Update to 0.3.0

demo/database_auth/handlers.py

@@ -4,7 +4,7 @@ from aiohttp import web
 
 from aiohttp_security import (
     remember, forget, authorized_userid,
-    has_permission, login_required,
+    check_permission, check_authorized,
 )
 
 from .db_auth import check_credentials
@@ -45,25 +45,25 @@ class Web(object):
         db_engine = request.app.db_engine
         if await check_credentials(db_engine, login, password):
             await remember(request, response, login)
-            return response
+            raise response
 
-        return web.HTTPUnauthorized(
+        raise web.HTTPUnauthorized(
             body=b'Invalid username/password combination')
 
-    @login_required
     async def logout(self, request):
+        await check_authorized(request)
         response = web.Response(body=b'You have been logged out')
         await forget(request, response)
         return response
 
-    @has_permission('public')
     async def internal_page(self, request):
+        await check_permission(request, 'public')
         response = web.Response(
             body=b'This page is visible for all registered users')
         return response
 
-    @has_permission('protected')
     async def protected_page(self, request):
+        await check_permission(request, 'protected')
         response = web.Response(body=b'You are on protected page')
         return response
 

demo/database_auth/main.py

@@ -19,7 +19,7 @@ async def init(loop):
                                     password='aiohttp_security',
                                     database='aiohttp_security',
                                     host='127.0.0.1')
-    app = web.Application(loop=loop)
+    app = web.Application()
     app.db_engine = db_engine
     setup_session(app, RedisStorage(redis_pool))
     setup_security(app,

demo/dictionary_auth/handlers.py

@@ -4,7 +4,7 @@ from aiohttp import web
 
 from aiohttp_security import (
     remember, forget, authorized_userid,
-    has_permission, login_required,
+    check_permission, check_authorized,
 )
 
 from .authz import check_credentials
@@ -55,8 +55,8 @@ async def login(request):
     return web.HTTPUnauthorized(body='Invalid username / password combination')
 
 
-@login_required
 async def logout(request):
+    await check_authorized(request)
     response = web.Response(
         text='You have been logged out',
         content_type='text/html',
@@ -65,9 +65,8 @@ async def logout(request):
     return response
 
 
-@has_permission('public')
 async def internal_page(request):
-    # pylint: disable=unused-argument
+    await check_permission(request, 'public')
     response = web.Response(
         text='This page is visible for all registered users',
         content_type='text/html',
@@ -75,9 +74,8 @@ async def internal_page(request):
     return response
 
 
-@has_permission('protected')
 async def protected_page(request):
-    # pylint: disable=unused-argument
+    await check_permission(request, 'protected')
     response = web.Response(
         text='You are on protected page',
         content_type='text/html',

demo/simple_example_auth.py

@@ -1,6 +1,6 @@
 from aiohttp import web
 from aiohttp_session import SimpleCookieStorage, session_middleware
-from aiohttp_security import has_permission, \
+from aiohttp_security import check_permission, \
     is_anonymous, remember, forget, \
     setup as setup_security, SessionIdentityPolicy
 from aiohttp_security.abc import AbstractAuthorizationPolicy
@@ -54,13 +54,13 @@ async def handler_logout(request):
     raise redirect_response
 
 
-@has_permission('listen')
 async def handler_listen(request):
+    await check_permission(request, 'listen')
     return web.Response(body="I can listen!")
 
 
-@has_permission('speak')
 async def handler_speak(request):
+    await check_permission(request, 'speak')
     return web.Response(body="I can speak!")