Simple example:
https://github.com/bbrodriges/bottlepy-user-auth/blob/master/bottlepy_user_auth.py
Full project:
http://cork.firelet.net/
Using decorators:
http://tumblr.kurttheviking.com/post/13053496552/using-decorators-to-require-sign-in-with-bottle-py
Another simple decorators example:
https://groups.google.com/forum/#!topic/bottlepy/C9XSuw8Xxas
AuthKit assumes the setup to follow Pylons conventions and uses a lot of
exceptions that are specific to Pylons/paste. These are not handled by
Bottle or any WSGI server other than paste. It is not easy to use
AuthKit as a standalone middleware.
If all you want is basic HTTP authentication, all you need is already
there: http://bottle.paws.de/docs/dev/api.html#bottle.Request.auth
Here is a decorator that checks for a valid (user, password) tuple in
‘request.auth’ and blocks unauthorized requests with a 401-error.
from bottle import request, response, HTTPError def protected(check, realm="private", text="Access denied"): def decorator(func): def wrapper(*a, **ka): user, password = request.auth or (None, None) if user is None or not check(user, password): response.headers['WWW-Authenticate'] = 'Basic realm="%s"' % realm return HTTPError(401, text) return func(*a, **ka) return wrapper return decorator
Here is a working example:
from bottle import route def check_valid_user(usr, pwd): ''' Return True if username and password are valid. ''' return usr == 'admin' and pwd == 'secret' @route('/secret') @protected(check_user) def secret(): return "Secret"