要在Cherrypy中启用摘要身份验证,他们会说使用这样的代码:
[/protected/area]
tools.auth_digest.on = True
tools.auth_digest.realm = 'localhost',
tools.auth_digest.get_ha1 = auth_digest.get_ha1_dict_plain({'jon': 'secret'}),
tools.auth_digest.key = 'a565c27146791cfb'
它运作良好。但我使用server.conf文件存储我的应用程序的所有配置,我想继续使用此文件。所以我写了新的部分:
ValueError: ('Config error in section: \'/protected/area\', option: \'tools.auth_digest.get_ha1\', value: "auth_digest.get_ha1_dict_plain({\'jon\': \'secret\'}),". Config values must be valid Python.', 'TypeError', ("unrepr could not resolve the name 'auth_digest'",))
在thjis之后我得到了错误:
public boolean addObjectToDB(Alarm inData){
//You missed this line
db = getWritableDatabase();
boolean rValue = true;
long result;
Log.i("This is my super tag!!!", "running from addObjectToDB method!!");
Log.i("This is my super tag!!!", inData.getName());
Log.i("This is my super tag!!!", inData.getId());
// ============== CV : start ==============
ContentValues cv = new ContentValues();
cv.put(COL_1, inData.getId());
cv.put(COL_2, inData.getName());
// COL_3 - DAYS
cv.put(COL_4, inData.getRingtone().toString());
cv.put(COL_5, inData.getHour());
cv.put(COL_6, inData.getMinute());
result = db.insert(TABLE_NAME, null, cv); //I did some extensive testing and this is the point when the app first crashes
if(result == -1){
rValue = false;
}
else{
// ============== CV2 : start ==============
ContentValues cv2 = new ContentValues();
List<String> days = inData.getDays();
cv2.put(COL_1, inData.getId());
cv2.put(DAYS_COL_1, days.get(0));
cv2.put(DAYS_COL_2, days.get(1));
cv2.put(DAYS_COL_3, days.get(2));
cv2.put(DAYS_COL_4, days.get(3));
cv2.put(DAYS_COL_5, days.get(4));
cv2.put(DAYS_COL_6, days.get(5));
cv2.put(DAYS_COL_7, days.get(6));
result = db.insert(TABLE_NAME_DAYS, null, cv2);
rValue = result != -1;
}
return rValue;
}
我理解其中的原因,但我不知道如何提供有效的Python&#34;与server.conf。请帮帮我。
答案 0 :(得分:2)
您可以在应用程序中进行该函数调用,并在配置中使用结果函数,如:
myapp/__init__.py:
get_ha1 = auth_digest.get_ha1_dict_plain({'jon': 'secret'})
server.conf:
[/protected/area]
tools.auth_digest.on = True
tools.auth_digest.realm = 'localhost'
tools.auth_digest.get_ha1 = myapp.get_ha1
tools.auth_digest.key = 'a565c27146791cfb'
问题在于您在代码中定义凭据。
值得一提的是,您可以使用其他功能,不仅仅是您在dict中使用纯文本密码定义用户的功能,您可以使用来自cherrypy.lib.auth_digest.get_ha1_file_htdigest的htdigest文件或实现您自己的ha1功能类似于get_ha1_dict_plain返回的功能:
def get_ha1_dict_plain(user_password_dict):
"""Returns a get_ha1 function which obtains a plaintext password from a
dictionary of the form: {username : password}.
If you want a simple dictionary-based authentication scheme, with plaintext
passwords, use get_ha1_dict_plain(my_userpass_dict) as the value for the
get_ha1 argument to digest_auth().
"""
def get_ha1(realm, username):
password = user_password_dict.get(username)
if password:
return md5_hex('%s:%s:%s' % (username, realm, password))
return None
return get_ha1
我实现了一个从数据库中获取ha1的方法,例如使用这个sqlalchemy模型(https://github.com/cyraxjoe/maki/blob/master/maki/db/models.py#L174-L189):
class User(Base):
__tablename__ = 'users'
name = Column(String(32), unique=True, nullable=False)
vname = Column(String(64))
email = Column(String(64), nullable=False)
ha1 = Column(String(32), nullable=False)
active = Column(Boolean, server_default='True')
@validates('ha1')
def validates_ha1(self, key, passwd):
if self.name is None:
raise Exception('Set the name first')
pack = ':'.join([self.name, maki.constants.REALM, passwd])
return hashlib.md5(pack.encode()).hexdigest()
get_ha1函数(https://github.com/cyraxjoe/maki/blob/master/maki/db/utils.py#L63):
def get_user_ha1(realm, username):
# realm is not used the stored hash already used it.
user = db.ses.query(db.models.User).filter_by(name=username).scalar()
if user is not None:
return user.ha1
重要的是ha1只是“user:real:password”的md5哈希值,你可以在很多不同的地方实现它。