[PEAK] Passing user and password to easy_install
Luigi Paioro
luigi at lambrate.inaf.it
Fri Apr 9 04:29:08 EDT 2010
Il 04/07/10 19:12, P.J. Eby ha scritto:
> At 05:23 PM 4/7/2010 +0200, Luigi Paioro wrote:
>> Dear PEAKers,
>>
>> I'm using setuptool module to pack my software and I'd like to
>> distribute it via PyPI, making it installable exploiting easy_install.
>>
>> I have a requirement, though, that I'm not sure is supported by
>> setuptools:
>>
>> My software must be distributed to registered/authenticated/authorised
>> users only.
>>
>> Well, registering the packages I might specify that the download URL
>> is a CGI, optionally with Basic Authentication accepting a default
>> user and password as described here:
>>
>> http://peak.telecommunity.com/DevCenter/EasyInstall#id17
>>
>> This would provides me with the possibility of tracking the number of
>> downloads, but always with a single public user/password. But I need
>> to know who is downloading my packages.
>>
>> Is there a way to associate a user and password to easy_install
>> command? Such data would be nice if passed as Basic Authentication
>> data to the download URL...
>
> As described in the docs above, just have your users do "easy_install -f
> http://their_userid:[email protected]/some_path/", where
> /some_path/ is a web-served directory containing your packages. They can
> put this in their configuration file so they don't have to type it every
> time.
>
> (What you *can't* do, is put this on the Python Package index and still
> have it require logins for download. But, since the user needs to
> register with you anyway, supporting automated install from PyPI doesn't
> sound very useful in that case.)
Dear Eby,
what I'd like to have is the possibility to avoid asking the user to
explicitly refer to a specific repository address (it might be provided
with an easy_install configuration file, for example), and in particular
I would avoid to put clearly the user name and the password in the
command line. Basic Authentication is not secure by itself, but typing
the password in clear is not really "polite" :-).
Poking around setuptools code, I stumbled on the routine where the
actual package downloading is performed, and thus I tried to modify the
code in order to introduce something that might meet my needs. In
attachment you find a package_index.py patch file with very few lines
giving me all I need. It is just a testing code, not really clean, but I
think it is enough to exemplify my point of view. It just tries to open
the URL and if it results in an HTTPError 401 (authentication required)
then it prompts for the user name and the password, and afterwards it
reformats the URL encoding it appropriately, and thus it tries again to
access the URL.
I cannot say whether this is very useful in general, but it is certainly
a nice feature, and in my case it is all I need. Please, take into
account the code attached.
Thanks in advance for your attention.
Best regards,
Luigi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: package_index.py.patch
Type: text/x-patch
Size: 612 bytes
Desc: not available
Url : http://www.eby-sarna.com/pipermail/peak/attachments/20100409/6faf83c7/package_index.py.bin
More information about the PEAK
mailing list