diff options
author | Jason R. Coombs <jaraco@jaraco.com> | 2018-02-04 12:29:08 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-04 12:29:08 -0500 |
commit | 15ba399c6907a63b9da458e5431750320606f3bf (patch) | |
tree | 83b6d1051e6563b502d91ca77957e87c2c97728a /cherrypy | |
parent | ef7bd2e97000ec202708b5c4fec88d1de85583a1 (diff) | |
parent | 8e7c6c2e5fff81b8503fad1ba8c3034b4bbde417 (diff) | |
download | cherrypy-git-15ba399c6907a63b9da458e5431750320606f3bf.tar.gz |
Merge pull request #1689 from cherrypy/feature/deprecate-old-auth
Deprecate old auth tools
Diffstat (limited to 'cherrypy')
-rw-r--r-- | cherrypy/lib/auth.py | 32 | ||||
-rw-r--r-- | cherrypy/lib/httpauth.py | 9 |
2 files changed, 40 insertions, 1 deletions
diff --git a/cherrypy/lib/auth.py b/cherrypy/lib/auth.py index 34ad6886..89c8cea3 100644 --- a/cherrypy/lib/auth.py +++ b/cherrypy/lib/auth.py @@ -1,10 +1,38 @@ +""" +Deprecated implementation of basic and digest auth. + +Look to auth_basic and auth_digest instead. +""" + +import warnings + import cherrypy -from cherrypy.lib import httpauth + + +# import late to avoid deprecation warning on import +httpauth = None + + +def import_httpauth(): + """ + Late-import cherrypy.lib.httpauth into globals. + Then replace this function so it does nothing. + """ + globals().update( + httpauth=__import__('cherrypy.lib.httpauth').lib.httpauth, + import_httpauth=lambda: None + ) def check_auth(users, encrypt=None, realm=None): """If an authorization header contains credentials, return True or False. """ + import_httpauth() + msg = ( + '`basic_auth` and `digest_auth` tools are deprecated. Use ' + '`auth_basic` and `auth_digest` instead.' + ) + warnings.warn(msg, DeprecationWarning) request = cherrypy.serving.request if 'authorization' in request.headers: # make sure the provided credentials are correctly set @@ -62,6 +90,7 @@ def basic_auth(realm, users, encrypt=None, debug=False): if None it defaults to a md5 encryption. """ + import_httpauth() if check_auth(users, encrypt): if debug: cherrypy.log('Auth successful', 'TOOLS.BASIC_AUTH') @@ -84,6 +113,7 @@ def digest_auth(realm, users, debug=False): A dict of the form: {username: password} or a callable returning a dict. """ + import_httpauth() if check_auth(users, realm=realm): if debug: cherrypy.log('Auth successful', 'TOOLS.DIGEST_AUTH') diff --git a/cherrypy/lib/httpauth.py b/cherrypy/lib/httpauth.py index 7e9fb035..41d31c92 100644 --- a/cherrypy/lib/httpauth.py +++ b/cherrypy/lib/httpauth.py @@ -1,4 +1,6 @@ """ +Deprecated implementations of HTTP Digest Authentication + This module defines functions to implement HTTP Digest Authentication (:rfc:`2617`). This has full compliance with 'Digest' and 'Basic' authentication methods. In @@ -22,6 +24,7 @@ SUPPORTED_QOP - list of supported 'Digest' 'qop'. """ import time +import warnings from hashlib import md5 from six.moves.urllib.request import parse_http_list, parse_keqv_list @@ -31,6 +34,12 @@ from cherrypy._cpcompat import ( ) +warnings.warn( + '`httpauth` module is deprecated. Do not use.', + DeprecationWarning, +) + + __version__ = 1, 0, 1 __author__ = 'Tiago Cogumbreiro <cogumbreiro@users.sf.net>' __credits__ = """ |