Merge pull request #54 from michalpokusa/4.0.0-examples-refactor-authentication-mimetypes

4.0.0 - Huge refactor, more examples,  authentication, configurable MIMETypes

Author: FoamyGuy

README.rst

@@ -30,6 +30,7 @@ HTTP Server for CircuitPython.
 - Gives access to request headers, query parameters, body and client's address, the one from which the request came.
 - Supports chunked transfer encoding.
 - Supports URL parameters and wildcard URLs.
+- Supports HTTP Basic and Bearer Authentication on both server and route per level.
 
 
 Dependencies

adafruit_httpserver/__init__.py

@@ -5,10 +5,10 @@
 `adafruit_httpserver`
 ================================================================================
 
-Simple HTTP Server for CircuitPython
+Socket based HTTP Server for CircuitPython
 
 
-* Author(s): Dan Halbert
+* Author(s): Dan Halbert, Michał Pokusa
 
 Implementation Notes
 --------------------
@@ -21,3 +21,61 @@
 
 __version__ = "0.0.0+auto.0"
 __repo__ = "https://github.com/adafruit/Adafruit_CircuitPython_HTTPServer.git"
+
+
+from .authentication import (
+    Basic,
+    Bearer,
+    check_authentication,
+    require_authentication,
+)
+from .exceptions import (
+    ServerStoppedError,
+    AuthenticationError,
+    InvalidPathError,
+    ParentDirectoryReferenceError,
+    BackslashInPathError,
+    ServingFilesDisabledError,
+    FileNotExistsError,
+)
+from .headers import Headers
+from .methods import (
+    GET,
+    POST,
+    PUT,
+    DELETE,
+    PATCH,
+    HEAD,
+    OPTIONS,
+    TRACE,
+    CONNECT,
+)
+from .mime_types import MIMETypes
+from .request import Request
+from .response import (
+    Response,
+    FileResponse,
+    ChunkedResponse,
+    JSONResponse,
+    Redirect,
+)
+from .server import Server
+from .status import (
+    Status,
+    OK_200,
+    CREATED_201,
+    ACCEPTED_202,
+    NO_CONTENT_204,
+    PARTIAL_CONTENT_206,
+    TEMPORARY_REDIRECT_307,
+    PERMANENT_REDIRECT_308,
+    BAD_REQUEST_400,
+    UNAUTHORIZED_401,
+    FORBIDDEN_403,
+    NOT_FOUND_404,
+    METHOD_NOT_ALLOWED_405,
+    TOO_MANY_REQUESTS_429,
+    INTERNAL_SERVER_ERROR_500,
+    NOT_IMPLEMENTED_501,
+    SERVICE_UNAVAILABLE_503,
+)

adafruit_httpserver/authentication.py

@@ -0,0 +1,64 @@
+# SPDX-FileCopyrightText: Copyright (c) 2022 Dan Halbert for Adafruit Industries
+#
+# SPDX-License-Identifier: MIT
+"""
+`adafruit_httpserver.authentication`
+====================================================
+* Author(s): Michał Pokusa
+"""
+
+try:
+    from typing import Union, List
+except ImportError:
+    pass
+
+from binascii import b2a_base64
+
+from .exceptions import AuthenticationError
+from .request import Request
+
+
+class Basic:
+    """Represents HTTP Basic Authentication."""
+
+    def __init__(self, username: str, password: str) -> None:
+        self._value = b2a_base64(f"{username}:{password}".encode()).decode().strip()
+
+    def __str__(self) -> str:
+        return f"Basic {self._value}"
+
+
+class Bearer:
+    """Represents HTTP Bearer Token Authentication."""
+
+    def __init__(self, token: str) -> None:
+        self._value = token
+
+    def __str__(self) -> str:
+        return f"Bearer {self._value}"
+
+
+def check_authentication(request: Request, auths: List[Union[Basic, Bearer]]) -> bool:
+    """
+    Returns ``True`` if request is authorized by any of the authentications, ``False`` otherwise.
+    """
+
+    auth_header = request.headers.get("Authorization")
+
+    if auth_header is None:
+        return False
+
+    return any(auth_header == str(auth) for auth in auths)
+
+
+def require_authentication(request: Request, auths: List[Union[Basic, Bearer]]) -> None:
+    """
+    Checks if the request is authorized and raises ``AuthenticationError`` if not.
+
+    If the error is not caught, the server will return ``401 Unauthorized``.
+    """
+
+    if not check_authentication(request, auths):
+        raise AuthenticationError(
+            "Request is not authenticated by any of the provided authentications"
+        )

