这怎么可能实现?
我不确定是否可以使用各种与烧瓶相关的库,因为它们使用 python 装饰器——而且我无权访问 Flask 路由。
我的解决方案是手动获取标头,并手动解析授权字符串。但我实际上不确定Authorization以下是什么格式 - 是否有一些库可以为我处理这种复杂情况?
问问题
960 次
2 回答
2
要求.txt:
basicauth==0.4.1
和代码:
from basicauth import decode
encoded_str = request.headers.get('Authorization')
username, password = decode(encoded_str)
if (username == "example", password == "*********"):
authed_request = True
于 2018-11-16T09:34:59.800 回答
0
Cloud Functions (CF) 主要用于执行简单的独立任务,而不是复杂的应用程序。
推荐的 CF 访问控制方法基于服务帐户和IAM。从运行时服务帐户:
At runtime, Cloud Functions uses the service account
PROJECT_ID@appspot.gserviceaccount.com, which has the Editor role on the project. You can change the roles of this service account to limit or extend the permissions for your running functions.
This access control method is enforced outside of the actual CF execution, so you don't need to worry about authentication in the CF code - you already know it can only be executed using the respective service account credentials.
Yes, it might be possible to use a custom authentication scheme similar to the one(s) use in more complex applications, but it won't be trivial - it's not what CFs were designed for. See the somehow related When to choose App Engine over Cloud Functions?
于 2018-11-16T10:46:21.630 回答