API auth not working, contradicting documentation.

[truthdoug]

In the readme, this example is shown:

from createsend import *

cs = CreateSend({'api_key': 'your api key'})
clients = cs.clients()

I installed with pip install createsend and have version 6.0.0. When I run this code (substituting my api key for the placeholder text, I get this:

  File "<stdin>", line 1, in <module>
  File "/Users/dharris/src/gdpr/auth.py", line 7, in <module>
    clients = cs.clients()
  File "/Users/dharris/.virtualenvs/gdpr-campaigner/lib/python3.6/site-packages/createsend/createsend.py", line 272, in clients
    response = self._get('/clients.json')
  File "/Users/dharris/.virtualenvs/gdpr-campaigner/lib/python3.6/site-packages/createsend/createsend.py", line 240, in _get
    return self.make_request(path=path, method="GET", params=params, username=username, password=password)
  File "/Users/dharris/.virtualenvs/gdpr-campaigner/lib/python3.6/site-packages/createsend/createsend.py", line 215, in make_request
    return self.handle_response(response.status, data)
  File "/Users/dharris/.virtualenvs/gdpr-campaigner/lib/python3.6/site-packages/createsend/createsend.py", line 230, in handle_response
    raise Unauthorized(json_data)
createsend.createsend.Unauthorized: The CreateSend API responded with the following error - 50: Must supply a valid HTTP Basic Authorization header

Note that this fails on cs.clients(), suggesting that the authentication on the line before worked.

What's going on?

[truthdoug]

Correction – In reading the source code, the authentication isn't tried in the line where the api key is passed. That merely stores the api key in cs.auth_details. Authentication isn't tried until the call to cs.clients()... and that fails

[katharosada]

That's right. The auth isn't actually used until its time to make a request to the API. Sorry for the confusion there. Glad you worked it out!