Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed2a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <drsalists@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.028
X-Spam-Evidence: '*H*': 0.94; '*S*': 0.00; 'subject:Django': 0.03; "django's": 0.09; 'rewrite': 0.09; 'subject:skip:a 10': 0.09; 'chance?': 0.16; 'googled': 0.16; 'reasonably': 0.16; 'subject: \n ': 0.16; 'suppose.': 0.16; 'server.': 0.24; 'pass': 0.26; 'appear': 0.29; 'rest': 0.29; "doesn't": 0.30; 'message- id:@mail.gmail.com': 0.30; 'code': 0.31; 'probably': 0.32; 'thanks!': 0.32; 'could': 0.34; 'basic': 0.35; 'something': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'add': 0.35; 'there': 0.35; "didn't": 0.36; 'subject:?': 0.36; 'to:addr:python-list': 0.38; 'short': 0.38; 'does': 0.39; 'to:addr:python.org': 0.39; 'how': 0.40; 'subject:? ': 0.60; 'first': 0.61; 'great': 0.65; 'anything.': 0.68; 'subject:system': 0.84
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=hEXxTDUW76l0TE1mQWXA6yVXPbLieJSmMyTiMbq4gUA=; b=OA15zNsJRawG5nZvQBAQW/ZIiLoUlErezD3kgMZAH4J9CeLxj/HeCHSXVb1J6afwVR VWcXxU5W7Ujfy/Xknwk9ZzEsiSiYx9m/8A8hDoVRGr48aONF1AgKtw1Y7b/XKX9XMXcF jYSuwvZ6a6avNUfL6fRTFtMH+gceZuK7Xp4jrVl2K4pMTQHJIQtYxwapXSHsD1qEeThX rT2BXo1cUm0n/tCtXU9bkoaag7/K3ulUqIGgrYRs3mOTkQ46Jzdip4p0ATObPbFRGGsi EqeFSUkr62ZLwDtjHqcayquyOJ8hrWisI2wDEWNJx9rzX6n68FEiPF5eZIlW5V9MZLcD HEow==
MIME-Version: 1.0
X-Received: by 10.140.28.198 with SMTP id 64mr12999391qgz.49.1402098779794; Fri, 06 Jun 2014 16:52:59 -0700 (PDT)
Date: Fri, 6 Jun 2014 16:52:59 -0700
Subject: http.server.BaseHTTPRequestHandler basic auth logout? Django authentication system for REST interface?
From: Dan Stromberg <drsalists@gmail.com>
To: python-list@python.org
Content-Type: text/plain; charset=UTF-8
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.10835.1402098782.18130.python-list@python.org>
Lines: 15
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1402098782 news.xs4all.nl 2878 [2001:888:2000:d::a6]:46478
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:72888

I have some code for a web server.  Right now, it uses
BaseHTTPRequestHandler with Basic Auth, but we want to be able to log
out, and there doesn't appear to be a general way to log out of
something using Basic Auth, short of turning to unportable JavaScript.
 And this needs first and foremost to be machine-callable, so
JavaScript probably isn't a great solution for us.

Does BaseHTTPRequestHandler add a way of dealing with Basic Auth
logout by any chance?  I googled about it, and didn't find anything.

I could rewrite to work with Django's authentication system I suppose.
 Does this work reasonably well for REST API's?  How do you pass the
credentials?  Is it a cookie?

Thanks!