From 18ea7e49429f03a956ee4faf47b81d811ace82f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Schmidts?= Date: Wed, 15 Jan 2014 22:28:36 +0100 Subject: [PATCH] removing the user and password getting from main __call__ function --- radicale/__init__.py | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/radicale/__init__.py b/radicale/__init__.py index 0a851d96..79644779 100644 --- a/radicale/__init__.py +++ b/radicale/__init__.py @@ -234,6 +234,18 @@ class Application(object): return read_allowed_items, write_allowed_items + def get_creds_from_env(self, env): + """Extract a user and a password from the request environ.""" + # Ask authentication backend to check rights + if 'HTTP_AUTHORIZATION' in env: + authorization = env['HTTP_AUTHORIZATION'].lstrip("Basic").strip() + return self.decode(base64.b64decode( + authorization.encode("ascii")), env).split(":", 1) + # Get the webserver authentified user + elif 'REMOTE_USER' in env: + return env['REMOTE_USER'], None + return None, None + def __call__(self, environ, start_response): """Manage a request.""" log.LOGGER.info("%s request at %s received" % ( @@ -270,20 +282,7 @@ class Application(object): # Get function corresponding to method function = getattr(self, environ["REQUEST_METHOD"].lower()) - # Ask authentication backend to check rights - authorization = environ.get("HTTP_AUTHORIZATION", None) - - # Get the apache authentified user - remote_user = environ.get("REMOTE_USER", None) - - if authorization: - authorization = authorization.lstrip("Basic").strip() - user, password = self.decode(base64.b64decode( - authorization.encode("ascii")), environ).split(":", 1) - elif remote_user: - user, password = remote_user, None - else: - user = password = None + user, password = self.get_creds_from_env(environ) read_allowed_items, write_allowed_items = \ self.collect_allowed_items(items, user)