Script Development / API Authentication
For HTTP APIs generated by "Function APIs", additional interface authentication can be added.
Currently supported interface authentication methods are as follows:
| Authentication Type | Description |
|---|---|
| Fixed Field | Validates that the request's Header, Query, or Body must contain a field with a specific value |
| HTTP Basic | Standard HTTP Basic authentication (a login dialog pops up when accessed in a browser) |
| HTTP Digest | Standard HTTP Digest authentication (a login dialog pops up when accessed in a browser) |
| Authentication Function | Specifies a self-written function as the authentication function |
Users can add authentication configurations in "Manage / API Authentication", and then specify the added authentication configuration in "Function API Configuration".
If high security requirements exist, be sure to access the interface using HTTPS
1. Fixed Field Authentication
Fixed field authentication is the simplest authentication method. It requires the client and DataFlux Func to agree on including a specific field and its value somewhere in the request (Header, Query, or Body). This content is attached with each call to complete authentication.
Assuming it is agreed that each request header must contain x-auth-token="my-auth-token", then calling in the following way will complete authentication:
| Text Only | |
|---|---|
1 2 | |
When configuring multiple fixed field authentications, a match on any one is considered as passing authentication
For fields used for authentication in Query and Body, the system will automatically delete them after successful authentication and will not pass them to the function
2. HTTP Basic / HTTP Digest
Authentication methods directly supported by browsers.
When accessing an interface using this authentication method directly from the browser address bar, the browser will pop up a username/password box for the user to fill in.
If programmatic access is needed, please refer to the following code:
| Python | |
|---|---|
1 2 3 4 5 6 7 8 | |
3. Authentication Function
If the interface authentication method is complex or special (e.g., needs to integrate with business systems, etc.), you can choose to write your own function for authentication.
The function used for authentication does not require parameters. Returning True indicates successful authentication, while returning other content or throwing an error indicates failure.
Within the authentication function, you can use the built-in variable _DFF_HTTP_REQUEST to obtain request-related information: Script Development / Built-in Variables / _DFF_HTTP_REQUEST
| Example | |
|---|---|
1 2 3 | |
It should be noted that when authentication fails, the interface's return format will also differ depending on the returned content:
| Example | |
|---|---|
1 2 3 | |
Authentication fails. When directly returning False, the interface response body will not contain any specific error information:
| Interface Response Body | |
|---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | |
| Example | |
|---|---|
1 2 3 | |
Authentication fails. When returning a string, this string will be returned as the detail field:
| Interface Response Body | |
|---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | |
| Example | |
|---|---|
1 2 3 | |
Authentication fails. When returning JSON, this JSON will be returned as the detail field:
| Interface Response Body | |
|---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | |
| Example | |
|---|---|
1 2 3 | |
When the authentication function throws an error, since the Func framework level cannot perceive whether this Exception belongs to business logic or the code itself reporting an error, it will return generic error information as the detail field:
| Interface Response Body | |
|---|---|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | |