tessl/pypi-flask-httpauth
Simple extension that provides Basic and Digest HTTP authentication for Flask routes
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-flask-httpauth@4.8.00
# Flask-HTTPAuth
1
2
A simple extension that provides Basic and Digest HTTP authentication for Flask routes. Flask-HTTPAuth enables developers to easily secure Flask endpoints with various authentication methods including HTTP Basic, HTTP Digest, token-based authentication, and flexible multi-authentication schemes.
3
4
## Package Information
5
6
- **Package Name**: Flask-HTTPAuth
7
- **Language**: Python
8
- **Installation**: `pip install Flask-HTTPAuth`
9
10
## Core Imports
11
12
```python
13
from flask_httpauth import HTTPBasicAuth, HTTPDigestAuth, HTTPTokenAuth, MultiAuth
14
```
15
16
## Basic Usage
17
18
```python
19
from flask import Flask
20
from flask_httpauth import HTTPBasicAuth
21
from werkzeug.security import generate_password_hash, check_password_hash
22
23
app = Flask(__name__)
24
auth = HTTPBasicAuth()
25
26
users = {
27
"john": generate_password_hash("hello"),
28
"susan": generate_password_hash("bye")
29
}
30
31
@auth.verify_password
32
def verify_password(username, password):
33
if username in users and check_password_hash(users.get(username), password):
34
return username
35
36
@app.route('/')
37
@auth.login_required
38
def index():
39
return f"Hello, {auth.current_user()}"
40
41
if __name__ == '__main__':
42
app.run()
43
```
44
45
## Architecture
46
47
Flask-HTTPAuth follows a class-based architecture with inheritance:
48
49
- **HTTPAuth**: Base class providing common authentication infrastructure
50
- **HTTPBasicAuth**: Implements HTTP Basic authentication with password hashing support
51
- **HTTPDigestAuth**: Implements HTTP Digest authentication with nonce/opaque validation
52
- **HTTPTokenAuth**: Implements token-based authentication (Bearer tokens, custom schemes)
53
- **MultiAuth**: Combines multiple authentication methods for flexible endpoint protection
54
55
All authentication classes provide decorator-based callback registration, automatic error handling, and seamless Flask integration through request/response processing.
56
57
## Capabilities
58
59
### Basic Authentication
60
61
HTTP Basic authentication with secure password verification, supporting both plain password comparison and hashed password storage with custom verification callbacks.
62
63
```python { .api }
64
class HTTPBasicAuth:
65
def __init__(self, scheme=None, realm=None): ...
66
def verify_password(self, f): ...
67
def hash_password(self, f): ...
68
def login_required(self, f=None, role=None, optional=None): ...
69
def current_user(self): ...
70
```
71
72
[Basic Authentication](./basic-auth.md)
73
74
### Digest Authentication
75
76
HTTP Digest authentication providing enhanced security over Basic auth through challenge-response mechanisms, supporting MD5 and MD5-Sess algorithms with customizable nonce and opaque value generation.
77
78
```python { .api }
79
class HTTPDigestAuth:
80
def __init__(self, scheme=None, realm=None, use_ha1_pw=False, qop='auth', algorithm='MD5'): ...
81
def generate_nonce(self, f): ...
82
def verify_nonce(self, f): ...
83
def generate_opaque(self, f): ...
84
def verify_opaque(self, f): ...
85
def login_required(self, f=None, role=None, optional=None): ...
86
```
87
88
[Digest Authentication](./digest-auth.md)
89
90
### Token Authentication
91
92
Token-based authentication supporting Bearer tokens and custom authentication schemes, with flexible token verification and custom header support for API authentication patterns.
93
94
```python { .api }
95
class HTTPTokenAuth:
96
def __init__(self, scheme='Bearer', realm=None, header=None): ...
97
def verify_token(self, f): ...
98
def login_required(self, f=None, role=None, optional=None): ...
99
def current_user(self): ...
100
```
101
102
[Token Authentication](./token-auth.md)
103
104
### Multi-Authentication
105
106
Combines multiple authentication methods, automatically selecting the appropriate authentication handler based on request headers, enabling flexible endpoint protection with fallback authentication schemes.
107
108
```python { .api }
109
class MultiAuth:
110
def __init__(self, main_auth, *args): ...
111
def login_required(self, f=None, role=None, optional=None): ...
112
def current_user(self): ...
113
```
114
115
[Multi-Authentication](./multi-auth.md)
116
117
### Role-Based Authorization
118
119
Role-based access control system that works across all authentication methods, supporting simple roles, multiple roles per user, and complex role hierarchies with flexible authorization callbacks.
120
121
```python { .api }
122
# Available on HTTPAuth base class and all subclasses
123
def get_user_roles(self, f): ...
124
def login_required(self, f=None, role=None, optional=None): ...
125
```
126
127
[Role-Based Authorization](./roles.md)
128
129
## Common Types
130
131
```python { .api }
132
# Flask imports used throughout
133
from flask import request, make_response, session, g
134
from werkzeug.datastructures import Authorization
135
136
# Base authentication class inherited by all auth types
137
class HTTPAuth:
138
def __init__(self, scheme=None, realm=None, header=None): ...
139
def get_password(self, f): ...
140
def get_user_roles(self, f): ...
141
def error_handler(self, f): ...
142
def login_required(self, f=None, role=None, optional=None): ...
143
def username(self): ...
144
def current_user(self): ...
145
```