durusmail: quixote-users: Basic auth. in Quixote
Basic auth. in Quixote
2003-11-04
Jørgen Larsen
2003-11-05
Jeff Koncz
2003-11-05
Jørgen Larsen
Basic auth. in Quixote
Jeff Koncz
2003-11-05
Checkout the docs for the function "_q_access(request)".  Basically, if it's
in your module then it will be called before any traversal...works great for
authentication.

http://www.mems-exchange.org/software/quixote/doc/programming.html

An alternative to doing the basic auth in your httpd.conf file would be to
handle the HTTP_AUTHORIZATION header in your Quixote app.  If you return a
response like the following the client will be presented with the
username/password browser dialog:

request.response.set_header("WWW-Authenticate", "Basic Realm=Secret")
request.response.set_status(401)

The client browser should then return an HTTP_AUTHORIZATION header that
contains a username and password.  To get the values out of the request you
could do something like the following:

auth_creds = request.get_header("HTTP_AUTHORIZATION").split(" ")[1]
auth_creds = base64.decodestring(auth_creds).split(":")
username, password = auth_creds[0], auth_creds[1]

You can take those values and do whatever you need for authenticating the
client.

Regards,

- Jeff
reply