How to check what authentication method a website is using
Question:
I am trying to use Python to log into some websites. Here is my sample code:
import requests
from requests.auth import HTTPBasicAuth
username='username'
password ='alllongpasswordsareforchumps'
response = requests.get('https://github.com/', auth = HTTPBasicAuth(username,password))
print('Response Code '+ str(response.status_code))
I get Response Code 200
, it should have been rejected. Even though the username and password mentioned here are not real. How can I check to see which authentication method the website is using?
Answers:
To get unauthorized response you should send your request to other endpoints of Github instead of its base address for example see the below code snippet:
import requests
from requests.auth import HTTPBasicAuth
# Making a get request to this address
response = requests.get('https://api.github.com/user',
auth = HTTPBasicAuth('user', 'pass'))
print(response)
# this will print: <Response [401]>
Make the request without attempting authentication, receive a 401 response, but github response doesn’t have the WWW-Authenticate
header for you to check the authentication method of this RESTAPI and for check github authentication ways, you should read Basics of authentication section on github docs.
I am trying to use Python to log into some websites. Here is my sample code:
import requests
from requests.auth import HTTPBasicAuth
username='username'
password ='alllongpasswordsareforchumps'
response = requests.get('https://github.com/', auth = HTTPBasicAuth(username,password))
print('Response Code '+ str(response.status_code))
I get Response Code 200
, it should have been rejected. Even though the username and password mentioned here are not real. How can I check to see which authentication method the website is using?
To get unauthorized response you should send your request to other endpoints of Github instead of its base address for example see the below code snippet:
import requests
from requests.auth import HTTPBasicAuth
# Making a get request to this address
response = requests.get('https://api.github.com/user',
auth = HTTPBasicAuth('user', 'pass'))
print(response)
# this will print: <Response [401]>
Make the request without attempting authentication, receive a 401 response, but github response doesn’t have the WWW-Authenticate
header for you to check the authentication method of this RESTAPI and for check github authentication ways, you should read Basics of authentication section on github docs.