def create_achievements():
user_type = DBSession.query(SubjectType).filter_by(name="User").first()
team_type = DBSession.query(SubjectType).filter_by(name="Team").first()
country_type = DBSession.query(SubjectType).filter_by(
name="Country").first()
invite_users = Achievement(
name="invite_users",
maxlevel=100,
hidden=False,
evaluation="immediately",
comparison_type="none",
player_subjecttype_id=user_type["id"],
view_permission="own",
condition=
"""{"term": {"type": "literal", "variable": "invite_users"}}""",
goal="3*level",
operator="geq")
DBSession.add(invite_users)
DBSession.flush()
cyclist_of_the_month = Achievement(
name="cyclist_of_the_month",
hidden=False,
evaluation="monthly",
comparison_type="context_subject",
player_subjecttype_id=user_type["id"],
view_permission="everyone",
condition="""{"term": {"type": "literal", "variable": "cycling"}}""",
context_subjecttype_id=country_type.id,
operator="geq")
cyclist_of_the_month.compared_subjecttypes.append(user_type, team_type)
DBSession.add(cyclist_of_the_month)
DBSession.flush()
def create_user(DBSession, user, password):
from gengine.app.model import (
AuthUser,
User,
AuthRole,
AuthRolePermission
)
with transaction.manager:
existing = DBSession.query(AuthUser).filter_by(email=user).first()
if not existing:
try:
user1 = User(id=1, lat=10, lng=50, timezone="Europe/Berlin")
DBSession.add(user1)
DBSession.flush()
auth_user = AuthUser(user_id=user1.id, email=user, password=password, active=True)
DBSession.add(auth_user)
auth_role = AuthRole(name="Global Admin")
DBSession.add(auth_role)
DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_access_admin_ui))
DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_delete_user))
DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_increase_value))
DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_update_user_infos))
DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_read_messages))
DBSession.add(AuthRolePermission(role=auth_role, name=perm_global_register_device))
auth_user.roles.append(auth_role)
DBSession.add(auth_user)
except:
pass
def get_or_create_role(DBSession, name):
from gengine.app.model import AuthRole
auth_role = DBSession.query(AuthRole).filter_by(name=name).first()
if not auth_role:
auth_role = AuthRole(name=name)
DBSession.add(auth_role)
return auth_role
def get_or_create_language(name):
lang = DBSession.query(Language).filter_by(name=name).first()
if not lang:
lang = Language()
lang.name = name
DBSession.add(lang)
DBSession.flush()
return lang
def create_user(DBSession, user, password):
from gengine.app.model import (AuthUser, Subject, AuthRole,
AuthRolePermission, SubjectType,
t_auth_roles_permissions)
with transaction.manager:
subjecttype_user = DBSession.query(SubjectType).filter_by(
name="User").first()
if not subjecttype_user:
subjecttype_user = SubjectType(name="User")
DBSession.add(subjecttype_user)
existing = DBSession.query(AuthUser).filter_by(email=user).first()
DBSession.flush()
if not existing:
user1 = Subject(lat=10,
lng=50,
timezone="Europe/Berlin",
subjecttype_id=subjecttype_user.id)
DBSession.add(user1)
DBSession.flush()
auth_user = AuthUser(subject=user1,
email=user,
password=password,
active=True)
DBSession.add(auth_user)
auth_role = get_or_create_role(DBSession=DBSession,
name="Global Admin")
for perm in yield_all_perms():
if not exists_by_expr(
t_auth_roles_permissions,
and_(
t_auth_roles_permissions.c.auth_role_id
== auth_role.id, t_auth_roles_permissions.c.name
== perm[0])):
DBSession.add(
AuthRolePermission(role=auth_role, name=perm[0]))
auth_user.roles.append(auth_role)
DBSession.add(auth_user)
DBSession.flush()
def change_password(request):
try:
doc = request.json_body
except:
raise APIError(400, "invalid_json", "no valid json body")
email = doc.get("email")
old_password = doc.get("old_password")
new_password = doc.get("new_password")
if not email or not old_password or not new_password:
raise APIError(
400,
"change_password.email_and_old_password_and_new_password_required",
"You need to send your email, the old password and a new password."
)
user = DBSession.query(AuthUser).filter_by(email=email).first()
if not user or not user.verify_password(old_password):
raise APIError(
401, "change_password.email_or_old_password_invalid",
"Either the email address or the old password is wrong.")
if not user.active:
raise APIError(400, "user_is_not_activated",
"Your user is not activated.")
if new_password == old_password:
raise APIError(400, "change_password.may_not_be_the_same",
"The new password may not be the same as the old one.")
if not AuthUser.check_password_strength(new_password):
raise APIError(
400, "change_password.invalid_new_password",
"The new password is too weak. Minimum length is 8 characters.")
user.password = new_password
user.force_password_change = False
DBSession.add(user)
token = AuthToken.generate_token()
tokenObj = AuthToken(auth_user_id=user.id, token=token)
DBSession.add(tokenObj)
DBSession.flush()
return {
"token": token,
"subject": Subject.full_output(user.subject_id),
}
def auth_login(request):
try:
doc = request.json_body
except:
raise APIError(400, "invalid_json", "no valid json body")
user = request.user
email = doc.get("email")
password = doc.get("password")
if user:
#already logged in
token = user.get_or_create_token().token
else:
if not email or not password:
raise APIError(400, "login.email_and_password_required",
"You need to send your email and password.")
user = DBSession.query(AuthUser).filter_by(email=email).first()
if not user or not user.verify_password(password):
raise APIError(
401, "login.email_or_password_invalid",
"Either the email address or the password is wrong.")
if not user.active:
raise APIError(400, "user_is_not_activated",
"Your user is not activated.")
if user.force_password_change:
raise APIError(400, "user_has_to_change_password",
"You have to change your password.")
token = AuthToken.generate_token()
tokenObj = AuthToken(auth_user_id=user.id, token=token)
DBSession.add(tokenObj)
return {
"token": token,
"subject": Subject.full_output(user.subject_id),
}
def create_subject(
name,
type,
lat=None,
lng=None,
timezone=None,
language=None,
additional_public_data={},
):
type_obj = DBSession.query(SubjectType).filter_by(name=type).first()
language_obj = get_or_create_language(name=language) if language else None
subject = Subject()
subject.name = name
subject.lat = lat
subject.lng = lng
subject.timezone = timezone
subject.language = language_obj
subject.additional_public_data = additional_public_data
subject.type = type_obj
DBSession.add(subject)
return subject
def test_ancestors_descendants(self):
create_subjecttypes()
create_subjects()
klaus = DBSession.query(Subject).filter_by(name="Klaus").first()
clara = DBSession.query(Subject).filter_by(name="Clara").first()
liam = DBSession.query(Subject).filter_by(name="Liam").first()
bielefeld = DBSession.query(Subject).filter_by(
name="Bielefeld").first()
paderborn = DBSession.query(Subject).filter_by(
name="Paderborn").first()
germany = DBSession.query(Subject).filter_by(name="Germany").first()
france = DBSession.query(Subject).filter_by(name="France").first()
dev_team_bielefeld = DBSession.query(Subject).filter_by(
name="Developer Team Bielefeld").first()
junior_developer = DBSession.query(Subject).filter_by(
name="Junior Developer").first()
user_type = DBSession.query(SubjectType).filter_by(name="User").first()
team_type = DBSession.query(SubjectType).filter_by(name="Team").first()
country_type = DBSession.query(SubjectType).filter_by(
name="Country").first()
klaus_ancestors = Subject.get_ancestor_subjects(
subject_id=klaus.id,
of_type_id=None,
from_date=default_dt(),
to_date=default_dt(),
whole_time_required=False)
self.assertIn(bielefeld.id, klaus_ancestors.keys())
self.assertIn(germany.id, klaus_ancestors.keys())
self.assertIn(dev_team_bielefeld.id, klaus_ancestors.keys())
self.assertIn(junior_developer.id, klaus_ancestors.keys())
self.assertNotIn(france.id, klaus_ancestors.keys())
germany_descendants = Subject.get_descendent_subjects(
subject_id=germany.id,
of_type_id=team_type.id,
from_date=default_dt(),
to_date=default_dt(),
whole_time_required=False)
self.assertIn(dev_team_bielefeld.id, germany_descendants.keys())
self.assertNotIn(klaus.id, germany_descendants.keys())
def test_simple_invite_users(self):
create_subjecttypes()
create_subjects()
create_variables()
create_achievements()
klaus = DBSession.query(Subject).filter_by(name="Klaus").first()
invite_users_achievement = DBSession.query(Achievement).filter_by(
name="invite_users").first()
# First step: increase by 1, level 1 will not be achieved
Value.increase_value(variable_name="invite_users",
subject_id=klaus.id,
value=1,
key=None,
at_datetime=default_dt())
evaluation = Achievement.evaluate(
compared_subject=klaus,
achievement_id=invite_users_achievement.id,
achievement_date=AchievementDate.compute(
evaluation_timezone=invite_users_achievement.
evaluation_timezone,
evaluation_type=invite_users_achievement.evaluation,
evaluation_shift=invite_users_achievement.evaluation_shift,
context_datetime=default_dt()),
context_subject_id=None,
execute_triggers=False)
self.assertEqual(evaluation["level"], 0)
self.assertEqual(evaluation["progress"], 1.0)
# Now increase by 3, level 1 will achieved, progress 4.0
Value.increase_value(variable_name="invite_users",
subject_id=klaus.id,
value=3,
key=None,
at_datetime=default_dt())
evaluation = Achievement.evaluate(
compared_subject=klaus,
achievement_id=invite_users_achievement.id,
achievement_date=AchievementDate.compute(
evaluation_timezone=invite_users_achievement.
