or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

Files

docs

basic-auth.mddigest-auth.mdindex.mdmulti-auth.mdroles.mdtoken-auth.md

index.mddocs/

0
# Flask-HTTPAuth
1


2
A simple extension that provides Basic and Digest HTTP authentication for Flask routes. Flask-HTTPAuth enables developers to easily secure Flask endpoints with various authentication methods including HTTP Basic, HTTP Digest, token-based authentication, and flexible multi-authentication schemes.
3


4
## Package Information
5


6
- **Package Name**: Flask-HTTPAuth
7
- **Language**: Python
8
- **Installation**: `pip install Flask-HTTPAuth`
9


10
## Core Imports
11


12
```python
13
from flask_httpauth import HTTPBasicAuth, HTTPDigestAuth, HTTPTokenAuth, MultiAuth
14
```
15


16
## Basic Usage
17


18
```python
19
from flask import Flask
20
from flask_httpauth import HTTPBasicAuth
21
from werkzeug.security import generate_password_hash, check_password_hash
22


23
app = Flask(__name__)
24
auth = HTTPBasicAuth()
25


26
users = {
27
    "john": generate_password_hash("hello"),
28
    "susan": generate_password_hash("bye")
29
}
30


31
@auth.verify_password
32
def verify_password(username, password):
33
    if username in users and check_password_hash(users.get(username), password):
34
        return username
35


36
@app.route('/')
37
@auth.login_required
38
def index():
39
    return f"Hello, {auth.current_user()}"
40


41
if __name__ == '__main__':
42
    app.run()
43
```
44


45
## Architecture
46


47
Flask-HTTPAuth follows a class-based architecture with inheritance:
48


49
- **HTTPAuth**: Base class providing common authentication infrastructure
50
- **HTTPBasicAuth**: Implements HTTP Basic authentication with password hashing support
51
- **HTTPDigestAuth**: Implements HTTP Digest authentication with nonce/opaque validation
52
- **HTTPTokenAuth**: Implements token-based authentication (Bearer tokens, custom schemes)
53
- **MultiAuth**: Combines multiple authentication methods for flexible endpoint protection
54


55
All authentication classes provide decorator-based callback registration, automatic error handling, and seamless Flask integration through request/response processing.
56


57
## Capabilities
58


59
### Basic Authentication
60


61
HTTP Basic authentication with secure password verification, supporting both plain password comparison and hashed password storage with custom verification callbacks.
62


63
```python { .api }
64
class HTTPBasicAuth:
65
    def __init__(self, scheme=None, realm=None): ...
66
    def verify_password(self, f): ...
67
    def hash_password(self, f): ...
68
    def login_required(self, f=None, role=None, optional=None): ...
69
    def current_user(self): ...
70
```
71


72
[Basic Authentication](./basic-auth.md)
73


74
### Digest Authentication
75


76
HTTP Digest authentication providing enhanced security over Basic auth through challenge-response mechanisms, supporting MD5 and MD5-Sess algorithms with customizable nonce and opaque value generation.
77


78
```python { .api }
79
class HTTPDigestAuth:
80
    def __init__(self, scheme=None, realm=None, use_ha1_pw=False, qop='auth', algorithm='MD5'): ...
81
    def generate_nonce(self, f): ...
82
    def verify_nonce(self, f): ...
83
    def generate_opaque(self, f): ...
84
    def verify_opaque(self, f): ...
85
    def login_required(self, f=None, role=None, optional=None): ...
86
```
87


88
[Digest Authentication](./digest-auth.md)
89


90
### Token Authentication
91


92
Token-based authentication supporting Bearer tokens and custom authentication schemes, with flexible token verification and custom header support for API authentication patterns.
93


94
```python { .api }
95
class HTTPTokenAuth:
96
    def __init__(self, scheme='Bearer', realm=None, header=None): ...
97
    def verify_token(self, f): ...
98
    def login_required(self, f=None, role=None, optional=None): ...
99
    def current_user(self): ...
100
```
101


102
[Token Authentication](./token-auth.md)
103


104
### Multi-Authentication
105


106
Combines multiple authentication methods, automatically selecting the appropriate authentication handler based on request headers, enabling flexible endpoint protection with fallback authentication schemes.
107


108
```python { .api }
109
class MultiAuth:
110
    def __init__(self, main_auth, *args): ...
111
    def login_required(self, f=None, role=None, optional=None): ...
112
    def current_user(self): ...
113
```
114


115
[Multi-Authentication](./multi-auth.md)
116


117
### Role-Based Authorization
118


119
Role-based access control system that works across all authentication methods, supporting simple roles, multiple roles per user, and complex role hierarchies with flexible authorization callbacks.
120


121
```python { .api }
122
# Available on HTTPAuth base class and all subclasses
123
def get_user_roles(self, f): ...
124
def login_required(self, f=None, role=None, optional=None): ...
125
```
126


127
[Role-Based Authorization](./roles.md)
128


129
## Common Types
130


131
```python { .api }
132
# Flask imports used throughout
133
from flask import request, make_response, session, g
134
from werkzeug.datastructures import Authorization
135


136
# Base authentication class inherited by all auth types
137
class HTTPAuth:
138
    def __init__(self, scheme=None, realm=None, header=None): ...
139
    def get_password(self, f): ...
140
    def get_user_roles(self, f): ...
141
    def error_handler(self, f): ...
142
    def login_required(self, f=None, role=None, optional=None): ...
143
    def username(self): ...
144
    def current_user(self): ...
145
```