Skip to content

Instantly share code, notes, and snippets.

@mdornseif
Created October 17, 2010 19:52
Show Gist options
  • Save mdornseif/631198 to your computer and use it in GitHub Desktop.
Save mdornseif/631198 to your computer and use it in GitHub Desktop.
HTTP-Auth & Mehr mit AppEngine
class OpenIdLoginHandler(webapp.RequestHandler):
def get(self):
continue_url = self.request.GET.get('continue', '/')
username, password = None, None
# see if we have gotten some Form Data
if not (username and password):
username = self.request.get('username').strip()
password = self.request.get('password').strip()
# verify password
if username:
credential = models.Credential.get_by_key_name(username)
if credential and credential.secret == password:
# successfull login
session = get_current_session()
if session.is_active():
session.terminate() # clean previous session
session['uid'] = credential.uid
# redirect back where we came from
if not continue_url:
continue_url = '/'
self.redirect(continue_url)
return
# Render Template with Login form
path = os.path.join(os.path.dirname(__file__), 'templates/login.html')
self.response.out.write(template.render(path, {'continue': continue_url, 'domains': ALLOWED_DOMAINS}))
# Credentials MIGHT map to a google user object
class Credential(db.Expando):
email = db.EmailProperty(required=False)
user = db.UserProperty(required=False)
uid = db.StringProperty(required=True)
secret = db.StringProperty(required=True)
@classmethod
def create(cls, user=None, uid=None, text='', email=None):
secret = "a%s" % str(uuid.uuid4())
if not uid:
uid = "u%x" % random.randint(0x100000, 0xffffff)
instance = cls.get_or_insert(key_name=uid, uid=uid, secret=secret,
user=user, text=text)
return instance
class MyHandler(webapp.RequestHandler):
def __init__(self):
self.credential = None
def initialize(self, request, response):
super(MyHandler, self).initialize(request, response)
uid, secret = None, None
if self.request.headers.get('Authorization'):
auth_type, encoded = self.request.headers.get('Authorization').split(None, 1)
if auth_type.lower() == 'basic':
uid, secret = encoded.decode('base64').split(':', 1)
credential = models.Credential.get_by_key_name(uid.strip() or '122gitbtesnicht')
if credential and credential.secret == secret.strip():
self.credential = credential
if not self.credential:
response.set_status(401)
response.headers['Content-Type'] = 'text/html; charset=utf-8'
response.headers['WWW-Authenticate'] = 'Basic realm="hdEDIhub"'
response.out.write("""<html> <head><title>Authentication Required</title></head>
<body><h1>Authentication Required</h1>Can't get in? Stay out!</body></html>""")
from gaesessions import get_current_session
class MyHandler(webapp.RequestHandler):
def __init__(self):
self.credential = None
def initialize(self, request, response):
super(MyHandler, self).initialize(request, response)
# Testen, ob wir eine eingeloggte Session haben
self.session = get_current_session()
self.credential = models.Credential.get_by_key_name(self.session.get('uid', '122gitbtesnicht'))
if not self.credential:
# Ne, haben wir nicht
response.set_status(302)
absolute_url = self.abs_url("/_ah/login_required?continue=%s" % urllib.quote(request.url))
response.headers['Location'] = str(absolute_url)
def abs_url(self, url):
return urlparse.urljoin(self.request.uri, url)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment