/.well-known" is not available, clients query "/"
@ -302,7 +303,7 @@ class Application:
            self.logger.info("Refused unsafe username: %s", user)
            is_authenticated = False
        else:
-            is_authenticated = self.is_authenticated(user, password)
+            is_authenticated = self.Auth.is_authenticated(user, password)
        is_valid_user = is_authenticated or not user
        # Create principal collection
--- a/radicale/auth.py
+++ b/radicale/auth.py
@ -65,12 +65,12 @@ def load(configuration, logger):
    auth_type = configuration.get("auth", "type")
    logger.debug("Authentication type is %s", auth_type)
    if auth_type == "None":
-        return lambda user, password: True
+        class_ = NoneAuth
    elif auth_type == "htpasswd":
-        return Auth(configuration, logger).is_authenticated
+        class_ = Auth
    else:
-        module = import_module(auth_type)
+        class_ = import_module(auth_type).Auth
-        return module.Auth(configuration, logger).is_authenticated
+    return class_(configuration, logger)
 class BaseAuth:
@ -88,6 +88,15 @@ class BaseAuth:
        """
        raise NotImplementedError
    def map_login_to_user(self, login):
        """Map login to internal username."""
        return login
 class NoneAuth(BaseAuth):
    def is_authenticated(self, user, password):
        return True
 class Auth(BaseAuth):
    def __init__(self, configuration, logger):