POST with basic auth and cookie from python?

D

Dan Stromberg

If I wanted to write a python script that performs basic auth, gets a
cookie, and then does an http POST using the cookie for authentication,
what would be the best python API to write to?

Does someone already have example code that does something like this?

Thanks.
 
M

Michael Foord

Dan Stromberg said:
If I wanted to write a python script that performs basic auth, gets a
cookie, and then does an http POST using the cookie for authentication,
what would be the best python API to write to?

Does someone already have example code that does something like this?

Thanks.

Well... I know *part* of the solution ! I'm also struggling with http
authentiction from python. The cookie part is easy, ClientCookie (or
cookielib if you use Python 2.4) will automatically handle the cookies
for you.See http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/302930
for details of how to do that part.

I have also sussed out how to do basic authentication the first time
round (get an error code 401 from the server, repeat the request with
the username and password encoded into the header).

My test CGI at http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/298336
has an example of how to do this.

req = reqfun(theurl, None, {'User-agent' : 'Mozilla/4.0 (compatible;
MSIE 5.5; Windows NT)'})
if data['name'] and data['pass']:
import base64
base64string = base64.encodestring('%s:%s' % (data['name'],
data['pass']))[:-1]
req.add_header("Authorization", "Basic %s" % base64string)

(Which I took from another cookbook recipe I think).

After that it gets more complicated because that username/password is
valid for a whole 'realm' - and I've really struggled finding
documentation on http realms. I have the added problem that I'm doing
this all in a CGI - so any auth handlers I create aren't persistent
across consecutive page accesses - so I may need to save this
password/realm information between page accesses... yuck.

You might not have that problem and may be able to install an auth
handler with the realm information as part of your opener. If it's
really *just* the cookie providing authentication though you shouldn't
have a problem. In the meantime I've got a book on http on order from
amazon..........

Oh - if anyone can help on this it would be great !! What the heck is
a realm and how do they work !!


Regards,


Fuzzy

http://www.voidspace.org.uk/atlantibots/pythonutils.html
 
M

Michael Foord

Lee Harr said:

Thanks - it was the comments from that recipe that I got the code to
do basic athorization. One of the commenters also states that using
urllib2.HTTPPasswordMgrWithDefaultRealm will also do the job
(remembering the username and password for the realm, once you have
supplied it). The trouble is that in *my* code (sorry to the original
poster for hijacking the thread) is a CGI. This means that for each
seperate page access the process starts afresh - so I would need to
save in an external file the username and password combinations...
which is by no means an ideal solution.

The bottom line for me is that I don't actually understand what a
realm is and how http does authentication beyond the first page access
- does it need the username and password encoded in the headers for
access to every page in that realm ?

Tell you what - I'll start another thread and see if anyone
replies.....

Regards,

Fuzzy

http://www.voidspace.org.uk/atlantibots/pythonutils.html
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top