reviewboard.accounts.backends.http_digest¶
HTTP Digest authentication backend.
- class HTTPDigestBackend[source]¶
Bases:
BaseAuthBackend
Authenticate against a user in a digest password file.
This is controlled by the following Django settings:
DIGEST_FILE_LOCATION
:The local file path on the server containing an HTTP password (
htpasswd
) file.This is
auth_digest_file_location
in the site configuration.
DIGEST_REALM
:The HTTP realm users will be authenticated into.
This is
auth_digest_realm
in the site configuration.
- name = 'HTTP Digest Authentication'[source]¶
The display name for the authentication backend.
This will be shown in the list of backends in the administration UI.
- settings_form[source]¶
alias of
HTTPBasicSettingsForm
- login_instructions = 'Use your standard username and password.'[source]¶
Authentication instructions to display above the Login form.
- authenticate(request, username, password, **kwargs)[source]¶
Authenticate a user against the HTTP password file.
This will attempt to authenticate the user against the digest password file. If the username and password are valid, a user will be returned, and added to the database if it doesn’t already exist.
Changed in version 4.0: The
request
argument is now mandatory as the first positional argument, as per requirements in Django.- Parameters:
request (
django.http.HttpRequest
) – The HTTP request from the caller. This may beNone
.username (
unicode
) – The username to authenticate.password (
unicode
) – The user’s password.**kwargs (
dict
, unused) – Additional keyword arguments passed by the caller.
- Returns:
The authenticated user, or
None
if the user could not be authenticated for any reason.- Return type:
- get_or_create_user(username, request=None)[source]¶
Return an existing user or create one if it doesn’t exist.
This does not authenticate the user.
If the user does not exist in the database, but does in the HTTP password file, its information will be stored in the database for later lookup.
- Parameters:
username (
unicode
) – The name of the user to look up or create.request (
django.http.HttpRequest
, unused) – The HTTP request from the client. This is unused.
- Returns:
The resulting user, or
None
if one could not be found.- Return type: