0
0
Rest APIprogramming~20 mins

Basic authentication in Rest API - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Basic Authentication Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Predict Output
intermediate
2:00remaining
What is the output of this Basic Authentication header decoding?
Given the HTTP header Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l, what is the decoded username and password?
Rest API
import base64
header = 'Basic QWxhZGRpbjpPcGVuU2VzYW1l'
encoded = header.split()[1]
decoded = base64.b64decode(encoded).decode('utf-8')
print(decoded)
A"QWxhZGRpbjpPcGVuU2VzYW1l"
B"Aladdin-OpenSesame"
C"Aladdin:OpenSesame"
D"Basic QWxhZGRpbjpPcGVuU2VzYW1l"
Attempts:
2 left
💡 Hint
Remember Basic Authentication encodes username and password as base64 of 'username:password'.
🧠 Conceptual
intermediate
1:30remaining
What error occurs if the Basic Authentication header is missing?
If a REST API endpoint requires Basic Authentication but the client sends no Authorization header, what HTTP status code should the server respond with?
A401 Unauthorized
B403 Forbidden
C400 Bad Request
D404 Not Found
Attempts:
2 left
💡 Hint
Think about what status code means 'authentication required'.
🔧 Debug
advanced
2:30remaining
Why does this Basic Authentication code fail to authenticate?
This Python code snippet is intended to check Basic Authentication but always fails. Why? 
auth_header = request.headers.get('Authorization')
if auth_header:
    encoded = auth_header.split(' ')[1]
    decoded = base64.b64decode(encoded).decode('utf-8')
    username, password = decoded.split(':')
    if username == 'admin' and password == '1234':
        return 'Access granted'
return 'Access denied'
Rest API
auth_header = request.headers.get('Authorization')
if auth_header:
    encoded = auth_header.split(' ')[1]
    decoded = base64.b64decode(encoded).decode('utf-8')
    username, password = decoded.split(':')
    if username == 'admin' and password == '1234':
        return 'Access granted'
return 'Access denied'
AThe code uses 'Authorization' header but should use 'Authentication' header.
BThe base64 decoding is done incorrectly; it should decode to bytes, not string.
CThe split(':') fails because the decoded string uses a comma instead of colon.
DThe code does not handle missing or malformed Authorization header properly, causing exceptions.
Attempts:
2 left
💡 Hint
Consider what happens if the header is missing or malformed.
📝 Syntax
advanced
2:00remaining
Which option correctly forms a Basic Authentication header in Python?
You want to create a Basic Authentication header for username 'user' and password 'pass'. Which code snippet correctly creates the header string?
A
import base64
credentials = 'user:pass'
header = 'Basic ' + base64.encode(credentials)
B
import base64
credentials = 'user:pass'
header = 'Basic ' + base64.b64encode(credentials.encode()).decode()
C
import base64
credentials = 'user:pass'
header = 'Basic ' + base64.b64decode(credentials.encode()).decode()
D
import base64
credentials = 'user:pass'
header = 'Basic ' + base64.b64encode(credentials)
Attempts:
2 left
💡 Hint
Remember to encode string to bytes before base64 encoding, then decode back to string.
🚀 Application
expert
3:00remaining
How many valid username-password pairs can be extracted from this Basic Authentication header?
Given the HTTP header Authorization: Basic dXNlcjE6cGFzczEsdXNlcjI6cGFzczI=, how many valid username-password pairs does it contain when decoded?
A1
B2
C0
D3
Attempts:
2 left
💡 Hint
Basic Authentication encodes a single 'username:password' pair, not multiple pairs separated by commas.