def testView(self): """ Check that login_required is assignable to normal views. """ def normal_view(request): pass login_required(normal_view)
def admin(f): """ @admin A decorator that turns a class into ADMIN """ import auth.decorators as a_deco if not inspect.isclass(f): raise TypeError("@ADMIN expects a Mocha class") if config("ADMIN_ENABLED", True): # Index route index_route = config("ADMIN_INDEX_ROUTE", "/") # ROLES min_role = config("ADMIN_MIN_ACL", "ADMIN") role_name = "accepts_%s_roles" % min_role.lower() if not hasattr(a_deco, role_name): raise ValueError("Invalid ADMIN_MIN_ACL: %s" % min_role) getattr(a_deco, role_name)(f) a_deco.login_required(f) set_view_attr(f, "nav_tags", [ADMIN_TAG]) layout = config("ADMIN_LAYOUT") or ADMIN_LAYOUT return render.template(layout=layout)(f) else: set_view_attr(f, "nav_visible", False) f.before_request = disable_admin return f
def testCallable(self): """ Check that login_required is assignable to callable objects. """ class CallableView(object): def __call__(self, *args, **kwargs): pass login_required(CallableView())
redis_token_db.set(email, json.dumps(value), ex=ONE_DAY) return jsonify(value) def _delete(user_id): if g.user['id'] != user_id: """ Only self-delete is permitted""" return jsonify(message='Unauthorized request'), 403 user = User(id=user_id) user.delete() _delete_token() return jsonify(message='ok'), 200 delete_user = login_required(_delete) def post_token(): """Check email/password then return a token. Actually, it's the 'login' function""" email = request.get_json()['email'] password = request.get_json()['password'] user = User.fetchone(email=email) if user is None: return jsonify(error='email address does not exist'), 401 hash = user.hash if argon2.verify(password, hash): g.user = user token = secrets.token_urlsafe(32) value = {
def auth_processor_perms(request): return render_to_response('context_processors/auth_attrs_perms.html', RequestContext(request, {}, processors=[context_processors.auth])) def auth_processor_messages(request): info(request, "Message 1") return render_to_response('context_processors/auth_attrs_messages.html', RequestContext(request, {}, processors=[context_processors.auth])) def userpage(request): pass # special urls for auth test cases urlpatterns = urlpatterns + patterns('', (r'^logout/custom_query/$', 'auth.views.logout', dict(redirect_field_name='follow')), (r'^logout/next_page/$', 'auth.views.logout', dict(next_page='/somewhere/')), (r'^remote_user/$', remote_user_auth_view), (r'^password_reset_from_email/$', 'auth.views.password_reset', dict(from_email='*****@*****.**')), (r'^admin_password_reset/$', 'auth.views.password_reset', dict(is_admin_site=True)), (r'^login_required/$', login_required(password_reset)), (r'^login_required_login_url/$', login_required(password_reset, login_url='/somewhere/')), (r'^auth_processor_no_attr_access/$', auth_processor_no_attr_access), (r'^auth_processor_attr_access/$', auth_processor_attr_access), (r'^auth_processor_user/$', auth_processor_user), (r'^auth_processor_perms/$', auth_processor_perms), (r'^auth_processor_messages/$', auth_processor_messages), url(r'^userpage/(.+)/$', userpage, name="userpage"), )
from django.conf.urls import url from auth.decorators import login_required from . import views urlpatterns = [ url(r'^$', login_required(views.RevisionList.as_view()), name='list'), url(r'^new/$', login_required(views.NewRevision.as_view()), name='new'), url(r'^(?P<revision_id>\d+)/editor/$', login_required(views.Editor.as_view()), name='editor'), url(r'^(?P<revision_id>\d+)/editor/(?P<file_path>.+)/$', login_required(views.EditFile.as_view()), name='edit-file'), url(r'^(?P<revision_id>\d+)/send-for-2i/$', login_required(views.SendFor2i.as_view()), name='send-for-2i'), url(r'^(?P<revision_id>\d+)/send-back/$', login_required(views.SendBack.as_view()), name='send-back'), url(r'^(?P<revision_id>\d+)/publish/$', login_required(views.Publish.as_view()), name='publish'), url(r'^(?P<revision_id>\d+)/activities/$', login_required(views.Activities.as_view()), name='activities'), url(r'^(?P<revision_id>\d+)/changes/$', login_required(views.Changes.as_view()), name='changes'), ]
from django.conf.urls import url from auth.decorators import login_required from . import views urlpatterns = [ url( r'^$', login_required(views.RevisionList.as_view()), name='list' ), url( r'^new/$', login_required(views.NewRevision.as_view()), name='new' ), url( r'^(?P<revision_id>\d+)/editor/$', login_required(views.Editor.as_view()), name='editor' ), url( r'^(?P<revision_id>\d+)/editor/(?P<file_path>.+)/$', login_required(views.EditFile.as_view()), name='edit-file' ), url( r'^(?P<revision_id>\d+)/send-for-2i/$', login_required(views.SendFor2i.as_view()), name='send-for-2i' ),