pax_global_header00006660000000000000000000000064127631060770014523gustar00rootroot0000000000000052 comment=2a52fede49c75a73bf325c654d80f615eeef7459 Flask-HTTPAuth-3.2.1/000077500000000000000000000000001276310607700141655ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/.gitignore000066400000000000000000000004571276310607700161630ustar00rootroot00000000000000*.py[cod] # C extensions *.so # Packages *.egg *.egg-info dist build eggs parts bin var sdist develop-eggs .installed.cfg lib lib64 # Installer logs pip-log.txt # Unit test / coverage reports .coverage .tox nosetests.xml # Translations *.mo # Mr Developer .mr.developer.cfg .project .pydevproject Flask-HTTPAuth-3.2.1/.travis.yml000066400000000000000000000003061276310607700162750ustar00rootroot00000000000000language: python env: - TOXENV=flake8 - TOXENV=py26 - TOXENV=py27 - TOXENV=py33 - TOXENV=py34 - TOXENV=py35 - TOXENV=pypy - TOXENV=docs install: - pip install tox script: - tox Flask-HTTPAuth-3.2.1/AUTHORS000066400000000000000000000001401276310607700152300ustar00rootroot00000000000000Miguel Grinberg Henrique Carvalho Alves Flask-HTTPAuth-3.2.1/CHANGELOG.md000066400000000000000000000044421276310607700160020ustar00rootroot00000000000000# Flask-HTTPAuth Change Log ## Unreleased ## Release 3.1.2 - 2016-04-20 - Make password check more robust. ## Release 3.1.1 - 2016-03-24 - `MultiAuth` class did not pass parameters to decorated function. ([#35](https://github.com/miguelgrinberg/Flask-HTTPAuth/issues/35)) ## Release 3.1.0 - 2016-03-13 - Added `MultiAuth` class, to allow the combination of multiple authentication methods. - Added additional test for token authentication - Added a few examples ## Release 3.0.2 - 2016-03-11 - Invoke `verify_password` callback with no authentication when the provided authentication does not match the scheme ## Release 3.0.1 - 2016-03-09 - Prevented crash when client sends an invalid authorization header for token auth ## Release 3.0.0 - 2016-03-06 - Added token authentication support - Switch Travis CI builds to use tox - Refactored tests into separate test packages for each authentication method - Added explicit Python 2 and 3 classifiers to setup script ## Release 2.7.1 - 2016-02-07 - Correctly obtain nonce and opaque values in `authenticate_header` function - Documentation updates ## Release 2.7.0 - 2015-09-19 - Support custom authentication scheme and realm ## Release 2.6.0 - 2015-08-22 - Added callbacks for custom digest auth nonce/opaque generation - Documentation updates - Travis CI builds ## Release 2.5.0 - 2015-04-25 - In digest auth, support the client providing a pre-generated "ha1" instead of plain text password - Add "ha1" generation helper function for digest auth - Documentation updates ## Release 2.4.0 - 2015-03-01 - Support anonymous users in `verify_password` callback - Unit test fixes ## Release 2.3.0 - 2014-09-23 - Corrections to `hash_password` and `verify_password` decorators - Bypass authentication for `OPTIONS` requests - Pep8 compliance ## Release 2.2.1 - 2014-03-16 - Fixed documentation examples - Corrections to `get_password` decorator implementation ## Release 2.2.0 - 2013-11-25 - Build fixes ## Release 2.1.0 - 2013-09-27 - Support optionally passing the username to the hash password callback ## Release 2.0.0 - 2013-09-26 - Changed `auth.username` property to a `auth.username()` function - Documentation updates ## Release 1.1.0 - 2013-08-30 - Python 3 support - Documentation updates ## Release 1.0.0 - 2013-07-27 - First official release Flask-HTTPAuth-3.2.1/LICENSE000066400000000000000000000020721276310607700151730ustar00rootroot00000000000000The MIT License (MIT) Copyright (c) 2013 Miguel Grinberg Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Flask-HTTPAuth-3.2.1/MANIFEST.in000066400000000000000000000000321276310607700157160ustar00rootroot00000000000000include README.md LICENSE Flask-HTTPAuth-3.2.1/README.md000066400000000000000000000033751276310607700154540ustar00rootroot00000000000000Flask-HTTPAuth ============== [![Build Status](https://travis-ci.org/miguelgrinberg/Flask-HTTPAuth.png?branch=master)](https://travis-ci.org/miguelgrinberg/Flask-HTTPAuth) Simple extension that provides Basic and Digest HTTP authentication for Flask routes. Installation ------------ The easiest way to install this is through pip. ``` pip install Flask-HTTPAuth ``` Basic authentication example ---------------------------- ```python from flask import Flask from flask_httpauth import HTTPBasicAuth app = Flask(__name__) auth = HTTPBasicAuth() users = { "john": "hello", "susan": "bye" } @auth.get_password def get_pw(username): if username in users: return users.get(username) return None @app.route('/') @auth.login_required def index(): return "Hello, %s!" % auth.username() if __name__ == '__main__': app.run() ``` Note: See the [documentation](http://pythonhosted.org/Flask-HTTPAuth) for more complex examples that involve password hashing and custom verification callbacks. Digest authentication example ----------------------------- ```python from flask import Flask from flask_httpauth import HTTPDigestAuth app = Flask(__name__) app.config['SECRET_KEY'] = 'secret key here' auth = HTTPDigestAuth() users = { "john": "hello", "susan": "bye" } @auth.get_password def get_pw(username): if username in users: return users.get(username) return None @app.route('/') @auth.login_required def index(): return "Hello, %s!" % auth.username() if __name__ == '__main__': app.run() ``` Resources --------- - [Documentation](http://pythonhosted.org/Flask-HTTPAuth) - [pypi](https://pypi.python.org/pypi/Flask-HTTPAuth) - [Change log](https://github.com/miguelgrinberg/Flask-HTTPAuth/blob/master/CHANGELOG.md) Flask-HTTPAuth-3.2.1/docs/000077500000000000000000000000001276310607700151155ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/Makefile000066400000000000000000000152121276310607700165560ustar00rootroot00000000000000# Makefile for Sphinx documentation # # You can set these variables from the command line. SPHINXOPTS = SPHINXBUILD = sphinx-build PAPER = BUILDDIR = _build # User-friendly check for sphinx-build ifeq ($(shell which $(SPHINXBUILD) >/dev/null 2>&1; echo $$?), 1) $(error The '$(SPHINXBUILD)' command was not found. Make sure you have Sphinx installed, then set the SPHINXBUILD environment variable to point to the full path of the '$(SPHINXBUILD)' executable. Alternatively you can add the directory with the executable to your PATH. If you don't have Sphinx installed, grab it from http://sphinx-doc.org/) endif # Internal variables. PAPEROPT_a4 = -D latex_paper_size=a4 PAPEROPT_letter = -D latex_paper_size=letter ALLSPHINXOPTS = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . # the i18n builder cannot share the environment and doctrees with the others I18NSPHINXOPTS = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) . .PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext help: @echo "Please use \`make ' where is one of" @echo " html to make standalone HTML files" @echo " dirhtml to make HTML files named index.html in directories" @echo " singlehtml to make a single large HTML file" @echo " pickle to make pickle files" @echo " json to make JSON files" @echo " htmlhelp to make HTML files and a HTML help project" @echo " qthelp to make HTML files and a qthelp project" @echo " devhelp to make HTML files and a Devhelp project" @echo " epub to make an epub" @echo " latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter" @echo " latexpdf to make LaTeX files and run them through pdflatex" @echo " latexpdfja to make LaTeX files and run them through platex/dvipdfmx" @echo " text to make text files" @echo " man to make manual pages" @echo " texinfo to make Texinfo files" @echo " info to make Texinfo files and run them through makeinfo" @echo " gettext to make PO message catalogs" @echo " changes to make an overview of all changed/added/deprecated items" @echo " xml to make Docutils-native XML files" @echo " pseudoxml to make pseudoxml-XML files for display purposes" @echo " linkcheck to check all external links for integrity" @echo " doctest to run all doctests embedded in the documentation (if enabled)" clean: rm -rf $(BUILDDIR)/* html: $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." dirhtml: $(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml." singlehtml: $(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml @echo @echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml." pickle: $(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle @echo @echo "Build finished; now you can process the pickle files." json: $(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json @echo @echo "Build finished; now you can process the JSON files." htmlhelp: $(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp @echo @echo "Build finished; now you can run HTML Help Workshop with the" \ ".hhp project file in $(BUILDDIR)/htmlhelp." qthelp: $(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp @echo @echo "Build finished; now you can run "qcollectiongenerator" with the" \ ".qhcp project file in $(BUILDDIR)/qthelp, like this:" @echo "# qcollectiongenerator $(BUILDDIR)/qthelp/Flask-HTTPAuth.qhcp" @echo "To view the help file:" @echo "# assistant -collectionFile $(BUILDDIR)/qthelp/Flask-HTTPAuth.qhc" devhelp: $(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp @echo @echo "Build finished." @echo "To view the help file:" @echo "# mkdir -p $$HOME/.local/share/devhelp/Flask-HTTPAuth" @echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/Flask-HTTPAuth" @echo "# devhelp" epub: $(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub @echo @echo "Build finished. The epub file is in $(BUILDDIR)/epub." latex: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo @echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex." @echo "Run \`make' in that directory to run these through (pdf)latex" \ "(use \`make latexpdf' here to do that automatically)." latexpdf: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo "Running LaTeX files through pdflatex..." $(MAKE) -C $(BUILDDIR)/latex all-pdf @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." latexpdfja: $(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex @echo "Running LaTeX files through platex and dvipdfmx..." $(MAKE) -C $(BUILDDIR)/latex all-pdf-ja @echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex." text: $(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text @echo @echo "Build finished. The text files are in $(BUILDDIR)/text." man: $(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man @echo @echo "Build finished. The manual pages are in $(BUILDDIR)/man." texinfo: $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo @echo @echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo." @echo "Run \`make' in that directory to run these through makeinfo" \ "(use \`make info' here to do that automatically)." info: $(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo @echo "Running Texinfo files through makeinfo..." make -C $(BUILDDIR)/texinfo info @echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo." gettext: $(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale @echo @echo "Build finished. The message catalogs are in $(BUILDDIR)/locale." changes: $(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes @echo @echo "The overview file is in $(BUILDDIR)/changes." linkcheck: $(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck @echo @echo "Link check complete; look for any errors in the above output " \ "or in $(BUILDDIR)/linkcheck/output.txt." doctest: $(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest @echo "Testing of doctests in the sources finished, look at the " \ "results in $(BUILDDIR)/doctest/output.txt." xml: $(SPHINXBUILD) -b xml $(ALLSPHINXOPTS) $(BUILDDIR)/xml @echo @echo "Build finished. The XML files are in $(BUILDDIR)/xml." pseudoxml: $(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml @echo @echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml." Flask-HTTPAuth-3.2.1/docs/_static/000077500000000000000000000000001276310607700165435ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/_static/index.html000077500000000000000000000010461276310607700205440ustar00rootroot00000000000000 Flask-HTTPAuth documentation The Flask-HTTPAuth documentation is available at Read the Docs. If your browser does not automatically redirect you, please click here. Flask-HTTPAuth-3.2.1/docs/_static/logo.png000077500000000000000000000133301276310607700202140ustar00rootroot00000000000000PNG  IHDRx- pHYs   OiCCPPhotoshop ICC profilexڝSgTS=BKKoR RB&*! J!QEEȠQ, !