HTTP authentication WSGI middleware
Project description
wsgi-auth-middleware
wsgi-auth-middleware
provides WSGI middleware to perform HTTP authentication (RFC7235) using a variety of schemes.
Table of Contents
Installation
Each backend requires additional dependencies that must be explicitly chosen using the PEP508 Extras that cover it. The following command will install wsgi-auth-middleware
with all supported backends.
pip install wsgi-auth-middleware[gssapi,pam]
Usage
This middleware package provides the HttpAuthWsgiMiddleware
class and various callables that implement authentication primitives. The result of wrapping a WSGI app with HttpAuthWsgiMiddleware
will be a new WSGI app that performs HTTP authentication and, upon success, places the authenticated username string in environ["REMOTE_USER"]
.
wsgi-auth-middleware
is designed to be flexible. You can mix and match HTTP authentication schemes (frontends) with any system authentication backends that support their interfaces. Typical usage looks like this:
from wsgi_auth_middleware import HttpAuthWsgiMiddleware
from wsgi_auth_middleware.frontends import BasicFrontend, NegotiateFrontend
from wsgi_auth_middleware.backends import PamBackend, GssapiBackend
pam_backend = PamBackend(service='my_pam_service')
basic_frontend = BasicFrontend(auth_backends=[pam_backend], realm='my realm')
gssapi_backend = GssapiBackend(fqdn='example.org')
negotiate_frontend = NegotiateFrontend(auth_backends=[gssapi_backend])
# Authentication will be tried in the sequential order given by `auth_frontends`.
authenticated_app = HttpAuthWsgiMiddleware(
app=my_wsgi_app,
auth_frontends=[negotiate_frontend, basic_frontend]
)
Supported Specifications
Currently supported HTTP authentication schemes
- RFC7235 - Hypertext Transfer Protocol (HTTP/1.1): Authentication
- RFC7617 - The 'Basic' HTTP Authentication Scheme
- (Kerberos only) RFC4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows
WSGI specifications
- PEP 3333 – Python Web Server Gateway Interface v1.0.1
- A very basic description of authentication opportunities in WSGI
License
wsgi-auth-middleware
is distributed under the terms of the ISC license.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for wsgi_auth_middleware-0.1.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | ae4262ca8663e79a86757915930c5f313f3cc5ed408a3031536ea5f557fd05e2 |
|
MD5 | cf240ba88941e01c71d372284dda9f0d |
|
BLAKE2b-256 | 1a86dc0b140d1f0a322e16f0da894be8ad621e04970ec1504565a8c15aa09548 |
Hashes for wsgi_auth_middleware-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 953dce53d3682042296d98f105d165e4dce62be4af9d01c63e8834b73b8f6ffc |
|
MD5 | 3658f9bc3ffa0310a1e54b60cdb9a650 |
|
BLAKE2b-256 | f0052be36f1323629aeb2ba7c663dea11fb943e81a7a485aa3f0460598478c5e |