A requirement in almost any server application is a system for managing
. You need to be able to verify the identity of every user who attempts to
access your server, based on their password or some other credentials. Once you allow a
user to log in, you need to manage his permissions, controlling what he can and cannot do.
twisted.cred package is designed to facilitate these
kinds of tasks.
Many parts of Twisted rely on
the POP3, IMAP, SSH, and FTP servers. You can also use
twisted.cred to add authentication to a web application, an SMTP server, a
Perspective Broker server, or your own custom protocol. This chapter explains how
twisted.cred works, and how to use it in your
There are quite a few different classes and interfaces used in
twisted.cred. These classes and interfaces work together to
form a flexible authentication system. This lab introduces the individual pieces of
twisted.cred and shows how to tie them together to
add authentication to a server.
Set up a
portal.Portal object that takes the
username and password provided by a user, verifies her identity, and returns an
object representing the actions and data available to that user. To do this you’ll
need to implement a few different
interfaces. Example 6-1 demonstrates how
to do this, adding authentication to a simple line-based server protocol.