├── .editorconfig ├── .gitignore ├── .travis.yml ├── CHANGES ├── LICENSE ├── MANIFEST.in ├── Makefile ├── README.rst ├── appveyor.yml ├── docs ├── Makefile ├── _templates │ └── sidebar-intro.html ├── conf.py ├── index.rst ├── make.bat └── requirements.txt ├── setup.cfg ├── setup.py ├── src └── wsgi_basic_auth.py ├── tests └── test_wsgi_basic_auth.py └── tox.ini /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*.py] 4 | line_length = 79 5 | multi_line_output = 4 6 | balanced_wrapping = true 7 | known_first_party = wsgi_basic_auth,tests 8 | use_parentheses = true 9 | 10 | [Makefile] 11 | indent_style = tab 12 | indent_size = 4 13 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .coverage 2 | .coverage.* 3 | *.egg-info 4 | *.pyc 5 | /dist/ 6 | /build/ 7 | /htmlcov/ 8 | /.cache/ 9 | /.tox/ 10 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | sudo: false 3 | language: python 4 | 5 | matrix: 6 | include: 7 | - python: 2.7 8 | env: TOXENV=py27 9 | - python: 3.3 10 | env: TOXENV=py33 11 | - python: 3.4 12 | env: TOXENV=py34 13 | - python: 3.5 14 | env: TOXENV=py35 15 | - python: 3.6 16 | env: TOXENV=py36 17 | - python: pypy-5.3.1 18 | env: TOXENV=pypy 19 | 20 | before_cache: 21 | - rm -rf $HOME/.cache/pip/log 22 | 23 | cache: 24 | directories: 25 | - $HOME/.cache/pip 26 | 27 | deps: 28 | - codecov 29 | 30 | install: 31 | - pip install tox codecov 32 | 33 | script: 34 | - tox -e $TOXENV 35 | 36 | after_success: 37 | - tox -e coverage-report 38 | - codecov 39 | 40 | notifications: 41 | email: false 42 | -------------------------------------------------------------------------------- /CHANGES: -------------------------------------------------------------------------------- 1 | 1.1.0 (2017-02-21) 2 | ------------------ 3 | Allow specifying specific paths which require basic auth using the 4 | WSGI_AUTH_PATHS environment variable. This for example allows you to only 5 | require authentication for /path-1/* but not for the rest. (Julie Bacon, #2) 6 | 7 | 8 | 1.0.4 (2016-08-10) 9 | ------------------ 10 | Initial release to pypi 11 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Michael van Tellingen 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /MANIFEST.in: -------------------------------------------------------------------------------- 1 | # Exclude everything by default 2 | exclude * 3 | recursive-exclude * * 4 | 5 | include MANIFEST.in 6 | include README.rst 7 | include CHANGES 8 | include setup.py 9 | 10 | graft src 11 | graft tests 12 | 13 | global-exclude __pycache__ 14 | global-exclude *.py[co] 15 | global-exclude .DS_Store 16 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | .PHONY: install clean test retest coverage docs 2 | 3 | install: 4 | pip install -e .[docs,test] 5 | 6 | test: 7 | py.test -vvv 8 | 9 | retest: 10 | py.test -vvv --lf 11 | 12 | coverage: 13 | py.test --cov=wsgi_basic_auth --cov-report=term-missing --cov-report=html 14 | 15 | 16 | lint: 17 | flake8 src/ tests/ 18 | isort --recursive --check-only --diff src tests 19 | 20 | clean: 21 | find . -name '*.pyc' -delete 22 | 23 | docs: 24 | $(MAKE) -C docs html 25 | 26 | release: 27 | pip install twine wheel 28 | rm -rf dist/* 29 | python setup.py sdist bdist_wheel 30 | twine upload -s dist/* 31 | -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- 1 | =============== 2 | WSGI Basic Auth 3 | =============== 4 | 5 | Really simple wsgi middleware to provide basic http auth. It is intented to 6 | work with environment variables. This makes it simple to use in a docker 7 | context. 8 | 9 | Status 10 | ------ 11 | 12 | .. image:: https://readthedocs.org/projects/wsgi-basic-auth/badge/?version=latest 13 | :target: https://readthedocs.org/projects/wsgi-basic-auth/ 14 | 15 | .. image:: https://travis-ci.org/mvantellingen/wsgi-basic-auth.svg?branch=master 16 | :target: https://travis-ci.org/mvantellingen/wsgi-basic-auth 17 | 18 | .. image:: https://ci.appveyor.com/api/projects/status/im609ng9h29vt89r?svg=true 19 | :target: https://ci.appveyor.com/project/mvantellingen/wsgi-basic-auth 20 | 21 | .. image:: http://codecov.io/github/mvantellingen/wsgi-basic-auth/coverage.svg?branch=master 22 | :target: http://codecov.io/github/mvantellingen/wsgi-basic-auth?branch=master 23 | 24 | .. image:: https://img.shields.io/pypi/v/wsgi-basic-auth.svg 25 | :target: https://pypi.python.org/pypi/wsgi-basic-auth/ 26 | 27 | 28 | 29 | Getting started 30 | =============== 31 | 32 | Using this module is really simple. In Django for example edit the wsgi.py 33 | file and add the following to the end of the file. 34 | 35 | .. code-block:: python 36 | 37 | from wsgi_basic_auth import BasicAuth 38 | application = BasicAuth(application) 39 | 40 | Now run docker with the env variable WSGI_AUTH_CREDENTIALS=foo:bar and you have 41 | to authenticate with username foo and password bar. Multiple credentials are 42 | separated with a | (pipe) character. 43 | 44 | To exclude specific paths for healthchecks (e.g. the Amazon ELB healthchecks) 45 | specify the environment variable WSGI_AUTH_EXCLUDE_PATHS=/api/healthchecks. 46 | Here multiple paths can be separated with the ; char. 47 | 48 | To include only specific paths specify the environment variable 49 | WSGI_AUTH_PATHS. Here multiple paths can be separated with the ; char. 50 | 51 | You can use both include and exclude paths together for example: 52 | WSGI_AUTH_PATHS=/foo 53 | WSGI_AUTH_EXCLUDE_PATHS=/foo/bar 54 | This will force Basic Auth on all paths under /foo except /foo/bar 55 | 56 | 57 | Installation 58 | ============ 59 | 60 | You can install the latest version using pip:: 61 | 62 | pip install wsgi-basic-auth 63 | 64 | 65 | -------------------------------------------------------------------------------- /appveyor.yml: -------------------------------------------------------------------------------- 1 | --- 2 | cache: 3 | - '%LOCALAPPDATA%\pip\Cache' 4 | 5 | environment: 6 | matrix: 7 | - TOXENV: py27 8 | - TOXENV: py34 9 | - TOXENV: py35 10 | - TOXENV: py36 11 | 12 | install: 13 | - C:\Python36\python -m pip install tox codecov coverage 14 | 15 | build: false # Not a C# project, build stuff at the test step instead. 16 | 17 | test_script: 18 | - C:\Python36\scripts\tox 19 | 20 | after_test: 21 | - C:\Python36\scripts\tox -e coverage-report 22 | - C:\Python36\scripts\codecov 23 | -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- 1 | # Makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line. 5 | SPHINXOPTS = 6 | SPHINXBUILD = sphinx-build 7 | PAPER = 8 | BUILDDIR = _build 9 | 10 | # Internal variables. 11 | PAPEROPT_a4 = -D latex_paper_size=a4 12 | PAPEROPT_letter = -D latex_paper_size=letter 13 | ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . 14 | # the i18n builder cannot share the environment and doctrees with the others 15 | I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . 16 | 17 | .PHONY: help 18 | help: 19 | @echo "Please use \`make ' where is one of" 20 | @echo " html to make standalone HTML files" 21 | @echo " dirhtml to make HTML files named index.html in directories" 22 | @echo " singlehtml to make a single large HTML file" 23 | @echo " pickle to make pickle files" 24 | @echo " json to make JSON files" 25 | @echo " htmlhelp to make HTML files and a HTML help project" 26 | @echo " qthelp to make HTML files and a qthelp project" 27 | @echo " applehelp to make an Apple Help Book" 28 | @echo " devhelp to make HTML files and a Devhelp project" 29 | @echo " epub to make an epub" 30 | @echo " epub3 to make an epub3" 31 | @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" 32 | @echo " latexpdf to make LaTeX files and run them through pdflatex" 33 | @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" 34 | @echo " text to make text files" 35 | @echo " man to make manual pages" 36 | @echo " texinfo to make Texinfo files" 37 | @echo " info to make Texinfo files and run them through makeinfo" 38 | @echo " gettext to make PO message catalogs" 39 | @echo " changes to make an overview of all changed/added/deprecated items" 40 | @echo " xml to make Docutils-native XML files" 41 | @echo " pseudoxml to make pseudoxml-XML files for display purposes" 42 | @echo " linkcheck to check all external links for integrity" 43 | @echo " doctest to run all doctests embedded in the documentation (if enabled)" 44 | @echo " coverage to run coverage check of the documentation (if enabled)" 45 | @echo " dummy to check syntax errors of document sources" 46 | 47 | .PHONY: clean 48 | clean: 49 | rm -rf $(BUILDDIR)/* 50 | 51 | .PHONY: html 52 | html: 53 | $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html 54 | @echo 55 | @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." 56 | 57 | .PHONY: dirhtml 58 | dirhtml: 59 | $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml 60 | @echo 61 | @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." 62 | 63 | .PHONY: singlehtml 64 | singlehtml: 65 | $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml 66 | @echo 67 | @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." 68 | 69 | .PHONY: pickle 70 | pickle: 71 | $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle 72 | @echo 73 | @echo "Build finished; now you can process the pickle files." 74 | 75 | .PHONY: json 76 | json: 77 | $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json 78 | @echo 79 | @echo "Build finished; now you can process the JSON files." 80 | 81 | .PHONY: htmlhelp 82 | htmlhelp: 83 | $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp 84 | @echo 85 | @echo "Build finished; now you can run HTML Help Workshop with the" \ 86 | ".hhp project file in $(BUILDDIR)/htmlhelp." 87 | 88 | .PHONY: qthelp 89 | qthelp: 90 | $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp 91 | @echo 92 | @echo "Build finished; now you can run "qcollectiongenerator" with the" \ 93 | ".qhcp project file in $(BUILDDIR)/qthelp, like this:" 94 | @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/WSGIBasicAuth.qhcp" 95 | @echo "To view the help file:" 96 | @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/WSGIBasicAuth.qhc" 97 | 98 | .PHONY: applehelp 99 | applehelp: 100 | $(SPHINXBUILD) -b applehelp $(ALLSPHINXOPTS) $(BUILDDIR)/applehelp 101 | @echo 102 | @echo "Build finished. The help book is in $(BUILDDIR)/applehelp." 103 | @echo "N.B. You won't be able to view it unless you put it in" \ 104 | "~/Library/Documentation/Help or install it in your application" \ 105 | "bundle." 106 | 107 | .PHONY: devhelp 108 | devhelp: 109 | $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp 110 | @echo 111 | @echo "Build finished." 112 | @echo "To view the help file:" 113 | @echo "# mkdir -p $$HOME/.local/share/devhelp/WSGIBasicAuth" 114 | @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/WSGIBasicAuth" 115 | @echo "# devhelp" 116 | 117 | .PHONY: epub 118 | epub: 119 | $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub 120 | @echo 121 | @echo "Build finished. The epub file is in $(BUILDDIR)/epub." 122 | 123 | .PHONY: epub3 124 | epub3: 125 | $(SPHINXBUILD) -b epub3 $(ALLSPHINXOPTS) $(BUILDDIR)/epub3 126 | @echo 127 | @echo "Build finished. The epub3 file is in $(BUILDDIR)/epub3." 128 | 129 | .PHONY: latex 130 | latex: 131 | $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex 132 | @echo 133 | @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." 134 | @echo "Run \`make' in that directory to run these through (pdf)latex" \ 135 | "(use \`make latexpdf' here to do that automatically)." 136 | 137 | .PHONY: latexpdf 138 | latexpdf: 139 | $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex 140 | @echo "Running LaTeX files through pdflatex..." 141 | $(MAKE) -C $(BUILDDIR)/latex all-pdf 142 | @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." 143 | 144 | .PHONY: latexpdfja 145 | latexpdfja: 146 | $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex 147 | @echo "Running LaTeX files through platex and dvipdfmx..." 148 | $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja 149 | @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." 150 | 151 | .PHONY: text 152 | text: 153 | $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text 154 | @echo 155 | @echo "Build finished. The text files are in $(BUILDDIR)/text." 156 | 157 | .PHONY: man 158 | man: 159 | $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man 160 | @echo 161 | @echo "Build finished. The manual pages are in $(BUILDDIR)/man." 162 | 163 | .PHONY: texinfo 164 | texinfo: 165 | $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo 166 | @echo 167 | @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." 