Python / WebApp Google App Engine - 在头文件中测试user / pass [英] Python/WebApp Google App Engine - testing for user/pass in the headers
问题描述
username ='test12'
password ='test34'
client = httplib2.Http(。cache)
client.add_credentials(username,password)
URL =http:// localhost:8080 / wyWebServiceTest
response, content = client.request(URL)
如何将用户名/密码获取到服务器上的变量中(即我在写的Web服务)。
我检查了self.request.headers和self.request.environ并找不到它们。
(我没有使用Google登录,需要反弹我的数据库以验证安全性。)
我试图从这个网页获得想法: http://pythonpaste.org/ webb / reference.html#标题
谢谢,
Neal Walters
$$ b
auth = None
如果'b
$ b
小于以下Peter的代码:
Authorization'in self.request.headers:
auth = self.request.headers ['Authorization']
如果不是auth:
我还没有测试过这个代码(插入笑脸),但我认为这是你需要的东西。基本上,如果您的服务器没有将401退回到您的客户端(客户端需要知道该领域以了解提供的凭据),那么您的凭证将不在标题中。
class MYREALM_securepage(webapp.RequestHandler):
def get(self):
如果不是'授权'self.request.headers:
self.response.headers ['WWW-Authenticate'] ='Basic realm =MYREALM'
self.response.set_status(401)
self.response.out.write(需要授权 )
else:
auth = self.request.headers ['Authorization']
(username,password)= base64.b64decode(auth.split('')[1])。split (':')
#检查用户名和密码,然后继续......
When you call a web service like this:
username = 'test12'
password = 'test34'
client = httplib2.Http(".cache")
client.add_credentials(username,password)
URL = "http://localhost:8080/wyWebServiceTest"
response, content = client.request(URL)
How do you get the username/password into variables on the server side (i.e. in the web-service that I'm writing). I checked the self.request.headers and self.request.environ and couldn't find them.
(I'm not using Google Login, need to bounce this userid/pass against my own database to verify security.)
I was trying to ideas from this page: http://pythonpaste.org/webob/reference.html#headers
Thanks,
Neal Walters
Slight enhancement to Peter's code below:
auth = None
if 'Authorization' in self.request.headers:
auth = self.request.headers['Authorization']
if not auth:
I haven't tested this code (insert smiley) but I think this is the sort of thing you need. Basically your credentials won't be in the header if your server hasn't bounced a 401 back to your client (the client needs to know the realm to know what credentials to provide).
class MYREALM_securepage(webapp.RequestHandler):
def get(self):
if not 'Authorization' in self.request.headers:
self.response.headers['WWW-Authenticate'] = 'Basic realm="MYREALM"'
self.response.set_status(401)
self.response.out.write("Authorization required")
else:
auth = self.request.headers['Authorization']
(username, password) = base64.b64decode(auth.split(' ')[1]).split(':')
# Check the username and password, and proceed ...
这篇关于Python / WebApp Google App Engine - 在头文件中测试user / pass的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!