{kּ> H3Q5 B.@ $pd!s#~<<+"x M0B\t8K@zB@F&S`cbP-`'{[! eDh;VEX0fK9-0IWfH  0Q){`##xFW<+*x<$9E[-qWW.(I+6aa@.y24x6_-"bbϫp@t~,/;m%h^ uf@Wp~<5j>{-]cK'Xto(hw?G%fIq^D$.Tʳ?D*A, `6B$BB dr`)B(Ͱ*`/@4Qhp.U=pa( Aa!ڈbX#!H$ ɈQ"K5H1RT UH=r9\F;2G1Q= C7F dt1r=6Ыhڏ>C03l0.B8, c˱" VcϱwE 6wB aAHXLXNH $4 7 Q'"K&b21XH,#/{C7$C2'ITFnR#,4H#dk9, +ȅ3![ b@qS(RjJ4e2AURݨT5ZBRQ4u9̓IKhhitݕNWGw Ljg(gwLӋT071oUX**| J&*/Tު UUT^S}FU3S ԖUPSSg;goT?~YYLOCQ_ cx,!k u5&|v*=9C3J3WRf?qtN (~))4L1e\kXHQG6EYAJ'\'GgSSݧ M=:.kDwn^Loy}/TmG X $ <5qo</QC]@Caaᄑ.ȽJtq]zۯ6iܟ4)Y3sCQ? 0k߬~OCOg#/c/Wװwa>>r><72Y_7ȷOo_C#dz%gA[z|!?:eAAA!h쐭!ΑiP~aa~ 'W?pX15wCsDDDޛg1O9-J5*>.j<74?.fYXXIlK9.*6nl {/]py.,:@LN8A*%w% yg"/6шC\*NH*Mz쑼5y$3,幄'L Lݛ:v m2=:1qB!Mggfvˬen/kY- BTZ(*geWf͉9+̳ې7ᒶKW-X潬j9(xoʿܔĹdff-[n ڴ VE/(ۻCɾUUMfeI?m]Nmq#׹=TR+Gw- 6 U#pDy  :v{vg/jBFS[b[O>zG499?rCd&ˮ/~јѡ򗓿m|x31^VwwO| (hSЧc3-gAMA|Q cHRMz%u0`:o_F IDATxo!!0!!xB`B a:V>l~*jEeIj-1A > > > > > > > >@b2Y7=g/"'Ddk $&O=?_=?j:>/I&"۞qL)>Q g3X(uSG^GGXY5\f.>.NQZF3y8s`'\ݣ]kv7YL1 S]|ոrچv2k=W{wGxi`yfd|&,'JFqTgvF."?Edqweyt5 n|vTx>w)L)>Z%""R5P~{-8W,d dJY;ۉm]"Lo ^&VYXbϾ"~WJ^42u*fel@X4a}eBh+0bf^%z* |Yga(gF`uծZ,R쮱ux¾5gy g|*=$]{iЬ}:xD G !؀x3L,?;tLi1d|J·)%X64g G| 2֎-t9;ԏ6ҽ)cĢPj6s;@&q]BU8|@ ɮq3d8H1[x,nBj^npAh3I=';wA_s ـPbR=y ڂzD1澶J_(<{o!!<}_K+ -nj1&bhCg@x:9^ZYYN=Y<@/VOׄR&x+yt4Ճe%Ib!< LxcΛ/G*Q+֊o`m>JɩZNaxl;G:acTB.#tqB>X֟|"wlSk@C_oH@C .{fF2Y%־"rWkYk4]@8xZDzw EOLY B Vs} now51ZȻ+:Y/H6ڏH-#z[|4 v6 P)߅d1nՄ  oχeQ ;xTsB VJHau]"i\F֯nW5d8g]}]sY7NB-7>r>=A/ˋlwgV -3 \G F1g`ޏ 6ynü5*ԍQΠΑ=ujA[ 7'zp2 աs'~q[dcX,NIn5DMl++;K/r^ 3UAR {ZZ`qo"׍.ikQϔ)NMO9obE|/y8D? E~BîObױܖ]RJXLlSڲOGցۊ6@. \| 6HeBs݊PwAϜY"074_@|RehQ>"T%\`%]Tv.D\2CC3t!q[e;~`J!zeaqY!>) aX\!Ů`ThYek].=d\ 殲4C+Qua4vՀD5]K:LyuӺَýf8̕9y1=ɒm0ĆEwz w;)nОV|^1g`K7af_rC@):sE_W y u-Txb ??o3zDн[ ,㐠A׾#w7k?0&Z'e `ueD>?㨘,xL:55Mpsw )iw/:+FܞNq,(|#RLXֺX^!ٗrk9cdcM])>vu@|@|@|@|@|@|@|@|3hN_^ IENDB`Flask-HTTPAuth-3.2.1/docs/_themes/000077500000000000000000000000001276310607700165415ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/_themes/LICENSE000077500000000000000000000033751276310607700175610ustar00rootroot00000000000000Copyright (c) 2010 by Armin Ronacher. Some rights reserved. Redistribution and use in source and binary forms of the theme, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * The names of the contributors may not be used to endorse or promote products derived from this software without specific prior written permission. We kindly ask you to only use these themes in an unmodified manner just for Flask and Flask-related products, not for unrelated projects. If you like the visual style and want to use it for your own projects, please consider making some larger changes to the themes (such as changing font faces, sizes, colors or margins). THIS THEME IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS THEME, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Flask-HTTPAuth-3.2.1/docs/_themes/README000077500000000000000000000021051276310607700174220ustar00rootroot00000000000000Flask Sphinx Styles =================== This repository contains sphinx styles for Flask and Flask related projects. To use this style in your Sphinx documentation, follow this guide: 1. put this folder as _themes into your docs folder. Alternatively you can also use git submodules to check out the contents there. 2. add this to your conf.py: sys.path.append(os.path.abspath('_themes')) html_theme_path = ['_themes'] html_theme = 'flask' The following themes exist: - 'flask' - the standard flask documentation theme for large projects - 'flask_small' - small one-page theme. Intended to be used by very small addon libraries for flask. The following options exist for the flask_small theme: [options] index_logo = '' filename of a picture in _static to be used as replacement for the h1 in the index.rst file. index_logo_height = 120px height of the index logo github_fork = '' repository name on github for the "fork me" badge Flask-HTTPAuth-3.2.1/docs/_themes/flask/000077500000000000000000000000001276310607700176415ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/_themes/flask/layout.html000077500000000000000000000012651276310607700220530ustar00rootroot00000000000000{%- extends "basic/layout.html" %} {%- block extrahead %} {{ super() }} {% if theme_touch_icon %} {% endif %} {% endblock %} {%- block relbar2 %}{% endblock %} {% block header %} {{ super() }} {% if pagename == 'index' %}
{% endif %} {% endblock %} {%- block footer %}
© Copyright {{ copyright }}. Created using Sphinx.
{% if pagename == 'index' %}
{% endif %} {%- endblock %} Flask-HTTPAuth-3.2.1/docs/_themes/flask/relations.html000077500000000000000000000011161276310607700225310ustar00rootroot00000000000000

Related Topics

Flask-HTTPAuth-3.2.1/docs/_themes/flask/static/000077500000000000000000000000001276310607700211305ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/_themes/flask/static/flasky.css_t000077500000000000000000000215461276310607700234710ustar00rootroot00000000000000/* * flasky.css_t * ~~~~~~~~~~~~ * * :copyright: Copyright 2010 by Armin Ronacher. * :license: Flask Design License, see LICENSE for details. */ {% set page_width = '940px' %} {% set sidebar_width = '220px' %} @import url("basic.css"); /* -- page layout ----------------------------------------------------------- */ body { font-family: 'Georgia', serif; font-size: 17px; background-color: white; color: #000; margin: 0; padding: 0; } div.document { width: {{ page_width }}; margin: 30px auto 0 auto; } div.documentwrapper { float: left; width: 100%; } div.bodywrapper { margin: 0 0 0 {{ sidebar_width }}; } div.sphinxsidebar { width: {{ sidebar_width }}; } hr { border: 1px solid #B1B4B6; } div.body { background-color: #ffffff; color: #3E4349; padding: 0 30px 0 30px; } img.floatingflask { padding: 0 0 10px 10px; float: right; } div.footer { width: {{ page_width }}; margin: 20px auto 30px auto; font-size: 14px; color: #888; text-align: right; } div.footer a { color: #888; } div.related { display: none; } div.sphinxsidebar a { color: #444; text-decoration: none; border-bottom: 1px dotted #999; } div.sphinxsidebar a:hover { border-bottom: 1px solid #999; } div.sphinxsidebar { font-size: 14px; line-height: 1.5; } div.sphinxsidebarwrapper { padding: 18px 10px; } div.sphinxsidebarwrapper p.logo { padding: 0 0 20px 0; margin: 0; text-align: center; } div.sphinxsidebar h3, div.sphinxsidebar h4 { font-family: 'Garamond', 'Georgia', serif; color: #444; font-size: 24px; font-weight: normal; margin: 0 0 5px 0; padding: 0; } div.sphinxsidebar h4 { font-size: 20px; } div.sphinxsidebar h3 a { color: #444; } div.sphinxsidebar p.logo a, div.sphinxsidebar h3 a, div.sphinxsidebar p.logo a:hover, div.sphinxsidebar h3 a:hover { border: none; } div.sphinxsidebar p { color: #555; margin: 10px 0; } div.sphinxsidebar ul { margin: 10px 0; padding: 0; color: #000; } div.sphinxsidebar input { border: 1px solid #ccc; font-family: 'Georgia', serif; font-size: 1em; } /* -- body styles ----------------------------------------------------------- */ a { color: #004B6B; text-decoration: underline; } a:hover { color: #6D4100; text-decoration: underline; } div.body h1, div.body h2, div.body h3, div.body h4, div.body h5, div.body h6 { font-family: 'Garamond', 'Georgia', serif; font-weight: normal; margin: 30px 0px 10px 0px; padding: 0; } {% if theme_index_logo %} div.indexwrapper h1 { text-indent: -999999px; background: url({{ theme_index_logo }}) no-repeat center center; height: {{ theme_index_logo_height }}; } {% endif %} div.body h1 { margin-top: 0; padding-top: 0; font-size: 240%; } div.body h2 { font-size: 180%; } div.body h3 { font-size: 150%; } div.body h4 { font-size: 130%; } div.body h5 { font-size: 100%; } div.body h6 { font-size: 100%; } a.headerlink { color: #ddd; padding: 0 4px; text-decoration: none; } a.headerlink:hover { color: #444; background: #eaeaea; } div.body p, div.body dd, div.body li { line-height: 1.4em; } div.admonition { background: #fafafa; margin: 20px -30px; padding: 10px 30px; border-top: 1px solid #ccc; border-bottom: 1px solid #ccc; } div.admonition tt.xref, div.admonition a tt { border-bottom: 1px solid #fafafa; } dd div.admonition { margin-left: -60px; padding-left: 60px; } div.admonition p.admonition-title { font-family: 'Garamond', 'Georgia', serif; font-weight: normal; font-size: 24px; margin: 0 0 10px 0; padding: 0; line-height: 1; } div.admonition p.last { margin-bottom: 0; } div.highlight { background-color: white; } dt:target, .highlight { background: #FAF3E8; } div.note { background-color: #eee; border: 1px solid #ccc; } div.seealso { background-color: #ffc; border: 1px solid #ff6; } div.topic { background-color: #eee; } p.admonition-title { display: inline; } p.admonition-title:after { content: ":"; } pre, tt { font-family: 'Consolas', 'Menlo', 'Deja Vu Sans Mono', 'Bitstream Vera Sans Mono', monospace; font-size: 0.9em; } img.screenshot { } tt.descname, tt.descclassname { font-size: 0.95em; } tt.descname { padding-right: 0.08em; } img.screenshot { -moz-box-shadow: 2px 2px 4px #eee; -webkit-box-shadow: 2px 2px 4px #eee; box-shadow: 2px 2px 4px #eee; } table.docutils { border: 1px solid #888; -moz-box-shadow: 2px 2px 4px #eee; -webkit-box-shadow: 2px 2px 4px #eee; box-shadow: 2px 2px 4px #eee; } table.docutils td, table.docutils th { border: 1px solid #888; padding: 0.25em 0.7em; } table.field-list, table.footnote { border: none; -moz-box-shadow: none; -webkit-box-shadow: none; box-shadow: none; } table.footnote { margin: 15px 0; width: 100%; border: 1px solid #eee; background: #fdfdfd; font-size: 0.9em; } table.footnote + table.footnote { margin-top: -15px; border-top: none; } table.field-list th { padding: 0 0.8em 0 0; } table.field-list td { padding: 0; } table.footnote td.label { width: 0px; padding: 0.3em 0 0.3em 0.5em; } table.footnote td { padding: 0.3em 0.5em; } dl { margin: 0; padding: 0; } dl dd { margin-left: 30px; } blockquote { margin: 0 0 0 30px; padding: 0; } ul, ol { margin: 10px 0 10px 30px; padding: 0; } pre { background: #eee; padding: 7px 30px; margin: 15px -30px; line-height: 1.3em; } dl pre, blockquote pre, li pre { margin-left: -60px; padding-left: 60px; } dl dl pre { margin-left: -90px; padding-left: 90px; } tt { background-color: #ecf0f3; color: #222; /* padding: 1px 2px; */ } tt.xref, a tt { background-color: #FBFBFB; border-bottom: 1px solid white; } a.reference { text-decoration: none; border-bottom: 1px dotted #004B6B; } a.reference:hover { border-bottom: 1px solid #6D4100; } a.footnote-reference { text-decoration: none; font-size: 0.7em; vertical-align: top; border-bottom: 1px dotted #004B6B; } a.footnote-reference:hover { border-bottom: 1px solid #6D4100; } a:hover tt { background: #EEE; } @media screen and (max-width: 870px) { div.sphinxsidebar { display: none; } div.document { width: 100%; } div.documentwrapper { margin-left: 0; margin-top: 0; margin-right: 0; margin-bottom: 0; } div.bodywrapper { margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; } ul { margin-left: 0; } .document { width: auto; } .footer { width: auto; } .bodywrapper { margin: 0; } .footer { width: auto; } .github { display: none; } } @media screen and (max-width: 875px) { body { margin: 0; padding: 20px 30px; } div.documentwrapper { float: none; background: white; } div.sphinxsidebar { display: block; float: none; width: 102.5%; margin: 50px -30px -20px -30px; padding: 10px 20px; background: #333; color: white; } div.sphinxsidebar h3, div.sphinxsidebar h4, div.sphinxsidebar p, div.sphinxsidebar h3 a { color: white; } div.sphinxsidebar a { color: #aaa; } div.sphinxsidebar p.logo { display: none; } div.document { width: 100%; margin: 0; } div.related { display: block; margin: 0; padding: 10px 0 20px 0; } div.related ul, div.related ul li { margin: 0; padding: 0; } div.footer { display: none; } div.bodywrapper { margin: 0; } div.body { min-height: 0; padding: 0; } .rtd_doc_footer { display: none; } .document { width: auto; } .footer { width: auto; } .footer { width: auto; } .github { display: none; } } /* scrollbars */ ::-webkit-scrollbar { width: 6px; height: 6px; } ::-webkit-scrollbar-button:start:decrement, ::-webkit-scrollbar-button:end:increment { display: block; height: 10px; } ::-webkit-scrollbar-button:vertical:increment { background-color: #fff; } ::-webkit-scrollbar-track-piece { background-color: #eee; -webkit-border-radius: 3px; } ::-webkit-scrollbar-thumb:vertical { height: 50px; background-color: #ccc; -webkit-border-radius: 3px; } ::-webkit-scrollbar-thumb:horizontal { width: 50px; background-color: #ccc; -webkit-border-radius: 3px; } /* misc. */ .revsys-inline { display: none!important; }Flask-HTTPAuth-3.2.1/docs/_themes/flask/theme.conf000077500000000000000000000002441276310607700216150ustar00rootroot00000000000000[theme] inherit = basic stylesheet = flasky.css pygments_style = flask_theme_support.FlaskyStyle [options] index_logo = '' index_logo_height = 120px touch_icon = Flask-HTTPAuth-3.2.1/docs/_themes/flask_small/000077500000000000000000000000001276310607700210315ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/_themes/flask_small/layout.html000077500000000000000000000012531276310607700232400ustar00rootroot00000000000000{% extends "basic/layout.html" %} {% block header %} {{ super() }} {% if pagename == 'index' %}
{% endif %} {% endblock %} {% block footer %} {% if pagename == 'index' %}
{% endif %} {% endblock %} {# do not display relbars #} {% block relbar1 %}{% endblock %} {% block relbar2 %} {% if theme_github_fork %} Fork me on GitHub {% endif %} {% endblock %} {% block sidebar1 %}{% endblock %} {% block sidebar2 %}{% endblock %} Flask-HTTPAuth-3.2.1/docs/_themes/flask_small/static/000077500000000000000000000000001276310607700223205ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/docs/_themes/flask_small/static/flasky.css_t000077500000000000000000000110011276310607700246420ustar00rootroot00000000000000/* * flasky.css_t * ~~~~~~~~~~~~ * * Sphinx stylesheet -- flasky theme based on nature theme. * * :copyright: Copyright 2007-2010 by the Sphinx team, see AUTHORS. * :license: BSD, see LICENSE for details. * */ @import url("basic.css"); /* -- page layout ----------------------------------------------------------- */ body { font-family: 'Georgia', serif; font-size: 17px; color: #000; background: white; margin: 0; padding: 0; } div.documentwrapper { float: left; width: 100%; } div.bodywrapper { margin: 40px auto 0 auto; width: 700px; } hr { border: 1px solid #B1B4B6; } div.body { background-color: #ffffff; color: #3E4349; padding: 0 30px 30px 30px; } img.floatingflask { padding: 0 0 10px 10px; float: right; } div.footer { text-align: right; color: #888; padding: 10px; font-size: 14px; width: 650px; margin: 0 auto 40px auto; } div.footer a { color: #888; text-decoration: underline; } div.related { line-height: 32px; color: #888; } div.related ul { padding: 0 0 0 10px; } div.related a { color: #444; } /* -- body styles ----------------------------------------------------------- */ a { color: #004B6B; text-decoration: underline; } a:hover { color: #6D4100; text-decoration: underline; } div.body { padding-bottom: 40px; /* saved for footer */ } div.body h1, div.body h2, div.body h3, div.body h4, div.body h5, div.body h6 { font-family: 'Garamond', 'Georgia', serif; font-weight: normal; margin: 30px 0px 10px 0px; padding: 0; } {% if theme_index_logo %} div.indexwrapper h1 { text-indent: -999999px; background: url({{ theme_index_logo }}) no-repeat center center; height: {{ theme_index_logo_height }}; } {% endif %} div.body h2 { font-size: 180%; } div.body h3 { font-size: 150%; } div.body h4 { font-size: 130%; } div.body h5 { font-size: 100%; } div.body h6 { font-size: 100%; } a.headerlink { color: white; padding: 0 4px; text-decoration: none; } a.headerlink:hover { color: #444; background: #eaeaea; } div.body p, div.body dd, div.body li { line-height: 1.4em; } div.admonition { background: #fafafa; margin: 20px -30px; padding: 10px 30px; border-top: 1px solid #ccc; border-bottom: 1px solid #ccc; } div.admonition p.admonition-title { font-family: 'Garamond', 'Georgia', serif; font-weight: normal; font-size: 24px; margin: 0 0 10px 0; padding: 0; line-height: 1; } div.admonition p.last { margin-bottom: 0; } div.highlight{ background-color: white; } dt:target, .highlight { background: #FAF3E8; } div.note { background-color: #eee; border: 1px solid #ccc; } div.seealso { background-color: #ffc; border: 1px solid #ff6; } div.topic { background-color: #eee; } div.warning { background-color: #ffe4e4; border: 1px solid #f66; } p.admonition-title { display: inline; } p.admonition-title:after { content: ":"; } pre, tt { font-family: 'Consolas', 'Menlo', 'Deja Vu Sans Mono', 'Bitstream Vera Sans Mono', monospace; font-size: 0.85em; } img.screenshot { } tt.descname, tt.descclassname { font-size: 0.95em; } tt.descname { padding-right: 0.08em; } img.screenshot { -moz-box-shadow: 2px 2px 4px #eee; -webkit-box-shadow: 2px 2px 4px #eee; box-shadow: 2px 2px 4px #eee; } table.docutils { border: 1px solid #888; -moz-box-shadow: 2px 2px 4px #eee; -webkit-box-shadow: 2px 2px 4px #eee; box-shadow: 2px 2px 4px #eee; } table.docutils td, table.docutils th { border: 1px solid #888; padding: 0.25em 0.7em; } table.field-list, table.footnote { border: none; -moz-box-shadow: none; -webkit-box-shadow: none; box-shadow: none; } table.footnote { margin: 15px 0; width: 100%; border: 1px solid #eee; } table.field-list th { padding: 0 0.8em 0 0; } table.field-list td { padding: 0; } table.footnote td { padding: 0.5em; } dl { margin: 0; padding: 0; } dl dd { margin-left: 30px; } pre { padding: 0; margin: 15px -30px; padding: 8px; line-height: 1.3em; padding: 7px 30px; background: #eee; border-radius: 2px; -moz-border-radius: 2px; -webkit-border-radius: 2px; } dl pre { margin-left: -60px; padding-left: 60px; } tt { background-color: #ecf0f3; color: #222; /* padding: 1px 2px; */ } tt.xref, a tt { background-color: #FBFBFB; } a:hover tt { background: #EEE; } Flask-HTTPAuth-3.2.1/docs/_themes/flask_small/theme.conf000077500000000000000000000002701276310607700230040ustar00rootroot00000000000000[theme] inherit = basic stylesheet = flasky.css nosidebar = true pygments_style = flask_theme_support.FlaskyStyle [options] index_logo = '' index_logo_height = 120px github_fork = '' Flask-HTTPAuth-3.2.1/docs/_themes/flask_theme_support.py000077500000000000000000000114131276310607700231740ustar00rootroot00000000000000# flasky extensions. flasky pygments style based on tango style from pygments.style import Style from pygments.token import Keyword, Name, Comment, String, Error, \ Number, Operator, Generic, Whitespace, Punctuation, Other, Literal class FlaskyStyle(Style): background_color = "#f8f8f8" default_style = "" styles = { # No corresponding class for the following: #Text: "", # class: '' Whitespace: "underline #f8f8f8", # class: 'w' Error: "#a40000 border:#ef2929", # class: 'err' Other: "#000000", # class 'x' Comment: "italic #8f5902", # class: 'c' Comment.Preproc: "noitalic", # class: 'cp' Keyword: "bold #004461", # class: 'k' Keyword.Constant: "bold #004461", # class: 'kc' Keyword.Declaration: "bold #004461", # class: 'kd' Keyword.Namespace: "bold #004461", # class: 'kn' Keyword.Pseudo: "bold #004461", # class: 'kp' Keyword.Reserved: "bold #004461", # class: 'kr' Keyword.Type: "bold #004461", # class: 'kt' Operator: "#582800", # class: 'o' Operator.Word: "bold #004461", # class: 'ow' - like keywords Punctuation: "bold #000000", # class: 'p' # because special names such as Name.Class, Name.Function, etc. # are not recognized as such later in the parsing, we choose them # to look the same as ordinary variables. Name: "#000000", # class: 'n' Name.Attribute: "#c4a000", # class: 'na' - to be revised Name.Builtin: "#004461", # class: 'nb' Name.Builtin.Pseudo: "#3465a4", # class: 'bp' Name.Class: "#000000", # class: 'nc' - to be revised Name.Constant: "#000000", # class: 'no' - to be revised Name.Decorator: "#888", # class: 'nd' - to be revised Name.Entity: "#ce5c00", # class: 'ni' Name.Exception: "bold #cc0000", # class: 'ne' Name.Function: "#000000", # class: 'nf' Name.Property: "#000000", # class: 'py' Name.Label: "#f57900", # class: 'nl' Name.Namespace: "#000000", # class: 'nn' - to be revised Name.Other: "#000000", # class: 'nx' Name.Tag: "bold #004461", # class: 'nt' - like a keyword Name.Variable: "#000000", # class: 'nv' - to be revised Name.Variable.Class: "#000000", # class: 'vc' - to be revised Name.Variable.Global: "#000000", # class: 'vg' - to be revised Name.Variable.Instance: "#000000", # class: 'vi' - to be revised Number: "#990000", # class: 'm' Literal: "#000000", # class: 'l' Literal.Date: "#000000", # class: 'ld' String: "#4e9a06", # class: 's' String.Backtick: "#4e9a06", # class: 'sb' String.Char: "#4e9a06", # class: 'sc' String.Doc: "italic #8f5902", # class: 'sd' - like a comment String.Double: "#4e9a06", # class: 's2' String.Escape: "#4e9a06", # class: 'se' String.Heredoc: "#4e9a06", # class: 'sh' String.Interpol: "#4e9a06", # class: 'si' String.Other: "#4e9a06", # class: 'sx' String.Regex: "#4e9a06", # class: 'sr' String.Single: "#4e9a06", # class: 's1' String.Symbol: "#4e9a06", # class: 'ss' Generic: "#000000", # class: 'g' Generic.Deleted: "#a40000", # class: 'gd' Generic.Emph: "italic #000000", # class: 'ge' Generic.Error: "#ef2929", # class: 'gr' Generic.Heading: "bold #000080", # class: 'gh' Generic.Inserted: "#00A000", # class: 'gi' Generic.Output: "#888", # class: 'go' Generic.Prompt: "#745334", # class: 'gp' Generic.Strong: "bold #000000", # class: 'gs' Generic.Subheading: "bold #800080", # class: 'gu' Generic.Traceback: "bold #a40000", # class: 'gt' } Flask-HTTPAuth-3.2.1/docs/conf.py000066400000000000000000000177501276310607700164260ustar00rootroot00000000000000# -*- coding: utf-8 -*- # # Flask-HTTPAuth documentation build configuration file, created by # sphinx-quickstart on Fri Jul 26 14:48:13 2013. # # This file is execfile()d with the current directory set to its containing dir. # # Note that not all possible configuration values are present in this # autogenerated file. # # All configuration values have a default; values that are commented out # serve to show the default. import sys, os # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. sys.path.insert(0, os.path.abspath('..')) sys.path.append(os.path.abspath('_themes')) # -- General configuration ----------------------------------------------------- # If your documentation needs a minimal Sphinx version, state it here. #needs_sphinx = '1.0' # Add any Sphinx extension module names here, as strings. They can be extensions # coming with Sphinx (named 'sphinx.ext.*') or your custom ones. extensions = ['sphinx.ext.autodoc'] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] # The suffix of source filenames. source_suffix = '.rst' # The encoding of source files. #source_encoding = 'utf-8-sig' # The master toctree document. master_doc = 'index' # General information about the project. project = u'Flask-HTTPAuth' copyright = u'2013, Miguel Grinberg' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. # # The short X.Y version. #version = '0.7' # The full version, including alpha/beta/rc tags. #release = '0.7.0' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. #language = None # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: #today = '' # Else, today_fmt is used as the format for a strftime call. #today_fmt = '%B %d, %Y' # List of patterns, relative to source directory, that match files and # directories to ignore when looking for source files. exclude_patterns = ['_build'] # The reST default role (used for this markup: `text`) to use for all documents. #default_role = None # If true, '()' will be appended to :func: etc. cross-reference text. #add_function_parentheses = True # If true, the current module name will be prepended to all description # unit titles (such as .. function::). #add_module_names = True # If true, sectionauthor and moduleauthor directives will be shown in the # output. They are ignored by default. #show_authors = False # The name of the Pygments (syntax highlighting) style to use. pygments_style = 'sphinx' # A list of ignored prefixes for module index sorting. #modindex_common_prefix = [] # If true, keep warnings as "system message" paragraphs in the built documents. #keep_warnings = False # -- Options for HTML output --------------------------------------------------- # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. html_theme = 'flask_small' # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the # documentation. html_theme_options = { 'index_logo': 'logo.png', 'github_fork': 'miguelgrinberg/Flask-HTTPAuth' } # Add any paths that contain custom themes here, relative to this directory. html_theme_path = ['_themes'] # The name for this set of Sphinx documents. If None, it defaults to # " v documentation". #html_title = None # A shorter title for the navigation bar. Default is the same as html_title. #html_short_title = None # The name of an image file (relative to this directory) to place at the top # of the sidebar. #html_logo = None # The name of an image file (within the static path) to use as favicon of the # docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. #html_favicon = None # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". html_static_path = ['_static'] # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # using the given strftime format. #html_last_updated_fmt = '%b %d, %Y' # If true, SmartyPants will be used to convert quotes and dashes to # typographically correct entities. #html_use_smartypants = True # Custom sidebar templates, maps document names to template names. #html_sidebars = {} # Additional templates that should be rendered to pages, maps page names to # template names. #html_additional_pages = {} # If false, no module index is generated. #html_domain_indices = True # If false, no index is generated. #html_use_index = True # If true, the index is split into individual pages for each letter. #html_split_index = False # If true, links to the reST sources are added to the pages. #html_show_sourcelink = True # If true, "Created using Sphinx" is shown in the HTML footer. Default is True. #html_show_sphinx = True # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. #html_show_copyright = True # If true, an OpenSearch description file will be output, and all pages will # contain a tag referring to it. The value of this option must be the # base URL from which the finished HTML is served. #html_use_opensearch = '' # This is the file name suffix for HTML files (e.g. ".xhtml"). #html_file_suffix = None # Output file base name for HTML help builder. htmlhelp_basename = 'Flask-HTTPAuthdoc' # -- Options for LaTeX output -------------------------------------------------- latex_elements = { # The paper size ('letterpaper' or 'a4paper'). #'papersize': 'letterpaper', # The font size ('10pt', '11pt' or '12pt'). #'pointsize': '10pt', # Additional stuff for the LaTeX preamble. #'preamble': '', } # Grouping the document tree into LaTeX files. List of tuples # (source start file, target name, title, author, documentclass [howto/manual]). latex_documents = [ ('index', 'Flask-HTTPAuth.tex', u'Flask-HTTPAuth Documentation', u'Miguel Grinberg', 'manual'), ] # The name of an image file (relative to this directory) to place at the top of # the title page. #latex_logo = None # For "manual" documents, if this is true, then toplevel headings are parts, # not chapters. #latex_use_parts = False # If true, show page references after internal links. #latex_show_pagerefs = False # If true, show URL addresses after external links. #latex_show_urls = False # Documents to append as an appendix to all manuals. #latex_appendices = [] # If false, no module index is generated. #latex_domain_indices = True # -- Options for manual page output -------------------------------------------- # One entry per manual page. List of tuples # (source start file, name, description, authors, manual section). man_pages = [ ('index', 'flask-httpauth', u'Flask-HTTPAuth Documentation', [u'Miguel Grinberg'], 1) ] # If true, show URL addresses after external links. #man_show_urls = False # -- Options for Texinfo output ------------------------------------------------ # Grouping the document tree into Texinfo files. List of tuples # (source start file, target name, title, author, # dir menu entry, description, category) texinfo_documents = [ ('index', 'Flask-HTTPAuth', u'Flask-HTTPAuth Documentation', u'Miguel Grinberg', 'Flask-HTTPAuth', 'One line description of project.', 'Miscellaneous'), ] # Documents to append as an appendix to all manuals. #texinfo_appendices = [] # If false, no module index is generated. #texinfo_domain_indices = True # How to display URL addresses: 'footnote', 'no', or 'inline'. #texinfo_show_urls = 'footnote' # If true, do not generate a @detailmenu in the "Top" node's menu. #texinfo_no_detailmenu = False Flask-HTTPAuth-3.2.1/docs/index.rst000077500000000000000000000365161276310607700167740ustar00rootroot00000000000000.. Flask-HTTPAuth documentation master file, created by sphinx-quickstart on Fri Jul 26 14:48:13 2013. You can adapt this file completely to your liking, but it should at least contain the root `toctree` directive. Welcome to Flask-HTTPAuth's documentation! ========================================== **Flask-HTTPAuth** is a simple extension that simplifies the use of HTTP authentication with Flask routes. Basic authentication example ---------------------------- The following example application uses HTTP Basic authentication to protect route ``'/'``:: from flask import Flask from flask_httpauth import HTTPBasicAuth app = Flask(__name__) auth = HTTPBasicAuth() users = { "john": "hello", "susan": "bye" } @auth.get_password def get_pw(username): if username in users: return users.get(username) return None @app.route('/') @auth.login_required def index(): return "Hello, %s!" % auth.username() if __name__ == '__main__': app.run() The ``get_password`` callback needs to return the password associated with the username given as argument. Flask-HTTPAuth will allow access only if ``get_password(username) == password``. If the passwords are stored hashed in the user database then an additional callback is needed:: @auth.hash_password def hash_pw(password): return md5(password).hexdigest() When the ``hash_password`` callback is provided access will be granted when ``get_password(username) == hash_password(password)``. If the hashing algorithm requires the username to be known then the callback can take two arguments instead of one:: @auth.hash_password def hash_pw(username, password): get_salt(username) return hash(password, salt) For the most degree of flexibility the `get_password` and `hash_password` callbacks can be replaced with `verify_password`:: @auth.verify_password def verify_pw(username, password): return call_custom_verify_function(username, password) In the examples directory you can find an example called `basic_auth.py` that shows how a `verify_password` callback can be used to securely work with hashed passwords. Digest authentication example ----------------------------- The following example is similar to the previous one, but HTTP Digest authentication is used:: from flask import Flask from flask_httpauth import HTTPDigestAuth app = Flask(__name__) app.config['SECRET_KEY'] = 'secret key here' auth = HTTPDigestAuth() users = { "john": "hello", "susan": "bye" } @auth.get_password def get_pw(username): if username in users: return users.get(username) return None @app.route('/') @auth.login_required def index(): return "Hello, %s!" % auth.username() if __name__ == '__main__': app.run() Security Concerns with Digest Authentication ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The digest authentication algorihtm requires a *challenge* to be sent to the client for use in encrypting the password for transmission. This challenge needs to be used again when the password is decoded at the server, so the challenge information needs to be stored so that it can be recalled later. By default, Flask-HTTPAuth stores the challenge data in the Flask session. To make the authentication flow secure when using session storage, it is required that server-side sessions are used instead of the default Flask cookie based sessions, as this ensures that the challenge data is not at risk of being captured as it moves in a cookie between server and client. The Flask-Session and Flask-KVSession extensions are both very good options to implement server-side sessions. As an alternative to using server-side sessions, an application can implement its own generation and storage of challenge data. To do this, there are four callback functions that the application needs to implement:: @auth.generate_nonce def generate_nonce(): """Return the nonce value to use for this client.""" pass @auth.generate_opaque def generate_opaque(): """Return the opaque value to use for this client.""" pass @auth.verify_nonce def verify_nonce(nonce): """Verify that the nonce value sent by the client is correct.""" pass @auth.verify_opaque def verify_opaque(opaque): """Verify that the opaque value sent by the client is correct.""" pass For information of what the ``nonce`` and ``opaque`` values are and how they are used in digest authentication, consult `RFC 2617 `_. Token Authentication Scheme Example ----------------------------------- The following example application uses a custom HTTP authentication scheme to protect route ``'/'`` with a token:: from flask import Flask, g from flask_httpauth import HTTPTokenAuth app = Flask(__name__) auth = HTTPTokenAuth(scheme='Token') tokens = { "secret-token-1": "john", "secret-token-2": "susan" } @auth.verify_token def verify_token(token): if token in tokens: g.current_user = tokens[token] return True return False @app.route('/') @auth.login_required def index(): return "Hello, %s!" % g.current_user if __name__ == '__main__': app.run() The ``HTTPTokenAuth`` is a generic authentication handler that can be used with non-standard authentication schemes, with the scheme name given as an argument in the constructor. In the above example, the ``WWW-Authenticate`` header provided by the server will use ``Token`` as scheme:: WWW-Authenticate: Token realm="Authentication Required" The ``verify_token`` callback receives the authentication credentials provided by the client on the ``Authorization`` header. This can be a simple token, or can contain multiple arguments, which the function will have to parse and extract from the string. In the examples directory you can find a complete example that uses JWT tokens. Using Multiple Authentication Schemes ------------------------------------- Applications sometimes need to support a combination of authentication methods. For example, a web application could be authenticating by sending client id and secret over basic authentication, while third party API clients use a JWT bearer token. The `MultiAuth` class allows you to protect a route with more than one authentication object. To grant access to the endpoint, one of the authentication methods must validate. In the examples directory you can find a complete example that uses basic and token authentication. Deployment Considerations ------------------------- Be aware that some web servers do not pass the ``Authorization`` headers to the WSGI application by default. For example, if you use Apache with mod_wsgi, you have to set option ``WSGIPassAuthorization On`` as `documented here `_. API Documentation ----------------- .. module:: flask_httpauth .. class:: HTTPBasicAuth This class handles HTTP Basic authentication for Flask routes. .. method:: __init__(scheme=None, realm=None) Create a basic authentication object. If the optional ``scheme`` argument is provided, it will be used instead of the standard "Basic" scheme in the ``WWW-Authenticate`` response. A fairly common practice is to use a custom scheme to prevent browsers from prompting the user to login. The ``realm`` argument can be used to provide an application defined realm with the ``WWW-Authenticate`` header. .. method:: get_password(password_callback) This callback function will be called by the framework to obtain the password for a given user. Example:: @auth.get_password def get_password(username): return db.get_user_password(username) .. method:: hash_password(hash_password_callback) If defined, this callback function will be called by the framework to apply a custom hashing algorithm to the password provided by the client. If this callback isn't provided the password will be checked unchanged. The callback can take one or two arguments. The one argument version receives the password to hash, while the two argument version receives the username and the password in that order. Example single argument callback:: @auth.hash_password def hash_password(password): return md5(password).hexdigest() Example two argument callback:: @auth.hash_password def hash_pw(username, password): get_salt(username) return hash(password, salt) .. method:: verify_password(verify_password_callback) If defined, this callback function will be called by the framework to verify that the username and password combination provided by the client are valid. The callback function takes two arguments, the username and the password and must return ``True`` or ``False``. Example usage:: @auth.verify_password def verify_password(username, password): user = User.query.filter_by(username).first() if not user: return False return passlib.hash.sha256_crypt.verify(password, user.password_hash) If this callback is defined, it is also invoked when the request does not have the ``Authorization`` header with user credentials, and in this case both the ``username`` and ``password`` arguments are set to empty strings. The client can opt to return ``True`` and that will allow anonymous users access to the route. The callback function can indicate that the user is anonymous by writing a state variable to ``flask.g``, which the route can then check to generate an appropriate response. Note that when a ``verify_password`` callback is provided the ``get_password`` and ``hash_password`` callbacks are not used. .. method:: error_handler(error_callback) If defined, this callback function will be called by the framework when it is necessary to send an authentication error back to the client. The return value from this function can be the body of the response as a string or it can also be a response object created with ``make_response``. If this callback isn't provided a default error response is generated. Example:: @auth.error_handler def auth_error(): return "<h1>Access Denied</h1>" .. method:: login_required(view_function_callback) This callback function will be called when authentication is succesful. This will typically be a Flask view function. Example:: @app.route('/private') @auth.login_required def private_page(): return "Only for authorized people!" .. method:: username() A view function that is protected with this class can access the logged username through this method. Example:: @app.route('/') @auth.login_required def index(): return "Hello, %s!" % auth.username() .. class:: flask_httpauth.HTTPDigestAuth This class handles HTTP Digest authentication for Flask routes. The ``SECRET_KEY`` configuration must be set in the Flask application to enable the session to work. Flask by default stores user sessions in the client as secure cookies, so the client must be able to handle cookies. To support clients that are not web browsers or that cannot handle cookies a `session interface `_ that writes sessions in the server must be used. .. method:: __init__(self, scheme=None, realm=None, use_ha1_pw=False) Create a digest authentication object. If the optional ``scheme`` argument is provided, it will be used instead of the "Digest" scheme in the ``WWW-Authenticate`` response. A fairly common practice is to use a custom scheme to prevent browsers from prompting the user to login. The ``realm`` argument can be used to provide an application defined realm with the ``WWW-Authenticate`` header. If ``use_ha1_pw`` is False, then the ``get_password`` callback needs to return the plain text password for the given user. If ``use_ha1_pw`` is True, the ``get_password`` callback needs to return the HA1 value for the given user. The advantage of setting ``use_ha1_pw`` to ``True`` is that it allows the application to store the HA1 hash of the password in the user database. .. method:: generate_ha1(username, password) Generate the HA1 hash that can be stored in the user database when ``use_ha1_pw`` is set to True in the constructor. .. method:: generate_nonce(nonce_making_callback) If defined, this callback function will be called by the framework to generate a nonce. If this is defined, ``verify_nonce`` should also be defined. This can be used to use a state storage mechanism other than the session. .. method:: verify_nonce(nonce_verify_callback) If defined, this callback function will be called by the framework to verify that a nonce is valid. It will be called with a single argument: the nonce to be verified. This can be used to use a state storage mechanism other than the session. .. method:: generate_opaque(opaque_making_callback) If defined, this callback function will be called by the framework to generate an opaque value. If this is defined, ``verify_opaque`` should also be defined. This can be used to use a state storage mechanism other than the session. .. method:: verify_opaque(opaque_verify_callback) If defined, this callback function will be called by the framework to verify that an opaque value is valid. It will be called with a single argument: the opaque value to be verified. This can be used to use a state storage mechanism other than the session. .. method:: get_password(password_callback) See basic authentication for documentation and examples. .. method:: error_handler(error_callback) See basic authentication for documentation and examples. .. method:: login_required(view_function_callback) See basic authentication for documentation and examples. .. method:: username() See basic authentication for documentation and examples. .. class:: HTTPTokenAuth This class handles HTTP authentication with custom schemes for Flask routes. .. method:: __init__(scheme, realm=None) Create a token authentication object. The ``scheme`` argument must be provided to be used in the ``WWW-Authenticate`` response. The ``realm`` argument can be used to provide an application defined realm with the ``WWW-Authenticate`` header. .. method:: verify_token(verify_token_callback) This callback function will be called by the framework to verify that the credentials sent by the client with the ``Authorization`` header are valid. The callback function takes one argument, the username and the password and must return ``True`` or ``False``. Example usage:: @auth.verify_token def verify_token(token): g.current_user = User.query.filter_by(token=token).first() return g.current_user is not None Note that a ``verify_token`` callback is required when using this class. .. method:: error_handler(error_callback) See basic authentication for documentation and examples. .. method:: login_required(view_function_callback) See basic authentication for documentation and examples. Flask-HTTPAuth-3.2.1/docs/make.bat000066400000000000000000000150751276310607700165320ustar00rootroot00000000000000@ECHO OFF REM Command file for Sphinx documentation if "%SPHINXBUILD%" == "" ( set SPHINXBUILD=sphinx-build ) set BUILDDIR=_build set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% . set I18NSPHINXOPTS=%SPHINXOPTS% . if NOT "%PAPER%" == "" ( set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS% set I18NSPHINXOPTS=-D latex_paper_size=%PAPER% %I18NSPHINXOPTS% ) if "%1" == "" goto help if "%1" == "help" ( :help echo.Please use `make ^` where ^ is one of echo. html to make standalone HTML files echo. dirhtml to make HTML files named index.html in directories echo. singlehtml to make a single large HTML file echo. pickle to make pickle files echo. json to make JSON files echo. htmlhelp to make HTML files and a HTML help project echo. qthelp to make HTML files and a qthelp project echo. devhelp to make HTML files and a Devhelp project echo. epub to make an epub echo. latex to make LaTeX files, you can set PAPER=a4 or PAPER=letter echo. text to make text files echo. man to make manual pages echo. texinfo to make Texinfo files echo. gettext to make PO message catalogs echo. changes to make an overview over all changed/added/deprecated items echo. xml to make Docutils-native XML files echo. pseudoxml to make pseudoxml-XML files for display purposes echo. linkcheck to check all external links for integrity echo. doctest to run all doctests embedded in the documentation if enabled goto end ) if "%1" == "clean" ( for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i del /q /s %BUILDDIR%\* goto end ) %SPHINXBUILD% 2> nul if errorlevel 9009 ( echo. echo.The 'sphinx-build' command was not found. Make sure you have Sphinx echo.installed, then set the SPHINXBUILD environment variable to point echo.to the full path of the 'sphinx-build' executable. Alternatively you echo.may add the Sphinx directory to PATH. echo. echo.If you don't have Sphinx installed, grab it from echo.http://sphinx-doc.org/ exit /b 1 ) if "%1" == "html" ( %SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html if errorlevel 1 exit /b 1 echo. echo.Build finished. The HTML pages are in %BUILDDIR%/html. goto end ) if "%1" == "dirhtml" ( %SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml if errorlevel 1 exit /b 1 echo. echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml. goto end ) if "%1" == "singlehtml" ( %SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml if errorlevel 1 exit /b 1 echo. echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml. goto end ) if "%1" == "pickle" ( %SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can process the pickle files. goto end ) if "%1" == "json" ( %SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can process the JSON files. goto end ) if "%1" == "htmlhelp" ( %SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can run HTML Help Workshop with the ^ .hhp project file in %BUILDDIR%/htmlhelp. goto end ) if "%1" == "qthelp" ( %SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp if errorlevel 1 exit /b 1 echo. echo.Build finished; now you can run "qcollectiongenerator" with the ^ .qhcp project file in %BUILDDIR%/qthelp, like this: echo.