custom htpasswd file for specific tenant passed as argument's endpoint

[kovacivo]

Hello Miguel,

I have a use case where for some REST endpoints I want to use the HTTP Basic Auth but let authentication run against custom htpasswd file. For example, for endpoint http://localhost:5000/api/someAPIcall I want to pass specific tenant and authentication will run against his/her htpasswd file - look up via file system in specific directory. My goal is to separate different tenants (customers) and not to use just one big common htpasswd file for all of them.

Unfortunately, I am not that deep into Python and Flask, tough digging currently on everyday basis. Looking at the functions and wondering how to do that.

[miguelgrinberg]

This extension does not provide any authentication logic, it just facilitates the use of an authentication method such as Basic Auth. What you can do is start from the basic auth example and replace the logic in the verify_password() to allow/deny access using your htpasswd files.