added missing example - Githubissues

miguelgrinberg / Flask-HTTPAuth

Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes

MIT License

1.27k stars 228 forks source link

added missing example #143

Closed HomiGrotas closed 2 years ago

HomiGrotas commented 2 years ago

There wasn't an example for digest auth

miguelgrinberg commented 2 years ago

The problem with digest auth is that it is not secure when used with the standard Flask sessions. I always discourage people from using digest auth for this reason, and this is also why I have not included an example.

I would be okay including the example, but only if server-side sessions are used to make it fully secure, with a big comment indicating that server-side sessions are required.

HomiGrotas commented 2 years ago

@miguelgrinberg, I Added a warning (used your documentation) and flask_session for server-side sessions.

miguelgrinberg commented 2 years ago

A digest example is now included in the repository.