xpw


Namexpw JSON
Version 0.13.1 PyPI version JSON
download
home_pagehttps://github.com/bondbox/xpw/
SummaryPassword management and authentication
upload_time2025-07-25 03:52:48
maintainerNone
docs_urlNone
authorMingzhe Zou
requires_python>=3.8
licenseGPLv2
keywords command-line argparse argcomplete
VCS
bugtrack_url
requirements xkits-command xkits-file xkits-lib argon2-cffi ldap3 toml
Travis-CI No Travis.
coveralls test coverage
            # xpw

> 密码管理和身份验证

## xpw-locker

> 访问认证:为 Web 页面接入身份验证

只需简单配置且无需改造任何既有代码,`xpw-locker` 可快速为任何 Web 页面启用身份验证。

### xpw-locker 技术原理

`xpw-locker` 是一个轻量级的 Web 代理服务,它在用户通过身份验证后,将用户请求转发到目标服务器并返回响应。

![xpw-locker demo](../xpw-locker.gif)

`xpw-locker` 的工作流程如下:

1. 首先检查用户的 session_id 是否在 cookies 中。
2. 如果 session_id 不在 cookies 中,`xpw-locker` 会分配一个新的 session_id,并将其增加至用户的 cookies 中,然后 `xpw-locker` 向用户返回重定向请求以刷新页面。
3. 如果 session_id 已在 cookies 中,`xpw-locker` 会检查 session_id 是否需要进行验证。
4. 如果 session_id 无需登录,`xpw-locker` 会将用户用户请求转发到目标服务器并返回响应。
5. 如果 session_id 需要登录,`xpw-locker` 会渲染登录页面并响应,用户输入用户名和密码后提交登录请求。
6. 如果用户名和密码验证成功,`xpw-locker` 会将登记 session_id 信息,然后 `xpw-locker` 向用户返回重定向请求以刷新页面。
7. 如果用户名和密码验证成功,`xpw-locker` 会再次渲染登录页面并响应。

```mermaid
sequenceDiagram
    participant user as User
    participant locker as xpw-locker
    participant server as Web Server
    autonumber

    user->>+locker: GET
    critical login_required
    option session_id not in cookies
        note right of locker: allocate session_id and set_cookie
        note right of locker: redirect
    option SESSIONS.verify(session_id)
        critical proxy
            locker->>+server: PROXY.request(request)
            rect rgb(255, 0, 0)
                break requests.ConnectionErroruser
                note over locker,server: Response("Bad Gateway", status=502)
                end
            end
            server->>-locker: Response
        end
    option session_id need login
        note right of locker: render login.html
    end
    locker->>-user: Response

    opt login
        note right of user: input username and password
        critical submit
            user->>+locker: POST
            critical login_required
            option verify success
                note right of locker: SESSIONS.sign_in(session_id)
                note right of locker: redirect
            option verify failure
                note right of locker: render login.html
            end
            locker->>-user: Response
        end
    end

    opt redirect
        user->>+locker: GET
        critical login_required
            note right of locker: SESSIONS.verify(session_id)
            critical proxy
                locker->>+server: PROXY.request(request)
                rect rgb(255, 0, 0)
                    break requests.ConnectionErroruser
                    note over locker,server: Response("Bad Gateway", status=502)
                    end
                end
                server->>-locker: Response
            end
        end
        locker->>-user: Response
    end
```

### 安装 xpw-locker

```bash
pip install --upgrade xpw
```

### 使用 xpw-locker

创建配置文件 `xpwauth` 并增加用户和密码:

```toml
[users]
    demo = "demo"
```

```bash
xpw-locker --stdout --debug --target https://example.com/
```

