72 lines
2.3 KiB
ReStructuredText
72 lines
2.3 KiB
ReStructuredText
|
How to Make a Simple Server With Authorization
|
||
|
==============================================
|
||
|
|
||
|
|
||
|
.. code::python
|
||
|
|
||
|
import asyncio
|
||
|
from aiohttp import web
|
||
|
|
||
|
@asyncio.coroutine
|
||
|
def root_handler(request):
|
||
|
text = "Alive and kicking!"
|
||
|
return web.Response(body=text.encode('utf-8'))
|
||
|
|
||
|
# option 2: auth at a higher level?
|
||
|
# set user_id and allowed in the wsgo handler
|
||
|
@protect('view_user')
|
||
|
@asyncio.coroutine
|
||
|
def user_handler(request):
|
||
|
name = request.match_info.get('name', "Anonymous")
|
||
|
text = "Hello, " + name
|
||
|
return web.Response(body=text.encode('utf-8'))
|
||
|
|
||
|
|
||
|
# option 3: super low
|
||
|
# wsgi doesn't do anything
|
||
|
@asyncio.coroutine
|
||
|
def user_update_handler(request):
|
||
|
# identity, asked_permission
|
||
|
user_id = yield from identity_policy.identify(request)
|
||
|
identity = yield from auth_policy.authorized_user_id(user_id)
|
||
|
allowed = yield from request.auth_policy.permits(
|
||
|
identity, asked_permission
|
||
|
)
|
||
|
if not allowed:
|
||
|
# how is this pluggable as well?
|
||
|
# ? return NotAllowedStream()
|
||
|
raise NotAllowedResponse()
|
||
|
|
||
|
update_user()
|
||
|
|
||
|
@asyncio.coroutine
|
||
|
def init(loop):
|
||
|
# set up identity and auth
|
||
|
auth_policy = DictionaryAuthorizationPolicy({'me': ('view_user',),
|
||
|
'you': ('view_user',
|
||
|
'edit_user',)})
|
||
|
identity_policy = CookieIdentityPolicy()
|
||
|
auth = authorization_middleware(auth_policy, identity_policy)
|
||
|
|
||
|
# wsgi app
|
||
|
app = web.Application(loop=loop, middlewares=*auth)
|
||
|
|
||
|
# add the routes
|
||
|
app.router.add_route('GET', '/', root_handler)
|
||
|
app.router.add_route('GET', '/{user}', user_handler)
|
||
|
app.router.add_route('GET', '/{user}/edit', user_update_handler)
|
||
|
|
||
|
# get it started
|
||
|
srv = yield from loop.create_server(app.make_handler(),
|
||
|
'127.0.0.1', 8080)
|
||
|
print("Server started at http://127.0.0.1:8080")
|
||
|
return srv
|
||
|
|
||
|
|
||
|
loop = asyncio.get_event_loop()
|
||
|
loop.run_until_complete(init(loop))
|
||
|
try:
|
||
|
loop.run_forever()
|
||
|
except KeyboardInterrupt:
|
||
|
pass # TODO put handler cleanup here
|