Introduction
A user-friendly interface to the HTTP protocol is provided for Python developers by the Python web framework CherryPy. Another name for it is a web application library.
CherryPy models the HTTP protocol and connects it to an API using Python's advantages as a dynamic language. One of the first Python web frameworks, it offers a clear interface and a dependable foundation.
CherryPy is a pythonic, object-oriented web framework.
CherryPy allows developers to build web applications the same way as any other object-oriented Python program. This results in minor source code developed in less time.
CherryPy has been around for almost ten years and has shown to be quick and dependable. Many sites, from the simplest to the most demanding, are using it in production.
import cherrypy
class HelloWorld(object):
@cherrypy.expose
def index(self):
return "Hello World!"
cherrypy.quickstart(HelloWorld())Authentication in CherryPy 🔐
RFC 7616 and RFC 7617, which supersede RFC 2617, specify two basic HTTP-based Authentication in Cherrypy protocols, Basic and Digest, respectively, and are supported by CherryPy. They are most frequently known to cause a browser popup to appear and request the user's name and password.
Basic
The most straightforward type of Authentication in Cherrypy is basic authentication. However, because the user's credentials are included in the request, it is not secure. If you're not running on SSL or inside a closed network, we advise against utilizing it.
from cherrypy.lib import auth_basic
USERS = {'jon': 'secret'}
def validate_password(realm, username, password):
if username in USERS and USERS[username] == password:
return True
return False
conf = {
'/protected/area': {
'tools.auth_basic.on': True,
'tools.auth_basic.realm': 'localhost',
'tools.auth_basic.checkpassword': validate_password,
'tools.auth_basic.accept_charset': 'UTF-8',
}
}
cherrypy.quickstart(myapp, '/', conf)
Simply, you must supply a function that CherryPy will execute and pass the login and password extracted from the request.
The function can read data from any necessary source, including memory, a database, and files.
Digest
Digest Authentication in Cherrypy differs from basic authentication in that the request does not contain the credentials, making it slightly more secure.
The interface for CherryPy's digest support is comparable to the fundamental one previously described.
from cherrypy.lib import auth_digest
USERS = {'jon': 'secret'}
conf = {
'/protected/area': {
'tools.auth_digest.on': True,
'tools.auth_digest.realm': 'localhost',
'tools.auth_digest.get_ha1': auth_digest.get_ha1_dict_plain(USERS),
'tools.auth_digest.key': 'a565c27146791cfb',
'tools.auth_digest.accept_charset': 'UTF-8',
}
}
cherrypy.quickstart(myapp, '/', conf)SO_PEERCRED
Additionally, there is low-level Authentication in Cherrypy for abstract sockets and UNIX files. This is how to make it possible:
[global]
server.peercreds: True
server.peercreds_resolve: True
server.socket_file: /var/run/cherrypy.sock
Searching for the linked process ID, user ID, and group ID is made possible by server.peercreds. As WSGI environment variables, they will be reachable:
- X_REMOTE_UID
- X_REMOTE_GID
- X_REMOTE_PID
This is resolved into the user name and group name by Server.peercreds resolve. As WSGI environment variables, they will be reachable:
- X_REMOTE_GROUP
- X_REMOTE_USER and REMOTE_USER
7+ registered 
