Ruby:
Sending an HTTP request with basic authentication
How to:
To send an HTTP request with basic authentication, you’ll typically use the Net::HTTP module in Ruby. Here’s a quick example:
require 'net/http'
require 'uri'
uri = URI('http://example.com')
username = 'your_username'
password = 'your_password'
request = Net::HTTP::Get.new(uri)
request.basic_auth(username, password)
response = Net::HTTP.start(uri.hostname, uri.port) {|http|
http.request(request)
}
puts response.bodyIf you run this code with valid credentials, you’ll see the body of the response printed out. If the credentials are invalid, you’ll get an error message.
Deep Dive
Basic authentication has a long history as part of web protocols, going back to the early RFCs that defined the workings of the internet. It’s a simple method of access control: the username and password are encoded with Base64 and passed in the HTTP header.
However, basic authentication transmits credentials in plaintext (albeit encoded), so it’s not secure over HTTP. It’s better to use HTTPS to keep credentials safe from prying eyes.
There are more secure alternatives like OAuth, which is often used for API authentication. OAuth allows users to authorize third-party access without sharing credentials. Still, basic authentication remains in use, especially for internal applications and quick-and-dirty scripting.
One detail to note is that Ruby’s Net::HTTP doesn’t handle Basic Auth natively until you explicitly use the basic_auth method. It’s also crucial to handle possible exceptions and error responses that might result from the HTTP request.
See Also
- Ruby standard library
Net::HTTPdocumentation: https://ruby-doc.org/stdlib-3.0.0/libdoc/net/http/rdoc/Net/HTTP.html - RFC 7617, ‘The ‘Basic’ HTTP Authentication Scheme’: https://tools.ietf.org/html/rfc7617
- An intro to OAuth for authentication: https://oauth.net/2/
- More on Ruby and HTTP requests: https://www.rubyguides.com/2019/08/ruby-http-request/