168 | @echo "Run \`make' in that directory to run these through makeinfo" \ 169 | "(use \`make info' here to do that automatically)." 170 | 171 | .PHONY: info 172 | info: 173 | $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo 174 | @echo "Running Texinfo files through makeinfo..." 175 | make -C $(BUILDDIR)/texinfo info 176 | @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." 177 | 178 | .PHONY: gettext 179 | gettext: 180 | $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale 181 | @echo 182 | @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." 183 | 184 | .PHONY: changes 185 | changes: 186 | $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes 187 | @echo 188 | @echo "The overview file is in $(BUILDDIR)/changes." 189 | 190 | .PHONY: linkcheck 191 | linkcheck: 192 | $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck 193 | @echo 194 | @echo "Link check complete; look for any errors in the above output " \ 195 | "or in $(BUILDDIR)/linkcheck/output.txt." 196 | 197 | .PHONY: doctest 198 | doctest: 199 | $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest 200 | @echo "Testing of doctests in the sources finished, look at the " \ 201 | "results in $(BUILDDIR)/doctest/output.txt." 202 | 203 | .PHONY: coverage 204 | coverage: 205 | $(SPHINXBUILD) -b coverage $(ALLSPHINXOPTS) $(BUILDDIR)/coverage 206 | @echo "Testing of coverage in the sources finished, look at the " \ 207 | "results in $(BUILDDIR)/coverage/python.txt." 208 | 209 | .PHONY: xml 210 | xml: 211 | $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml 212 | @echo 213 | @echo "Build finished. The XML files are in $(BUILDDIR)/xml." 214 | 215 | .PHONY: pseudoxml 216 | pseudoxml: 217 | $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml 218 | @echo 219 | @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." 220 | 221 | .PHONY: dummy 222 | dummy: 223 | $(SPHINXBUILD) -b dummy $(ALLSPHINXOPTS) $(BUILDDIR)/dummy 224 | @echo 225 | @echo "Build finished. Dummy builder generates no files." 226 | -------------------------------------------------------------------------------- /docs/_templates/sidebar-intro.html: -------------------------------------------------------------------------------- 1 |

Links

2 |

3 | 5 |

6 | 11 | 12 | 13 | -------------------------------------------------------------------------------- /docs/conf.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | # 3 | # WSGI Basic Auth documentation build configuration file, created by 4 | # sphinx-quickstart on Wed Aug 10 17:06:14 2016. 5 | # 6 | # This file is execfile()d with the current directory set to its 7 | # containing dir. 8 | # 9 | # Note that not all possible configuration values are present in this 10 | # autogenerated file. 11 | # 12 | # All configuration values have a default; values that are commented out 13 | # serve to show the default. 14 | 15 | # If extensions (or modules to document with autodoc) are in another directory, 16 | # add these directories to sys.path here. If the directory is relative to the 17 | # documentation root, use os.path.abspath to make it absolute, like shown here. 18 | # 19 | # import os 20 | # import sys 21 | # sys.path.insert(0, os.path.abspath('.')) 22 | 23 | # -- General configuration ------------------------------------------------ 24 | 25 | # If your documentation needs a minimal Sphinx version, state it here. 26 | # 27 | # needs_sphinx = '1.0' 28 | 29 | # Add any Sphinx extension module names here, as strings. They can be 30 | # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom 31 | # ones. 32 | extensions = ['sphinx.ext.autodoc'] 33 | 34 | # Add any paths that contain templates here, relative to this directory. 35 | templates_path = ['_templates'] 36 | 37 | # The suffix(es) of source filenames. 38 | # You can specify multiple suffix as a list of string: 39 | # 40 | # source_suffix = ['.rst', '.md'] 41 | source_suffix = '.rst' 42 | 43 | # The encoding of source files. 44 | # 45 | # source_encoding = 'utf-8-sig' 46 | 47 | # The master toctree document. 48 | master_doc = 'index' 49 | 50 | # General information about the project. 51 | project = u'WSGI Basic Auth' 52 | copyright = u'2016, Michael van Tellingen' 53 | author = u'Michael van Tellingen' 54 | 55 | # The version info for the project you're documenting, acts as replacement for 56 | # |version| and |release|, also used in various other places throughout the 57 | # built documents. 58 | # 59 | version = '1.1.0' 60 | release = version 61 | 62 | # The language for content autogenerated by Sphinx. Refer to documentation 63 | # for a list of supported languages. 64 | # 65 | # This is also used if you do content translation via gettext catalogs. 66 | # Usually you set "language" from the command line for these cases. 67 | language = None 68 | 69 | # There are two options for replacing |today|: either, you set today to some 70 | # non-false value, then it is used: 71 | # 72 | # today = '' 73 | # 74 | # Else, today_fmt is used as the format for a strftime call. 75 | # 76 | # today_fmt = '%B %d, %Y' 77 | 78 | # List of patterns, relative to source directory, that match files and 79 | # directories to ignore when looking for source files. 80 | # This patterns also effect to html_static_path and html_extra_path 81 | exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] 82 | 83 | # The reST default role (used for this markup: `text`) to use for all 84 | # documents. 85 | # 86 | # default_role = None 87 | 88 | # If true, '()' will be appended to :func: etc. cross-reference text. 89 | # 90 | # add_function_parentheses = True 91 | 92 | # If true, the current module name will be prepended to all description 93 | # unit titles (such as .. function::). 94 | # 95 | # add_module_names = True 96 | 97 | # If true, sectionauthor and moduleauthor directives will be shown in the 98 | # output. They are ignored by default. 99 | # 100 | # show_authors = False 101 | 102 | # The name of the Pygments (syntax highlighting) style to use. 103 | pygments_style = 'sphinx' 104 | 105 | # A list of ignored prefixes for module index sorting. 