# HG changeset patch
# User paulb
# Date 1085696280 0
# Node ID 59bfcff46a3d992fdc6cdd6e47568703c819a679
# Parent  27406c9d5d813d5443c917ae0dddd014b82988be
[project @ 2004-05-27 22:18:00 by paulb]
Added an example login redirect component which works with the example
login server to provide common authentication for applications.

diff -r 27406c9d5d81 -r 59bfcff46a3d examples/Common/LoginRedirect/__init__.py
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/examples/Common/LoginRedirect/__init__.py	Thu May 27 22:18:00 2004 +0000
@@ -0,0 +1,61 @@
+#!/usr/bin/env python
+
+"Login redirection."
+
+import md5
+
+class LoginRedirectResource:
+
+    "A resource redirecting to a login URL."
+
+    def __init__(self, login_url, app_url, resource, authenticator):
+
+        """
+        Initialise the resource with a 'login_url', an 'app_url' where the
+        'resource' for the application being protected should be reachable, and
+        an 'authenticator'.
+        """
+
+        self.login_url = login_url
+        self.app_url = app_url
+        self.resource = resource
+        self.authenticator = authenticator
+
+    def respond(self, trans):
+
+        # Check the authentication details with the specified authenticator.
+
+        if self.authenticator.authenticate(trans):
+            self.resource.respond(trans)
+        else:
+            # Redirect to the login URL.
+
+            trans.set_header_value("Location", "%s?redirect=%s%s" % (self.login_url, self.app_url, trans.get_path()))
+            trans.set_response_code(307)
+
+class LoginRedirectAuthenticator:
+
+    """
+    An authenticator which verifies the credentials provided in a special login cookie.
+    """
+
+    def __init__(self, secret_key):
+
+        "Initialise the authenticator with a 'secret_key'."
+
+        self.secret_key = secret_key
+
+    def authenticate(self, trans):
+        cookie = trans.get_cookie("LoginAuthenticator")
+        if cookie is None:
+            return 0
+
+        # Test the token from the cookie against a recreated token using the
+        # given information.
+        # NOTE: This should be moved into a common library.
+
+        username, code = cookie.value.split(":")
+        print "*", username, code
+        return code == md5.md5(username + self.secret_key).hexdigest()
+
+# vim: tabstop=4 expandtab shiftwidth=4