Learn how to create and register your own WordPress shortcodes to add dynamic content to your posts and pages.
How to use Basic Authentication with PHP Curl
In this tutorial we will have a ‘basic’ look at Basic Authentication, and how to use Basic Authentication with PHP Curl.
When sending a request to an API, often it will require some form of Authentication. One of the most common forms of HTTP authentication is Basic Authentication, owing to how easy it is to use and implement.
Note: For this tutorial I am going to assume that you have the PHP Curl extension installed and enabled on your server.
What is Basic Authentication?
Basic authentication is a way for a HTTP user agent to pass a username and password during a request.
To use Basic authentication a client must attach an ‘Authorization’ field to their request. The ‘Authorization’ field contains the word ‘Basic’ followed by a colon seperated, Base64 encoded string containing the username and password.
The basic (decoded) header format is:
Authorization: Basic example_username:example_password
Which becomes (when Base64 encoded):
Authorization: Basic ZXhhbXBsZV91c2VybmFtZTpleGFtcGxlX3Bhc3N3b3Jk
It is worth considering that Basic Authentication has security limitations when compared to something like OAuth because your login credentials are included with each request. Despite this, you will still find fairly wide spread Basic Authentication usage because of how easy it is to implement and manage. For several simple security use-cases, Basic Authentication is a perfectly acceptable solution to use, as long as you are aware that it isn’t completely secure.
Using Basic Authentication with PHP Curl
If you want to make a login call using Basic Authentication via PHP Curl then the snippet below should help you.
$username = 'gav'; $password = 'blog'; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://www.gavsblog.com'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$username:$password"); $response = curl_exec($ch); curl_close($ch);
So what are we doing?
After intialising curl, we are using curl_setopt to configure the options. Specifically, we are setting the following:
- ‘CURLOPT_URL’ is used to specify the URL to call. In this example I’ve added a placeholder URL.
- ‘CURLOPT_RETURNTRANSFER’ is being used to set the response to a string value.
- ‘CURLOPT_HTTPAUTH’ specifies the authentication method to use. We are setting this to ‘CURLAUTH_BASIC’, which is default. If this doesn’t work for you, try setting it to ‘CURLAUTH_ANY’ and have the library find the right usage.
- ‘CURLOPT_USERPWD’ sets the username and password for Basic Authentication. This will Base64 encode your string and set the right ‘Authorization’ headers, basically saving you from having to do it yourself.
Note: For a full explanation of the parameters we are using, please refer to the PHP manual for curl_setopt.
Next, we use curl_exec to run curl and save the response to the ‘$response’ variable (remember we are returning the response as a string) and, finally, we close curl.
At this point you can do whatever it is that you wanted to do with the response!
You might like:
Learn the difference between implements and extends in TypeScript. Use Implements to implement interfaces and types, and extends to inherit from classes.
In this tutorial we will look at using YAML in PHP. Learn about Parsing and Writing YAML files using Symfony's YAML component.
Find bottlenecks, optimise and clean your code, and speed up your apps by measuring the execution time of your PHP scripts using microtime.
Learn how to regenerate and update WordPress media and image sizes both programmatically (without plugin), and also with a handy plugin.
Ever seen constants like __DIR__ and __FILE__ being used in PHP? These are 'Magic Constants', and this is how we can use them.