106 | # modindex_common_prefix = [] 107 | 108 | # If true, keep warnings as "system message" paragraphs in the built documents. 109 | # keep_warnings = False 110 | 111 | # If true, `todo` and `todoList` produce output, else they produce nothing. 112 | todo_include_todos = False 113 | 114 | 115 | # -- Options for HTML output ---------------------------------------------- 116 | 117 | # The theme to use for HTML and HTML Help pages. See the documentation for 118 | # a list of builtin themes. 119 | # 120 | html_theme = 'alabaster' 121 | 122 | # Theme options are theme-specific and customize the look and feel of a theme 123 | # further. For a list of options available for each theme, see the 124 | # documentation. 125 | # 126 | # html_theme_options = {} 127 | html_theme_options = { 128 | 'github_user': 'mvantellingen', 129 | 'github_banner': True, 130 | 'github_repo': 'wsgi-basic-auth', 131 | 'travis_button': True, 132 | 'codecov_button': True, 133 | 'analytics_id': 'UA-75907833-2', 134 | } 135 | 136 | # Add any paths that contain custom themes here, relative to this directory. 137 | # html_theme_path = [] 138 | 139 | # The name for this set of Sphinx documents. 140 | # " v documentation" by default. 141 | # 142 | # html_title = u'WSGI Basic Auth v0.1.0' 143 | 144 | # A shorter title for the navigation bar. Default is the same as html_title. 145 | # 146 | # html_short_title = None 147 | 148 | # The name of an image file (relative to this directory) to place at the top 149 | # of the sidebar. 150 | # 151 | # html_logo = None 152 | 153 | # The name of an image file (relative to this directory) to use as a favicon of 154 | # the docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 155 | # pixels large. 156 | # 157 | # html_favicon = None 158 | 159 | # Add any paths that contain custom static files (such as style sheets) here, 160 | # relative to this directory. They are copied after the builtin static files, 161 | # so a file named "default.css" will overwrite the builtin "default.css". 162 | html_static_path = ['_static'] 163 | 164 | # Add any extra paths that contain custom files (such as robots.txt or 165 | # .htaccess) here, relative to this directory. These files are copied 166 | # directly to the root of the documentation. 167 | # 168 | # html_extra_path = [] 169 | 170 | # If not None, a 'Last updated on:' timestamp is inserted at every page 171 | # bottom, using the given strftime format. 172 | # The empty string is equivalent to '%b %d, %Y'. 173 | # 174 | # html_last_updated_fmt = None 175 | 176 | # If true, SmartyPants will be used to convert quotes and dashes to 177 | # typographically correct entities. 178 | # 179 | # html_use_smartypants = True 180 | 181 | # Custom sidebar templates, maps document names to template names. 182 | # 183 | # html_sidebars = {} 184 | # Custom sidebar templates, maps document names to template names. 185 | html_sidebars = { 186 | '*': [ 187 | 'sidebar-intro.html', 188 | ] 189 | } 190 | 191 | 192 | # Additional templates that should be rendered to pages, maps page names to 193 | # template names. 194 | # 195 | # html_additional_pages = {} 196 | 197 | # If false, no module index is generated. 198 | # 199 | # html_domain_indices = True 200 | 201 | # If false, no index is generated. 202 | # 203 | # html_use_index = True 204 | 205 | # If true, the index is split into individual pages for each letter. 206 | # 207 | # html_split_index = False 208 | 209 | # If true, links to the reST sources are added to the pages. 210 | # 211 | # html_show_sourcelink = True 212 | 213 | # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. 214 | # 215 | # html_show_sphinx = True 216 | 217 | # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. 218 | # 219 | # html_show_copyright = True 220 | 221 | # If true, an OpenSearch description file will be output, and all pages will 222 | # contain a tag referring to it. The value of this option must be the 223 | # base URL from which the finished HTML is served. 224 | # 225 | # html_use_opensearch = '' 226 | 227 | # This is the file name suffix for HTML files (e.g. ".xhtml"). 228 | # html_file_suffix = None 229 | 230 | # Language to be used for generating the HTML full-text search index. 231 | # Sphinx supports the following languages: 232 | # 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' 233 | # 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr', 'zh' 234 | # 235 | # html_search_language = 'en' 236 | 237 | # A dictionary with options for the search language support, empty by default. 238 | # 'ja' uses this config value. 239 | # 'zh' user can custom change `jieba` dictionary path. 240 | # 241 | # html_search_options = {'type': 'default'} 242 | 243 | # The name of a javascript file (relative to the configuration directory) that 244 | # implements a search results scorer. If empty, the default will be used. 245 | # 246 | # html_search_scorer = 'scorer.js' 247 | 248 | # Output file base name for HTML help builder. 249 | htmlhelp_basename = 'WSGIBasicAuthdoc' 250 | 251 | # -- Options for LaTeX output --------------------------------------------- 252 | 253 | latex_elements = { 254 | # The paper size ('letterpaper' or 'a4paper'). 255 | # 256 | # 'papersize': 'letterpaper', 257 | 258 | # The font size ('10pt', '11pt' or '12pt'). 259 | # 260 | # 'pointsize': '10pt', 261 | 262 | # Additional stuff for the LaTeX preamble. 263 | # 264 | # 'preamble': '', 265 | 266 | # Latex figure (float) alignment 267 | # 268 | # 'figure_align': 'htbp', 269 | } 270 | 271 | # Grouping the document tree into LaTeX files. List of tuples 272 | # (source start file, target name, title, 273 | # author, documentclass [howto, manual, or own class]). 274 | latex_documents = [ 275 | (master_doc, 'WSGIBasicAuth.tex', u'WSGI Basic Auth Documentation', 276 | u'Michael van Tellingen', 'manual'), 277 | ] 278 | 279 | # The name of an image file (relative to this directory) to place at the top of 280 | # the title page. 281 | # 282 | # latex_logo = None 283 | 284 | # For "manual" documents, if this is true, then toplevel headings are parts, 285 | # not chapters. 286 | # 287 | # latex_use_parts = False 288 | 289 | # If true, show page references after internal links. 