出于研究目的,我想知道是否有一个简单的虚拟示例,说明如何使用python处理具有基本身份验证的http请求。我想从一个我发现并改编的例子中遵循相同的模式,如下所示:
'''webservice.py'''
import tornado.httpserver
import tornado.ioloop
import tornado.web
import tornado.auth
from tornado.web import HTTPError
from tornado.escape import json_encode as dumps
from tornado.escape import json_decode as loads
import db
import settings
class MainHandler(tornado.web.RequestHandler):
"""Main Handler... list all databases"""
def get(self):
self.write(dumps(db.list_databases()))
application = tornado.web.Application([
(r"/", MainHandler),
],
cookie_secret='PUT_SOME_CODE',
)
if __name__ == "__main__":
http_server = tornado.httpserver.HTTPServer(application)
http_server.listen(settings.port)
tornado.ioloop.IOLoop.instance().start()
当到达http://localhost:8888/时出现一个数据库列表,这是脚本的目的。这可以通过浏览器和测试脚本访问,如:
'''tester.py'''
from tornado.httpclient import HTTPClient
from tornado.escape import json_decode as loads
url='http://localhost:8888/'
http_client=HTTPClient()
response=http_client.fetch(url)
listResponse=loads(response.body)
print(listResponse)
http_client.close()
下面是最简单的基本验证示例。当然,它可以在很多方面得到改进,这只是一个演示它通常是如何工作的。
import httplib
class MainHandler(tornado.web.RequestHandler):
"""Main Handler... list all databases"""
def get(self):
self.check_basic_auth()
do_stuff()
def check_basic_auth(self):
if not self.test_auth_credentials():
raise HTTPError(httplib.UNAUTHORIZED,
headers={'WWW-Authenticate': 'Basic realm="Auth realm"'})
def test_auth_credentials(self):
auth_header = self.request.headers.get('Authorization')
if auth_header and auth_header.startswith('Basic '):
method, auth_b64 = auth_header.split(' ')
try:
decoded_value = auth_b64.decode('base64')
except ValueError:
return False
given_login, _, given_passwd = decoded_value.partition(':')
return <YOUR_LOGIN> == given_login and <YOUR_PASSWORD> == given_passwd
return False