Is it possible to use authentication?
Closed this issue · 8 comments
I have an RSS feed that's generated by an issue tracker that I want to track with Krill. However the RSS feed in question requires authentication.
I didn't see any information in the docs about authentication. Is this possible, maybe via an opml file?
Authentication (I assume you are talking about basic HTTP AUTH) is currently not supported as urllib
does not support specifying credentials as part of the URL. I've been trying to find a Python library that allows this but without success, so this would have to be added either through an AbstractBasicAuthHandler
or by switching to a more powerful library (suggestions welcome!).
Have you considered either urllib3 and/or requests?
requests and urllib3 are both powerful, but they don't seem to allow one to specify credentials in the URL directly. How should credentials for a URL be encoded the the sources file?
I think I need to go back and try this, because http://user:password@example.com should actually work. Didn't think about that...
Apparently my life got busy and this fell to the back burner 😝
It looks like this does not work with the default krill, however it does work with requests (i.e. I did
import requests
r = requests.get('https://myuser:my password@example.com/some/rss/feed')
And r.status_code
was 200 and r.text
contained the rss feed 👍.
From a design perspective, if you were to include requests this way potentially one would be putting their passwords in plain text on their disk. For some feeds that's probably just like eh, whatever... but if your feed uses a password for an account that gives you write access to that page that would be problematic.
I don't know enough about good encryption and Python to know what would be secure, but I know that plain text ain't ;)
Switched to Requests in a1031ea. Could you give it a try and confirm that authentication works now?