Skip to content

Commit

Permalink
Basic authentication with custom scheme
Browse files Browse the repository at this point in the history
  • Loading branch information
miguelgrinberg committed Jun 4, 2020
1 parent acd0932 commit 1aaf872
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions flask_httpauth.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
:license: MIT, see LICENSE for more details.
"""

from base64 import b64decode
from functools import wraps
from hashlib import md5
from random import Random, SystemRandom
Expand Down Expand Up @@ -191,6 +192,22 @@ def verify_password(self, f):
self.verify_password_callback = f
return f

def get_auth(self):
# this version of the Authorization header parser is more flexible
# than Werkzeug's, as it also accepts other schemes besides "Basic"
header = self.header or 'Authorization'
if header not in request.headers:
return None
value = request.headers[header].encode('utf-8')
try:
scheme, credentials = value.split(b' ', 1)
username, password = b64decode(credentials).split(b':', 1)
except (ValueError, TypeError):
return None
return Authorization(
scheme, {'username': username.decode('utf-8'),
'password': password.decode('utf-8')})

def authenticate(self, auth, stored_password):
if auth:
username = auth.username
Expand Down

0 comments on commit 1aaf872

Please sign in to comment.