extractors Package¶
extractors
Package¶
The ExtractorInterface class, used to extract and validate
information in web requests that may identify a user. Often,
but not always, that information was originally created by
a challenger
.
-
class
tiddlyweb.web.extractors.
ExtractorInterface
¶ Bases:
object
An interface for user extraction.
Given a WSGI environ, figure out if the request contains information which can be used to identify a valid user. If it does, return a dict including information about that user.
If it doesn’t return False.
-
extract
(environ, start_response)¶ Look at the incoming request and try to extract a user.
-
http_basic
Module¶
A very simple extractor
that looks at the
HTTP Authorization
header and looks for Basic auth information
therein.
-
class
tiddlyweb.web.extractors.http_basic.
Extractor
¶ Bases:
tiddlyweb.web.extractors.ExtractorInterface
An
extractor
for HTTP Basic Authentication. If there is an Authorization header attempt to get a username and password out of it and compare withUser
information in theStore
. If the password is valid, return the user information. Otherwise returnFalse
.-
extract
(environ, start_response)¶ Look in the request for an
Authorization
header.
-
simple_cookie
Module¶
An extractor
that looks at a cookie named tiddlyweb_user
.
Bases:
tiddlyweb.web.extractors.ExtractorInterface
Look in the headers for a cookie named
tiddlyweb_user
.If it is there and the associated hashed value validates against a server side secret, return the indicated user.
Extract the cookie, if there, from the headers and attempt to validate its contents.