paste.auth.basic – Basic HTTP authentication

Basic HTTP/1.0 Authentication

This module implements Basic authentication as described in HTTP/1.0 specification [1] . Do not use this module unless you are using SSL or need to work with very out-dated clients, instead use digest authentication.

>>> from paste.wsgilib import dump_environ
>>> from paste.httpserver import serve
>>> # from paste.auth.basic import AuthBasicHandler
>>> realm = 'Test Realm'
>>> def authfunc(environ, username, password):
...     return username == password
>>> serve(AuthBasicHandler(dump_environ, realm, authfunc))
serving on...

Module Contents

class paste.auth.basic.AuthBasicAuthenticator(realm, authfunc)

implements Basic authentication details

class paste.auth.basic.AuthBasicHandler(application, realm, authfunc)

HTTP/1.0 Basic authentication middleware



The application object is called only upon successful authentication, and can assume environ['REMOTE_USER'] is set. If the REMOTE_USER is already set, this middleware is simply pass-through.


This is a identifier for the authority that is requesting authorization. It is shown to the user and should be unique within the domain it is being used.


This is a mandatory user-defined function which takes a environ, username and password for its first three arguments. It should return True if the user is authenticated.
paste.auth.basic.make_basic(app, global_conf, realm, authfunc, **kw)

Grant access via basic authentication

Config looks like this:

use = egg:Paste#auth_basic