authenticate framework

[Tonton enz]

Hello,

Anyone can suggest me a good authenticate framework to use with
bottlepy in WSGI env ?

What is the best method : manage users in bottle with framework or
manage users with apache or a other application ? What can you suggest
me ?

Thank you.

J.H

[Tomás Schertel]

I was going to ask the same thing.
How work with users and authentication?
Thanks.

[Branko Vukelić]

I have asked the same question on Stackoverflow, and the reply I got was

http://docs.repoze.org/who/1.0/
http://what.repoze.org/docs/1.0/

> --
> You are member of the "bottlepy" group at google groups.
> See http://groups.google.de/group/bottlepy for mailing list options.
> See http://bottle.paws.de/ for news and documentation.
>

--
Branko Vukelic

stu...@brankovukelic.com
http://www.brankovukelic.com/

[voltron]

You could always implement your own Auth/auth using sessions if you do
not want something too complicated

On Dec 28, 11:20 am, Branko Vukelić <stu...@brankovukelic.com> wrote:
> I have asked the same question on Stackoverflow, and the reply I got was
>

> http://docs.repoze.org/who/1.0/http://what.repoze.org/docs/1.0/

>
>
>
>
>
>
>
>
>
> On Mon, Dec 27, 2010 at 3:02 AM, Tomás Schertel <tscher...@gmail.com> wrote:
> > I was going to ask the same thing.
> > How work with users and authentication?
> > Thanks.
>
> > On Dec 1, 8:59 am, Tonton enz <julien.hautefeui...@gmail.com> wrote:
> >> Hello,
>
> >> Anyone can suggest me a good authenticate framework to use with
> >> bottlepy in WSGI env ?
>
> >> What is the best method : manage users in bottle with framework or
> >> manage users with apache or a other application ? What can you suggest
> >> me ?
>
> >> Thank you.
>
> >> J.H
>
> > --
> > You are member of the "bottlepy" group at google groups.
> > Seehttp://groups.google.de/group/bottlepyfor mailing list options.

> > Seehttp://bottle.paws.de/for news and documentation.

[Tomás Acauan Schertel]

Thanks for answer, Branko and Voltron.
I was thinking about do my own code using cookies to keep session.
I do not need a giant auth method.

--
Tomás A. Schertel
----------------------------------------------
Linux Registered User #304838
Arch Linux User
http://www.archlinux-br.org/
----------------------------------------------

[lew ghiewa]

if choose SQLAlchemy as your back ORM, try AuthKit-0.4.4, it support WSGI well.

2010/12/28 Tomás Acauan Schertel <tsch...@gmail.com>

[Tomás Acauan Schertel]

Is there any example on how integrate Bottle + AuthKit?

--
Tomás A. Schertel
----------------------------------------------
Linux Registered User #304838
Arch Linux User
http://www.archlinux-br.org/
----------------------------------------------

[Marcel Hellkamp]

Am 29.12.2010 11:49, schrieb lew ghiewa:
> try AuthKit-0.4.4, it support WSGI well.

AuthKit assumes the setup to follow Pylons conventions and uses a lot of
exceptions that are specific to Pylons/paste. These are not handled by
Bottle or any WSGI server other than paste. It is not easy to use
AuthKit as a standalone middleware.

If all you want is basic HTTP authentication, all you need is already
there: http://bottle.paws.de/docs/dev/api.html#bottle.Request.auth
Here is a decorator that checks for a valid (user, password) tuple in
'request.auth' and blocks unauthorized requests with a 401-error.

from bottle import request, response, HTTPError
def protected(check, realm="private", text="Access denied"):
def decorator(func):
def wrapper(*a, **ka):
user, password = request.auth or (None, None)
if user is None or not check(user, password):
response.headers['WWW-Authenticate'] = 'Basic realm="%s"' % realm
return HTTPError(401, text)
return func(*a, **ka)
return wrapper
return decorator

Here is a working example:

from bottle import route

def check_valid_user(usr, pwd):
''' Return True if username and password are valid. '''
return usr == 'admin' and pwd == 'secret'

@route('/secret')
@protected(check_user)
def secret():
return "Secret"