Flask HTTP Digest Authentication
Go to file
2022-11-24 07:13:21 +11:00
src/flask_digest_auth Moved the ha1 and ha2 calculation into the calc_response function. 2022-11-24 07:13:21 +11:00
tests Revised so that Flask-Login become an optional dependency. 2022-11-24 01:02:51 +11:00
.gitignore Added .gitignore. 2022-11-23 10:26:11 +11:00
LICENSE Added LICENSE, MANIFEST.in, pyproject.toml, README.rst, and setup.cfg as the starting project skeleton. 2022-11-23 18:07:00 +11:00
MANIFEST.in Added LICENSE, MANIFEST.in, pyproject.toml, README.rst, and setup.cfg as the starting project skeleton. 2022-11-23 18:07:00 +11:00
pyproject.toml Added LICENSE, MANIFEST.in, pyproject.toml, README.rst, and setup.cfg as the starting project skeleton. 2022-11-23 18:07:00 +11:00
README.rst Added the usage instruction to README.rst. 2022-11-24 01:42:03 +11:00
setup.cfg Revised so that Flask-Login become an optional dependency. 2022-11-24 01:02:51 +11:00

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> </head>

Flask HTTP Digest Authentication

Description

Flask-Digest-Auth is an HTTP Digest Authentication implementation for Flask applications. It authenticates the user for the protected views. It works with Flask-Login, so that log in protection can be separated with the authentication mechanism. You can write Flask modules that work with different authentication mechanisms.

Flask-Digest-Auth Alone without Flask-Login

Flask-Digest-Auth can authenticate the users alone without Flask-Login.

Example for Simple Applications with Flask-Digest-Auth Alone

from flask import Flask
from flask_digest_auth import DigestAuth

app: flask = Flask(__name__)
... (Configure the Flask application) ...

auth: DigestAuth = DigestAuth(realm="Admin")

@auth.register_get_password
def get_password_hash(username: str) -> t.Optional[str]:
    ... (Load the password hash) ...

@auth.register_get_user
def get_user(username: str) -> t.Optional[t.Any]:
    ... (Load the user) ...

@app.get("/admin")
@auth.login_required
def admin():
    ... (Process the view) ...

Example for Larger Applications with create_app() with Flask-Digest-Auth Alone

::

from flask import Flask
from flask_digest_auth import DigestAuth

auth: DigestAuth = DigestAuth(realm="Admin")

def create_app(test_config) -> Flask:
    app: flask = Flask(__name__)
    ... (Configure the Flask application) ...

    auth.realm = app.config["REALM"]

    @auth.register_get_password
    def get_password_hash(username: str) -> t.Optional[str]:
        ... (Load the password hash) ...

    @auth.register_get_user
    def get_user(username: str) -> t.Optional[t.Any]:
        ... (Load the user) ...

    return app

In your views:

from . import auth
from flask import Flask, Blueprint

bp = Blueprint("admin", __name__, url_prefix="/admin")

@bp.get("/")
@auth.login_required
def admin():
    ... (Process the view) ...

def init_app(app: Flask) -> None:
    app.register_blueprint(bp)

Flask-Login Integration

Flask-Digest-Auth can work with Flask-Login. You can write a Flask module that requires log in, without specifying the authentication mechanism. The Flask application can specify the actual authentication mechanism as they see fit.

Example for Simple Applications with Flask-Login Integration

from flask import Flask
from flask_digest_auth import DigestAuth
from flask_login import LoginManager

app: flask = Flask(__name__)
... (Configure the Flask application) ...

login_manager: LoginManager = LoginManager()
login_manager.init_app(app)

@login_manager.user_loader
def load_user(user_id: str) -> t.Optional[User]:
    ... (Load the user with the username) ...

auth: DigestAuth = DigestAuth(realm="Admin")
auth.init_app(app)

@auth.register_get_password
def get_password_hash(username: str) -> t.Optional[str]:
    ... (Load the password hash) ...

@app.get("/admin")
@login_manager.login_required
def admin():
    ... (Process the view) ...

Example for Larger Applications with create_app() with Flask-Login Integration

::

from flask import Flask
from flask_digest_auth import DigestAuth
from flask_login import LoginManager

def create_app(test_config) -> Flask:
    app: flask = Flask(__name__)
    ... (Configure the Flask application) ...

    login_manager: LoginManager = LoginManager()
    login_manager.init_app(app)

    @login_manager.user_loader
    def load_user(user_id: str) -> t.Optional[User]:
        ... (Load the user with the username) ...

    auth: DigestAuth = DigestAuth(realm=app.config["REALM"])
    auth.init_app(app)

    @auth.register_get_password
    def get_password_hash(username: str) -> t.Optional[str]:
        ... (Load the password hash) ...

    return app

In your views:

import flask_login
from flask import Flask, Blueprint

bp = Blueprint("admin", __name__, url_prefix="/admin")

@bp.get("/")
@flask_login.login_required
def admin():
    ... (Process the view) ...

def init_app(app: Flask) -> None:
    app.register_blueprint(bp)

The views only depend on Flask-Login, but not its underlying authentication mechanism. You can always change the authentication mechanism without changing the views, or release a protected Flask module without specifying the authentication mechanism.

Authors

imacat
2022/11/23
</html>