mod_python authnetication via database
Remy Cool
remy.cool at smartology.nl
Fri May 3 07:27:21 EDT 2002
Experementing with python/mod_python and databases I
created the following script to authenticate users.
All's well except that for every login or page reload I get
4 entry's in the login table. Anyone know's why and/or how I can
prevent this from happening ?
The code:
# authenticate user
import psycopg
import string
import time
from mod_python import apache
def authenhandler(req):
pw = req.get_basic_auth_pw()
user = req.connection.user
# create database connection
connectstring = "dbname=testbase user=test password=test port=5432"
dbconn = psycopg.connect(connectstring)
dbhandle = dbconn.cursor()
# define query
dbhandle.execute("SELECT user_id,password FROM users WHERE username =
%s", (user,))
# retrieve results
results = dbhandle.fetchall()
total = len(results)
if total < 1:
# user not known on this system
return apache.HTTP_UNAUTHORIZED
else:
if total > 2:
# database corrupted
return apache.HTTP_UNAUTHORIZED
else:
# extract user_id from list
user_id = results[0][0]
# get host info
curhost = req.get_remote_host(apache.REMOTE_NAME)
# register login try
dbhandle.execute("""INSERT INTO login (user_id,host) VALUES (
%d,%s )""", (user_id,curhost))
dbconn.commit()
# extract password from list
passwd = string.strip(results[0][1])
# compare password with given
if pw == passwd:
# user authenticated
return apache.OK
else:
# incorrect password
return apache.HTTP_UNAUTHORIZED
Regards,
Remy
----------------------------------------
replace .at. in e-mail address to @
More information about the Python-list
mailing list