^> qcollectiongenerator %BUILDDIR%\qthelp\Flask-HTTPAuth.qhcp echo.To view the help file: echo.^> assistant -collectionFile %BUILDDIR%\qthelp\Flask-HTTPAuth.ghc goto end ) if "%1" == "devhelp" ( %SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp if errorlevel 1 exit /b 1 echo. echo.Build finished. goto end ) if "%1" == "epub" ( %SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub if errorlevel 1 exit /b 1 echo. echo.Build finished. The epub file is in %BUILDDIR%/epub. goto end ) if "%1" == "latex" ( %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex if errorlevel 1 exit /b 1 echo. echo.Build finished; the LaTeX files are in %BUILDDIR%/latex. goto end ) if "%1" == "latexpdf" ( %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex cd %BUILDDIR%/latex make all-pdf cd %BUILDDIR%/.. echo. echo.Build finished; the PDF files are in %BUILDDIR%/latex. goto end ) if "%1" == "latexpdfja" ( %SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex cd %BUILDDIR%/latex make all-pdf-ja cd %BUILDDIR%/.. echo. echo.Build finished; the PDF files are in %BUILDDIR%/latex. goto end ) if "%1" == "text" ( %SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text if errorlevel 1 exit /b 1 echo. echo.Build finished. The text files are in %BUILDDIR%/text. goto end ) if "%1" == "man" ( %SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man if errorlevel 1 exit /b 1 echo. echo.Build finished. The manual pages are in %BUILDDIR%/man. goto end ) if "%1" == "texinfo" ( %SPHINXBUILD% -b texinfo %ALLSPHINXOPTS% %BUILDDIR%/texinfo if errorlevel 1 exit /b 1 echo. echo.Build finished. The Texinfo files are in %BUILDDIR%/texinfo. goto end ) if "%1" == "gettext" ( %SPHINXBUILD% -b gettext %I18NSPHINXOPTS% %BUILDDIR%/locale if errorlevel 1 exit /b 1 echo. echo.Build finished. The message catalogs are in %BUILDDIR%/locale. goto end ) if "%1" == "changes" ( %SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes if errorlevel 1 exit /b 1 echo. echo.The overview file is in %BUILDDIR%/changes. goto end ) if "%1" == "linkcheck" ( %SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck if errorlevel 1 exit /b 1 echo. echo.Link check complete; look for any errors in the above output ^ or in %BUILDDIR%/linkcheck/output.txt. goto end ) if "%1" == "doctest" ( %SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest if errorlevel 1 exit /b 1 echo. echo.Testing of doctests in the sources finished, look at the ^ results in %BUILDDIR%/doctest/output.txt. goto end ) if "%1" == "xml" ( %SPHINXBUILD% -b xml %ALLSPHINXOPTS% %BUILDDIR%/xml if errorlevel 1 exit /b 1 echo. echo.Build finished. The XML files are in %BUILDDIR%/xml. goto end ) if "%1" == "pseudoxml" ( %SPHINXBUILD% -b pseudoxml %ALLSPHINXOPTS% %BUILDDIR%/pseudoxml if errorlevel 1 exit /b 1 echo. echo.Build finished. The pseudo-XML files are in %BUILDDIR%/pseudoxml. goto end ) :end Flask-HTTPAuth-3.2.1/examples/000077500000000000000000000000001276310607700160035ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/examples/basic_auth.py000066400000000000000000000016541276310607700204650ustar00rootroot00000000000000#!/usr/bin/env python """Basic authentication example This example demonstrates how to protect Flask endpoints with basic authentication, using secure hashed passwords. After running this example, visit http://localhost:5000 in your browser. To gain access, you can use (username=john, password=hello) or (username=susan, password=bye). """ from flask import Flask from flask_httpauth import HTTPBasicAuth from werkzeug.security import generate_password_hash, check_password_hash app = Flask(__name__) auth = HTTPBasicAuth() users = { "john": generate_password_hash("hello"), "susan": generate_password_hash("bye") } @auth.verify_password def verify_password(username, password): if username in users: return check_password_hash(users.get(username), password) return False @app.route('/') @auth.login_required def index(): return "Hello, %s!" % auth.username() if __name__ == '__main__': app.run() Flask-HTTPAuth-3.2.1/examples/multi_auth.py000066400000000000000000000031301276310607700205250ustar00rootroot00000000000000#!/usr/bin/env python """Multiple authentication example This example demonstrates how to combine two authentication methods using the "MultiAuth" class. The root URL for this application can be accessed via basic auth, providing username and password, or via token auth, providing a bearer JWT token. """ from flask import Flask, g from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth from werkzeug.security import generate_password_hash, check_password_hash from itsdangerous import TimedJSONWebSignatureSerializer as JWT app = Flask(__name__) app.config['SECRET_KEY'] = 'top secret!' jwt = JWT(app.config['SECRET_KEY'], expires_in=3600) basic_auth = HTTPBasicAuth() token_auth = HTTPTokenAuth('Bearer') multi_auth = MultiAuth(basic_auth, token_auth) users = { "john": generate_password_hash("hello"), "susan": generate_password_hash("bye") } for user in users.keys(): token = jwt.dumps({'username': user}) print('*** token for {}: {}\n'.format(user, token)) @basic_auth.verify_password def verify_password(username, password): g.user = None if username in users: if check_password_hash(users.get(username), password): g.user = username return True return False @token_auth.verify_token def verify_token(token): g.user = None try: data = jwt.loads(token) except: return False if 'username' in data: g.user = data['username'] return True return False @app.route('/') @multi_auth.login_required def index(): return "Hello, %s!" % g.user if __name__ == '__main__': app.run() Flask-HTTPAuth-3.2.1/examples/token_auth.py000066400000000000000000000024071276310607700205210ustar00rootroot00000000000000#!/usr/bin/env python """Token authentication example This example demonstrates how to protect Flask endpoints with token authentication, using JWT tokens. When this application starts, a token is generated for each of the two users. To gain access, you can use a command line HTTP client such as curl, passing one of the tokens: curl -X GET -H "Authorization: Bearer " http://localhost:5000/ The response should include the username, which is obtained from the JWT token. """ from flask import Flask, g from flask_httpauth import HTTPTokenAuth from itsdangerous import TimedJSONWebSignatureSerializer as JWT app = Flask(__name__) app.config['SECRET_KEY'] = 'top secret!' jwt = JWT(app.config['SECRET_KEY'], expires_in=3600) auth = HTTPTokenAuth('Bearer') users = ['john', 'susan'] for user in users: token = jwt.dumps({'username': user}) print('*** token for {}: {}\n'.format(user, token)) @auth.verify_token def verify_token(token): g.user = None try: data = jwt.loads(token) except: return False if 'username' in data: g.user = data['username'] return True return False @app.route('/') @auth.login_required def index(): return "Hello, %s!" % g.user if __name__ == '__main__': app.run() Flask-HTTPAuth-3.2.1/flask_httpauth.py000066400000000000000000000220621276310607700175620ustar00rootroot00000000000000""" flask_httpauth ================== This module provides Basic and Digest HTTP authentication for Flask routes. :copyright: (C) 2014 by Miguel Grinberg. :license: MIT, see LICENSE for more details. """ from functools import wraps from hashlib import md5 from random import Random, SystemRandom from flask import request, make_response, session from werkzeug.datastructures import Authorization __version__ = '3.2.1' class HTTPAuth(object): def __init__(self, scheme=None, realm=None): self.scheme = scheme self.realm = realm or "Authentication Required" self.get_password_callback = None self.auth_error_callback = None def default_get_password(username): return None def default_auth_error(): return "Unauthorized Access" self.get_password(default_get_password) self.error_handler(default_auth_error) def get_password(self, f): self.get_password_callback = f return f def error_handler(self, f): @wraps(f) def decorated(*args, **kwargs): res = f(*args, **kwargs) res = make_response(res) if res.status_code == 200: # if user didn't set status code, use 401 res.status_code = 401 if 'WWW-Authenticate' not in res.headers.keys(): res.headers['WWW-Authenticate'] = self.authenticate_header() return res self.auth_error_callback = decorated return decorated def authenticate_header(self): return '{0} realm="{1}"'.format(self.scheme, self.realm) def login_required(self, f): @wraps(f) def decorated(*args, **kwargs): auth = request.authorization if auth is None and 'Authorization' in request.headers: # Flask/Werkzeug do not recognize any authentication types # other than Basic or Digest, so here we parse the header by # hand try: auth_type, token = request.headers['Authorization'].split( None, 1) auth = Authorization(auth_type, {'token': token}) except ValueError: # The Authorization header is either empty or has no token pass # if the auth type does not match, we act as if there is no auth # this is better than failing directly, as it allows the callback # to handle special cases, like supporting multiple auth types if auth is not None and auth.type.lower() != self.scheme.lower(): auth = None # Flask normally handles OPTIONS requests on its own, but in the # case it is configured to forward those to the application, we # need to ignore authentication headers and let the request through # to avoid unwanted interactions with CORS. if request.method != 'OPTIONS': # pragma: no cover if auth and auth.username: password = self.get_password_callback(auth.username) else: password = None if not self.authenticate(auth, password): # Clear TCP receive buffer of any pending data request.data return self.auth_error_callback() return f(*args, **kwargs) return decorated def username(self): if not request.authorization: return "" return request.authorization.username class HTTPBasicAuth(HTTPAuth): def __init__(self, scheme=None, realm=None): super(HTTPBasicAuth, self).__init__(scheme or 'Basic', realm) self.hash_password_callback = None self.verify_password_callback = None def hash_password(self, f): self.hash_password_callback = f return f def verify_password(self, f): self.verify_password_callback = f return f def authenticate(self, auth, stored_password): if auth: username = auth.username client_password = auth.password else: username = "" client_password = "" if self.verify_password_callback: return self.verify_password_callback(username, client_password) if not auth: return False if self.hash_password_callback: try: client_password = self.hash_password_callback(client_password) except TypeError: client_password = self.hash_password_callback(username, client_password) return client_password is not None and \ client_password == stored_password class HTTPDigestAuth(HTTPAuth): def __init__(self, scheme=None, realm=None, use_ha1_pw=False): super(HTTPDigestAuth, self).