HTTP Authorization Middleware/Decorator
Use HTTP Authorization to log in to django site. If you use the FORCE_HTTP_AUTH=True in your settings.py, then ONLY Http Auth will be used, if you don't then either http auth or django's session-based auth will be used. This assumes that the regular auth middleware is already installed. If you provide a HTTP_AUTH_REALM in your settings, that will be used as the realm for the challenge. Having both a decorator and a middleware means that for site-wide http auth, you only need to specify it once, but the same code can be used as a decorator if you want part of your site protected using htty basic auth, and the other bits freely visible. Of course, since this is basic auth, then you need to make sure your site is running under SSL (HTTPS), else your users passwords are effectively transmitted in the clear.
- middleware
- decorator
- http-auth
- basic-auth