1
by steveh at sjsoft
New upstream release |
1 |
# This file is part of CherryPy <http://www.cherrypy.org/>
|
2 |
# -*- coding: utf-8 -*-
|
|
3 |
# vim:ts=4:sw=4:expandtab:fileencoding=utf-8
|
|
4 |
||
5 |
from cherrypy.test import test |
|
6 |
test.prefer_parent_path() |
|
7 |
||
8 |
try: |
|
9 |
from hashlib import md5 |
|
10 |
except ImportError: |
|
11 |
# Python 2.4 and earlier
|
|
12 |
from md5 import new as md5 |
|
13 |
||
14 |
import cherrypy |
|
15 |
from cherrypy.lib import auth_basic |
|
16 |
||
17 |
def setup_server(): |
|
18 |
class Root: |
|
19 |
def index(self): |
|
20 |
return "This is public." |
|
21 |
index.exposed = True |
|
22 |
||
23 |
class BasicProtected: |
|
24 |
def index(self): |
|
25 |
return "Hello %s, you've been authorized." % cherrypy.request.login |
|
26 |
index.exposed = True |
|
27 |
||
28 |
class BasicProtected2: |
|
29 |
def index(self): |
|
30 |
return "Hello %s, you've been authorized." % cherrypy.request.login |
|
31 |
index.exposed = True |
|
32 |
||
33 |
userpassdict = {'xuser' : 'xpassword'} |
|
34 |
userhashdict = {'xuser' : md5('xpassword').hexdigest()} |
|
35 |
||
36 |
def checkpasshash(realm, user, password): |
|
37 |
p = userhashdict.get(user) |
|
38 |
return p and p == md5(password).hexdigest() or False |
|
39 |
||
40 |
conf = {'/basic': {'tools.auth_basic.on': True, |
|
41 |
'tools.auth_basic.realm': 'wonderland', |
|
42 |
'tools.auth_basic.checkpassword': auth_basic.checkpassword_dict(userpassdict)}, |
|
43 |
'/basic2': {'tools.auth_basic.on': True, |
|
44 |
'tools.auth_basic.realm': 'wonderland', |
|
45 |
'tools.auth_basic.checkpassword': checkpasshash}, |
|
46 |
}
|
|
47 |
||
48 |
root = Root() |
|
49 |
root.basic = BasicProtected() |
|
50 |
root.basic2 = BasicProtected2() |
|
51 |
cherrypy.tree.mount(root, config=conf) |
|
52 |
||
53 |
from cherrypy.test import helper |
|
54 |
||
55 |
class BasicAuthTest(helper.CPWebCase): |
|
56 |
||
57 |
def testPublic(self): |
|
58 |
self.getPage("/") |
|
59 |
self.assertStatus('200 OK') |
|
60 |
self.assertHeader('Content-Type', 'text/html;charset=utf-8') |
|
61 |
self.assertBody('This is public.') |
|
62 |
||
63 |
def testBasic(self): |
|
64 |
self.getPage("/basic/") |
|
65 |
self.assertStatus(401) |
|
66 |
self.assertHeader('WWW-Authenticate', 'Basic realm="wonderland"') |
|
67 |
||
68 |
self.getPage('/basic/', [('Authorization', 'Basic eHVzZXI6eHBhc3N3b3JX')]) |
|
69 |
self.assertStatus(401) |
|
70 |
||
71 |
self.getPage('/basic/', [('Authorization', 'Basic eHVzZXI6eHBhc3N3b3Jk')]) |
|
72 |
self.assertStatus('200 OK') |
|
73 |
self.assertBody("Hello xuser, you've been authorized.") |
|
74 |
||
75 |
def testBasic2(self): |
|
76 |
self.getPage("/basic2/") |
|
77 |
self.assertStatus(401) |
|
78 |
self.assertHeader('WWW-Authenticate', 'Basic realm="wonderland"') |
|
79 |
||
80 |
self.getPage('/basic2/', [('Authorization', 'Basic eHVzZXI6eHBhc3N3b3JX')]) |
|
81 |
self.assertStatus(401) |
|
82 |
||
83 |
self.getPage('/basic2/', [('Authorization', 'Basic eHVzZXI6eHBhc3N3b3Jk')]) |
|
84 |
self.assertStatus('200 OK') |
|
85 |
self.assertBody("Hello xuser, you've been authorized.") |
|
86 |
||
87 |
||
88 |
if __name__ == "__main__": |
|
89 |
helper.testmain() |