Password management and authentication.
Project description
xpw
密码管理和身份验证
xpw-locker
访问认证:为 Web 页面接入身份验证
只需简单配置且无需改造任何既有代码,xpw-locker 可快速为任何 Web 页面启用身份验证。
xpw-locker 技术原理
xpw-locker 是一个轻量级的 Web 代理服务,它在用户通过身份验证后,将用户请求转发到目标服务器并返回响应。
xpw-locker 的工作流程如下:
- 首先检查用户的 session_id 是否在 cookies 中。
- 如果 session_id 不在 cookies 中,
xpw-locker会分配一个新的 session_id,并将其增加至用户的 cookies 中,然后xpw-locker向用户返回重定向请求以刷新页面。 - 如果 session_id 已在 cookies 中,
xpw-locker会检查 session_id 是否需要进行验证。 - 如果 session_id 无需登录,
xpw-locker会将用户用户请求转发到目标服务器并返回响应。 - 如果 session_id 需要登录,
xpw-locker会渲染登录页面并响应,用户输入用户名和密码后提交登录请求。 - 如果用户名和密码验证成功,
xpw-locker会将登记 session_id 信息,然后xpw-locker向用户返回重定向请求以刷新页面。 - 如果用户名和密码验证成功,
xpw-locker会再次渲染登录页面并响应。
sequenceDiagram
participant user as User
participant locker as xpw-locker
participant server as Web Server
autonumber
user->>+locker: GET
critical login_required
option session_id not in cookies
note right of locker: allocate session_id and set_cookie
note right of locker: redirect
option SESSIONS.verify(session_id)
critical proxy
locker->>+server: PROXY.request(request)
rect rgb(255, 0, 0)
break requests.ConnectionErroruser
note over locker,server: Response("Bad Gateway", status=502)
end
end
server->>-locker: Response
end
option session_id need login
note right of locker: render login.html
end
locker->>-user: Response
opt login
note right of user: input username and password
critical submit
user->>+locker: POST
critical login_required
option verify success
note right of locker: SESSIONS.sign_in(session_id)
note right of locker: redirect
option verify failure
note right of locker: render login.html
end
locker->>-user: Response
end
end
opt redirect
user->>+locker: GET
critical login_required
note right of locker: SESSIONS.verify(session_id)
critical proxy
locker->>+server: PROXY.request(request)
rect rgb(255, 0, 0)
break requests.ConnectionErroruser
note over locker,server: Response("Bad Gateway", status=502)
end
end
server->>-locker: Response
end
end
locker->>-user: Response
end
安装 xpw-locker
pip install --upgrade xpw
使用 xpw-locker
创建配置文件 xpwauth 并增加用户和密码:
[users]
demo = "demo"
xpw-locker --stdout --debug --target https://example.com/
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
xpw-0.3.0.tar.gz
(45.3 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
xpw-0.3.0-py2.py3-none-any.whl
(52.5 kB
view details)
File details
Details for the file xpw-0.3.0.tar.gz.
File metadata
- Download URL: xpw-0.3.0.tar.gz
- Upload date:
- Size: 45.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fed12a21cb4a96ad7ea282f63e28a9ca0dfc94974c1ac87791f35d0370a5b8f6
|
|
| MD5 |
0252f5b8ca1809eb7c193089bf8fc16b
|
|
| BLAKE2b-256 |
3aebea6939c251d6f3a84068879053819c4ebde9a51b6abb3b41f4f9ce56f403
|
File details
Details for the file xpw-0.3.0-py2.py3-none-any.whl.
File metadata
- Download URL: xpw-0.3.0-py2.py3-none-any.whl
- Upload date:
- Size: 52.5 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
618fbb4dd6838301de1f9e041e25a1e1c888cc246deddb776c94b24fa0852619
|
|
| MD5 |
b5dab497c732b02fa40824524abb43a7
|
|
| BLAKE2b-256 |
7a8f06698d5beeb51633cf2c0092c2610cd67056eb8487b4ac2b8f1d2e540d9d
|
