Главная Обзор Помощь
Вход
mirrors
/
Radicale
зеркало из https://github.com/Kozea/Radicale
1
0
Ответвить 0
Файлы Задачи 0 Вики
Просмотр исходного кода

Map logins to internal users in Auth module

This makes it possible to implement #349 as a Auth module. Another use case would be to encode usernames that contain characters unsupported by the file system.
Unrud 9 лет назад
Родитель
5d9485d660
Сommit
689e5c9dd5
2 измененных файлов с 18 добавлено и 8 удалено
Единый вид Показать статистику Diff
  1. 5 4
      radicale/__init__.py
  2. 13 4
      radicale/auth.py

+ 5 - 4
radicale/__init__.py
Просмотреть файл 

@@ -167,7 +167,7 @@ class Application:
 
         super().__init__()
 
         super().__init__()
 
         self.configuration = configuration
 
         self.configuration = configuration
 
         self.logger = logger
 
         self.logger = logger
 
-        self.is_authenticated = auth.load(configuration, logger)
 
+        self.Auth = auth.load(configuration, logger)
 
         self.Collection = storage.load(configuration, logger)
 
         self.Collection = storage.load(configuration, logger)
 
         self.authorized = rights.load(configuration, logger)
 
         self.authorized = rights.load(configuration, logger)
 
         self.encoding = configuration.get("encoding", "request")
 
         self.encoding = configuration.get("encoding", "request")
 
@@ -288,10 +288,11 @@ class Application:
 
         authorization = environ.get("HTTP_AUTHORIZATION", None)
 
         authorization = environ.get("HTTP_AUTHORIZATION", None)
 
         if authorization and authorization.startswith("Basic"):
 
         if authorization and authorization.startswith("Basic"):
 
             authorization = authorization[len("Basic"):].strip()
 
             authorization = authorization[len("Basic"):].strip()
 
-            user, password = self.decode(base64.b64decode(
 
+            login, password = self.decode(base64.b64decode(
 
                 authorization.encode("ascii")), environ).split(":", 1)
 
                 authorization.encode("ascii")), environ).split(":", 1)
 
+            user = self.Auth.map_login_to_user(login)
 
         else:
 
         else:
 
-            user = environ.get("REMOTE_USER")
 
+            user = self.Auth.map_login_to_user(environ.get("REMOTE_USER", ""))
 
             password = None
 
             password = None
 
 
 
         # If "/.well-known" is not available, clients query "/"
 
         # If "/.well-known" is not available, clients query "/"
 
@@ -303,7 +304,7 @@ class Application:
 
             self.logger.info("Refused unsafe username: %s", user)
 
             self.logger.info("Refused unsafe username: %s", user)
 
             is_authenticated = False
 
             is_authenticated = False
 
         else:
 
         else:
 
-            is_authenticated = self.is_authenticated(user, password)
 
+            is_authenticated = self.Auth.is_authenticated(user, password)
 
         is_valid_user = is_authenticated or not user
 
         is_valid_user = is_authenticated or not user
 
 
 
         # Create principal collection
 
         # Create principal collection

+ 13 - 4
radicale/auth.py
Просмотреть файл 

@@ -65,12 +65,12 @@ def load(configuration, logger):
 
     auth_type = configuration.get("auth", "type")
 
     auth_type = configuration.get("auth", "type")
 
     logger.debug("Authentication type is %s", auth_type)
 
     logger.debug("Authentication type is %s", auth_type)
 
     if auth_type == "None":
 
     if auth_type == "None":
 
-        return lambda user, password: True
 
+        class_ = NoneAuth
 
     elif auth_type == "htpasswd":
 
     elif auth_type == "htpasswd":
 
-        return Auth(configuration, logger).is_authenticated
 
+        class_ = Auth
 
     else:
 
     else:
 
-        module = import_module(auth_type)
 
-        return module.Auth(configuration, logger).is_authenticated
 
+        class_ = import_module(auth_type).Auth
 
+    return class_(configuration, logger)
 
 
 
 
 
 class BaseAuth:
 
 class BaseAuth:
 
@@ -88,6 +88,15 @@ class BaseAuth:
 
         """
 
         """
 
         raise NotImplementedError
 
         raise NotImplementedError
 
 
 
+    def map_login_to_user(self, login):
 
+        """Map login to internal username."""
 
+        return login
 
+
 
+
 
+class NoneAuth(BaseAuth):
 
+    def is_authenticated(self, user, password):
 
+        return True
 
+
 
 
 
 class Auth(BaseAuth):
 
 class Auth(BaseAuth):
 
     def __init__(self, configuration, logger):
 
     def __init__(self, configuration, logger):