python/aiohttp-security
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update docs and demo with login required, has permission (#128)

Browse Source 
* Work on

* Update docs with login_required and has_permission
This commit is contained in:
Eduard Nabokov
2018-01-24 12:29:20 +02:00
committed by Andrew Svetlov
parent f9628b0ac1
commit 1679f6713b
6 changed files with 84 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
demo/database_auth/handlers.py
View File

@@ -1,42 +1,31 @@
import functools
from textwrap import dedent
from aiohttp import web
from aiohttp_security import remember, forget, authorized_userid, permits
from aiohttp_security import (
remember, forget, authorized_userid,
has_permission, login_required,
)
from .db_auth import check_credentials
def require(permission):
def wrapper(f):
@functools.wraps(f)
async def wrapped(self, request):
has_perm = await permits(request, permission)
if not has_perm:
message = 'User has no permission {}'.format(permission)
raise web.HTTPForbidden(body=message.encode())
return await f(self, request)
return wrapped
return wrapper
class Web(object):
index_template = """
<!doctype html>
<head>
</head>
<body>
<p>{message}</p>
<form action="/login" method="post">
Login:
<input type="text" name="login">
Password:
<input type="password" name="password">
<input type="submit" value="Login">
</form>
<a href="/logout">Logout</a>
</body>
"""
index_template = dedent("""
<!doctype html>
<head></head>
<body>
<p>{message}</p>
<form action="/login" method="post">
Login:
<input type="text" name="login">
Password:
<input type="password" name="password">
<input type="submit" value="Login">
</form>
<a href="/logout">Logout</a>
</body>
""")
async def index(self, request):
username = await authorized_userid(request)
@@ -61,19 +50,19 @@ class Web(object):
return web.HTTPUnauthorized(
body=b'Invalid username/password combination')
@require('public')
@login_required
async def logout(self, request):
response = web.Response(body=b'You have been logged out')
await forget(request, response)
return response
@require('public')
@has_permission('public')
async def internal_page(self, request):
response = web.Response(
body=b'This page is visible for all registered users')
return response
@require('protected')
@has_permission('protected')
async def protected_page(self, request):
response = web.Response(body=b'You are on protected page')
return response

10
demo/database_auth/main.py
View File

@@ -9,16 +9,16 @@ from aiopg.sa import create_engine
from aioredis import create_pool
from demo.db_auth import DBAuthorizationPolicy
from demo.handlers import Web
from demo.database_auth.db_auth import DBAuthorizationPolicy
from demo.database_auth.handlers import Web
async def init(loop):
redis_pool = await create_pool(('localhost', 6379))
db_engine = await create_engine(user='aiohttp_security',
password='aiohttp_security',
database='aiohttp_security',
host='127.0.0.1')
password='aiohttp_security',
database='aiohttp_security',
host='127.0.0.1')
app = web.Application(loop=loop)
app.db_engine = db_engine
setup_session(app, RedisStorage(redis_pool))

55
demo/dictionary_auth/handlers.py
View File

@@ -1,42 +1,30 @@
import functools
from textwrap import dedent
from aiohttp import web
from aiohttp_security import remember, forget, authorized_userid, permits
from aiohttp_security import (
remember, forget, authorized_userid,
has_permission, login_required,
)
from .authz import check_credentials
def require(permission):
def wrapper(f):
@functools.wraps(f)
async def wrapped(request):
has_perm = await permits(request, permission)
if not has_perm:
message = 'User has no permission {}'.format(permission)
raise web.HTTPForbidden(body=message.encode())
return await f(request)
return wrapped
return wrapper
index_template = dedent("""
<!doctype html>
<head>
</head>
<body>
<p>{message}</p>
<form action="/login" method="post">
Login:
<input type="text" name="username">
Password:
<input type="password" name="password">
<input type="submit" value="Login">
</form>
<a href="/logout">Logout</a>
</body>
""")
<head></head>
<body>
<p>{message}</p>
<form action="/login" method="post">
Login:
<input type="text" name="username">
Password:
<input type="password" name="password">
<input type="submit" value="Login">
</form>
<a href="/logout">Logout</a>
</body>
""")
async def index(request):
@@ -58,7 +46,8 @@ async def login(request):
username = form.get('username')
password = form.get('password')
verified = await check_credentials(request.app.user_map, username, password)
verified = await check_credentials(
request.app.user_map, username, password)
if verified:
await remember(request, response, username)
return response
@@ -66,7 +55,7 @@ async def login(request):
return web.HTTPUnauthorized(body='Invalid username / password combination')
@require('public')
@login_required
async def logout(request):
response = web.Response(
text='You have been logged out',
@@ -76,7 +65,7 @@ async def logout(request):
return response
@require('public')
@has_permission('public')
async def internal_page(request):
# pylint: disable=unused-argument
response = web.Response(
@@ -86,7 +75,7 @@ async def internal_page(request):
return response
@require('protected')
@has_permission('protected')
async def protected_page(request):
# pylint: disable=unused-argument
response = web.Response(

6
demo/dictionary_auth/main.py
View File

@@ -6,9 +6,9 @@ from aiohttp_session.cookie_storage import EncryptedCookieStorage
from aiohttp_security import setup as setup_security
from aiohttp_security import SessionIdentityPolicy
from .authz import DictionaryAuthorizationPolicy
from .handlers import configure_handlers
from .users import user_map
from demo.dictionary_auth.authz import DictionaryAuthorizationPolicy
from demo.dictionary_auth.handlers import configure_handlers
from demo.dictionary_auth.users import user_map
def make_app():