Main module¶
-
class
simpledb_userdb.
UserDatabase
¶ -
authenticate
(username, password)¶ Test a given username and password.
Returns the result of authentication, which will be the first failure, internal error, or success. Status is represented by the enum
AuthenticationResult
.The underlying authentication mechanism is designed to be resistant to timing attacks, therefore it should be difficult to enumerate valid usernames. This means the password will always be checked, even for invalid users. However, the first error encountered is the one which will be returned.
Example
Very simple usage, relies on
AuthenticationResult.Success
being0
:# .. setup UserDatabase first .. if db.authenticate("jane", "p4ssw0rd") == 0: # All good pass else: # Some form of error pass
Standard usage:
from simpledb_userdb import UserDatabase, AuthenticationResult # .. setup UserDatabase first .. result = db.authenticate("bob", "w34kp4ss") print(result) # Result can be stringified if result == AuthenticationResult.Success: # All good pass elif result == AuthenticationResult.InternalError: # Uh oh, how did this happen? pass else: # Authentication failed pass
Parameters: Returns: success, failure, or internal error
Return type:
-
connect
(region, domain, auto_create=True)¶ Create a SimpleDB client using boto3 for later use.
Note
SimpleDB calls a “database” a “domain”.
Parameters: Returns: True
for success,False
otherwise.Return type:
-
get_user
(username)¶ Retrieve a user object from the database and return it, or None.
-
update_extra_data
(username, data)¶ Convenience function to update extra data for a user. Data should be provided as a dict, which will be serialised to JSON and stored in the backend. If the dictionary cannot be serialised then an.
exception will be raised - it is necessary to convert native objects like datetime into text.
This data is available in the response from get_user(), but cannot be directly searched.
-
AuthenticationResult¶
-
class
simpledb_userdb.
AuthenticationResult
¶ Enumeration to hold the result of authentication.
Errors are currently numbered in the order they would appear in code, for example disabled is checked before expiry, however that cannot be guaranteed in future if new features are added.
See also
An example using this code is provided at
UserDatabase.authenticate()