Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #72908
| References | <CAGGBd_qov5yZZjC3i6u3bJ-HM+0oOz+euMWk61B8RhtjMwkqpw@mail.gmail.com> <877g4t8cg6.fsf@handshake.de> |
|---|---|
| Date | 2014-06-07 18:38 +1000 |
| Subject | Re: http.server.BaseHTTPRequestHandler basic auth logout? Django authentication system for REST interface? |
| From | Chris Angelico <rosuav@gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.10847.1402130337.18130.python-list@python.org> (permalink) |
On Sat, Jun 7, 2014 at 4:23 PM, dieter <dieter@handshake.de> wrote: > Dan Stromberg <drsalists@gmail.com> writes: > >> I have some code for a web server. Right now, it uses >> BaseHTTPRequestHandler with Basic Auth, but we want to be able to log >> out, and there doesn't appear to be a general way to log out of >> something using Basic Auth, short of turning to unportable JavaScript. > > You can't: With "Basic Auth", the login is handled by the browser > (and not the server). This implies, that you must tell the browser > to logout (and not the server). There is no "standard way" to > tell the browser to logout. That said, though, it's quite common for browsers to discard the auth (thus effectively logging out) if given another 401 Unauthorized response. So you can generally send that back and expect it to be a "logout" page. ChrisA
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: http.server.BaseHTTPRequestHandler basic auth logout? Django authentication system for REST interface? Chris Angelico <rosuav@gmail.com> - 2014-06-07 18:38 +1000
csiph-web