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/bondbox/xpw/",
    "name": "xpw",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.8",
    "maintainer_email": null,
    "keywords": "command-line, argparse, argcomplete",
    "author": "Mingzhe Zou",
    "author_email": "zoumingzhe@outlook.com",
    "download_url": "https://files.pythonhosted.org/packages/19/81/80b9d633bf6888ccc7b501b43ac1da4cb142980a2382532ff216e866c82a/xpw-0.13.1.tar.gz",
    "platform": "any",
    "description": "# xpw\n\n> \u5bc6\u7801\u7ba1\u7406\u548c\u8eab\u4efd\u9a8c\u8bc1\n\n## xpw-locker\n\n> \u8bbf\u95ee\u8ba4\u8bc1\uff1a\u4e3a Web \u9875\u9762\u63a5\u5165\u8eab\u4efd\u9a8c\u8bc1\n\n\u53ea\u9700\u7b80\u5355\u914d\u7f6e\u4e14\u65e0\u9700\u6539\u9020\u4efb\u4f55\u65e2\u6709\u4ee3\u7801\uff0c`xpw-locker` \u53ef\u5feb\u901f\u4e3a\u4efb\u4f55 Web \u9875\u9762\u542f\u7528\u8eab\u4efd\u9a8c\u8bc1\u3002\n\n### xpw-locker \u6280\u672f\u539f\u7406\n\n`xpw-locker` \u662f\u4e00\u4e2a\u8f7b\u91cf\u7ea7\u7684 Web \u4ee3\u7406\u670d\u52a1\uff0c\u5b83\u5728\u7528\u6237\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u540e\uff0c\u5c06\u7528\u6237\u8bf7\u6c42\u8f6c\u53d1\u5230\u76ee\u6807\u670d\u52a1\u5668\u5e76\u8fd4\u56de\u54cd\u5e94\u3002\n\n![xpw-locker demo](../xpw-locker.gif)\n\n`xpw-locker` \u7684\u5de5\u4f5c\u6d41\u7a0b\u5982\u4e0b\uff1a\n\n1. \u9996\u5148\u68c0\u67e5\u7528\u6237\u7684 session_id \u662f\u5426\u5728 cookies \u4e2d\u3002\n2. \u5982\u679c session_id \u4e0d\u5728 cookies \u4e2d\uff0c`xpw-locker` \u4f1a\u5206\u914d\u4e00\u4e2a\u65b0\u7684 session_id\uff0c\u5e76\u5c06\u5176\u589e\u52a0\u81f3\u7528\u6237\u7684 cookies \u4e2d\uff0c\u7136\u540e `xpw-locker` \u5411\u7528\u6237\u8fd4\u56de\u91cd\u5b9a\u5411\u8bf7\u6c42\u4ee5\u5237\u65b0\u9875\u9762\u3002\n3. \u5982\u679c session_id \u5df2\u5728 cookies \u4e2d\uff0c`xpw-locker` \u4f1a\u68c0\u67e5 session_id \u662f\u5426\u9700\u8981\u8fdb\u884c\u9a8c\u8bc1\u3002\n4. \u5982\u679c session_id \u65e0\u9700\u767b\u5f55\uff0c`xpw-locker` \u4f1a\u5c06\u7528\u6237\u7528\u6237\u8bf7\u6c42\u8f6c\u53d1\u5230\u76ee\u6807\u670d\u52a1\u5668\u5e76\u8fd4\u56de\u54cd\u5e94\u3002\n5. \u5982\u679c session_id \u9700\u8981\u767b\u5f55\uff0c`xpw-locker` \u4f1a\u6e32\u67d3\u767b\u5f55\u9875\u9762\u5e76\u54cd\u5e94\uff0c\u7528\u6237\u8f93\u5165\u7528\u6237\u540d\u548c\u5bc6\u7801\u540e\u63d0\u4ea4\u767b\u5f55\u8bf7\u6c42\u3002\n6. \u5982\u679c\u7528\u6237\u540d\u548c\u5bc6\u7801\u9a8c\u8bc1\u6210\u529f\uff0c`xpw-locker` \u4f1a\u5c06\u767b\u8bb0 session_id \u4fe1\u606f\uff0c\u7136\u540e `xpw-locker` \u5411\u7528\u6237\u8fd4\u56de\u91cd\u5b9a\u5411\u8bf7\u6c42\u4ee5\u5237\u65b0\u9875\u9762\u3002\n7. \u5982\u679c\u7528\u6237\u540d\u548c\u5bc6\u7801\u9a8c\u8bc1\u6210\u529f\uff0c`xpw-locker` \u4f1a\u518d\u6b21\u6e32\u67d3\u767b\u5f55\u9875\u9762\u5e76\u54cd\u5e94\u3002\n\n```mermaid\nsequenceDiagram\n    participant user as User\n    participant locker as xpw-locker\n    participant server as Web Server\n    autonumber\n\n    user->>+locker: GET\n    critical login_required\n    option session_id not in cookies\n        note right of locker: allocate session_id and set_cookie\n        note right of locker: redirect\n    option SESSIONS.verify(session_id)\n        critical proxy\n            locker->>+server: PROXY.request(request)\n            rect rgb(255, 0, 0)\n                break requests.ConnectionErroruser\n                note over locker,server: Response(\"Bad Gateway\", status=502)\n                end\n            end\n            server->>-locker: Response\n        end\n    option session_id need login\n        note right of locker: render login.html\n    end\n    locker->>-user: Response\n\n    opt login\n        note right of user: input username and password\n        critical submit\n            user->>+locker: POST\n            critical login_required\n            option verify success\n                note right of locker: SESSIONS.sign_in(session_id)\n                note right of locker: redirect\n            option verify failure\n                note right of locker: render login.html\n            end\n            locker->>-user: Response\n        