[Twisted-web] Authentication with twisted.web
Donovan Preston
twisted-web@twistedmatrix.com
Thu, 29 Jan 2004 11:43:17 -0500
On Jan 29, 2004, at 10:48 AM, Alex Levy wrote:
> On Thu, 2004-01-29 at 09:36, Paul Moore wrote:
>> I want to build a web application which requires users to log on. I'm
>> happy
>> building the user authentication side of things, but I'm not sure how
>> to get
>> the site to require authentication. I'm looking for what I think is
>> "Basic"
>> authentication - the one that causes the browser to pop up an "enter
>> username
>> and password" dialog box.
>
> A Google search for "site:twistedmatrix.com basic http authentication"
> turns up a number of useful links, but until Pyramid's back on its
> feet,
> you've got to go cache-hunting.
>
> Here's a few tidbits that'll probably help:
>
> In Resource.render():
>>>> request.setHeader('WWW-authenticate', 'basic realm="foo"')
>
> Wherever else:
>>>> u = request.getUser()
>>>> p = request.getPassword()
>
> Hope this helps.
Just to let you know, Glyph also added basic http authentication login
support to nevow.guard the other day, for Quotient. I think all you
have to do is, on your ANONYMOUS resource, set the response code to
UNAUTHORIZED. When the user provides a username and password, those
credentials are passed to your realm. Maybe glyph can shed more light,
but I don't think he is on this list. I'll ask him about it.
dp