-
Notifications
You must be signed in to change notification settings - Fork 45
Open
Description
currently auth values in the server url are ignored
example urls
https://someuser@example.com/upload/
https://someuser:somepassword@example.com/upload/
probably this is a limitation of the http client library (requests? aiohttp?)
workaround
#!/usr/bin/env python3
# config
username, password = "milahu", "xxxxxxxxx"
server_url = f"https://{username}:{password}@milahu.duckdns.org/upload/"
# print(f"server url: {server_url}")
import sys, base64, urllib.parse, tusclient.client
if len(sys.argv) == 1:
print("error: no arguments")
print(f"example use: {sys.argv[0]} file1.txt file2.txt")
sys.exit(1)
tus_client = tusclient.client.TusClient(server_url)
# workaround: TusClient ignores auth values in server_url
# https://github.com/tus/tus-py-client/issues/108
server_netloc = urllib.parse.urlparse(server_url).netloc
if "@" in server_netloc:
auth = server_netloc.split("@", 1)[0]
tus_client.set_headers({
"Authorization": "Basic " + base64.b64encode(auth.encode("utf8")).decode("ascii"),
})
for file_path in sys.argv[1:]:
print(f"uploading {file_path!r}... ", end="", flush=True)
uploader = tus_client.uploader(file_path)
uploader.upload()
print(f"done: {uploader.url}")
docs: Basic authentication
Warning: Base64-encoding can easily be reversed to obtain the original name and password, so Basic authentication offers no cryptographic security. HTTPS is always recommended when using authentication, but is even more so when using Basic authentication.
(lets hope that users know the difference between HTTP and HTTPS...)
Metadata
Metadata
Assignees
Labels
No labels