Austin Godber
@godber
DesertPy Co-Organizer
Meetup, Github and http://desertpy.com
DesertPy - 01/25/2017
Say we have an HTTP server that requires a username and password to login to it, in this case HTTP Basic Authentication.
python ./SimpleAuthServer.py 8080 desertpy:rocks
Show that this pops up the username/password dialog in the browser
import requests
from requests.auth import HTTPBasicAuth
r = requests.get('http://localhost:8080/file.txt',
auth=HTTPBasicAuth('desertpy', 'rocks'))
r.text
'This is a test file.\n'
Now lets just commit this code ...
... wait, I just pushed passwords to a public github repo!
~/.netrc
python ./authget.py desertpy rocks
Password shows up:
export USER=desertpy
export PASS=rocks
python ./authget.py
Password shows up:
~/.netrc
file¶Put the following in ~/.netrc
machine localhost
login desertpy
password rocks
Don't forget to chmod 0600 ~/.netrc
import requests
from requests.auth import HTTPBasicAuth
# note the omission of the auth kwarg
r = requests.get('http://localhost:8080/file.txt')
r.text
'This is a test file.\n'
Drawback:
What do we do with the token? Pass it in and renew it. Needs bootstrapping by person. This is the cost of getting fancy.
Install the python keyring
module.
!pip install keyring
Requirement already satisfied: keyring in /Users/godber/miniconda3/envs/desertpy_2016-12-26_v1/lib/python3.5/site-packages
!keyring
Usage: keyring [get|set|del] SERVICE USERNAME Options: -h, --help show this help message and exit -p KEYRING_PATH, --keyring-path=KEYRING_PATH Path to the keyring backend -b KEYRING_BACKEND, --keyring-backend=KEYRING_BACKEND Name of the keyring backend
$ keyring set testhttpauth desertpy
Password for 'desertpy' in 'testhttpauth':
$ keyring get testhttpauth desertpy
rocks
import requests
from requests.auth import HTTPBasicAuth
import keyring
user = "desertpy"
password = keyring.get_password('testhttpauth', user)
r = requests.get('http://localhost:8080/file.txt',
auth=HTTPBasicAuth(user, password))
r.text
'This is a test file.\n'