HTTP authentication WSGI middleware
Project description
wsgi-auth-middleware
wsgi-auth-middleware
provides WSGI middleware to perform HTTP authentication (RFC7235) using a variety of schemes.
Table of Contents
Installation
Each backend requires additional dependencies that must be explicitly chosen using the PEP508 Extras that cover it. The following command will install wsgi-auth-middleware
with all supported backends.
pip install wsgi-auth-middleware[gssapi,pam]
Usage
This middleware package provides the HttpAuthWsgiMiddleware
class and various callables that implement authentication primitives. The result of wrapping a WSGI app with HttpAuthWsgiMiddleware
will be a new WSGI app that performs HTTP authentication and, upon success, places the authenticated username string in environ["REMOTE_USER"]
.
wsgi-auth-middleware
is designed to be flexible. You can mix and match HTTP authentication schemes (frontends) with any system authentication backends that support their interfaces. Typical usage looks like this:
from wsgi_auth_middleware import HttpAuthWsgiMiddleware
from wsgi_auth_middleware.frontends import BasicFrontend, NegotiateFrontend
from wsgi_auth_middleware.backends import PamBackend, GssapiBackend
pam_backend = PamBackend(service='my_pam_service')
basic_frontend = BasicFrontend(auth_backends=[pam_backend], realm='my realm')
gssapi_backend = GssapiBackend(fqdn='example.org')
negotiate_frontend = NegotiateFrontend(auth_backends=[gssapi_backend])
# Authentication will be tried in the sequential order given by `auth_frontends`.
authenticated_app = HttpAuthWsgiMiddleware(
app=my_wsgi_app,
auth_frontends=[negotiate_frontend, basic_frontend]
)
Supported Specifications
Currently supported HTTP authentication schemes
- RFC7235 - Hypertext Transfer Protocol (HTTP/1.1): Authentication
- RFC7617 - The 'Basic' HTTP Authentication Scheme
- (Kerberos only) RFC4559 - SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows
WSGI specifications
- PEP 3333 – Python Web Server Gateway Interface v1.0.1
- A very basic description of authentication opportunities in WSGI
License
wsgi-auth-middleware
is distributed under the terms of the ISC license.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for wsgi_auth_middleware-0.1.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 51d5a135c052f10580d5e964af4433b2b826cad4379d987b583ee2c03b0ed010 |
|
MD5 | c8469b6859f433b9d1d8302bcc8c76b0 |
|
BLAKE2b-256 | a39cfb5a993db7c42aed595fe33eec9d5240e199191a8027dd2c844dccbb00f2 |
Hashes for wsgi_auth_middleware-0.1.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | d5c5a13264bb1797c539d8ad8331ab97b1195993040ff875b0d334fa4cc9680e |
|
MD5 | 7b5bd6e13b63cb42104467710ac3fee3 |
|
BLAKE2b-256 | a5d171f165a379c0d7e59e761631d8df854960a3aa8e2f6a9f097e34b0075631 |