cgi authentication
Fredrik Lundh
fredrik at pythonware.com
Wed Sep 22 04:30:02 EDT 1999
Richard van de Stadt <stadt at cs.utwente.nl> wrote:
> Then in SomeScript you can work with the variables 'login' and
> 'password'. I guess you must have thought of this. But one
> never knows :-)
>
> But you'll have to make your own (encrypted?) password file
> for this to work (or get the source of htpasswd to find out
> how passwords are encrypted for use with .htaccess).
iirc, they use crypt (just like /etc/password). given
that you've enabled the crypt module, you can use
something like this:
def login(user, password, encrypted_password):
"Check if user would be able to login using password"
pw1 = encrypted_password
pw2 = crypt.crypt(password, pw1[:2])
return pw1 == pw2
(derived from an example in "(the eff-bot guide to)
The Standard Python Library" -- out soon!).
finding the password file is left as an exercise...
</F>
More information about the Python-list
mailing list