accessing request headers on django/python

Question

I need to create a secure restFUL api using sencha and django. I am fairly new to python. So far i am able to send request from sencha to server using basic authentication as below

 new Ext.data.Store({
   proxy: {
     type: "ajax",
      headers: {
       "Authorization": "Basic asdjksdfsksf="
    }
   }
 })

In php/apache i can access those header with ease with the code below

$headers = apache_request_headers();
print_r($headers);

How to do this in python?

It doesn't make sense to ask how you do this in Python, as Python is not a web-only language. You should ask how you do it with your framework, ie Django. — Daniel Roseman, May 16 '12 at 07:02

score 57 · Accepted Answer · edited Nov 04 '16 at 17:40

57

You can access them within a view using request.META, which is a dictionary.

If you wanted the Authorization header, you could do request.META['HTTP_AUTHORIZATION']

If you're creating a restful API from scratch, you might want to take a look at using tastypie.

edited Nov 04 '16 at 17:40

coffee-grinder

26,940
19
56
82

answered May 16 '12 at 06:47

Jordan

31,971
6
56
67

yes i am using tastypie , is there anything more with these headers on tastypie – sumit May 16 '12 at 06:49
1

There's nothing in particular with tastypie and headers, but rather than rewriting your own authentication layer, you can use tastypie's built in one. http://django-tastypie.readthedocs.org/en/latest/authentication_authorization.html – Jordan May 16 '12 at 06:52
Thank you jordan , its request.META.get('Authorization') – sumit May 16 '12 at 07:22
Sorry about that. request.META['Authorization'] or request.META.get('Authorization') – Jordan May 16 '12 at 12:18
6

How does 'Authorization' work as a key? The docs say headers in META are upper-cased and have HTTP_ prepended. https://docs.djangoproject.com/en/dev/ref/request-response/#django.http.HttpRequest.META – Edward D'Souza Mar 11 '13 at 20:35
You're probably right Edward. I updated the answer to reflect that. – Jordan Mar 12 '13 at 16:15

mxr7350 · Answer 2 · 2019-10-22T08:10:18.637

13

As of django 2.2 HttpRequest.headers were added to allow simple access to a request’s headers. So now you can also get authentication header using get() function on request.headers

request.headers.get('Authorization')

This will give you value token value back.

Bearer eyJ0eYourToken...

https://docs.djangoproject.com/en/2.2/ref/request-response/#django.http.HttpRequest.headers

edited Oct 22 '19 at 08:10

answered Oct 08 '19 at 15:13

mxr7350

1,438
3
21
29

2

I recommend this because `request.META.get('HTTP_AUTHORIZATION') may return nothing if testing using the Django test client. – RaenonX Sep 08 '20 at 07:07

Juba Fourali · Answer 3 · 2018-11-09T20:11:42.667

10

You can use

request.META['HTTP_AUTHORIZATION']

and sometimes

request.META['Authorization']

can help.

edited Nov 09 '18 at 20:11

answered Nov 09 '18 at 13:36

Juba Fourali

740
9
10

score 1 · Answer 4 · answered Oct 13 '21 at 22:49

For older versions of django prior to 2.2, you'll need to access the headers in the following way using the META key. Always important to first check if the key authorization header keys exists just in case it wasn't posted otherwise you'll run into non-existent key errors.

if not ('HTTP_AUTHORIZATION' in request.META.keys()):

    return HttpResponse('NO AUTH HEADER PROVIDED')

elif (request.META['HTTP_AUTHORIZATION'] == 'Bearer YourAuthorizationKey123':

    # Validation passed - Proceed with whatever else you want to do

score 0 · Answer 5 · answered Jul 13 '20 at 05:59

0

HttpRequest.headers

New in Django 2.2.

 if 'Authorization' in request.headers: # Authorization header exists
      #do something here
      pass
 
 else: # Authorization header not exists
     #do something here
     pass

accessing request headers on django/python

5 Answers5

Linked