__init__(scheme or 'Digest', realm) self.use_ha1_pw = use_ha1_pw self.random = SystemRandom() try: self.random.random() except NotImplementedError: # pragma: no cover self.random = Random() self.generate_nonce_callback = None self.verify_nonce_callback = None self.generate_opaque_callback = None self.verify_opaque_callback = None def _generate_random(): return md5(str(self.random.random()).encode('utf-8')).hexdigest() def default_generate_nonce(): session["auth_nonce"] = _generate_random() return session["auth_nonce"] def default_verify_nonce(nonce): return nonce == session.get("auth_nonce") def default_generate_opaque(): session["auth_opaque"] = _generate_random() return session["auth_opaque"] def default_verify_opaque(opaque): return opaque == session.get("auth_opaque") self.generate_nonce(default_generate_nonce) self.generate_opaque(default_generate_opaque) self.verify_nonce(default_verify_nonce) self.verify_opaque(default_verify_opaque) def generate_nonce(self, f): self.generate_nonce_callback = f return f def verify_nonce(self, f): self.verify_nonce_callback = f return f def generate_opaque(self, f): self.generate_opaque_callback = f return f def verify_opaque(self, f): self.verify_opaque_callback = f return f def get_nonce(self): return self.generate_nonce_callback() def get_opaque(self): return self.generate_opaque_callback() def generate_ha1(self, username, password): a1 = username + ":" + self.realm + ":" + password a1 = a1.encode('utf-8') return md5(a1).hexdigest() def authenticate_header(self): nonce = self.get_nonce() opaque = self.get_opaque() return '{0} realm="{1}",nonce="{2}",opaque="{3}"'.format( self.scheme, self.realm, nonce, opaque) def authenticate(self, auth, stored_password_or_ha1): if not auth or not auth.username or not auth.realm or not auth.uri \ or not auth.nonce or not auth.response \ or not stored_password_or_ha1: return False if not(self.verify_nonce_callback(auth.nonce)) or \ not(self.verify_opaque_callback(auth.opaque)): return False if self.use_ha1_pw: ha1 = stored_password_or_ha1 else: a1 = auth.username + ":" + auth.realm + ":" + \ stored_password_or_ha1 ha1 = md5(a1.encode('utf-8')).hexdigest() a2 = request.method + ":" + auth.uri ha2 = md5(a2.encode('utf-8')).hexdigest() a3 = ha1 + ":" + auth.nonce + ":" + ha2 response = md5(a3.encode('utf-8')).hexdigest() return response == auth.response class HTTPTokenAuth(HTTPAuth): def __init__(self, scheme='Bearer', realm=None): super(HTTPTokenAuth, self).__init__(scheme, realm) self.verify_token_callback = None def verify_token(self, f): self.verify_token_callback = f return f def authenticate(self, auth, stored_password): if auth: token = auth['token'] else: token = "" if self.verify_token_callback: return self.verify_token_callback(token) return False class MultiAuth(object): def __init__(self, main_auth, *args): self.main_auth = main_auth self.additional_auth = args def login_required(self, f): @wraps(f) def decorated(*args, **kwargs): selected_auth = None if 'Authorization' in request.headers: scheme, creds = request.headers['Authorization'].split(None, 1) for auth in self.additional_auth: if auth.scheme == scheme: selected_auth = auth break if selected_auth is None: selected_auth = self.main_auth return selected_auth.login_required(f)(*args, **kwargs) return decorated Flask-HTTPAuth-3.2.1/setup.py000077500000000000000000000023621276310607700157050ustar00rootroot00000000000000""" Flask-HTTPAuth -------------- Basic and Digest HTTP authentication for Flask routes. """ import re from setuptools import setup with open('flask_httpauth.py', 'r') as f: version = re.search(r'^__version__\s*=\s*[\'"]([^\'"]*)[\'"]', f.read(), re.MULTILINE).group(1) setup( name='Flask-HTTPAuth', version=version, url='http://github.com/miguelgrinberg/flask-httpauth/', license='MIT', author='Miguel Grinberg', author_email='miguelgrinberg50@gmail.com', description='Basic and Digest HTTP authentication for Flask routes', long_description=__doc__, py_modules=['flask_httpauth'], zip_safe=False, include_package_data=True, platforms='any', install_requires=[ 'Flask' ], test_suite="tests", classifiers=[ 'Environment :: Web Environment', 'Intended Audience :: Developers', 'License :: OSI Approved :: MIT License', 'Operating System :: OS Independent', 'Programming Language :: Python', 'Programming Language :: Python :: 2', 'Programming Language :: Python :: 3', 'Topic :: Internet :: WWW/HTTP :: Dynamic Content', 'Topic :: Software Development :: Libraries :: Python Modules' ] ) Flask-HTTPAuth-3.2.1/tests/000077500000000000000000000000001276310607700153275ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/tests/__init__.py000066400000000000000000000000001276310607700174260ustar00rootroot00000000000000Flask-HTTPAuth-3.2.1/tests/test_basic_custom_realm.py000066400000000000000000000045621276310607700226020ustar00rootroot00000000000000import unittest import base64 from flask import Flask from flask_httpauth import HTTPBasicAuth class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' basic_auth_my_realm = HTTPBasicAuth(realm='My Realm') @basic_auth_my_realm.get_password def get_basic_password_2(username): if username == 'john': return 'johnhello' elif username == 'susan': return 'susanbye' else: return None @basic_auth_my_realm.hash_password def basic_auth_my_realm_hash_password(username, password): return username + password @basic_auth_my_realm.error_handler def basic_auth_my_realm_error(): return 'custom error' @app.route('/') def index(): return 'index' @app.route('/basic-with-realm') @basic_auth_my_realm.login_required def basic_auth_my_realm_route(): return 'basic_auth_my_realm:' + basic_auth_my_realm.username() self.app = app self.basic_auth_my_realm = basic_auth_my_realm self.client = app.test_client() def test_basic_auth_prompt(self): response = self.client.get('/basic-with-realm') self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="My Realm"') self.assertEqual(response.data.decode('utf-8'), 'custom error') def test_basic_auth_login_valid(self): creds = base64.b64encode(b'john:hello').decode('utf-8') response = self.client.get( '/basic-with-realm', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.data.decode('utf-8'), 'basic_auth_my_realm:john') def test_basic_auth_login_invalid(self): creds = base64.b64encode(b'john:bye').decode('utf-8') response = self.client.get( '/basic-with-realm', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="My Realm"') Flask-HTTPAuth-3.2.1/tests/test_basic_get_password.py000066400000000000000000000043501276310607700226040ustar00rootroot00000000000000import unittest import base64 from flask import Flask from flask_httpauth import HTTPBasicAuth class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' basic_auth = HTTPBasicAuth() @basic_auth.get_password def get_basic_password(username): if username == 'john': return 'hello' elif username == 'susan': return 'bye' else: return None @app.route('/') def index(): return 'index' @app.route('/basic') @basic_auth.login_required def basic_auth_route(): return 'basic_auth:' + basic_auth.username() self.app = app self.basic_auth = basic_auth self.client = app.test_client() def test_no_auth(self): response = self.client.get('/') self.assertEqual(response.data.decode('utf-8'), 'index') def test_basic_auth_prompt(self): response = self.client.get('/basic') self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="Authentication Required"') def test_basic_auth_ignore_options(self): response = self.client.options('/basic') self.assertEqual(response.status_code, 200) self.assertTrue('WWW-Authenticate' not in response.headers) def test_basic_auth_login_valid(self): creds = base64.b64encode(b'john:hello').decode('utf-8') response = self.client.get( '/basic', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.data.decode('utf-8'), 'basic_auth:john') def test_basic_auth_login_invalid(self): creds = base64.b64encode(b'john:bye').decode('utf-8') response = self.client.get( '/basic', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="Authentication Required"') Flask-HTTPAuth-3.2.1/tests/test_basic_hashed_password.py000066400000000000000000000042471276310607700232660ustar00rootroot00000000000000import unittest import base64 from hashlib import md5 as basic_md5 from flask import Flask from flask_httpauth import HTTPBasicAuth def md5(s): if isinstance(s, str): s = s.encode('utf-8') return basic_md5(s) class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' basic_custom_auth = HTTPBasicAuth() @basic_custom_auth.get_password def get_basic_custom_auth_get_password(username): if username == 'john': return md5('hello').hexdigest() elif username == 'susan': return md5('bye').hexdigest() else: return None @basic_custom_auth.hash_password def basic_custom_auth_hash_password(password): return md5(password).hexdigest() @app.route('/') def index(): return 'index' @app.route('/basic-custom') @basic_custom_auth.login_required def basic_custom_auth_route(): return 'basic_custom_auth:' + basic_custom_auth.username() self.app = app self.basic_custom_auth = basic_custom_auth self.client = app.test_client() def test_basic_auth_login_valid_with_hash1(self): creds = base64.b64encode(b'john:hello').decode('utf-8') response = self.client.get( '/basic-custom', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.data.decode('utf-8'), 'basic_custom_auth:john') def test_basic_custom_auth_login_valid(self): creds = base64.b64encode(b'john:hello').decode('utf-8') response = self.client.get( '/basic-custom', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.data, b'basic_custom_auth:john') def test_basic_custom_auth_login_invalid(self): creds = base64.b64encode(b'john:bye').decode('utf-8') response = self.client.get( '/basic-custom', headers={"Authorization": "Basic " + creds}) self.assertEqual(response.status_code, 401) self.assertTrue("WWW-Authenticate" in response.headers) Flask-HTTPAuth-3.2.1/tests/test_basic_verify_password.py000066400000000000000000000040031276310607700233240ustar00rootroot00000000000000import unittest import base64 from flask import Flask, g from flask_httpauth import HTTPBasicAuth class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' basic_verify_auth = HTTPBasicAuth() @basic_verify_auth.verify_password def basic_verify_auth_verify_password(username, password): g.anon = False if username == 'john': return password == 'hello' elif username == 'susan': return password == 'bye' elif username == '': g.anon = True return True return False @basic_verify_auth.error_handler def error_handler(): return 'error', 403 # use a custom error status @app.route('/') def index(): return 'index' @app.route('/basic-verify') @basic_verify_auth.login_required def basic_verify_auth_route(): return 'basic_verify_auth:' + basic_verify_auth.username() + \ ' anon:' + str(g.anon) self.app = app self.basic_verify_auth = basic_verify_auth self.client = app.test_client() def test_verify_auth_login_valid(self): creds = base64.b64encode(b'susan:bye').decode('utf-8') response = self.client.get( '/basic-verify', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.data, b'basic_verify_auth:susan anon:False') def test_verify_auth_login_empty(self): response = self.client.get('/basic-verify') self.assertEqual(response.data, b'basic_verify_auth: anon:True') def test_verify_auth_login_invalid(self): creds = base64.b64encode(b'john:bye').decode('utf-8') response = self.client.get( '/basic-verify', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.status_code, 403) self.assertTrue('WWW-Authenticate' in response.headers) Flask-HTTPAuth-3.2.1/tests/test_digest_custom_realm.py000066400000000000000000000042461276310607700227770ustar00rootroot00000000000000import unittest import re from flask import Flask from flask_httpauth import HTTPDigestAuth class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' digest_auth_my_realm = HTTPDigestAuth(realm='My Realm') @digest_auth_my_realm.get_password def get_digest_password_3(username): if username == 'susan': return 'hello' elif username == 'john': return 'bye' else: return None @app.route('/') def index(): return 'index' @app.route('/digest-with-realm') @digest_auth_my_realm.login_required def digest_auth_my_realm_route(): return 'digest_auth_my_realm:' + digest_auth_my_realm.username() self.app = app self.client = app.test_client() def test_digest_auth_prompt_with_custom_realm(self): response = self.client.get('/digest-with-realm') self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="My Realm",' 'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate'])) def test_digest_auth_login_invalid(self): response = self.client.get( '/digest-with-realm', headers={ "Authorization": 'Digest username="susan",' 'realm="My Realm",' 'nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",' 'uri="/digest-with-realm",' 'response="ca306c361a9055b968810067a37fb8cb",' 'opaque="5ccc069c403ebaf9f0171e9517f40e41"'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="My Realm",' r'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate'])) Flask-HTTPAuth-3.2.1/tests/test_digest_get_password.py000066400000000000000000000173361276310607700230120ustar00rootroot00000000000000import unittest import re from hashlib import md5 as basic_md5 from flask import Flask from flask_httpauth import HTTPDigestAuth from werkzeug.http import parse_dict_header def md5(str): if type(str).