enh: added authentication ability for webapp

IPython/frontend/html/notebook/handlers.py

@@ -35,13 +35,36 @@ except ImportError:
 # Top-level handlers
 #-----------------------------------------------------------------------------
 
+class BaseHandler(web.RequestHandler):
+    def get_current_user(self):
+        user_id = self.get_secure_cookie("user")
+        keyword = self.get_secure_cookie("keyword")
+        if self.application.keyword and self.application.keyword != keyword:
+            return None
+        if not user_id:
+            user_id = 'anonymous'
+        return user_id
 
-class NBBrowserHandler(web.RequestHandler):
+class NBBrowserHandler(BaseHandler):
+    @web.authenticated
     def get(self):
         nbm = self.application.notebook_manager
         project = nbm.notebook_dir
         self.render('nbbrowser.html', project=project)
 
+class LoginHandler(BaseHandler):
+    def get(self):
+        user_id = self.get_secure_cookie("user")
+        self.write('<html><body><form action="/login" method="post">'
+                   'Name: <input type="text" name="name" value=%s>'
+                   'Keyword: <input type="text" name="keyword">'
+                   '<input type="submit" value="Sign in">'
+                   '</form></body></html>'%user_id)
+
+    def post(self):
+        self.set_secure_cookie("user", self.get_argument("name", default=u''))
+        self.set_secure_cookie("keyword", self.get_argument("keyword", default=u''))
+        self.redirect("/")
 
 class NewHandler(web.RequestHandler):
     def get(self):

IPython/frontend/html/notebook/notebookapp.py

@@ -35,7 +35,7 @@ from tornado import httpserver
 from tornado import web
 
 from .kernelmanager import MappingKernelManager
-from .handlers import (
+from .handlers import (LoginHandler,
     NBBrowserHandler, NewHandler, NamedNotebookHandler,
     MainKernelHandler, KernelHandler, KernelActionHandler, IOPubHandler,
     ShellHandler, NotebookRootHandler, NotebookHandler, RSTHandler
@@ -80,6 +80,7 @@ class NotebookWebApplication(web.Application):
     def __init__(self, ipython_app, kernel_manager, notebook_manager, log):
         handlers = [
             (r"/", NBBrowserHandler),
+            (r"/login", LoginHandler),
             (r"/new", NewHandler),
             (r"/%s" % _notebook_id_regex, NamedNotebookHandler),
             (r"/kernels", MainKernelHandler),
@@ -94,6 +95,8 @@ class NotebookWebApplication(web.Application):
         settings = dict(
             template_path=os.path.join(os.path.dirname(__file__), "templates"),
             static_path=os.path.join(os.path.dirname(__file__), "static"),
+            cookie_secret="61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2XdTP1o/Vo=",
+            login_url="/login",
         )
         web.Application.__init__(self, handlers, **settings)
 
@@ -122,7 +125,8 @@ aliases.update({
     'keyfile': 'IPythonNotebookApp.keyfile',
     'certfile': 'IPythonNotebookApp.certfile',
     'ws-hostname': 'IPythonNotebookApp.ws_hostname',
-    'notebook-dir': 'NotebookManager.notebook_dir'
+    'notebook-dir': 'NotebookManager.notebook_dir',
+    'keyword' : 'IPythonNotebookApp.keyword'
 })
 
 notebook_aliases = [u'port', u'ip', u'keyfile', u'certfile', u'ws-hostname',
@@ -185,6 +189,10 @@ class IPythonNotebookApp(BaseIPythonApplication):
         help="""The full path to a private key file for usage with SSL/TLS."""
     )
 
+    keyword = Unicode(u'', config=True,
+                      help="""Keyword to use for web authentication"""
+    )
+
     def get_ws_url(self):
         """Return the WebSocket URL for this server."""
         if self.certfile:
@@ -241,6 +249,7 @@ class IPythonNotebookApp(BaseIPythonApplication):
                 ssl_options['keyfile'] = self.keyfile
         else:
             ssl_options = None
+        self.web_app.keyword = self.keyword
         self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options)
         if ssl_options is None and not self.ip:
             self.log.critical('WARNING: the notebook server is listening on all IP addresses '