Requests supports diverse kinds of authentication procedures, and it is built in such a way that the method of authentication feels like a cakewalk. In this chapter, we opt to throw light on various types of authentication procedures that are used by various tech giants for accessing the web resources.
We will cover the following topics:
Basic authentication is a popular, industry-standard scheme of authentication, which is specified in HTTP 1.0
. This method makes use of a user-ID
and password
submitted by the user to get authenticated. The submitted user-ID
and password
are encoded using Base64
encoding standards and transmitted across HTTP. The server gives access to the user only if the user-ID
and the password
are valid. The following are the advantages of using basic authentication:
The basic authentication flow contains two steps:
http 401
response containing a WWW-Authenticate
header.Authorization
header, the server processes the submitted credentials and gives the access.You can see this in the following diagram:
We can use the
requests
module to send a request to undergo basic authentication very easily. The process can be seen as follows:
>>> from requests.auth import HTTPBasicAuth >>> requests.get('https://demo.example.com/resource/path', auth=HTTPBasicAuth('user-ID', 'password'))
In the preceding lines of code, we performed basic authentication by creating an HTTPBasicAuth
object; then we passed it to the auth
parameter, which will be submitted to the server. If the submitted credentials gets authenticated successfully, the server returns a 200
(Successful) response, otherwise, it will return a 401
(Unauthorized) response.
18.224.51.145