author: root 2010-09-28 11:26:24 +0200
committer: root 2010-09-28 11:26:24 +0200
commit: ba794763b95ebbb7786b7af49e9a359e403ae963 (patch)
tree: e75dc1199a6bdd930bdfe349f4bdd530a3421132
parent: b76fe2e8c8ecb95cf27ddefc44467f2e2468f951 (diff)
download: mailman-ba794763b95ebbb7786b7af49e9a359e403ae963.tar.gz
mailman-ba794763b95ebbb7786b7af49e9a359e403ae963.tar.zst
mailman-ba794763b95ebbb7786b7af49e9a359e403ae963.zip
2 files changed, 19 insertions, 2 deletions
diff --git a/src/mailman/config/schema.cfg b/src/mailman/config/schema.cfg
index 2c2aade12..2c903a485 100644
--- a/src/mailman/config/schema.cfg
+++ b/src/mailman/config/schema.cfg
@@ -298,6 +298,11 @@ show_tracebacks: yes
 # The API version number for the current API.
 api_version: 3.0
 
+# The administrative username.
+admin_user: restadmin
+
+# The administrative password.
+admin_pass: restpass
 
 [language.master]
 # Template for language definitions.  The section name must be [language.xx]
diff --git a/src/mailman/rest/root.py b/src/mailman/rest/root.py
index 6835586b8..581879869 100644
--- a/src/mailman/rest/root.py
+++ b/src/mailman/rest/root.py
@@ -25,7 +25,8 @@ __all__ = [
     ]
 
 
-from restish import http, resource
+from restish import http, resource, guard
+from base64 import b64decode
 
 from mailman.config import config
 from mailman.core.system import system
@@ -36,6 +37,16 @@ from mailman.rest.members import AllMembers
 
 
 
+def webservice_auth_checker(request, obj):
+    if "HTTP_AUTHORIZATION" in request.environ and request.environ["HTTP_AUTHORIZATION"].startswith("Basic "):
+        credentials = b64decode(request.environ["HTTP_AUTHORIZATION"][6:])
+        username, password = credentials.split(":", 1)
+
+        if username != config.webservice.admin_user or password != config.webservice.admin_pass:
+            raise guard.GuardError(str("User is not authorized for the REST api."))
+    else:
+        raise guard.GuardError(str("The REST api requires authentication."))
+
 class Root(resource.Resource):
     """The RESTful root resource.
 
@@ -44,11 +55,12 @@ class Root(resource.Resource):
     and we start at 3.0 to match the Mailman version number.  That may not
     always be the case though.
     """
+
     @resource.child(config.webservice.api_version)
+    @guard.guard(webservice_auth_checker)
     def api_version(self, request, segments):
         return TopLevel()
 
-
 class TopLevel(resource.Resource):
     """Top level collections and entries."""
author	root	2010-09-28 11:26:24 +0200
committer	root	2010-09-28 11:26:24 +0200
commit	ba794763b95ebbb7786b7af49e9a359e403ae963 (patch)
tree	e75dc1199a6bdd930bdfe349f4bdd530a3421132
parent	b76fe2e8c8ecb95cf27ddefc44467f2e2468f951 (diff)
download	mailman-ba794763b95ebbb7786b7af49e9a359e403ae963.tar.gz mailman-ba794763b95ebbb7786b7af49e9a359e403ae963.tar.zst mailman-ba794763b95ebbb7786b7af49e9a359e403ae963.zip