6

Using session from requests module in python, it seems that the session sends authorization only with first request, I can't understand why this happened.

import requests
session = requests.Session()
session.auth = (u'user', 'test')
session.verify = False
response = session.get(url='https://my_url/rest/api/1.0/users')

If I look for this response request headers I see:

{'Authorization': 'Basic auth_data', 'Connection': 'keep-alive', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'User-Agent': 'python-requests/2.12.3'}

but if I send next request using the same or not url:

response = session.get(url='https://my_url/rest/api/1.0/users')

I can see that there is no auth header in request anymore:

print response.request.headers
{'Connection': 'keep-alive', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'User-Agent': 'python-requests/2.12.3'}

And I'm getting 401 response because of it.

Why is it so? Shouldn't session send auth with every request made using it? How can I send auth data with every request using session?

Improve this question
2
  • You're right, it should work. Are you sure that you are not calling session = requests.Session() again, or otherwise resetting session.auth? Commented May 17, 2017 at 9:33
  • 1
    totaly, try run this code you see headers yourself import requests session = requests.Session() session.auth = (u'x-oauth-token', 'test') session.verify = False response = session.get(url='https://test.com') print response.request.headers response = session.get(url='https://test.com') print response.request.headers Commented May 17, 2017 at 10:28

2 Answers 2

Reset to default
6

What I see when I run that exact code in your comment is that the Authorization header is missing in the first print, yet it is present in the second. This seems to be the opposite of the problem that you report.

This is explained by the fact that the first request is redirected by a 301 response, and the auth header is not propagated in the follow up request to the redirected location. You can see that the auth header was sent in the initial request by looking in response.history[0].request.headers.

The second request is not redirected because the session has kept the connection to the host open (due the the Connection: keep-alive header), so the auth headers appear when you print response.request.headers.

I doubt that you are actually using https://test.com, but probably a similar thing is happening with the server that you are using.

For testing I recommend using the very handy public test HTTP server https://httpbin.org/headers. This will return the headers received by the server in the response body. You can test redirected requests with one of the redirect URLs.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

solve the problem - auth was not send because of the redirect, i change host in request to which redirect lead and session start to send auth in all requests.
4

I didn't find any reliable answer on how to pass, auth info while making request's session in python. So below is my finding:

with requests.sessions.Session() as session:
    session.auth = ("username", "password")
    
    # Make any requests here without provide auth info again
    session.get("http://www.example.com/users")
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.