我試圖使用Twisted的HTTP基本身份驗證來控制對某些受保護資源的訪問。twisted.cred.portal.IRealm,門戶和頭像之間的關係是什麼
據一些文章,有必要使用三個重要概念:領域,門戶網站和頭像。現在我想知道Realm和頭像是否是一一對應的。
讓我們來看一個例子
import sys
from zope.interface import implements
from twisted.python import log
from twisted.internet import reactor
from twisted.web import server, resource, guard
from twisted.cred.portal import IRealm, Portal
from twisted.cred.checkers import InMemoryUsernamePasswordDatabaseDontUse
class GuardedResource(resource.Resource):
"""
A resource which is protected by guard
and requires authentication in order
to access.
"""
def getChild(self, path, request):
return self
def render(self, request):
return "Authorized!"
class SimpleRealm(object):
"""
A realm which gives out L{GuardedResource} instances for authenticated
users.
"""
implements(IRealm)
def requestAvatar(self, avatarId, mind, *interfaces):
if resource.IResource in interfaces:
return resource.IResource, GuardedResource(), lambda: None
raise NotImplementedError()
def main():
log.startLogging(sys.stdout)
checkers = [InMemoryUsernamePasswordDatabaseDontUse(joe='blow')]
wrapper = guard.HTTPAuthSessionWrapper(
Portal(SimpleRealm(), checkers),
[guard.DigestCredentialFactory('md5', 'example.com')])
reactor.listenTCP(8889, server.Site(
resource = wrapper))
reactor.run()
if __name__ == '__main__':
main()
我當然知道SimpleRealm用於返回相應的資源,例如以上例子中的GuardedResource。但是,當有大量資源需要守護時,我不知道該怎麼辦。例如,我有GuardedResource1,GuardedResource2和GuardedResource3,可能它們在初始化時需要相同或不同數量的參數;如果是這樣,是否有必要分別實現SimpleRealm1,SimpleRealm2和SimpleRealm3?