diff options
| author | Lars Wirzenius <liw@liw.fi> | 2018-07-31 15:46:45 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2018-07-31 15:54:02 +0300 |
| commit | 527d2855f37bed4fe8ab82a0d0c340258a19adc7 (patch) | |
| tree | e2f87ebabda349f568405c27f26761c1b313be18 /qvisqve | |
| parent | 9ead1c5c91e3c75274aa56dca2b17036cdc45573 (diff) | |
| download | qvisqve-527d2855f37bed4fe8ab82a0d0c340258a19adc7.tar.gz | |
Add: actually check user credentials
Diffstat (limited to 'qvisqve')
| -rw-r--r-- | qvisqve/api.py | 7 | ||||
| -rw-r--r-- | qvisqve/auth_router.py | 19 |
2 files changed, 24 insertions, 2 deletions
diff --git a/qvisqve/api.py b/qvisqve/api.py index 6c3fe34..dfe69d0 100644 --- a/qvisqve/api.py +++ b/qvisqve/api.py @@ -31,7 +31,7 @@ class API: qvisqve.TokenRouter( self._create_token_generator(), self._get_clients()), qvisqve.LoginRouter(), - qvisqve.AuthRouter(self._get_applications()), + qvisqve.AuthRouter(self._get_applications(), self._get_users()), ] routes = [] @@ -65,3 +65,8 @@ class API: rs = self._create_resource_store() am = qvisqve.ApplicationManager(rs) return am + + def _get_users(self): + rs = self._create_resource_store() + um = qvisqve.UserManager(rs) + return um diff --git a/qvisqve/auth_router.py b/qvisqve/auth_router.py index 717e46f..378a995 100644 --- a/qvisqve/auth_router.py +++ b/qvisqve/auth_router.py @@ -17,14 +17,18 @@ import urllib.parse +import bottle + + import qvisqve class AuthRouter(qvisqve.Router): - def __init__(self, apps): + def __init__(self, apps, users): super().__init__() self._apps = apps + self._users = users def get_routes(self): return [ @@ -44,6 +48,12 @@ class AuthRouter(qvisqve.Router): if content_type != 'application/x-www-form-urlencoded': return qvisqve.bad_request_response('Wrong content type') + params = self._get_form_params(body) + username = self._get_param(params, 'username') + password = self._get_param(params, 'password') + if not self._users.is_valid_secret(username, password): + return qvisqve.unauthorized_response('Access denied') + # TODO: # - perform actual auth # - create and store auth code @@ -59,3 +69,10 @@ class AuthRouter(qvisqve.Router): qvisqve.log.log('xxx', msg_text='Returning redirect', url=url) return qvisqve.found_response('Redirect to callback url', url) + + def _get_param(self, params, name): + return params[name][0] + + def _get_form_params(self, body): + body = body.decode('UTF-8') + return urllib.parse.parse_qs(body) |