我在努力瓶子.py与休息。谁,到目前为止,我们使用我发现的各种示例的组合,成功地将以下非常简单的程序组合在一起以使其工作。显然,这不是我在生产环境中运行的东西,我只是在尽可能地编写最简单的代码,这样我就可以学习如何使用它——但不幸的是,使用教程瓶子.py与休息。谁很少有。在
下面的示例可以工作,并且允许用户使用admin/admin的用户名/密码登录。我该怎么办休息。谁使logout()函数正常工作?我想有一个forget函数可能是为了这个目的,但是我不知道该如何调用它。在
谢谢。在
from bottle import route, run, app, get, abort, request
from StringIO import StringIO
import repoze
from repoze.who.middleware import PluggableAuthenticationMiddleware
from repoze.who.interfaces import IIdentifier
from repoze.who.interfaces import IChallenger
from repoze.who.plugins.basicauth import BasicAuthPlugin
from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
from repoze.who.plugins.cookie import InsecureCookiePlugin
from repoze.who.plugins.form import FormPlugin
from repoze.who.plugins.htpasswd import HTPasswdPlugin
from repoze.who.classifiers import default_request_classifier
from repoze.who.classifiers import default_challenge_decider
import logging, sys
import pprint
@route('/')
def root():
if request.environ.get('repoze.who.identity') is None:
abort(401, "Not authenticated")
return "Authenticated"
@route('/hello')
def index():
identity = request.environ.get('repoze.who.identity')
if identity == None:
abort(401, "Not authenticated")
user = identity.get('repoze.who.userid')
return '<b>Hello %s!</b>' % user
@route('/logout')
def logout():
# I have no idea what to put here
pass
io = StringIO()
salt = 'aa'
for name, password in [ ('admin', 'admin'), ('paul', 'paul') ]:
io.write('%s:%s\n' % (name, password))
io.seek(0)
def cleartext_check(password, hashed):
return password == hashed
htpasswd = HTPasswdPlugin(io, cleartext_check)
basicauth = BasicAuthPlugin('repoze.who')
auth_tkt = AuthTktCookiePlugin('secret', 'auth_tkt')
form = FormPlugin('__do_login', rememberer_name='auth_tkt')
form.classifications = { IIdentifier:['browser'],
IChallenger:['browser'] }
identifiers = [('form', form),('auth_tkt',auth_tkt),('basicauth',basicauth)]
authenticators = [('htpasswd', htpasswd)]
challengers = [('form',form), ('basicauth',basicauth)]
mdproviders = []
log_stream = None
import os
if os.environ.get('WHO_LOG'):
log_stream = sys.stdout
middleware = PluggableAuthenticationMiddleware(
app(),
identifiers,
authenticators,
challengers,
mdproviders,
default_request_classifier,
default_challenge_decider,
log_stream = log_stream,
log_level = logging.DEBUG
)
if __name__ == '__main__':
run(app=middleware, host='0.0.0.0', port=8080, reloader=True)
else:
application = middleware
run(host='0.0.0.0', port=8080)
如果可以的话,我会用
RedirectingFormPlugin
而不是FormPlugin
。RedirectingFormPlugin
允许您注册注销URL。有了它,您就不必实现/logout
处理程序,例如RedirectingFormPlugin
会为您拦截请求并处理forget等调用。我已经用这个与波波和阿彭金和它的工作很好。在如果你还想用以前没有准备好的方式去做休息。谁v1,以下对我有用:
相关问题 更多 >
编程相关推荐