Add support for Basic Auth to the web API.

Review Request #1459 — Created March 6, 2010 and submitted

Information

Djblets
master

Reviewers

Add support for Basic Auth to the web API.

This adds support for Basic Authentication for the web API. Now if any page
presents an Access Denied error, it will do so with an HTTP 401 Unauthorized
error and a WWW-Authentication header saying to use basic authentication.
Clients can provide the username and password in a standard way, and we'll
authenticate them.

Clients no longer have to know to use the /account/login/ page before calling
any other API calls. This is especially useful for clients that don't really
know anything specific about the Review Board API. For example, wget or curl.
Made a request to a page that required login by using the web browser. I was presented with a dialog asking for a username and password.

If I canceled it, I got a JSON response saying I wasn't logged in.

When I tried it again and hit enter with invalid information, I was presented with the dialog again.

When I finally entered valid information, the request was carried out. I then saw that I was logged in to Review Board again and could access my dashboard.
david
  1. 
      
  2. djblets/webapi/auth.py (Diff revision 1)
     
     
     
    This would fit in one line.
  3. 
      
DB
  1. we are already doing some curl'ing with the web api at work, so I'd love to have this feature :)
  2. djblets/webapi/auth.py (Diff revision 1)
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    why not just do `encoded_auth.decode('base64')` ?  </nitpick>
  3. djblets/webapi/errors.py (Diff revision 1)
     
     
     
     
     
     
     
     
     
     
     
     
     
    definitely a nitpick, but why not define the basic auth headers only once for DRYness' sake?
    1. You're right. I meant to do this and just forgot as I was testing things.
  4.