Basic是HTTP简单的认证方式,不是很安全,用户名和密码会经过base64编码放在请求头(header)的Authorization字段下,服务器解析此请求头即可获得.
Basic认证失败会相应401状态码
1)flask
from flask import Flask
from flask_httpauth import HTTPBasicAuth
app = Flask(__name__)
auth = HTTPBasicAuth()
user = {'username': 'wang', 'password': '123'}
# requests.get('http://127.0.0.1:5000/login',auth=('wang','123')) # 会将用户名和密码发给请求头的
@auth.get_password # 只对明文密码有效
def get_password(username):
if user['username'] == username:
return user['password']
return None
@app.route('/')
@auth.login_required
def index():
return "Hello, %s!" % auth.username()
if __name__ == '__main__':
app.run(debug=True)
2)requests
HTTP Basic Auth
发的是get请求,用户名和密码放在request.headers[‘Authorization’]里,使用base64加密
requests
from requests.auth import HTTPBasicAuth
requests.get('http://127.0.0.1:5000/login', auth=HTTPBasicAuth('user', 'pass')) # # 本质上存在request.headers['Authorization']里,使用base64加密 #拿到授权信息(类型 信息)
HTTP Basic Auth 如此常见,Requests 就提供了一种简写的使用方式:
requests.get('http://127.0.0.1:5000/login', auth=('wang', '123'))
3)前端
??
参考:
https://www.cnblogs.com/Erick-L/p/7060806.html