indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

outbox post authentication

master
Bob Mottram 2019-07-04 10:00:53 +01:00
parent c4797d3de2
commit 50a2f95c9c
3 changed files with 9 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
auth.py
View File

@ -38,17 +38,6 @@ def createBasicAuthHeader(nickname: str,password: str) -> str:
authStr=nickname.replace('\n','')+':'+password.replace('\n','') authStr=nickname.replace('\n','')+':'+password.replace('\n','')
return 'Basic '+base64.b64encode(authStr.encode('utf-8')).decode('utf-8') return 'Basic '+base64.b64encode(authStr.encode('utf-8')).decode('utf-8')
def nicknameFromBasicAuth(authHeader: str) -> str:
"""Returns the nickname from basic auth header
"""
if ' ' not in authHeader:
return None
base64Str = authHeader.split(' ')[1].replace('\n','')
plain = base64.b64decode(base64Str).decode('utf-8')
if ':' not in plain:
return None
return plain.split(':')[0]
def authorizeBasic(baseDir: str,path: str,authHeader: str,debug: bool) -> bool: def authorizeBasic(baseDir: str,path: str,authHeader: str,debug: bool) -> bool:
"""HTTP basic auth """HTTP basic auth
""" """

21
daemon.py
View File

@ -25,7 +25,6 @@ from inbox import inboxPermittedMessage
from inbox import inboxMessageHasParams from inbox import inboxMessageHasParams
from follow import getFollowingFeed from follow import getFollowingFeed
from auth import authorize from auth import authorize
from auth import nicknameFromBasicAuth
import os import os
import sys import sys
@ -287,17 +286,15 @@ class PubServer(BaseHTTPRequestHandler):
if self.path.endswith('/outbox'): if self.path.endswith('/outbox'):
if '/users/' in self.path: if '/users/' in self.path:
if self.headers.get('Authorization'): if self.headers.get('Authorization'):
nickname=self.path.split('/users/')[1].replace('/inbox','') if authorize(self.server.baseDir,self.path,self.headers['Authorization'],self.server.debug):
if nickname==nicknameFromBasicAuth(self.headers['Authorization']): self.outboxAuthenticated=True
if authorize(self.server.baseDir,self.headers['Authorization']): self.postToNickname=nickname
self.outboxAuthenticated=True # TODO
self.postToNickname=nickname print('c2s posts not supported yet')
# TODO self.send_response(405)
print('c2s posts not supported yet') self.end_headers()
self.send_response(405) self.server.POSTbusy=False
self.end_headers() return
self.server.POSTbusy=False
return
if not self.outboxAuthenticated: if not self.outboxAuthenticated:
self.send_response(405) self.send_response(405)
self.end_headers() self.end_headers()

2
tests.py
View File

@ -35,7 +35,6 @@ from person import setBio
from auth import createBasicAuthHeader from auth import createBasicAuthHeader
from auth import authorizeBasic from auth import authorizeBasic
from auth import storeBasicCredentials from auth import storeBasicCredentials
from auth import nicknameFromBasicAuth
testServerAliceRunning = False testServerAliceRunning = False
testServerBobRunning = False testServerBobRunning = False
@ -317,7 +316,6 @@ def testAuthentication():
assert storeBasicCredentials(baseDir,nickname,password) assert storeBasicCredentials(baseDir,nickname,password)
authHeader=createBasicAuthHeader(nickname,password) authHeader=createBasicAuthHeader(nickname,password)
assert nickname==nicknameFromBasicAuth(authHeader)
assert authorizeBasic(baseDir,'/users/'+nickname+'/inbox',authHeader,False) assert authorizeBasic(baseDir,'/users/'+nickname+'/inbox',authHeader,False)
assert authorizeBasic(baseDir,'/users/'+nickname,authHeader,False)==False assert authorizeBasic(baseDir,'/users/'+nickname,authHeader,False)==False
assert authorizeBasic(baseDir,'/users/othernick/inbox',authHeader,False)==False assert authorizeBasic(baseDir,'/users/othernick/inbox',authHeader,False)==False