end\n    end\n\n    opt redirect\n        user->>+locker: GET\n        critical login_required\n            note right of locker: SESSIONS.verify(session_id)\n            critical proxy\n                locker->>+server: PROXY.request(request)\n                rect rgb(255, 0, 0)\n                    break requests.ConnectionErroruser\n                    note over locker,server: Response(\"Bad Gateway\", status=502)\n                    end\n                end\n                server->>-locker: Response\n            end\n        end\n        locker->>-user: Response\n    end\n```\n\n### \u5b89\u88c5 xpw-locker\n\n```bash\npip install --upgrade xpw\n```\n\n### \u4f7f\u7528 xpw-locker\n\n\u521b\u5efa\u914d\u7f6e\u6587\u4ef6 `xpwauth` \u5e76\u589e\u52a0\u7528\u6237\u548c\u5bc6\u7801\uff1a\n\n```toml\n[users]\n    demo = \"demo\"\n```\n\n```bash\nxpw-locker --stdout --debug --target https://example.com/\n```\n",
    "bugtrack_url": null,
    "license": "GPLv2",
    "summary": "Password management and authentication",
    "version": "0.13.1",
    "project_urls": {
        "Bug Tracker": "https://github.com/bondbox/xpw/issues",
        "Documentation": "https://github.com/bondbox/xpw/",
        "Homepage": "https://github.com/bondbox/xpw/",
        "Source Code": "https://github.com/bondbox/xpw/"
    },
    "split_keywords": [
        "command-line",
        " argparse",
        " argcomplete"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "dfb40a7ee80497ccae308fff1832f55fff5125eb42b9ae004e81e34e39da9d01",
                "md5": "cc0d73559c30a90008f6357fcfef75cf",
                "sha256": "3a573578152d030d7a3fe7ba644aa95ee68ba2d32dbf0a54ea344461ef558884"
            },
            "downloads": -1,
            "filename": "xpw-0.13.1-py2.py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "cc0d73559c30a90008f6357fcfef75cf",
            "packagetype": "bdist_wheel",
            "python_version": "py2.py3",
            "requires_python": ">=3.8",
            "size": 24771,
            "upload_time": "2025-07-25T03:52:49",
            "upload_time_iso_8601": "2025-07-25T03:52:49.977503Z",
            "url": "https://files.pythonhosted.org/packages/df/b4/0a7ee80497ccae308fff1832f55fff5125eb42b9ae004e81e34e39da9d01/xpw-0.13.1-py2.py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "198180b9d633bf6888ccc7b501b43ac1da4cb142980a2382532ff216e866c82a",
                "md5": "ac39706118e7ceaf9d611ca60074ec8e",
                "sha256": "d401579222c51ca32a00d7361ea4d6d78aae2c88af7344b25169af770192380a"
            },
            "downloads": -1,
            "filename": "xpw-0.13.1.tar.gz",
            "has_sig": false,
            "md5_digest": "ac39706118e7ceaf9d611ca60074ec8e",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.8",
            "size": 22690,
            "upload_time": "2025-07-25T03:52:48",
            "upload_time_iso_8601": "2025-07-25T03:52:48.866244Z",
            "url": "https://files.pythonhosted.org/packages/19/81/80b9d633bf6888ccc7b501b43ac1da4cb142980a2382532ff216e866c82a/xpw-0.13.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-07-25 03:52:48",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "bondbox",
    "github_project": "xpw",
    "travis_ci": false,
    "coveralls": true,
    "github_actions": true,
    "requirements": [
        {
            "name": "xkits-command",
            "specs": [
                [
                    ">=",
                    "0.4"
                ]
            ]
        },
        {
            "name": "xkits-file",
            "specs": [
                [
                    ">=",
                    "0.6"
                ]
            ]
        },
        {
            "name": "xkits-lib",
            "specs": [
                [
                    ">=",
                    "0.3"
                ]
            ]
        },
        {
            "name": "argon2-cffi",
            "specs": []
        },
        {
            "name": "ldap3",
            "specs": []
        },
        {
            "name": "toml",
            "specs": []
        }
    ],
    "lcname": "xpw"
}
        
Elapsed time: 1.43709s