search

barrust / mediawiki

MediaWiki API wrapper in python http://pymediawiki.readthedocs.io/en/latest/
MIT License
182 stars 29 forks source link

Add support for HTTP authentication #141

Closed gbenson closed 2 days ago

gbenson commented 1 month ago

This pull request adds support for HTTP authentication, by adding an http_auth argument and property to MediaWiki. Whatever you pass/set as http_auth gets passed to Requests as an auth parameter, so you can do any of these:

from requests.auth import HTTPBasicAuth
wiki = MediaWiki(..., http_auth=HTTPBasicAuth("username", "Pa5sW0rD"))

or:

wiki = MediaWiki(..., http_auth=("username", "Pa5sW0rD"))  # shortcut for basic auth

or:

from requests.auth import HTTPDigestAuth
wiki = MediaWiki(...)
wiki.http_auth=HTTPDigestAuth("username", "Pa5sW0rD")
codecov-commenter commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 94.17%. Comparing base (98e2423) to head (f8ebd63). Report is 1 commits behind head on master.

Additional details and impacted files [![Impacted file tree graph](https://app.codecov.io/gh/barrust/mediawiki/pull/141/graphs/tree.svg?width=650&height=150&src=pr&token=OdETiNgz9k&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Tyler+Barrus)](https://app.codecov.io/gh/barrust/mediawiki/pull/141?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Tyler+Barrus) ```diff @@ Coverage Diff @@ ## master #141 +/- ## ======================================= Coverage 94.17% 94.17% ======================================= Files 6 6 Lines 1219 1237 +18 ======================================= + Hits 1148 1165 +17 - Misses 71 72 +1 ``` | [Files with missing lines](https://app.codecov.io/gh/barrust/mediawiki/pull/141?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Tyler+Barrus) | Coverage Δ | | |---|---|---| | [mediawiki/configuraton.py](https://app.codecov.io/gh/barrust/mediawiki/pull/141?src=pr&el=tree&filepath=mediawiki%2Fconfiguraton.py&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Tyler+Barrus#diff-bWVkaWF3aWtpL2NvbmZpZ3VyYXRvbi5weQ==) | `96.77% <100.00%> (-0.47%)` | :arrow_down: | | [mediawiki/mediawiki.py](https://app.codecov.io/gh/barrust/mediawiki/pull/141?src=pr&el=tree&filepath=mediawiki%2Fmediawiki.py&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Tyler+Barrus#diff-bWVkaWF3aWtpL21lZGlhd2lraS5weQ==) | `91.40% <100.00%> (+0.15%)` | :arrow_up: |
barrust commented 2 weeks ago

With this PR, could or should the username and password options be removed? Also, are there open sites with examples of using this form of authentication?

gbenson commented 1 week ago

With this PR, could or should the username and password options be removed?

No, it's a separate thing. The existing username and password are for your account on that particular wiki, they're checked and enforced by MediaWiki itself. The one I added are for HTTP authentication which is usually checked and enforced by the web server, e.g. with Apache you can do it by adding a .htaccess file to the MediaWiki directory on the server like this:

AuthType Basic
AuthUserFile /path/to/.htusers
AuthName "private wiki"
Require valid-user

The browser will pop up a box asking for the username and password before even touching any MediaWiki code. (docs: Apache, nginx)

Also, are there open sites with examples of using this form of authentication?

Probably not, it's kind of a "total lockdown" form of site protection. I use it on a site I have for private notes, but I could probably set you something up if you need one for testing. Let me know!