diff options
Diffstat (limited to 'distixapi/authn.py')
| -rw-r--r-- | distixapi/authn.py | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/distixapi/authn.py b/distixapi/authn.py index 53816b6..a7fbbcf 100644 --- a/distixapi/authn.py +++ b/distixapi/authn.py @@ -1,6 +1,9 @@ # Functions for checking authantication for API clients. +import base64 + + def get_credentials(request): '''Return username, password of API client. @@ -9,8 +12,19 @@ def get_credentials(request): ''' - raise AuthenticationError('No Authorization header') + header = request.get_header('Authorization') + if header is None: + raise AuthenticationError('No Authorization header') + + words = header.split() + if len(words) == 0: + raise AuthenticationError('Authorization header has no value') + + if len(words) != 2 or words[0].lower() != 'basic': + raise AuthenticationError('Authorization header is not for Basic Auth') + decoded = base64.b64decode(words[1]) + return decoded.split(':', 1) class AuthenticationError(Exception): |