I have a CherryPy application running successfully using the built-in digest authentication tool and no session support. Now, I would like to expose additional features to certain users. Is it possible to obtain the currently-authenticated user from the authorization system?
You can use: cherrypy.request.login.
To quote:
When authentication is used during the request processing this is set to ‘False’ if it failed and to the ‘username’ value if it succeeded. The default ‘None’ implies that no authentication happened.
The whole HTTP Basic / Digest authentication in CherryPy is very nicely explained here (unfortunately the original blog no longer features this page, at least I couldn't find it - WayBack Machine to the rescue).