HttpAuth是什么
- HttpAuth是比较早的http的验证的一个方案
- 认证过程通过http协议来完成
WebView如何支持
- HttpAuth本身是Http协议来支持,在Http的头有标记
- WebView会有回调来方便客户端自己来自定义实现弹出框
- WebView的内部类WebViewClient中的回调方法onReceivedHttpAuthRequest
WebView端实现
- 实现1,从url中根据规则获取用户名密码,自动填充,进行验证
- url中没有用户名密码,实现弹窗,用户输入用户名密码后,根据填充内容进行验证
@Override
public void onReceivedHttpAuthRequest(WebView view,
final HttpAuthHandler handler, final String host,
final String realm) {
String username = null;
String password = null;
boolean reuseHttpAuthUsernamePassword = handler
.useHttpAuthUsernamePassword();
if (reuseHttpAuthUsernamePassword && view != null) {
String[] credentials = view.getHttpAuthUsernamePassword(host,
realm);
if (credentials != null && credentials.length == 2) {
username = credentials[0];
password = credentials[1];
}
}
if (username != null && password != null) {
handler.proceed(username, password);
} else {
if (isActive()) {
showHttpAuthentication(handler, host, realm, null, null,
null, 0);
} else {
handler.cancel();
}
}
}
httpAuth测试代码实现
- 使用flask完成最小httpauth原型
- 使用定义好的webview访问flask完成实现
- 参考httpAuth实现片段
- 浏览器上访问http://127.0.0.1:5000 可以弹出对话框说明实现完毕
#!/usr/bin/env python
# coding: utf-8
from functools import wraps
from flask import request, Response, Flask
def check_auth(username, password):
"""This function is called to check if a username /
password combination is valid.
"""
return username == 'admin' and password == 'secret'
def authenticate():
"""Sends a 401 response that enables basic auth"""
return Response(
'Could not verify your access level for that URL.\n'
'You have to login with proper credentials', 401,
{'WWW-Authenticate': 'Basic realm="Login Required"'})
def requires_auth(f):
@wraps(f)
def decorated(*args, **kwargs):
auth = request.authorization
if not auth or not check_auth(auth.username, auth.password):
return authenticate()
return f(*args, **kwargs)
return decorated
app = Flask(__name__)
@app.route('/secret-page')
@requires_auth
def secret_page():
return 'secret_page'
if __name__ == '__main__':
app.run(host="0.0.0.0",debug=True)
