For my day job, I rebuilt the main site with Python, Flask Flask-SQLAlchemy & SQLite. (I chose SQLite over MySQL for simplicity reasons, but that may be changing)
I am using Flask-HTTPAuth to access a few individual pages for admin reasons, so I don’t need to secure the whole site. For the moment, I thought using a JWT system would be a little excessive. (May have to revisit this idea as well)
Anyway, while the setup worked great on my dev laptop, I was unable to get the authentication to work on the actual server. As it turns out, my Mac inherently runs the app using Werkzeug, and I set up the external server using Apache and mod_wgsi. This is where the error lay…
I found this page that had the answer I needed. Essentially, apache will consume the authentication header and won’t pass it to the WGSI layers. To fix this issue, put the following line in the config file for the site… /etc/apache2/sites-available/<site>.config
WSGIPassAuthorization On
Restart Apache, and you should be good to go!
I have also thought of just making my own decorator for HTTP Basic Authentication, using this tutorial. They both just take a moment to implement…