work in progress: JWT authentication: baseAuth as property, remove registration function

2024-11-16 09:27:01 +01:00 · 2024-11-16 09:27:01 +01:00 · eaa2055c76
commit eaa2055c76
parent a3da3f07f0
2 changed files with 28 additions and 29 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@ -24,7 +24,6 @@ postgres = [
 app = [
 	"python-dotenv", 
 	"zope.authentication",
-	"zope.component",
 	"zope.interface",
 	"zope.publisher", 
 	"zope.traversing",
--- a/scopes/server/auth.py
+++ b/scopes/server/auth.py
@ -1,38 +1,38 @@
 # scopes.server.auth

 from zope.authentication.interfaces import IAuthentication
-from zope.principalregistry.principalregistry import PrincipalRegistry
-from zope.component import getUtility, provideUtility, queryNextUtility
 from zope.interface import implementer
-
-baseAuth = None
-
-class JwtAuthentication(PrincipalRegistry):
-
-    def authenticate(self, request):
-        prc = authenticate(request)
-        if prc is None:
-            return baseAuth.authenticate(request)
-
-    def getPrincipal(self, id):
-        return baseAuth.getPrincipal(id)
-
-    def unauthenticatedPrincipal(self):
-        return baseAuth.unauthenticatedPrincipal()
-
-    def unauthorized(self, id, request):
-        return baseAuth.unauthorized(id, request)
-
+from zope.publisher.interfaces import Unauthorized


 def authenticate(request):
-    print('*** authenticate')
+    #print('*** authenticate')
    return None


-def registerAuthUtility():
-    global baseAuth
-    baseAuth = getUtility(IAuthentication)
-    print('*** registerAuthUtility, baseAuth:', baseAuth)
-    provideUtility(JwtAuthentication(), IAuthentication)
-    
+@implementer(IAuthentication)
+class JwtAuthentication:
+
+    def __init__(self, baseAuth):
+        self.baseAuth = baseAuth
+
+    def authenticate(self, request):
+        prc = authenticate(request)
+        if prc is None and self.baseAuth is not None:
+            prc = self.baseAuth.authenticate(request)
+        if prc is None:
+            raise Unauthorized
+        return prc
+
+    def getPrincipal(self, id):
+        if self.baseAuth is not None:
+            return self.baseAuth.getPrincipal(id)
+
+    def unauthenticatedPrincipal(self):
+        if self.baseAuth is not None:
+            return self.baseAuth.unauthenticatedPrincipal()
+
+    def unauthorized(self, id, request):
+        if self.baseAuth is not None:
+            return self.baseAuth.unauthorized(id, request)
+