Python Requests: Master Basic and Digest Authentication

Authentication is crucial for securing web applications and APIs. The Python requests library provides robust support for different authentication methods, particularly Basic and Digest authentication.

Basic Authentication

Basic authentication is the simplest form of HTTP authentication. It sends credentials in base64-encoded format. While simple, it should only be used with HTTPS to ensure security.

Here's how to implement Basic authentication with the requests library:

import requests
from requests.auth import HTTPBasicAuth

url = 'https://api.example.com/secure'
response = requests.get(url, auth=HTTPBasicAuth('username', 'password'))

print(response.status_code)

200

For simpler usage, you can also use a tuple instead of HTTPBasicAuth:

response = requests.get(url, auth=('username', 'password'))

Digest Authentication

Digest authentication is more secure than Basic authentication as it doesn't transmit passwords in encoded format. Instead, it uses a nonce-based authentication system.

To use Digest authentication, you'll need to import HTTPDigestAuth:

from requests.auth import HTTPDigestAuth

url = 'https://api.example.com/secure'
auth = HTTPDigestAuth('username', 'password')
response = requests.get(url, auth=auth)

print(response.status_code)

Error Handling

When dealing with authentication, it's important to handle potential errors. For more details on error handling, check our guide on Python Requests Error Handling.

try:
    response = requests.get(url, auth=HTTPBasicAuth('username', 'wrong_password'))
    response.raise_for_status()
except requests.exceptions.HTTPError as e:
    if e.response.status_code == 401:
        print("Authentication failed")
    else:
        print(f"HTTP Error: {e}")

Custom Authentication

You can create custom authentication by subclassing requests.auth.AuthBase. This is useful when working with APIs that require special authentication methods.

from requests.auth import AuthBase

class TokenAuth(AuthBase):
    def __init__(self, token):
        self.token = token

    def __call__(self, r):
        r.headers['Authorization'] = f'Token {self.token}'
        return r

response = requests.get(url, auth=TokenAuth('your-token'))

Session Authentication

For multiple requests to the same host, using a session is more efficient. Learn more about sessions in our guide about Python Requests Session Management.

with requests.Session() as session:
    session.auth = ('username', 'password')
    response1 = session.get('https://api.example.com/endpoint1')
    response2 = session.get('https://api.example.com/endpoint2')

Security Best Practices

Never store credentials in your code. Use environment variables or secure configuration files to store sensitive information.

Always use HTTPS when transmitting credentials. Basic authentication over HTTP is extremely insecure.

Conclusion

Understanding authentication in Python Requests is essential for secure API interactions. Choose the appropriate authentication method based on your security requirements and API specifications.

For more advanced usage, including working with JSON data, check our guide on handling JSON responses with Requests.