Implement a basic authentication API

master
kaiyou 7 years ago
parent 8920982213
commit 17b184e5c8

@ -3,6 +3,8 @@ from mailu.internal import internal, nginx
import flask import flask
import flask_login import flask_login
import base64
import urllib
@internal.route("/auth/email") @internal.route("/auth/email")
@ -28,3 +30,21 @@ def admin_authentication():
and flask_login.current_user.global_admin): and flask_login.current_user.global_admin):
return "" return ""
return flask.abort(403) return flask.abort(403)
@internal.route("/auth/basic")
def basic_authentication():
""" Tries to authenticate using the Authorization header.
"""
authorization = flask.request.headers.get("Authorization")
if authorization and authorization.startswith("Basic "):
encoded = authorization.replace("Basic ", "")
user_email, password = base64.b64decode(encoded).split(b":")
user = models.User.query.get(user_email.decode("utf8"))
if user and user.check_password(password.decode("utf8")):
response = flask.Response()
response.headers["X-User"] = user.email
return response
response = flask.Response(status=401)
response.headers["WWW-Authenticate"] = 'Basic realm="Login Required"'
return response

Loading…
Cancel
Save