Skip to main content

Buildout recipe for create and update the flat-files used to store usernames and password for basic authentication of HTTP users

Project description

Introdution

This recipe can be used to generate files for basic authentication of HTTP users, to restrict the access to HTTP resoruces. The aim is to be fully compatible with the htpasswd program that come with the Apache httpd Server, and support all the password formats that it supports. This formats, with some minor diffenrences in the case of the plain method, are also supported by the auth_basic module of the nginx http server.

This recipe support crypt, md5 (APR md5 algorithm), plain and sha1 algorithms for storage passwords. The crypt algorithm is based on the system’s crypt() routine, so it inherits its limitations (see: man 5 crypt).

Note: The plaintext passowrds are only accepted by the Apache httpd server on Windows and Netware.

Caution: This recipe should not be used to update an existing htpasswd file, because it overwritte the htpasswd file in every update.

Example usage

The simplest way to use this recipe is to add a part in buildout.cfg like this:

[buildout]
parts = htpasswd

[htpasswd]
recipe = collective.recipe.htpasswd
output = ${buildout:directory}/etc/htpasswd
credentials =
    nueces:secret
    nutz:crackme

One example using the sha1 algorithm:

[buildout]
parts = htpasswd

[htpasswd]
recipe = collective.recipe.htpasswd
output = ${buildout:directory}/etc/htpasswd
algorithm = sha1
credentials =
    nueces:secret
    nutz:crackme

For use the md5 algorithm this recipe relies in the python-aprmd5 package, then to install it you must modify the buildout part to include the md5 extras_require setting and install the build depencies for the python-aprmd5 package. In Debian GNU/Linux the package is the libaprutil1-dev. It contain the develoment headers of the Apache Portable Runtime Utility Library.

After that modify the part in the buildout.cfg it must look like this:

[buildout]
parts = htpasswd

[htpasswd]
recipe = collective.recipe.htpasswd [md5]
output = ${buildout:directory}/etc/htpasswd
algorithm = md5
credentials =
    nueces:secret
    nutz:crackme

Note: For a bug in zc.buildout if you need to use this recipe with the md5 and the plain or crypt algorithms in two o more parts, you must declare first the one that use the md5 extras_require.

Supported options

  • output: Specify a path to the output file. The path will be created if it does not exist.

  • credentials: One set per line of credentials formed by username and password separated by a colon. e.g. <username>:<password>.

  • mode: Specified with octal numbers, as in the chmod program. e.g. 640. If it not set the file are created with the mask mode from the system enviroment.

  • algorithm: The supported options are crypt, md5, plain and sha1. Default to cypt.

Development

Contributors

Juan A. Diaz (nueces), Author

History

0.1a3 (2013-03-27)

  • Added support for the sha1 algorithm. [Juan A. Diaz (nueces)]

0.1a2 (2013-02-18)

  • Added support for the apr md5 algorithm. [Juan A. Diaz (nueces)]

0.1a1 (2013-01-30)

  • Created recipe with ZopeSkel

  • Initial alpha release. [Juan A. Diaz (nueces)]

Download

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

collective.recipe.htpasswd-0.1a3.zip (32.5 kB view details)

Uploaded Source

File details

Details for the file collective.recipe.htpasswd-0.1a3.zip.

File metadata

File hashes

Hashes for collective.recipe.htpasswd-0.1a3.zip
Algorithm Hash digest
SHA256 18cc69c1a6541d92d777861ea94e2691b90b760ac48abf4c2af36e9116a5b21d
MD5 6b000159fd3c6a9d2161e786356d113d
BLAKE2b-256 013b753bcb4f226641eff9b106f1ab4f78e222f48155c4378d0ecc3564d10749

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page