__name__ == 'str': str = str.encode('utf-8') return basic_md5(str) def get_ha1(user, pw, realm): a1 = user + ":" + realm + ":" + pw return md5(a1).hexdigest() class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' digest_auth = HTTPDigestAuth() @digest_auth.get_password def get_digest_password_2(username): if username == 'susan': return 'hello' elif username == 'john': return 'bye' else: return None @app.route('/') def index(): return 'index' @app.route('/digest') @digest_auth.login_required def digest_auth_route(): return 'digest_auth:' + digest_auth.username() self.app = app self.digest_auth = digest_auth self.client = app.test_client() def test_digest_auth_prompt(self): response = self.client.get('/digest') self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="Authentication Required",' r'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate'])) def test_digest_auth_ignore_options(self): response = self.client.options('/digest') self.assertEqual(response.status_code, 200) self.assertTrue('WWW-Authenticate' not in response.headers) def test_digest_auth_login_valid(self): response = self.client.get('/digest') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="john",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.data, b'digest_auth:john') def test_digest_auth_login_bad_realm(self): response = self.client.get('/digest') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + 'Wrong Realm' + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="john",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="Authentication Required",' r'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate'])) def test_digest_auth_login_invalid2(self): response = self.client.get('/digest') self.assertEqual(response.status_code, 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'david:' + 'Authentication Required' + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="david",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertTrue(re.match(r'^Digest realm="Authentication Required",' r'nonce="[0-9a-f]+",opaque="[0-9a-f]+"$', response.headers['WWW-Authenticate'])) def test_digest_generate_ha1(self): ha1 = self.digest_auth.generate_ha1('pawel', 'test') ha1_expected = get_ha1('pawel', 'test', self.digest_auth.realm) self.assertEqual(ha1, ha1_expected) def test_digest_custom_nonce_checker(self): @self.digest_auth.generate_nonce def noncemaker(): return 'not a good nonce' @self.digest_auth.generate_opaque def opaquemaker(): return 'some opaque' verify_nonce_called = [] @self.digest_auth.verify_nonce def verify_nonce(provided_nonce): verify_nonce_called.append(provided_nonce) return True verify_opaque_called = [] @self.digest_auth.verify_opaque def verify_opaque(provided_opaque): verify_opaque_called.append(provided_opaque) return True response = self.client.get('/digest') self.assertEqual(response.status_code, 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) self.assertEqual(d['nonce'], 'not a good nonce') self.assertEqual(d['opaque'], 'some opaque') a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest', headers={ 'Authorization': 'Digest username="john",realm="{0}",' 'nonce="{1}",uri="/digest",response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.data, b'digest_auth:john') self.assertEqual(verify_nonce_called, ['not a good nonce'], "Should have verified the nonce.") self.assertEqual(verify_opaque_called, ['some opaque'], "Should have verified the opaque.") Flask-HTTPAuth-3.2.1/tests/test_digest_ha1_password.py000066400000000000000000000045711276310607700227010ustar00rootroot00000000000000import unittest from hashlib import md5 as basic_md5 from flask import Flask from flask_httpauth import HTTPDigestAuth from werkzeug.http import parse_dict_header def md5(str): if type(str).__name__ == 'str': str = str.encode('utf-8') return basic_md5(str) def get_ha1(user, pw, realm): a1 = user + ":" + realm + ":" + pw return md5(a1).hexdigest() class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' digest_auth_ha1_pw = HTTPDigestAuth(use_ha1_pw=True) @digest_auth_ha1_pw.get_password def get_digest_password(username): if username == 'susan': return get_ha1(username, 'hello', digest_auth_ha1_pw.realm) elif username == 'john': return get_ha1(username, 'bye', digest_auth_ha1_pw.realm) else: return None @app.route('/') def index(): return 'index' @app.route('/digest_ha1_pw') @digest_auth_ha1_pw.login_required def digest_auth_ha1_pw_route(): return 'digest_auth_ha1_pw:' + digest_auth_ha1_pw.username() self.app = app self.client = app.test_client() def test_digest_ha1_pw_auth_login_valid(self): response = self.client.get('/digest_ha1_pw') self.assertTrue(response.status_code == 401) header = response.headers.get('WWW-Authenticate') auth_type, auth_info = header.split(None, 1) d = parse_dict_header(auth_info) a1 = 'john:' + d['realm'] + ':bye' ha1 = md5(a1).hexdigest() a2 = 'GET:/digest_ha1_pw' ha2 = md5(a2).hexdigest() a3 = ha1 + ':' + d['nonce'] + ':' + ha2 auth_response = md5(a3).hexdigest() response = self.client.get( '/digest_ha1_pw', headers={ 'Authorization': 'Digest username="john",realm="{0}",' 'nonce="{1}",uri="/digest_ha1_pw",' 'response="{2}",' 'opaque="{3}"'.format(d['realm'], d['nonce'], auth_response, d['opaque'])}) self.assertEqual(response.data, b'digest_auth_ha1_pw:john') Flask-HTTPAuth-3.2.1/tests/test_multi.py000066400000000000000000000063421276310607700200770ustar00rootroot00000000000000import base64 import unittest from flask import Flask from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' basic_auth = HTTPBasicAuth() token_auth = HTTPTokenAuth('MyToken') multi_auth = MultiAuth(basic_auth, token_auth) @basic_auth.verify_password def verify_password(username, password): return username == 'john' and password == 'hello' @token_auth.verify_token def verify_token(token): return token == 'this-is-the-token!' @token_auth.error_handler def error_handler(): return 'error', 401, {'WWW-Authenticate': 'MyToken realm="Foo"'} @app.route('/') def index(): return 'index' @app.route('/protected') @multi_auth.login_required def auth_route(): return 'access granted' self.app = app self.client = app.test_client() def test_multi_auth_prompt(self): response = self.client.get('/protected') self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="Authentication Required"') def test_multi_auth_login_valid_basic(self): creds = base64.b64encode(b'john:hello').decode('utf-8') response = self.client.get( '/protected', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.data.decode('utf-8'), 'access granted') def test_multi_auth_login_invalid_basic(self): creds = base64.b64encode(b'john:bye').decode('utf-8') response = self.client.get( '/protected', headers={'Authorization': 'Basic ' + creds}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="Authentication Required"') def test_multi_auth_login_valid_token(self): response = self.client.get( '/protected', headers={'Authorization': 'MyToken this-is-the-token!'}) self.assertEqual(response.data.decode('utf-8'), 'access granted') def test_multi_auth_login_invalid_token(self): response = self.client.get( '/protected', headers={'Authorization': 'MyToken this-is-not-the-token!'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'MyToken realm="Foo"') def test_multi_auth_login_invalid_scheme(self): response = self.client.get( '/protected', headers={'Authorization': 'Foo this-is-the-token!'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Basic realm="Authentication Required"') Flask-HTTPAuth-3.2.1/tests/test_token.py000066400000000000000000000073101276310607700200610ustar00rootroot00000000000000import unittest from flask import Flask from flask_httpauth import HTTPTokenAuth class HTTPAuthTestCase(unittest.TestCase): def setUp(self): app = Flask(__name__) app.config['SECRET_KEY'] = 'my secret' token_auth = HTTPTokenAuth('MyToken') @token_auth.verify_token def verify_token(token): return token == 'this-is-the-token!' @token_auth.error_handler def error_handler(): return 'error', 401, {'WWW-Authenticate': 'MyToken realm="Foo"'} @app.route('/') def index(): return 'index' @app.route('/protected') @token_auth.login_required def token_auth_route(): return 'token_auth' self.app = app self.token_auth = token_auth self.client = app.test_client() def test_token_auth_prompt(self): response = self.client.get('/protected') self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'MyToken realm="Foo"') def test_token_auth_ignore_options(self): response = self.client.options('/protected') self.assertEqual(response.status_code, 200) self.assertTrue('WWW-Authenticate' not in response.headers) def test_token_auth_login_valid(self): response = self.client.get( '/protected', headers={'Authorization': 'MyToken this-is-the-token!'}) self.assertEqual(response.data.decode('utf-8'), 'token_auth') def test_token_auth_login_valid_different_case(self): response = self.client.get( '/protected', headers={'Authorization': 'mytoken this-is-the-token!'}) self.assertEqual(response.data.decode('utf-8'), 'token_auth') def test_token_auth_login_invalid_token(self): response = self.client.get( '/protected', headers={'Authorization': 'MyToken this-is-not-the-token!'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'MyToken realm="Foo"') def test_token_auth_login_invalid_scheme(self): response = self.client.get( '/protected', headers={'Authorization': 'Foo this-is-the-token!'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'MyToken realm="Foo"') def test_token_auth_login_invalid_header(self): response = self.client.get( '/protected', headers={'Authorization': 'this-is-a-bad-header'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'MyToken realm="Foo"') def test_token_auth_login_invalid_no_callback(self): token_auth2 = HTTPTokenAuth('Token', realm='foo') @self.app.route('/protected2') @token_auth2.login_required def token_auth_route2(): return 'token_auth2' response = self.client.get( '/protected2', headers={'Authorization': 'Token this-is-the-token!'}) self.assertEqual(response.status_code, 401) self.assertTrue('WWW-Authenticate' in response.headers) self.assertEqual(response.headers['WWW-Authenticate'], 'Token realm="foo"') Flask-HTTPAuth-3.2.1/tox.ini000066400000000000000000000017431276310607700155050ustar00rootroot00000000000000[tox] envlist=flake8,py27,py33,py34,py35,pypy,docs,coverage skip_missing_interpreters=True [testenv] commands= coverage run --branch --include=flask_httpauth.py setup.py test coverage report --show-missing coverage erase [testenv:flake8] basepython=python deps= flake8 commands= flake8 --exclude=".*" --ignore=E402 flask_httpauth.py tests examples [testenv:py26] basepython=python2.6 deps= coverage [testenv:py27] basepython=python2.7 deps= coverage [testenv:py33] basepython=python3.3 deps= coverage [testenv:py34] basepython=python3.4 deps= coverage [testenv:py35] basepython=python3.5 deps= coverage [testenv:pypy] basepython=pypy deps= coverage [testenv:docs] basepython=python2.7 changedir=docs deps= sphinx whitelist_externals= make commands= make html [testenv:coverage] basepython=python deps= coverage commands= coverage run --branch --source=flask_httpauth.py setup.py test coverage html coverage erase