danicarrion/index.html

## index.html
<!doctype html>
<html lang="en">
    <head>
        <meta charset="utf-8">
        <link rel="stylesheet" href="https://cartodb-libs.global.ssl.fastly.net/cartodb.js/v3/3.15/themes/css/cartodb.css" />
        <script src="https://cartodb-libs.global.ssl.fastly.net/cartodb.js/v3/3.15/cartodb.js"></script>
        <title>Password-protected named map example</title>
    </head>
    <body>
        <div id="map" style="height: 500px"></div>
        <script>
            cartodb.createVis(
                "map",
                "https://localhost:5000/user/demo-admin/api/v2/viz/8acb1fbe-aa25-11e6-870f-ea8015be2564/viz.json",
                { maps_api_template: "https://localhost:5000/user-demo-admin" }
            ).done(function (vis, layers) {
                map = vis.getNativeMap();

                cartodb.createLayer(
                    map,
                    {
                        user_name: "demo-admin",
                        type: 'namedmap',
                        options: {
                            named_map: {
                                name: "tpl_f7a74d56_a7f0_11e6_b9b8_ea8015be2564",
                                layers: [
                                    {
                                        "layer_name": "dot_rail_safety_data",
                                    }
                                ]
                            }
                        }
                    },
                    {
                        maps_api_template: "https://localhost:5000/user/demo-admin"
                    }
                ).addTo(map);
            });
        </script>
    </body>
</html>

## proxy.py
import requests
from flask import Flask, request


BASE_URL = "https://test130.cartodb.solutions"
VERIFY_SSL_CERT = False  # Set to True if you want the proxy to verify CARTO's cert (set to False because in this example we're hitting an onprem with self-signed certs).


app = Flask(__name__)


@app.route('/', defaults={'path': ''})
@app.route('/<path:path>')
def viz_json(path):
    # Add auth_token to every forwarded request. A bit overkill, but does the trick
    args = dict(request.args)
    args["auth_token"] = "28c191c187e06780f90d7bde5dc07a0ea267b922e9286b5dec4648eaf2ae1dca"

    # Forward request to CARTO
    response = requests.get(BASE_URL + request.path, params=args, verify=VERIFY_SSL_CERT, stream=True)

    # Send CARTO's response back to the browser
    return (response.raw.read(), response.status_code, response.headers.items())


if __name__ == "__main__":
    # SSL is required for password-protected named maps
    # Using a self-signed cert here
    # In order to use real certs, do app.run(ssl_context=('path.to/server.crt', 'path.to/server.key'))
    app.run(ssl_context="adhoc")

## requirements.txt
Flask==0.11.1
requests==2.11.1
pyOpenSSL==16.2.0
	<!doctype html>
	<html lang="en">
	<head>
	<meta charset="utf-8">
	<link rel="stylesheet" href="https://cartodb-libs.global.ssl.fastly.net/cartodb.js/v3/3.15/themes/css/cartodb.css" />
	<script src="https://cartodb-libs.global.ssl.fastly.net/cartodb.js/v3/3.15/cartodb.js"></script>
	<title>Password-protected named map example</title>
	</head>
	<body>
	<div id="map" style="height: 500px"></div>
	<script>
	cartodb.createVis(
	"map",
	"https://localhost:5000/user/demo-admin/api/v2/viz/8acb1fbe-aa25-11e6-870f-ea8015be2564/viz.json",
	{ maps_api_template: "https://localhost:5000/user-demo-admin" }
	).done(function (vis, layers) {
	map = vis.getNativeMap();

	cartodb.createLayer(
	map,
	{
	user_name: "demo-admin",
	type: 'namedmap',
	options: {
	named_map: {
	name: "tpl_f7a74d56_a7f0_11e6_b9b8_ea8015be2564",
	layers: [
	{
	"layer_name": "dot_rail_safety_data",
	}
	]
	}
	}
	},
	{
	maps_api_template: "https://localhost:5000/user/demo-admin"
	}
	).addTo(map);
	});
	</script>
	</body>
	</html>
	import requests
	from flask import Flask, request


	BASE_URL = "https://test130.cartodb.solutions"
	VERIFY_SSL_CERT = False # Set to True if you want the proxy to verify CARTO's cert (set to False because in this example we're hitting an onprem with self-signed certs).


	app = Flask(__name__)


	@app.route('/', defaults={'path': ''})
	@app.route('/<path:path>')
	def viz_json(path):
	# Add auth_token to every forwarded request. A bit overkill, but does the trick
	args = dict(request.args)
	args["auth_token"] = "28c191c187e06780f90d7bde5dc07a0ea267b922e9286b5dec4648eaf2ae1dca"

	# Forward request to CARTO
	response = requests.get(BASE_URL + request.path, params=args, verify=VERIFY_SSL_CERT, stream=True)

	# Send CARTO's response back to the browser
	return (response.raw.read(), response.status_code, response.headers.items())


	if __name__ == "__main__":
	# SSL is required for password-protected named maps
	# Using a self-signed cert here
	# In order to use real certs, do app.run(ssl_context=('path.to/server.crt', 'path.to/server.key'))
	app.run(ssl_context="adhoc")