adafruit_httpserver/exceptions.py

@@ -8,6 +8,18 @@
 """
 
 
+class ServerStoppedError(Exception):
+    """
+    Raised when ``.poll`` is called on a stopped ``Server``.
+    """
+
+
+class AuthenticationError(Exception):
+    """
+    Raised by ``require_authentication`` when the ``Request`` is not authorized.
+    """
+
+
 class InvalidPathError(Exception):
     """
     Parent class for all path related errors.
@@ -34,9 +46,9 @@ def __init__(self, path: str) -> None:
         super().__init__(f"Backslash in path: {path}")
 
 
-class ResponseAlreadySentError(Exception):
+class ServingFilesDisabledError(Exception):
     """
-    Another ``HTTPResponse`` has already been sent. There can only be one per ``HTTPRequest``.
+    Raised when ``root_path`` is not set and there is no handler for ``request``.
     """
 
 

adafruit_httpserver/headers.py

@@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: MIT
 """
-`adafruit_httpserver.headers.HTTPHeaders`
+`adafruit_httpserver.headers`
 ====================================================
 * Author(s): Michał Pokusa
 """
@@ -13,7 +13,7 @@
     pass
 
 
-class HTTPHeaders:
+class Headers:
     """
     A dict-like class for storing HTTP headers.
 
@@ -23,7 +23,7 @@ class HTTPHeaders:
 
     Examples::
 
-        headers = HTTPHeaders({"Content-Type": "text/html", "Content-Length": "1024"})
+        headers = Headers({"Content-Type": "text/html", "Content-Length": "1024"})
 
         len(headers)
         # 2
@@ -80,7 +80,7 @@ def update(self, headers: Dict[str, str]):
 
     def copy(self):
         """Returns a copy of the headers."""
-        return HTTPHeaders(dict(self._storage.values()))
+        return Headers(dict(self._storage.values()))
 
     def __getitem__(self, name: str):
         return self._storage[name.lower()][1]

adafruit_httpserver/methods.py

@@ -2,38 +2,26 @@
 #
 # SPDX-License-Identifier: MIT
 """
-`adafruit_httpserver.methods.HTTPMethod`
+`adafruit_httpserver.methods`
 ====================================================
 * Author(s): Michał Pokusa
 """
 
 
-class HTTPMethod:  # pylint: disable=too-few-public-methods
-    """Enum with HTTP methods."""
+GET = "GET"
 
-    GET = "GET"
-    """GET method."""
+POST = "POST"
 
-    POST = "POST"
-    """POST method."""
+PUT = "PUT"
 
-    PUT = "PUT"
-    """PUT method"""
+DELETE = "DELETE"
 
-    DELETE = "DELETE"
-    """DELETE method"""
+PATCH = "PATCH"
 
-    PATCH = "PATCH"
-    """PATCH method"""
+HEAD = "HEAD"
 
-    HEAD = "HEAD"
-    """HEAD method"""
+OPTIONS = "OPTIONS"
 
-    OPTIONS = "OPTIONS"
-    """OPTIONS method"""
+TRACE = "TRACE"
 
-    TRACE = "TRACE"
-    """TRACE method"""
-
-    CONNECT = "CONNECT"
-    """CONNECT method"""
+CONNECT = "CONNECT"