290 | # 291 | # latex_show_pagerefs = False 292 | 293 | # If true, show URL addresses after external links. 294 | # 295 | # latex_show_urls = False 296 | 297 | # Documents to append as an appendix to all manuals. 298 | # 299 | # latex_appendices = [] 300 | 301 | # It false, will not define \strong, \code, itleref, \crossref ... but only 302 | # \sphinxstrong, ..., \sphinxtitleref, ... To help avoid clash with user added 303 | # packages. 304 | # 305 | # latex_keep_old_macro_names = True 306 | 307 | # If false, no module index is generated. 308 | # 309 | # latex_domain_indices = True 310 | 311 | 312 | # -- Options for manual page output --------------------------------------- 313 | 314 | # One entry per manual page. List of tuples 315 | # (source start file, name, description, authors, manual section). 316 | man_pages = [ 317 | (master_doc, 'wsgibasicauth', u'WSGI Basic Auth Documentation', 318 | [author], 1) 319 | ] 320 | 321 | # If true, show URL addresses after external links. 322 | # 323 | # man_show_urls = False 324 | 325 | 326 | # -- Options for Texinfo output ------------------------------------------- 327 | 328 | # Grouping the document tree into Texinfo files. List of tuples 329 | # (source start file, target name, title, author, 330 | # dir menu entry, description, category) 331 | texinfo_documents = [ 332 | (master_doc, 'WSGIBasicAuth', u'WSGI Basic Auth Documentation', 333 | author, 'WSGIBasicAuth', 'One line description of project.', 334 | 'Miscellaneous'), 335 | ] 336 | 337 | # Documents to append as an appendix to all manuals. 338 | # 339 | # texinfo_appendices = [] 340 | 341 | # If false, no module index is generated. 342 | # 343 | # texinfo_domain_indices = True 344 | 345 | # How to display URL addresses: 'footnote', 'no', or 'inline'. 346 | # 347 | # texinfo_show_urls = 'footnote' 348 | 349 | # If true, do not generate a @detailmenu in the "Top" node's menu. 350 | # 351 | # texinfo_no_detailmenu = False 352 | -------------------------------------------------------------------------------- /docs/index.rst: -------------------------------------------------------------------------------- 1 | =============== 2 | WSGI Basic Auth 3 | =============== 4 | 5 | Really simple wsgi middleware to provide basic http auth. It is intented to 6 | work with environment variables. This makes it simple to use in a docker 7 | context. 8 | 9 | Using this module is really simple. In Django for example edit the wsgi.py 10 | file and add the following to the end of the file. 11 | 12 | .. code-block:: python 13 | 14 | from wsgi_basic_auth import BasicAuth 15 | application = BasicAuth(application) 16 | 17 | Now run docker with the env variable WSGI_AUTH_CREDENTIALS=foo:bar and you have 18 | to authenticate with username foo and password bar. Multiple credentials are 19 | separated with a | (pipe) character. 20 | 21 | To exclude specific paths for healthchecks (e.g. the Amazon ELB healthchecks) 22 | specify the environment variable WSGI_AUTH_EXCLUDE_PATHS=/api/healthchecks. 23 | Here multiple paths can be separated with the ; char. 24 | 25 | To include only specific paths specify the environment variable 26 | WSGI_AUTH_EXCLUDE_PATHS. Here multiple paths can be separated with the ; char. 27 | 28 | You can use both include and exclude paths together for example: 29 | WSGI_AUTH_PATHS=/foo 30 | WSGI_AUTH_EXCLUDE_PATHS=/foo/bar 31 | This will force Basic Auth on all paths under /foo except /foo/bar 32 | 33 | 34 | 35 | Installation 36 | ============ 37 | 38 | You can install the latest version using pip:: 39 | 40 | pip install wsgi-basic-auth 41 | 42 | 43 | Options 44 | ======= 45 | 46 | .. autoclass:: wsgi_basic_auth.BasicAuth 47 | -------------------------------------------------------------------------------- /docs/make.bat: -------------------------------------------------------------------------------- 1 | @ECHO OFF 2 | 3 | REM Command file for Sphinx documentation 4 | 5 | if "%SPHINXBUILD%" == "" ( 6 | set SPHINXBUILD=sphinx-build 7 | ) 8 | set BUILDDIR=_build 9 | set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% . 10 | set I18NSPHINXOPTS=%SPHINXOPTS% . 11 | if NOT "%PAPER%" == "" ( 12 | set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS% 13 | set I18NSPHINXOPTS=-D latex_paper_size=%PAPER% %I18NSPHINXOPTS% 14 | ) 15 | 16 | if "%1" == "" goto help 17 | 18 | if "%1" == "help" ( 19 | :help 20 | echo.Please use `make ^` where ^ is one of 21 | echo. html to make standalone HTML files 22 | echo. dirhtml to make HTML files named index.html in directories 23 | echo. singlehtml to make a single large HTML file 24 | echo. pickle to make pickle files 25 | echo. json to make JSON files 26 | echo. htmlhelp to make HTML files and a HTML help project 27 | echo. qthelp to make HTML files and a qthelp project 28 | echo. devhelp to make HTML files and a Devhelp project 29 | echo. epub to make an epub 30 | echo. epub3 to make an epub3 31 | echo. latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter 32 | echo. text to make text files 33 | echo. man to make manual pages 34 | echo. texinfo to make Texinfo files 35 | echo. gettext to make PO message catalogs 36 | echo. changes to make an overview over all changed/added/deprecated items 37 | echo. xml to make Docutils-native XML files 38 | echo. pseudoxml to make pseudoxml-XML files for display purposes 39 | echo. linkcheck to check all external links for integrity 40 | echo. doctest to run all doctests embedded in the documentation if enabled 41 | echo. coverage to run coverage check of the documentation if enabled 42 | echo. dummy to check syntax errors of document sources 43 | goto end 44 | ) 45 | 46 | if "%1" == "clean" ( 47 | for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i 48 | del /q /s %BUILDDIR%\* 49 | goto end 50 | ) 51 | 52 | 53 | REM Check if sphinx-build is available and fallback to Python version if any 54 | %SPHINXBUILD% 1>NUL 2>NUL 55 | if errorlevel 9009 goto sphinx_python 56 | goto sphinx_ok 57 | 58 | :sphinx_python 59 | 60 | set SPHINXBUILD=python -m sphinx.