我有一个nginx http服务器,用于对用户进行身份验证,并通过wsgi将经过身份验证的请求传递给Flask应用。当我从flask应用程序打印整个标题时,没有用户信息可用。
是否可以让nginx在请求标头中包含用户名?
这是带有身份验证配置的服务器块...
server {
listen 80;
server_name notes.example.org;
return 301 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443;
listen [::]:443;
include snippets/ssl-example.org.conf;
include snippets/ssl-params.conf;
server_name notes.example.org;
location / {
auth_basic "Restricted Content";
auth_basic_user_file /path/to/passwd/file;
include uwsgi_params;
uwsgi_pass unix:/path/to/wsgi/socket;
}
}
在wsgi ...
下运行的应用程序看到的请求标头Authorization: Basic **************==
Content-Length: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Dnt: 1
Host: notes.example.org
Upgrade-Insecure-Requests: 1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.8
Content-Type:
Accept-Encoding: gzip, deflate, sdch, br
答案 0 :(得分:2)
这里使用的是http基本身份验证选项,在nginx服务器给出成功的反馈后,浏览器会发送username:password的base64。
只需使用python base64模块获取用户名&密码,
>>> from base64 import b64decode
>>> authorization_header = "dXNlcm5hbWU6cGFzc3dvcmQ=" # value from flask request header
>>> details = b64decode("dXNlcm5hbWU6cGFzc3dvcmQ=")
>>> username, password = details.split(':')
>>> username
'username'
>>> password
'password'
>>>