extractors Package¶

`extractors` Package¶

The ExtractorInterface class, used to extract and validate information in web requests that may identify a user. Often, but not always, that information was originally created by a challenger.

class tiddlyweb.web.extractors.ExtractorInterface¶

Bases: object

An interface for user extraction.

Given a WSGI environ, figure out if the request contains information which can be used to identify a valid user. If it does, return a dict including information about that user.

If it doesn’t return False.

extract(environ, start_response)¶: Look at the incoming request and try to extract a user.

load_user(environ, usersign)¶: Check the User database in the store for a user matching this usersign. The user is not required to exist, but if it does it can be used to get additional information about the user, such as roles.

`http_basic` Module¶

A very simple extractor that looks at the HTTP Authorization header and looks for Basic auth information therein.

class tiddlyweb.web.extractors.http_basic.Extractor¶

Bases: tiddlyweb.web.extractors.ExtractorInterface

An extractor for HTTP Basic Authentication. If there is an Authorization header attempt to get a username and password out of it and compare with User information in the Store. If the password is valid, return the user information. Otherwise return False.

extract(environ, start_response)¶: Look in the request for an Authorization header.

`simple_cookie` Module¶

An extractor that looks at a cookie named tiddlyweb_user.

class tiddlyweb.web.extractors.simple_cookie.Extractor¶

Bases: tiddlyweb.web.extractors.ExtractorInterface

Look in the headers for a cookie named tiddlyweb_user.

If it is there and the associated hashed value validates against a server side secret, return the indicated user.

extract(environ, start_response)¶: Extract the cookie, if there, from the headers and attempt to validate its contents.

extractors Package¶