[X-POST from SO] What is the difference between auth_basic and basic_auth

Showing 1-2 of 2 messages
[X-POST from SO] What is the difference between auth_basic and basic_auth Javier Olaechea 11/8/12 2:41 PM

I tried asking StackOverflow but apparently CherryPy isn't a hot topic overthere, so I ask thought I'l ask here. (Btw, I like CherrPy's composability by including objects inside other objects , helps reusability much more than the "class based views" in django imho)

Reviewing the tests of cherrypy I can see that test_auth_basic.py has the following conf:

'tools.auth_basic.on': True,
'tools.auth_basic.realm': 'wonderland',
'tools.auth_basic.checkpassword': checkpasshash

but the file test_httpauth.py shows:

'tools.basic_auth.on': True,
'tools.basic_auth.realm': 'localhost',
'tools.basic_auth.users': fetch_password,
'tools.basic_auth.encrypt': sha_password_encrypter}}

what is the difference between those tools? Do both implement Basic Auth? If so, why two different tools, is one deprecated?

Thanks in Advance,
   Javier

P.D. I don't link the SO question from here because I consider it bad taste to "divert" knowledge from the mailing-list

Re: [cherrypy-users] [X-POST from SO] What is the difference between auth_basic and basic_auth Sylvain Hellegouarch 11/10/12 12:50 AM
Hello Javier,

On Thu, Nov 8, 2012 at 11:41 PM, Javier Olaechea <pir...@gmail.com> wrote:

I tried asking StackOverflow but apparently CherryPy isn't a hot topic overthere, so I ask thought I'l ask here. (Btw, I like CherrPy's composability by including objects inside other objects , helps reusability much more than the "class based views" in django imho)

Reviewing the tests of cherrypy I can see that test_auth_basic.py has the following conf:

'tools.auth_basic.on': True,
'tools.auth_basic.realm': 'wonderland',
'tools.auth_basic.checkpassword': checkpasshash

but the file test_httpauth.py shows:

'tools.basic_auth.on': True,
'tools.basic_auth.realm': 'localhost',
'tools.basic_auth.users': fetch_password,
'tools.basic_auth.encrypt': sha_password_encrypter}}

what is the difference between those tools? Do both implement Basic Auth? If so, why two different tools, is one deprecated?


There is an historical reason for having two similar tools but I can't recall the details. I think the original one was not flexible enough and a new one came along. However, I don't think we should still have both as it's indeed confusing. I'm not sure we can easily like breaking compatibility but in a future release we ought to do so anyway. No point in having both of them.

--
- Sylvain
http://www.defuze.org
http://twitter.com/lawouach