Posted By

manatlan on 01/21/10


Tagged

python web wsgi


Versions (?)

Who likes this?

1 person have marked this snippet as a favorite

spiderx


Simplest wsgi middleware to control access with a form/cookie


 / Published in: Python
 

Not very secure, but very handy ... Use like that :

app = your_wsgi_app()
app = ControlAccess( app, "your_password")
httpserve( app ) # wsgi server
  1. import Cookie,hashlib
  2. md5 = lambda x : hashlib.md5(x).hexdigest()
  3.  
  4. class ControlAccess:
  5. def __init__(self, appReal,password):
  6. self.appReal = appReal
  7. self.password=password
  8.  
  9. def __call__(self, environ, start_response):
  10. try:
  11. password = Cookie.SimpleCookie(environ.get("HTTP_COOKIE",""))["pass"].value
  12. except:
  13. password = ""
  14.  
  15. if password==md5(self.password):
  16. for i in self.appReal(environ, start_response):
  17. yield i
  18. else:
  19. try:
  20. passw=environ['wsgi.input'].read(int(environ['CONTENT_LENGTH'])).split("=")[-1]
  21. except:
  22. passw=""
  23. if passw == self.password:
  24. cookie = Cookie.SimpleCookie()
  25. cookie["pass"] = md5(self.password)
  26. start_response('200 OK', [('Content-type','text/html'),('Set-Cookie',cookie["pass"].OutputString())])
  27. yield """<html><head><meta http-equiv="refresh" content="0; url=/" /></head><body>welcome</body></html>"""
  28. else:
  29. start_response('200 OK', [('Content-type','text/html')])
  30. yield """<form method="post">
  31. Password <input type='password' name="password">
  32. <input type='submit' value="ok">
  33. </form>"""

Report this snippet  

Comments

RSS Icon Subscribe to comments
Posted By: spiderx on April 5, 2013

Thanks, this worked great. I modified your code to add in ldap authentication and a random password (on restart).

You need to login to post a comment.