Problem

EarthScope (formerly IRIS) provides .netrc files for restricted data access. These have the form

machine service.iris.edu login <user> password <password>

where <user> and <password> are the arguments taken by obspy.clients.fdsn.client.Client (hereafter, Client). The .netrc file can be conveniently downloaded from the SAGE Data Services account:

It would be convenient if the Client checked for ~/.netrc in its __init__() method and if an entry was present which matched self.base_url, it populated user and password automatically. This would allow folks to avoid providing user and password as arguments or via the set_credentials() method — therefore, helping us avoid sticking such credentials in the code itself.

Then we could ask EarthScope to update the text here 😉

ObsPy does not currently permit the use of a .netrc or other private file to keep the username and password secret (unless you are using EIDA tokens).

Proposed solution

Here's a proof-of-concept snippet that could be adopted into the __init__() method to accomplish this. It uses the base_url attribute to determine which host to grab credentials for.

import netrc

base_url = 'http://service.iris.edu'  # In reality this is self.base_url, AFTER it's been mapped

try:
    n = netrc.netrc()  # Looks for ~/.netrc by default
    host = base_url.replace('http://', '').replace('https://', '')  # Strip URL
    host_credentials = n.authenticators(host)
    if host_credentials:  # This is None if no match in .netrc file
        user = host_credentials[0]
        password = host_credentials[2]
except FileNotFoundError:  # If no ~/.netrc
    pass  # Just carry on

We'd want to not overwrite the user and password if they're provided to __init__() (i.e., if they're not None) of course.