Consuming HTTP Services in Python Transcripts
Chapter: Accessing authenticated HTTP services
Lecture: Authenticated HTTP service overview

Learn more about this course
Login or purchase this course to watch this video and the rest of the course contents.
0:01 You've seen on our service here that we've had the basic unauthenticated http restful service,
0:07 but you probably also noticed that we have a secured version, and that's a debatable measure, but let's say it requires authentication version,
0:15 like this one is actually not going over ssl but again, it's not actually protecting any real data, right,
0:21 but if I do click on it, it says oh you have to enter your username and password,
0:24 and if I just say cancel, I get a basic auth username, password is required,
0:28 if I try it again, you can see down here I could type kennedy and super_lockdown
0:34 because we are all about security here, then it will actually let us in, okay.
0:39 So, we can see over here, this is postman, I've made a little request here that is going to go get the restricted blog data here,
0:47 and it has no authentication setup right now, so I am going to hit send, and same thing, you must authenticate with the username and a password,
0:56 so we come down here and we say basic auth and we can put the username and the password in, kennedy and super_lockdown
1:04 and we can update the request, and save, and now, we get our data back, beautiful, right, and you can see these are
1:11 the responses we got back from the server, and so on. We can also go to the headers and see what we are going to send across
1:17 so I could send this authorization and we could not use postman to generate this but we could just literally type in basic and then this,
1:25 and this is the base 64 encoded version of username:password as a byte array, so as long as we send that across we get data back, we go to the body,
1:37 if we don't send that across, and we take away authorization as well, none, right, nothing turn this back on, allow authorization to be sent,
1:45 we're in, okay, so that is how basic authentication works, it just sends that string, which like I said, that is plain text, username and password
1:53 so be super careful about that. Alright, so we are going to see that we can do this both in Requests,
1:59 and we can do this in the builtins, it's super easy in the request, it's super non obvious and not particularly easy in the builtins,
2:05 but I'll show you how to do it for both.


Talk Python's Mastodon Michael Kennedy's Mastodon