Compare commits

..

2 Commits

View File

@ -225,7 +225,7 @@ class DigestAuth:
if opaque is not None: if opaque is not None:
header += f", opaque=\"{opaque}\"" header += f", opaque=\"{opaque}\""
if state.stale is not None: if state.stale is not None:
header += f", stale=TRUE" if state.stale else f", stale=FALSE" header += ", stale=TRUE" if state.stale else ", stale=FALSE"
if self.algorithm is not None: if self.algorithm is not None:
header += f", algorithm=\"{self.algorithm}\"" header += f", algorithm=\"{self.algorithm}\""
if len(self.__qop) > 0: if len(self.__qop) > 0:
@ -344,50 +344,57 @@ class DigestAuth:
self.realm = app.config["DIGEST_AUTH_REALM"] self.realm = app.config["DIGEST_AUTH_REALM"]
if hasattr(app, "login_manager"): if hasattr(app, "login_manager"):
from flask_login import LoginManager, login_user self.__init_login_manager(app)
login_manager: LoginManager = getattr(app, "login_manager") def __init_login_manager(self, app: Flask) -> None:
"""Initializes the Flask-Login login manager.
@login_manager.unauthorized_handler :param app: The Flask application.
def unauthorized() -> None: :return: None.
"""Handles when the user is unauthorized. """
from flask_login import LoginManager, login_user
login_manager: LoginManager = getattr(app, "login_manager")
:return: None. @login_manager.unauthorized_handler
""" def unauthorized() -> None:
state: AuthState = getattr(request, "_digest_auth_state") \ """Handles when the user is unauthorized.
if hasattr(request, "_digest_auth_state") \
else AuthState()
response: Response = Response()
response.status = 401
response.headers["WWW-Authenticate"] \
= self.__make_response_header(state)
abort(response)
@login_manager.request_loader :return: None.
def load_user_from_request(req: Request) -> Optional[Any]: """
"""Loads the user from the request header. state: AuthState = getattr(request, "_digest_auth_state") \
if hasattr(request, "_digest_auth_state") \
else AuthState()
response: Response = Response()
response.status = 401
response.headers["WWW-Authenticate"] \
= self.__make_response_header(state)
abort(response)
:param req: The request. @login_manager.request_loader
:return: The authenticated user, or None if the def load_user_from_request(req: Request) -> Optional[Any]:
authentication fails """Loads the user from the request header.
"""
request._digest_auth_state = AuthState() :param req: The request.
authorization: Authorization = req.authorization :return: The authenticated user, or None if the
try: authentication fails
if authorization is None: """
raise UnauthorizedException request._digest_auth_state = AuthState()
if authorization.type != "digest": authorization: Authorization = req.authorization
raise UnauthorizedException( try:
"Not an HTTP digest authorization") if authorization is None:
self.__authenticate(request._digest_auth_state) raise UnauthorizedException
user = login_manager.user_callback(authorization.username) if authorization.type != "digest":
login_user(user) raise UnauthorizedException(
self.__on_login(user) "Not an HTTP digest authorization")
return user self.__authenticate(request._digest_auth_state)
except UnauthorizedException as e: user = login_manager.user_callback(authorization.username)
if str(e) != "": login_user(user)
app.logger.warning(str(e)) self.__on_login(user)
return None return user
except UnauthorizedException as e:
if str(e) != "":
app.logger.warning(str(e))
return None
def logout(self) -> None: def logout(self) -> None:
"""Logs out the user. """Logs out the user.