docs: #322 Update authentication method docs

5d4ca88d · Marc Troelitzsch · Adam Williamson · 52f63c77 · 5d4ca88d
Commit 5d4ca88d authored 1 year ago by Marc Troelitzsch Committed by Adam Williamson 10 months ago
--- a/docs/source/user/connecting.rst
+++ b/docs/source/user/connecting.rst
@@ -115,8 +115,8 @@ unauthenticated, just set
 .. _oauth:
-OAuth
+OAuth Authentication
-^^^^^
+^^^^^^^^^^^^^^^^^^^^
 On Wikimedia wikis, the recommended authentication method is to authenticate as
 a `owner-only consumer`_. Once you have obtained the *consumer token* (also
@@ -132,33 +132,39 @@ called *consumer key*), the *consumer secret*, the *access token* and the
 .. _owner-only consumer: https://www.mediawiki.org/wiki/OAuth/Owner-only_consumers
-.. _old-login:
+.. _username-password:
-Old-school login
+Username-Password Authentication
-^^^^^^^^^^^^^^^^
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-To use old-school login, call the login method:
+.. warning::
+    Username-Password authentication is not recommended for Wikimedia wikis.
+    See :ref:`oauth` for the recommended authentication method.
-    >>> site.login('my_username', 'my_password')
+The easiest way to authenticate is to call :meth:`~mwclient.client.Site.login`
+with your username and password. If login fails, a
+:class:`mwclient.errors.LoginError` will be raised.
-If login fails, a :class:`mwclient.errors.LoginError` will be thrown.
+    >>> site.login('my_username', 'my_password')
-See :meth:`mwclient.client.Site.login` for all options.
 .. _http-auth:
 HTTP authentication
 ^^^^^^^^^^^^^^^^^^^
-If your server is configured to use HTTP authentication, you can
+.. warning::
-authenticate using the ``httpauth`` parameter. For Basic HTTP authentication:
+    HTTP authentication does not replace MediaWiki's built-in authentication
+    system. It is used to protect access to the API, not to authenticate users.
-    >>> site = Site('awesome.site', httpauth=('my_username', 'my_password'))
+If your server is configured to use HTTP authentication, you can authenticate
+using the ``httpauth`` parameter. This parameter is a proxy to the
+``auth`` parameter of :class:`requests.Session` and can be set to any class
+that extends :class:`requests.auth.AuthBase`. For example, to use basic
+authentication:
-You can also pass in any other :ref:`authentication mechanism <requests:authentication>`
+    >>> from requests.auth import HTTPBasicAuth
-based on the :class:`requests.auth.AuthBase`, such as Digest authentication:
+    >>> site = Site('awesome.site', httpauth=HTTPBasicAuth('my_username', 'my_password'))
-    >>> from requests.auth import HTTPDigestAuth
-    >>> site = Site('awesome.site', httpauth=HTTPDigestAuth('my_username', 'my_password'))
 .. _ssl-auth: