change BasicAuthMiddleware again

1 files changed, 16 insertions, 24 deletions

diff --git a/wsgitools/middlewares.py b/wsgitools/middlewares.py
index 7df21a9..f9362b7 100644
--- a/wsgitools/middlewares.py
+++ b/wsgitools/middlewares.py
@@ -272,8 +272,7 @@ class DictAuthChecker:
 __all__.append("BasicAuthMiddleware")
 class BasicAuthMiddleware:
     """Middleware implementing HTTP Basic Auth."""
-    def __init__(self, app, check_function, realm='www', html401=None,
-                 status401=None):
+    def __init__(self, app, check_function, realm='www', app401=None):
         """
         @param app: is a WSGI application.
         @param check_function: is a function taking three arguments username,
@@ -281,25 +280,13 @@ class BasicAuthMiddleware:
                 request may is allowed. The older interface of taking only the
                 first two arguments is still supported via catching a TypeError.
         @type realm: str
-        @type html401: str or None
-        @param html401: is to be delivered on authentication failures instead of
-                the default
-        @param status401: is to be delivered on authentication failures instead
-                of the default
+        @param app401: is an optional WSGI application to be used for error
+                messages
         """
         self.app = app
         self.check_function = check_function
         self.realm = realm
-        if status401 is None:
-            self.status401 = "401 Authorization required"
-        else:
-            self.status401 = status401
-        if html401 is None:
-            self.html401 = "<html><head><title>Authorization required" + \
-                    "</title></head><body><h1>Authorization required</h1>" \
-                    "</body></html>\n"
-        else:
-            self.html401 = html401
+        self.app401 = app401
 
     def __call__(self, environ, start_response):
         """wsgi interface
@@ -330,13 +317,18 @@ class BasicAuthMiddleware:
         """wsgi application for indicating authorization is required.
         @type environ: {str: str}
         """
-        headers = [('Content-type', 'text/html'),
-                   ('WWW-Authenticate', 'Basic realm="%s"' % self.realm),
-                   ("Content-length", str(len(self.html401)))]
-        start_response(self.status401, headers)
-        if environ["REQUEST_METHOD"].upper() == "HEAD":
-            return []
-        return [self.html401]
+        if self.app401 is None:
+            status = "401 Authorization required"
+            html = "<html><head><title>Authorization required</title></head>" \
+                    "<body><h1>Authorization required</h1></body></html>\n"
+            headers = [('Content-type', 'text/html'),
+                       ('WWW-Authenticate', 'Basic realm="%s"' % self.realm),
+                       ("Content-length", str(len(html)))]
+            start_response(status, headers)
+            if environ["REQUEST_METHOD"].upper() == "HEAD":
+                return []
+            return [html]
+        return self.app401(environ, start_response)
 
 __all__.append("TracebackMiddleware")
 class TracebackMiddleware: