From e3999c4906348dadcc85eec1df9a48e776deccd5 Mon Sep 17 00:00:00 2001 From: "Kali Kaneko (leap communications)" Date: Thu, 23 Feb 2017 00:35:33 +0100 Subject: [feature] require authentication token for api implements a global auth token for the app. this token is written to .config/leap/authtoken, and passed to the anchor part of the landing URI when opening the index resource by the browser. - Resolves: #8765 --- src/leap/bitmask/core/web/_auth.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'src/leap/bitmask/core/web/_auth.py') diff --git a/src/leap/bitmask/core/web/_auth.py b/src/leap/bitmask/core/web/_auth.py index 2747fae8..aa6aeb9b 100644 --- a/src/leap/bitmask/core/web/_auth.py +++ b/src/leap/bitmask/core/web/_auth.py @@ -6,6 +6,7 @@ from twisted.web.guard import HTTPAuthSessionWrapper, BasicCredentialFactory from twisted.web.resource import IResource +# Deprecate if the user-session tokens are finally not used. class TokenCredentialFactory(BasicCredentialFactory): scheme = 'token' @@ -37,11 +38,11 @@ class WhitelistHTTPAuthSessionWrapper(HTTPAuthSessionWrapper): return HTTPAuthSessionWrapper.render(self, request) -def protectedResourceFactory(resource, session_tokens, whitelist): +def protectedResourceFactory(resource, tokens, whitelist): realm = HttpPasswordRealm(resource) - checker = TokenDictChecker(session_tokens) - resource_portal = portal.Portal(realm, [checker]) + checker = TokenDictChecker(tokens) credentialFactory = TokenCredentialFactory('localhost') + resource_portal = portal.Portal(realm, [checker]) protected_resource = WhitelistHTTPAuthSessionWrapper( resource_portal, [credentialFactory], whitelist=whitelist) -- cgit v1.2.3