__init__ 61 | %SPHINXBUILD% 2> nul 62 | if errorlevel 9009 ( 63 | echo. 64 | echo.The 'sphinx-build' command was not found. Make sure you have Sphinx 65 | echo.installed, then set the SPHINXBUILD environment variable to point 66 | echo.to the full path of the 'sphinx-build' executable. Alternatively you 67 | echo.may add the Sphinx directory to PATH. 68 | echo. 69 | echo.If you don't have Sphinx installed, grab it from 70 | echo.http://sphinx-doc.org/ 71 | exit /b 1 72 | ) 73 | 74 | :sphinx_ok 75 | 76 | 77 | if "%1" == "html" ( 78 | %SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html 79 | if errorlevel 1 exit /b 1 80 | echo. 81 | echo.Build finished. The HTML pages are in %BUILDDIR%/html. 82 | goto end 83 | ) 84 | 85 | if "%1" == "dirhtml" ( 86 | %SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml 87 | if errorlevel 1 exit /b 1 88 | echo. 89 | echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml. 90 | goto end 91 | ) 92 | 93 | if "%1" == "singlehtml" ( 94 | %SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml 95 | if errorlevel 1 exit /b 1 96 | echo. 97 | echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml. 98 | goto end 99 | ) 100 | 101 | if "%1" == "pickle" ( 102 | %SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle 103 | if errorlevel 1 exit /b 1 104 | echo. 105 | echo.Build finished; now you can process the pickle files. 106 | goto end 107 | ) 108 | 109 | if "%1" == "json" ( 110 | %SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json 111 | if errorlevel 1 exit /b 1 112 | echo. 113 | echo.Build finished; now you can process the JSON files. 114 | goto end 115 | ) 116 | 117 | if "%1" == "htmlhelp" ( 118 | %SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp 119 | if errorlevel 1 exit /b 1 120 | echo. 121 | echo.Build finished; now you can run HTML Help Workshop with the ^ 122 | .hhp project file in %BUILDDIR%/htmlhelp. 123 | goto end 124 | ) 125 | 126 | if "%1" == "qthelp" ( 127 | %SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp 128 | if errorlevel 1 exit /b 1 129 | echo. 130 | echo.Build finished; now you can run "qcollectiongenerator" with the ^ 131 | .qhcp project file in %BUILDDIR%/qthelp, like this: 132 | echo.^> qcollectiongenerator %BUILDDIR%\qthelp\WSGIBasicAuth.qhcp 133 | echo.To view the help file: 134 | echo.^> assistant -collectionFile %BUILDDIR%\qthelp\WSGIBasicAuth.ghc 135 | goto end 136 | ) 137 | 138 | if "%1" == "devhelp" ( 139 | %SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp 140 | if errorlevel 1 exit /b 1 141 | echo. 142 | echo.Build finished. 143 | goto end 144 | ) 145 | 146 | if "%1" == "epub" ( 147 | %SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub 148 | if errorlevel 1 exit /b 1 149 | echo. 150 | echo.Build finished. The epub file is in %BUILDDIR%/epub. 151 | goto end 152 | ) 153 | 154 | if "%1" == "epub3" ( 155 | %SPHINXBUILD% -b epub3 %ALLSPHINXOPTS% %BUILDDIR%/epub3 156 | if errorlevel 1 exit /b 1 157 | echo. 158 | echo.Build finished. The epub3 file is in %BUILDDIR%/epub3. 159 | goto end 160 | ) 161 | 162 | if "%1" == "latex" ( 163 | %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex 164 | if errorlevel 1 exit /b 1 165 | echo. 166 | echo.Build finished; the LaTeX files are in %BUILDDIR%/latex. 167 | goto end 168 | ) 169 | 170 | if "%1" == "latexpdf" ( 171 | %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex 172 | cd %BUILDDIR%/latex 173 | make all-pdf 174 | cd %~dp0 175 | echo. 176 | echo.Build finished; the PDF files are in %BUILDDIR%/latex. 177 | goto end 178 | ) 179 | 180 | if "%1" == "latexpdfja" ( 181 | %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex 182 | cd %BUILDDIR%/latex 183 | make all-pdf-ja 184 | cd %~dp0 185 | echo. 186 | echo.Build finished; the PDF files are in %BUILDDIR%/latex. 187 | goto end 188 | ) 189 | 190 | if "%1" == "text" ( 191 | %SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text 192 | if errorlevel 1 exit /b 1 193 | echo. 194 | echo.Build finished. The text files are in %BUILDDIR%/text. 195 | goto end 196 | ) 197 | 198 | if "%1" == "man" ( 199 | %SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man 200 | if errorlevel 1 exit /b 1 201 | echo. 202 | echo.Build finished. The manual pages are in %BUILDDIR%/man. 203 | goto end 204 | ) 205 | 206 | if "%1" == "texinfo" ( 207 | %SPHINXBUILD% -b texinfo %ALLSPHINXOPTS% %BUILDDIR%/texinfo 208 | if errorlevel 1 exit /b 1 209 | echo. 210 | echo.Build finished. The Texinfo files are in %BUILDDIR%/texinfo. 211 | goto end 212 | ) 213 | 214 | if "%1" == "gettext" ( 215 | %SPHINXBUILD% -b gettext %I18NSPHINXOPTS% %BUILDDIR%/locale 216 | if errorlevel 1 exit /b 1 217 | echo. 218 | echo.Build finished. The message catalogs are in %BUILDDIR%/locale. 219 | goto end 220 | ) 221 | 222 | if "%1" == "changes" ( 223 | %SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes 224 | if errorlevel 1 exit /b 1 225 | echo. 226 | echo.The overview file is in %BUILDDIR%/changes. 227 | goto end 228 | ) 229 | 230 | if "%1" == "linkcheck" ( 231 | %SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck 232 | if errorlevel 1 exit /b 1 233 | echo. 234 | echo.Link check complete; look for any errors in the above output ^ 235 | or in %BUILDDIR%/linkcheck/output.txt. 236 | goto end 237 | ) 238 | 239 | if "%1" == "doctest" ( 240 | %SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest 241 | if errorlevel 1 exit /b 1 242 | echo. 243 | echo.Testing of doctests in the sources finished, look at the ^ 244 | results in %BUILDDIR%/doctest/output.txt. 245 | goto end 246 | ) 247 | 248 | if "%1" == "coverage" ( 249 | %SPHINXBUILD% -b coverage %ALLSPHINXOPTS% %BUILDDIR%/coverage 250 | if errorlevel 1 exit /b 1 251 | echo. 252 | echo.Testing of coverage in the sources finished, look at the ^ 253 | results in %BUILDDIR%/coverage/python.txt. 254 | goto end 255 | ) 256 | 257 | if "%1" == "xml" ( 258 | %SPHINXBUILD% -b xml %ALLSPHINXOPTS% %BUILDDIR%/xml 259 | if errorlevel 1 exit /b 1 260 | echo. 261 | echo.Build finished. The XML files are in %BUILDDIR%/xml. 262 | goto end 263 | ) 264 | 265 | if "%1" == "pseudoxml" ( 266 | %SPHINXBUILD% -b pseudoxml %ALLSPHINXOPTS% %BUILDDIR%/pseudoxml 267 | if errorlevel 1 exit /b 1 268 | echo. 269 | echo.Build finished. The pseudo-XML files are in %BUILDDIR%/pseudoxml. 270 | goto end 271 | ) 272 | 273 | if "%1" == "dummy" ( 274 | %SPHINXBUILD% -b dummy %ALLSPHINXOPTS% %BUILDDIR%/dummy 275 | if errorlevel 1 exit /b 1 276 | echo. 277 | echo.Build finished. Dummy builder generates no files. 