update custom auth per review

- pass settings around, not applications
12 years ago · 16d1f0fd84
parent d81990c941
commit 16d1f0fd84
2 changed files with 22 additions and 40 deletions
--- a/IPython/html/auth/login.py
+++ b/IPython/html/auth/login.py
@ -1,40 +1,21 @@
-"""Tornado handlers logging into the notebook.
+"""Tornado handlers for logging into the notebook."""

-Authors:
-
-* Brian Granger
-* Phil Elson
-"""
-
-#-----------------------------------------------------------------------------
-#  Copyright (C) 2014  The IPython Development Team
-#
-#  Distributed under the terms of the BSD License.  The full license is in
-#  the file COPYING, distributed as part of this software.
-#-----------------------------------------------------------------------------
-
-#-----------------------------------------------------------------------------
-# Imports
-#-----------------------------------------------------------------------------
+# Copyright (c) IPython Development Team.
+# Distributed under the terms of the Modified BSD License.

 import uuid

 from tornado.escape import url_escape
-from tornado import web

-from IPython.config.configurable import Configurable
 from IPython.lib.security import passwd_check

 from ..base.handlers import IPythonHandler

-#-----------------------------------------------------------------------------
-# Handler
-#-----------------------------------------------------------------------------

 class LoginHandler(IPythonHandler):
-    """ The basic IPythonWebApplication login handler which authenticates with a
-    hashed password from the configuration.
+    """The basic tornado login handler
    
+    authenticates with a hashed password from the configuration.
    """
    def _render(self, message=None):
        self.write(self.render_template('login.html',
@ -47,12 +28,15 @@ class LoginHandler(IPythonHandler):
            self.redirect(self.get_argument('next', default=self.base_url))
        else:
            self._render()
+    
+    @property
+    def hashed_password(self):
+        return self.password_from_settings(self.settings)

    def post(self):
-        hashed_password = self.password_from_configuration(self.application)
        typed_password = self.get_argument('password', default=u'')
-        if self.login_available(self.application):
-            if passwd_check(hashed_password, typed_password):
+        if self.login_available(self.settings):
+            if passwd_check(self.hashed_password, typed_password):
                self.set_secure_cookie(self.cookie_name, str(uuid.uuid4()))
            else:
                self._render(message={'error': 'Invalid password'})
@ -67,20 +51,20 @@ class LoginHandler(IPythonHandler):
            if ssl_options is None:
                notebook_app.log.critical(warning + " and not using encryption. This "
                    "is not recommended.")
-            if not self.password_from_configuration(notebook_app):
+            if not notebook_app.password:
                notebook_app.log.critical(warning + " and not using authentication. "
                    "This is highly insecure and not recommended.")

    @staticmethod
-    def password_from_configuration(webapp):
-        """ Return the hashed password from the given NotebookWebApplication's configuration.
-        
-        If there is no configured password, None will be returned.
+    def password_from_settings(settings):
+        """Return the hashed password from the tornado settings.
        
+        If there is no configured password, an empty string will be returned.
        """
-        return webapp.settings['config']['NotebookApp'].get('password', None)
+        return settings.get('password', u'')

    @classmethod
-    def login_available(cls, webapp):
+    def login_available(cls, settings):
        """Whether this LoginHandler is needed - and therefore whether the login page should be displayed."""
-        return bool(cls.password_from_configuration(webapp))
+        return bool(cls.password_from_settings(settings))
+
--- a/IPython/html/base/handlers.py
+++ b/IPython/html/base/handlers.py
@ -88,14 +88,12 @@ class AuthenticatedHandler(web.RequestHandler):
    
    @property
    def logged_in(self):
-        """Is a user currently logged in?
-
-        """
+        """Is a user currently logged in?"""
        user = self.get_current_user()
        return (user and not user == 'anonymous')

    @property
-    def _login_handler(self):
+    def login_handler(self):
        """Return the login handler for this application."""
        return self.settings['login_handler_class']

@ -107,7 +105,7 @@ class AuthenticatedHandler(web.RequestHandler):
        whether the user is already logged in or not.

        """
-        return bool(self._login_handler.login_available(self.application))
+        return bool(self.login_handler.login_available(self.settings))


 class IPythonHandler(AuthenticatedHandler):