我试图使用Twisted的HTTP基本身份验证来控制对某些受保护资源的访问。twisted.cred.portal.IRealm,门户和头像之间的关系是什么
据一些文章,有必要使用三个重要概念:领域,门户网站和头像。现在我想知道Realm和头像是否是一一对应的。
让我们来看一个例子
import sys
from zope.interface import implements
from twisted.python import log
from twisted.internet import reactor
from twisted.web import server, resource, guard
from twisted.cred.portal import IRealm, Portal
from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse
class GuardedResource(resource.Resource):
"""
A resource which is protected by guard
and requires authentication in order
to access.
"""
def getChild(self, path, request):
return self
def render(self, request):
return "Authorized!"
class SimpleRealm(object):
"""
A realm which gives out L{GuardedResource} instances for authenticated
users.
"""
implements(IRealm)
def requestAvatar(self, avatarId, mind, *interfaces):
if resource.IResource in interfaces:
return resource.IResource, GuardedResource(), lambda: None
raise NotImplementedError()
def main():
log.startLogging(sys.stdout)
checkers = [InMemoryUsernamePasswordDatabaseDontUse(joe='blow')]
wrapper = guard.HTTPAuthSessionWrapper(
Portal(SimpleRealm(), checkers),
[guard.DigestCredentialFactory('md5', 'example.com')])
reactor.listenTCP(8889, server.Site(
resource = wrapper))
reactor.run()
if __name__ == '__main__':
main()
我当然知道SimpleRealm用于返回相应的资源,例如以上例子中的GuardedResource。但是,当有大量资源需要守护时,我不知道该怎么办。例如,我有GuardedResource1,GuardedResource2和GuardedResource3,可能它们在初始化时需要相同或不同数量的参数;如果是这样,是否有必要分别实现SimpleRealm1,SimpleRealm2和SimpleRealm3?