278 | goto end 279 | ) 280 | 281 | :end 282 | -------------------------------------------------------------------------------- /docs/requirements.txt: -------------------------------------------------------------------------------- 1 | -e .[docs] 2 | -------------------------------------------------------------------------------- /setup.cfg: -------------------------------------------------------------------------------- 1 | [bumpversion] 2 | current_version = 1.1.0 3 | commit = true 4 | tag = true 5 | tag_name = {new_version} 6 | 7 | [wheel] 8 | universal = 1 9 | 10 | [flake8] 11 | max-line-length = 99 12 | 13 | [tool:pytest] 14 | minversion = 3.0 15 | strict = true 16 | testpaths = tests 17 | 18 | [bumpversion:file:setup.py] 19 | 20 | [bumpversion:file:docs/conf.py] 21 | 22 | [bumpversion:file:src/wsgi_basic_auth.py] 23 | 24 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | from setuptools import setup 2 | 3 | docs_require = [ 4 | 'sphinx>=1.4.0', 5 | ] 6 | 7 | tests_require = [ 8 | 'pytest-cov>=2.2.0', 9 | 'pytest>=2.8.3', 10 | 'WebTest==2.0.23', 11 | 12 | # Linting 13 | 'isort==4.2.5', 14 | 'flake8==3.0.3', 15 | 'flake8-blind-except==0.1.1', 16 | 'flake8-debugger==1.4.0', 17 | ] 18 | 19 | 20 | setup( 21 | name='wsgi-basic-auth', 22 | version='1.1.0', 23 | description="Simple wsgi middleware to provide basic http auth", 24 | long_description=open('README.rst', 'r').read(), 25 | url='https://github.com/mvantellingen/wsgi-basic-auth', 26 | author="Michael van Tellingen", 27 | author_email="michaelvantellingen@gmail.com", 28 | install_requires=[ 29 | 'webob>=1.0.0', 30 | ], 31 | tests_require=tests_require, 32 | extras_require={ 33 | 'docs': docs_require, 34 | 'test': tests_require, 35 | }, 36 | package_dir={'': 'src'}, 37 | py_modules=['wsgi_basic_auth'], 38 | license='MIT', 39 | classifiers=[ 40 | 'Development Status :: 5 - Production/Stable', 41 | 'License :: OSI Approved :: MIT License', 42 | 'Programming Language :: Python :: 2', 43 | 'Programming Language :: Python :: 2.7', 44 | 'Programming Language :: Python :: 3', 45 | 'Programming Language :: Python :: 3.3', 46 | 'Programming Language :: Python :: 3.4', 47 | 'Programming Language :: Python :: 3.5', 48 | 'Programming Language :: Python :: 3.6', 49 | 'Programming Language :: Python :: Implementation :: CPython', 50 | 'Programming Language :: Python :: Implementation :: PyPy', 51 | ], 52 | zip_safe=False, 53 | ) 54 | -------------------------------------------------------------------------------- /src/wsgi_basic_auth.py: -------------------------------------------------------------------------------- 1 | import os 2 | from base64 import b64decode 3 | 4 | from webob import Request 5 | from webob.exc import HTTPUnauthorized 6 | 7 | __version__ = '1.1.0' 8 | 9 | 10 | class BasicAuth(object): 11 | """WSGI Middleware to add Basic Authentication to an existing wsgi app. 12 | 13 | :param app: the wsgi application 14 | :param realm: the basic auth realm. Default = 'protected' 15 | :param users: dictionary with username -> password mapping. When not 16 | supplied the values from the environment variable 17 | ``WSGI_AUTH_CREDENTIALS``. If no users are defined then 18 | the middleware is disabled. 19 | 20 | :param exclude_paths: list of path prefixes to exclude from auth. When not 21 | supplied the values from the ``WSGI_AUTH_EXCLUDE_PATHS`` 22 | environment variable are used (splitted by ``;``) 23 | :param include_paths: list of path prefixes to include in auth. When not 24 | supplied the values from the ``WSGI_AUTH_PATHS`` 25 | environment variable are used (splitted by ``;``) 26 | :param env_prefix: prefix for the environment variables above, default ``''`` 27 | 28 | """ 29 | 30 | def __init__(self, app, realm='Protected', users=None, exclude_paths=None, 31 | include_paths=None, env_prefix=''): 32 | self._app = app 33 | self._env_prefix = env_prefix 34 | self._realm = realm 35 | self._users = users or _users_from_environ(env_prefix) 36 | self._exclude_paths = set( 37 | exclude_paths or _exclude_paths_from_environ(env_prefix)) 38 | self._include_paths = set( 39 | include_paths or _include_paths_from_environ(env_prefix)) 40 | 41 | def __call__(self, environ, start_response): 42 | if self._users: 43 | request = Request(environ) 44 | if not self.is_authorized(request): 45 | return self._login(environ, start_response) 46 | return self._app(environ, start_response) 47 | 48 | def is_authorized(self, request): 49 | """Check if the user is authenticated for the given request. 50 | 51 | The include_paths and exclude_paths are first checked. If 52 | authentication is required then the Authorization HTTP header is 53 | checked against the credentials. 54 | 55 | """ 56 | if self._is_request_in_include_path(request): 57 | if self._is_request_in_exclude_path(request): 58 | return True 59 | else: 60 | auth = request.authorization 61 | if auth and auth[0] == 'Basic': 62 | credentials = b64decode(auth[1]).decode('UTF-8') 63 | username, password = credentials.split(':', 1) 64 | return self._users.get(username) == password 65 | else: 66 | return False 67 | else: 68 | return True 69 | 70 | def _login(self, environ, start_response): 71 | """Send a login response back to the client.""" 72 | response = HTTPUnauthorized() 73 | response.www_authenticate = ('Basic', {'realm': self._realm}) 74 | return response(environ, start_response) 75 | 76 | def _is_request_in_include_path(self, request): 77 | """Check if the request path is in the `_include_paths` list. 78 | 79 | If no specific include paths are given then we assume that 80 | authentication is required for all paths. 