Flask Snippets

HTTP Digest Auth

Posted by Shane Holloway on 2010-07-01 @ 02:46 and filed in Authentication

For more sophisticated authentication needs, HTTP Digest is a ready solution. To use it in your Flask app, start by extending the authdigest contribution to werkzeug with Flask knowledge:

from functools import wraps
from werkzeug.contrib import authdigest
import flask

class FlaskRealmDigestDB(authdigest.RealmDigestDB):
    def requires_auth(self, f):
        def decorated(*args, **kwargs):
            request = flask.request
            if not self.isAuthenticated(request):
                return self.challenge()

            return f(*args, **kwargs)

        return decorated

The create a digest database to hold your user authentication data:

authDB = FlaskRealmDigestDB('MyAuthRealm')
authDB.add_user('admin', 'test')

Use the authDB.requires_auth instance method to wrap a view function:

from flask import request, session

def auth():
    session['user'] = request.authorization.username
    return "<h1>Content for authenticated user</h1>"

Or use the instance of authDB directly:

def authApi():
    if not authDB.isAuthenticated(request):
        return authDB.challenge()

    session['user'] = request.authorization.username
    return "<h1>Content for authenticated user</h1>"

The authdigest module was brought to you by Shane Holloway, under the same license as Werkzeug and Flask.

- Updates -

2013 April: Submit pull requests or fork flask-digestauth from BitBucket.

This snippet by Shane Holloway can be used freely for anything you like. Consider it public domain.