[英]How do I send username and password in request from frontend for auth with flask_httpauth?
I have an app that implements basic username and password authentication. 我有一个实现基本用户名和密码验证的应用程序。 I wanna be able to send username and password auth headers along with my form data when i make a request from frontend. 当我从前端发出请求时,我希望能够发送用户名和密码auth标头以及表单数据。
how can I send those username and password headers along with the request when form submit is clicked. 单击表单提交后,如何发送用户名和密码标题以及请求。
My verify password looks like this: 我的验证密码如下所示:
@auth.verify_password
def verify_password(username, password):
from email_scheduler.models.api_models import User
user = User.query.filter_by(username=username).first()
if not user or not user.verify_password(password):
return False
g.user = user
return True
My api is this: 我的api是这样的:
class TaskCreate(Resource):
method_decorators = {'post': [auth.login_required]} #handles auth
def post(self):
args = task_parser.parse_args()
from email_scheduler.models.api_models import TaskModel
task = TaskModel(task_text=args.get('task_text'), user_id=g.user.id)
task.save_to_db()
return make_response(jsonify({'message': 'Task added to the database'}), 200)
It is fairly simple to do with postman, where i can just hop over to the authorization tab and put the username and password in. how do i do it if i have a frontend? 使用邮递员非常简单,我可以跳到授权选项卡,然后输入用户名和密码。如果我有前端,该怎么办?
Unfortunately you cannot explicitly submit additional headers such as Authorization
used for basic authentication with a browser issued GET or POST request. 不幸的是,您无法通过浏览器发出的GET或POST请求显式提交其他标头,例如用于基本身份验证的Authorization
。 You can add do this for background requests issued from JavaScript. 您可以添加针对JavaScript发出的后台请求执行此操作。
For plan browser requests, the only way to submit authentication is to force the browser to do it for you by returning a 401 status code from your endpoint. 对于计划的浏览器请求,提交身份验证的唯一方法是通过从端点返回401状态代码来强制浏览器为您执行身份验证。 When the browser gets the 401 it will display a login dialog box where the user enters their username and password. 当浏览器获取401时,它将显示一个登录对话框,用户可以在其中输入用户名和密码。 After that the browser will add an Authorization
header to any follow up requests going to that host. 之后,浏览器将向所有发送到该主机的后续请求添加一个Authorization
标头。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.