81 | 82 | """ 83 | if self._include_paths: 84 | for path in self._include_paths: 85 | if request.path.startswith(path): 86 | return True 87 | return False 88 | else: 89 | return True 90 | 91 | def _is_request_in_exclude_path(self, request): 92 | """Check if the request path is in the `_exclude_paths` list""" 93 | if self._exclude_paths: 94 | for path in self._exclude_paths: 95 | if request.path.startswith(path): 96 | return True 97 | return False 98 | else: 99 | return False 100 | 101 | 102 | def _users_from_environ(env_prefix=''): 103 | """Environment value via `user:password|user2:password2`""" 104 | auth_string = os.environ.get(env_prefix + 'WSGI_AUTH_CREDENTIALS') 105 | if not auth_string: 106 | return {} 107 | 108 | result = {} 109 | for credentials in auth_string.split('|'): 110 | username, password = credentials.split(':', 1) 111 | result[username] = password 112 | return result 113 | 114 | 115 | def _exclude_paths_from_environ(env_prefix=''): 116 | """Environment value via `/login;/register`""" 117 | paths = os.environ.get(env_prefix + 'WSGI_AUTH_EXCLUDE_PATHS') 118 | if not paths: 119 | return [] 120 | return paths.split(';') 121 | 122 | 123 | def _include_paths_from_environ(env_prefix=''): 124 | """Environment value via `/login;/register`""" 125 | paths = os.environ.get(env_prefix + 'WSGI_AUTH_PATHS') 126 | if not paths: 127 | return [] 128 | return paths.split(';') 129 | -------------------------------------------------------------------------------- /tests/test_wsgi_basic_auth.py: -------------------------------------------------------------------------------- 1 | from webtest import TestApp 2 | 3 | import wsgi_basic_auth 4 | 5 | 6 | def wsgi_app(environ, start_response): 7 | body = b'this is private! go away!' 8 | headers = [ 9 | ('Content-Type', 'text/html; charset=utf8'), 10 | ('Content-Length', str(len(body))) 11 | ] 12 | start_response('200 OK', headers) 13 | return [body] 14 | 15 | 16 | def test_no_auth(monkeypatch): 17 | monkeypatch.delenv('WSGI_AUTH_CREDENTIALS', None) 18 | application = wsgi_basic_auth.BasicAuth(wsgi_app) 19 | app = TestApp(application) 20 | response = app.get('/') 21 | assert response.status_code == 200 22 | 23 | 24 | def test_auth(monkeypatch): 25 | monkeypatch.setenv('WSGI_AUTH_CREDENTIALS', 'foo:bar') 26 | application = wsgi_basic_auth.BasicAuth(wsgi_app) 27 | app = TestApp(application) 28 | app.get('/', status=401) 29 | 30 | app.authorization = ('Basic', ('foo', 'bar')) 31 | app.get('/', status=200) 32 | 33 | 34 | def test_auth_exclude(monkeypatch): 35 | monkeypatch.setenv('WSGI_AUTH_CREDENTIALS', 'foo:bar') 36 | monkeypatch.setenv('WSGI_AUTH_EXCLUDE_PATHS', '/healthcheck') 37 | application = wsgi_basic_auth.BasicAuth(wsgi_app) 38 | app = TestApp(application) 39 | app.get('/', status=401) 40 | app.get('/healthcheck/foo', status=200) 41 | 42 | def test_auth_include(monkeypatch): 43 | monkeypatch.setenv('WSGI_AUTH_CREDENTIALS', 'foo:bar') 44 | monkeypatch.setenv('WSGI_AUTH_PATHS', '/healthcheck') 45 | application = wsgi_basic_auth.BasicAuth(wsgi_app) 46 | app = TestApp(application) 47 | app.get('/', status=200) 48 | app.get('/healthcheck/foo', status=401) 49 | 50 | def test_auth_include_and_exclude(monkeypatch): 51 | monkeypatch.setenv('WSGI_AUTH_CREDENTIALS', 'foo:bar') 52 | monkeypatch.setenv('WSGI_AUTH_PATHS', '/healthcheck') 53 | monkeypatch.setenv('WSGI_AUTH_EXCLUDE_PATHS', '/healthcheck/foo') 54 | application = wsgi_basic_auth.BasicAuth(wsgi_app) 55 | app = TestApp(application) 56 | app.get('/', status=200) 57 | app.get('/healthcheck/foo', status=200) 58 | app.get('/healthcheck', status=401) 59 | 60 | 61 | def test_users_from_environ(monkeypatch): 62 | monkeypatch.setenv('WSGI_AUTH_CREDENTIALS', 'foo:bar') 63 | result = wsgi_basic_auth._users_from_environ() 64 | assert result == {'foo': 'bar'} 65 | 66 | 67 | def test_users_from_environ_none(monkeypatch): 68 | monkeypatch.delenv('WSGI_AUTH_CREDENTIALS', None) 69 | result = wsgi_basic_auth._users_from_environ() 70 | assert result == {} 71 | 72 | 73 | def test_users_from_environ_empty(monkeypatch): 74 | monkeypatch.delenv('WSGI_AUTH_CREDENTIALS', '') 75 | result = wsgi_basic_auth._users_from_environ() 76 | assert result == {} 77 | 78 | 79 | def test_users_from_environ_multiple(monkeypatch): 80 | monkeypatch.setenv('WSGI_AUTH_CREDENTIALS', 'foo:bar|bar:foo') 81 | result = wsgi_basic_auth._users_from_environ() 82 | assert result == {'foo': 'bar', 'bar': 'foo'} 83 | 84 | 85 | def test_exclude_paths_from_environ(monkeypatch): 86 | monkeypatch.setenv('WSGI_AUTH_EXCLUDE_PATHS', '/foo/bar') 87 | result = wsgi_basic_auth._exclude_paths_from_environ() 88 | assert result == ['/foo/bar'] 89 | 90 | 91 | def test_include_paths_from_environ(monkeypatch): 92 | monkeypatch.setenv('WSGI_AUTH_PATHS', '/foo/bar') 93 | result = wsgi_basic_auth._include_paths_from_environ() 94 | assert result == ['/foo/bar'] 95 | 96 | 97 | def test_exclude_paths_from_environ_none(monkeypatch): 98 | monkeypatch.delenv('WSGI_AUTH_EXCLUDE_PATHS', None) 99 | result = wsgi_basic_auth._exclude_paths_from_environ() 100 | assert result == [] 101 | 102 | 103 | def test_include_paths_from_environ_none(monkeypatch): 104 | monkeypatch.delenv('WSGI_AUTH_PATHS', None) 105 | result = wsgi_basic_auth._include_paths_from_environ() 106 | assert result == [] 107 | 108 | 109 | def test_exclude_paths_from_environ_empty(monkeypatch): 110 | monkeypatch.delenv('WSGI_AUTH_EXCLUDE_PATHS', '') 111 | result = wsgi_basic_auth._exclude_paths_from_environ() 112 | assert result == [] 113 | 114 | 115 | def test_include_paths_from_environ_empty(monkeypatch): 116 | monkeypatch.delenv('WSGI_AUTH_PATHS', '') 117 | result = wsgi_basic_auth._include_paths_from_environ() 118 | assert result == [] 119 | 120 | 121 | def test_exclude_paths_from_environ_multiple(monkeypatch): 122 | monkeypatch.setenv('WSGI_AUTH_EXCLUDE_PATHS', '/foo/bar;/bar/foo') 123 | result = wsgi_basic_auth._exclude_paths_from_environ() 124 | assert result == ['/foo/bar', '/bar/foo'] 125 | 126 | 127 | def test_include_paths_from_environ_multiple(monkeypatch): 128 | monkeypatch.setenv('WSGI_AUTH_PATHS', '/foo/bar;/bar/foo') 129 | result = wsgi_basic_auth._include_paths_from_environ() 130 | assert result == ['/foo/bar', '/bar/foo'] 131 | -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- 1 | [tox] 2 | envlist = py27,py33,py34,py35,py36,pypy 3 | 4 | [testenv] 5 | extras = test 6 | commands = coverage run --parallel -m pytest {posargs} 7 | 8 | # Uses default basepython otherwise reporting doesn't work on Travis where 9 | # Python 3.5 is only available in 3.5 jobs. 10 | [testenv:coverage-report] 11 | deps = coverage 12 | skip_install = true 13 | commands = 14 | coverage combine 15 | coverage report 16 | --------------------------------------------------------------------------------