Auth¶
Here is the auth interface definition in order to implement a new authentication backend. It is composed by two classes.
- class burpui.misc.auth.interface.BUIhandler[source]¶
The
burpui.misc.auth.interface.BUIhandler
class maintains a list ofBurp-UI
users.- Parameters:
app (
burpui.engines.server.BUIServer
) – Instance of the app we are running in
- remove(name)[source]¶
The
burpui.misc.auth.interface.BUIhandler.remove()
function allows to remove a user from the cache.- Parameters:
name (str) – Name of the user to remove
- abstract user(name=None, refresh=False)[source]¶
The
burpui.misc.auth.interface.BUIhandler.user()
function returns theflask_login:flask_login.UserMixin
object corresponding to the given user name.- Parameters:
name (str) – Name of the user
refresh (bool) – Whether we need to re-create a fresh user or not
- Returns:
- class burpui.misc.auth.interface.BUIuser[source]¶
The
burpui.misc.auth.interface.BUIuser
class extends theflask_login:flask_login.UserMixin
class.- property is_active¶
- Returns:
True if user is active, otherwise False
- property is_admin¶
If no ACL engine is loaded, every logged-in user will be granted admin rights :returns: True if the user is admin, otherwise False
- property is_authenticated¶
- Returns:
True if a user is authenticated, otherwise False
- property is_moderator¶
If no ACL engine is loaded, every logged-in user will be granted moderator rights :returns: True if the user is moderator, otherwise False
- abstract login(passwd=None)[source]¶
The
burpui.misc.auth.interface.BUIuser.login()
function checks if the profided username and password match.- Parameters:
passwd (str) – Password
- Returns:
True if the name and password match, otherwise False