From 1aaf872716cb46330fd49e89663da1a568e54f0b Mon Sep 17 00:00:00 2001 From: Miguel Grinberg Date: Thu, 4 Jun 2020 12:48:28 +0100 Subject: [PATCH] Basic authentication with custom scheme --- flask_httpauth.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/flask_httpauth.py b/flask_httpauth.py index ce35bdb..ca434c6 100644 --- a/flask_httpauth.py +++ b/flask_httpauth.py @@ -8,6 +8,7 @@ :license: MIT, see LICENSE for more details. """ +from base64 import b64decode from functools import wraps from hashlib import md5 from random import Random, SystemRandom @@ -191,6 +192,22 @@ def verify_password(self, f): self.verify_password_callback = f return f + def get_auth(self): + # this version of the Authorization header parser is more flexible + # than Werkzeug's, as it also accepts other schemes besides "Basic" + header = self.header or 'Authorization' + if header not in request.headers: + return None + value = request.headers[header].encode('utf-8') + try: + scheme, credentials = value.split(b' ', 1) + username, password = b64decode(credentials).split(b':', 1) + except (ValueError, TypeError): + return None + return Authorization( + scheme, {'username': username.decode('utf-8'), + 'password': password.decode('utf-8')}) + def authenticate(self, auth, stored_password): if auth: username = auth.username