CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-flask-httpauth

Simple extension that provides Basic and Digest HTTP authentication for Flask routes

Pending

Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Overview
Eval results
Files

Flask-HTTPAuth

A simple extension that provides Basic and Digest HTTP authentication for Flask routes. Flask-HTTPAuth enables developers to easily secure Flask endpoints with various authentication methods including HTTP Basic, HTTP Digest, token-based authentication, and flexible multi-authentication schemes.

Package Information

  • Package Name: Flask-HTTPAuth
  • Language: Python
  • Installation: pip install Flask-HTTPAuth

Core Imports

from flask_httpauth import HTTPBasicAuth, HTTPDigestAuth, HTTPTokenAuth, MultiAuth

Basic Usage

from flask import Flask
from flask_httpauth import HTTPBasicAuth
from werkzeug.security import generate_password_hash, check_password_hash

app = Flask(__name__)
auth = HTTPBasicAuth()

users = {
    "john": generate_password_hash("hello"),
    "susan": generate_password_hash("bye")
}

@auth.verify_password
def verify_password(username, password):
    if username in users and check_password_hash(users.get(username), password):
        return username

@app.route('/')
@auth.login_required
def index():
    return f"Hello, {auth.current_user()}"

if __name__ == '__main__':
    app.run()

Architecture

Flask-HTTPAuth follows a class-based architecture with inheritance:

  • HTTPAuth: Base class providing common authentication infrastructure
  • HTTPBasicAuth: Implements HTTP Basic authentication with password hashing support
  • HTTPDigestAuth: Implements HTTP Digest authentication with nonce/opaque validation
  • HTTPTokenAuth: Implements token-based authentication (Bearer tokens, custom schemes)
  • MultiAuth: Combines multiple authentication methods for flexible endpoint protection

All authentication classes provide decorator-based callback registration, automatic error handling, and seamless Flask integration through request/response processing.

Capabilities

Basic Authentication

HTTP Basic authentication with secure password verification, supporting both plain password comparison and hashed password storage with custom verification callbacks.

class HTTPBasicAuth:
    def __init__(self, scheme=None, realm=None): ...
    def verify_password(self, f): ...
    def hash_password(self, f): ...
    def login_required(self, f=None, role=None, optional=None): ...
    def current_user(self): ...

Basic Authentication

Digest Authentication

HTTP Digest authentication providing enhanced security over Basic auth through challenge-response mechanisms, supporting MD5 and MD5-Sess algorithms with customizable nonce and opaque value generation.

class HTTPDigestAuth:
    def __init__(self, scheme=None, realm=None, use_ha1_pw=False, qop='auth', algorithm='MD5'): ...
    def generate_nonce(self, f): ...
    def verify_nonce(self, f): ...
    def generate_opaque(self, f): ...
    def verify_opaque(self, f): ...
    def login_required(self, f=None, role=None, optional=None): ...

Digest Authentication

Token Authentication

Token-based authentication supporting Bearer tokens and custom authentication schemes, with flexible token verification and custom header support for API authentication patterns.

class HTTPTokenAuth:
    def __init__(self, scheme='Bearer', realm=None, header=None): ...
    def verify_token(self, f): ...
    def login_required(self, f=None, role=None, optional=None): ...
    def current_user(self): ...

Token Authentication

Multi-Authentication

Combines multiple authentication methods, automatically selecting the appropriate authentication handler based on request headers, enabling flexible endpoint protection with fallback authentication schemes.

class MultiAuth:
    def __init__(self, main_auth, *args): ...
    def login_required(self, f=None, role=None, optional=None): ...
    def current_user(self): ...

Multi-Authentication

Role-Based Authorization

Role-based access control system that works across all authentication methods, supporting simple roles, multiple roles per user, and complex role hierarchies with flexible authorization callbacks.

# Available on HTTPAuth base class and all subclasses
def get_user_roles(self, f): ...
def login_required(self, f=None, role=None, optional=None): ...

Role-Based Authorization

Common Types

# Flask imports used throughout
from flask import request, make_response, session, g
from werkzeug.datastructures import Authorization

# Base authentication class inherited by all auth types
class HTTPAuth:
    def __init__(self, scheme=None, realm=None, header=None): ...
    def get_password(self, f): ...
    def get_user_roles(self, f): ...
    def error_handler(self, f): ...
    def login_required(self, f=None, role=None, optional=None): ...
    def username(self): ...
    def current_user(self): ...

Install with Tessl CLI

npx tessl i tessl/pypi-flask-httpauth
Workspace
tessl
Visibility
Public
Created
Last updated
Describes
pypipkg:pypi/flask-httpauth@4.8.x
Publish Source
CLI
Badge
tessl/pypi-flask-httpauth badge