Compare commits

..

No commits in common. "2de770aed0e2d9f683c2325e130804cb3c123cca" and "a07118ef9c9b82b51d55068a2da2cadb32b34953" have entirely different histories.

4 changed files with 6 additions and 49 deletions

View File

@ -13,7 +13,7 @@ sys.path.insert(0, os.path.abspath('../../src/'))
project = 'Flask-Digest-Auth'
copyright = '2022, imacat'
author = 'imacat'
release = '0.3.1'
release = '0.3.0'
# -- General configuration ---------------------------------------------------
# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration

View File

@ -17,7 +17,7 @@
[metadata]
name = flask-digest-auth
version = 0.3.1
version = 0.3.0
author = imacat
author_email = imacat@mail.imacat.idv.tw
description = The Flask HTTP Digest Authentication project.

View File

@ -356,13 +356,10 @@ class DigestAuth:
:return: None.
"""
state: AuthState = request.digest_auth_state \
if hasattr(request, "digest_auth_state") \
else AuthState()
response: Response = Response()
response.status = 401
response.headers["WWW-Authenticate"] \
= self.__make_response_header(state)
= self.__make_response_header(g.digest_auth_state)
abort(response)
@login_manager.request_loader
@ -373,7 +370,7 @@ class DigestAuth:
:return: The authenticated user, or None if the
authentication fails
"""
request.digest_auth_state = AuthState()
g.digest_auth_state = AuthState()
authorization: Authorization = req.authorization
try:
if authorization is None:
@ -381,7 +378,7 @@ class DigestAuth:
if authorization.type != "digest":
raise UnauthorizedException(
"Not an HTTP digest authorization")
self.__authenticate(request.digest_auth_state)
self.__authenticate(g.digest_auth_state)
user = login_manager.user_callback(
authorization.username)
login_user(user)

View File

@ -45,6 +45,7 @@ class User:
self.password_hash: str = make_password_hash(
_REALM, username, password)
self.visits: int = 0
self.is_authenticated: bool = True
self.is_active: bool = True
self.is_anonymous: bool = False
@ -56,16 +57,6 @@ class User:
"""
return self.username
@property
def is_authenticated(self) -> bool:
"""Returns whether the user is authenticated.
This is required by Flask-Login.
This should return self.is_active.
:return: True if the user is active, or False otherwise.
"""
return self.is_active
class FlaskLoginTestCase(TestCase):
"""The test case with the Flask-Login integration."""
@ -265,34 +256,3 @@ class FlaskLoginTestCase(TestCase):
response = self.client.get(admin_uri)
self.assertEqual(response.status_code, 200)
self.assertEqual(self.user.visits, 2)
def test_disabled(self) -> None:
"""Tests the disabled user.
:return: None.
"""
if not self.has_flask_login:
self.skipTest("Skipped without Flask-Login.")
response: Response
self.user.is_active = False
response = self.client.get(self.app.url_for("admin-1"))
self.assertEqual(response.status_code, 401)
response = self.client.get(self.app.url_for("admin-1"),
digest_auth=(_USERNAME, _PASSWORD))
self.assertEqual(response.status_code, 401)
self.user.is_active = True
response = self.client.get(self.app.url_for("admin-1"),
digest_auth=(_USERNAME, _PASSWORD))
self.assertEqual(response.status_code, 200)
response = self.client.get(self.app.url_for("admin-1"))
self.assertEqual(response.status_code, 200)
self.user.is_active = False
response = self.client.get(self.app.url_for("admin-1"))
self.assertEqual(response.status_code, 401)
response = self.client.get(self.app.url_for("admin-1"),
digest_auth=(_USERNAME, _PASSWORD))
self.assertEqual(response.status_code, 401)