evaluation_timezone,
evaluation_type=invite_users_achievement.evaluation,
evaluation_shift=invite_users_achievement.evaluation_shift,
context_datetime=default_dt()),
context_subject_id=None,
execute_triggers=False)
self.assertEqual(evaluation["level"], 1)
self.assertEqual(evaluation["progress"], 4.0)
# Now lets test the maximum level (100)
Value.increase_value(variable_name="invite_users",
subject_id=klaus.id,
value=300,
key=None,
at_datetime=default_dt())
evaluation = Achievement.evaluate(
compared_subject=klaus,
achievement_id=invite_users_achievement.id,
achievement_date=AchievementDate.compute(
evaluation_timezone=invite_users_achievement.
evaluation_timezone,
evaluation_type=invite_users_achievement.evaluation,
evaluation_shift=invite_users_achievement.evaluation_shift,
context_datetime=default_dt()),
context_subject_id=None,
execute_triggers=False)
self.assertEqual(evaluation["level"], 100)
self.assertEqual(evaluation["progress"], 304.0)
def test_cycling_leaderboard(self):
create_subjecttypes()
create_subjects()
create_variables()
create_achievements()
klaus = DBSession.query(Subject).filter_by(name="Klaus").first()
clara = DBSession.query(Subject).filter_by(name="Clara").first()
liam = DBSession.query(Subject).filter_by(name="Liam").first()
bielefeld = DBSession.query(Subject).filter_by(
name="Bielefeld").first()
paderborn = DBSession.query(Subject).filter_by(
name="Paderborn").first()
germany = DBSession.query(Subject).filter_by(name="Germany").first()
france = DBSession.query(Subject).filter_by(name="France").first()
cyclist_of_the_month_achievement = DBSession.query(
Achievement).filter_by(name="cyclist_of_the_month").first()
def cycle(user, km, dt):
Value.increase_value(variable_name="cycling",
subject_id=user.id,
value=km,
key=None,
at_datetime=dt)
def ev(user, dt, context_subject):
return Achievement.evaluate(
compared_subject=user,
achievement_id=cyclist_of_the_month_achievement.id,
achievement_date=AchievementDate.compute(
evaluation_timezone=cyclist_of_the_month_achievement.
evaluation_timezone,
evaluation_type=cyclist_of_the_month_achievement.
evaluation,
evaluation_shift=cyclist_of_the_month_achievement.
evaluation_shift,
context_datetime=dt),
execute_triggers=False,
context_subject_id=context_subject.id)
cycle(klaus, 5, default_dt())
cycle(clara, 3, default_dt())
cycle(liam, 10, default_dt())
lb_bielefeld = ev(klaus, default_dt(), bielefeld)
lb_germany = ev(klaus, default_dt(), germany)
self.assertEqual(lb_bielefeld["leaderboard_position"], 0)
self.assertEqual(lb_germany["leaderboard_position"], 1)
lb_bielefeld = ev(clara, default_dt(), bielefeld)
lb_germany = ev(clara, default_dt(), germany)
lb_france = ev(clara, default_dt(), france)
self.assertEqual(lb_bielefeld["leaderboard_position"], 1)
self.assertEqual(lb_germany["leaderboard_position"], 2)
self.assertEqual(lb_france["leaderboard_position"], None)
# clara also cycled last month
Subject.join_subject(subject_id=clara.id,
part_of_id=germany.id,
join_date=last_month(default_dt()))
cycle(clara, 10, last_month(default_dt()))
# should not effect this month
lb_germany = ev(clara, default_dt(), germany)
self.assertEqual(lb_germany["leaderboard_position"], 2)
# but should effect last month
lb_germany = ev(clara, last_month(default_dt()), germany)
self.assertEqual(lb_germany["leaderboard_position"], 0)
def populate_demo(DBSession):
from gengine.app.model import (
Achievement,
AchievementCategory,
Variable,
Subject,
Language,
TranslationVariable,
Translation,
Reward,
AchievementProperty,
AchievementAchievementProperty,
AchievementReward,
AuthUser,
AuthRole,
AuthRolePermission,
SubjectType,
t_auth_roles_permissions
)
def add_translation_variable(name):
t = TranslationVariable(name=name)
DBSession.add(t)
return t
def add_translation(variable, lang, text):
tr = Translation(translationvariable=variable, text=text, language=lang)
DBSession.add(tr)
return tr
with transaction.manager:
subjecttype_country = SubjectType(name="Country")
DBSession.add(subjecttype_country)
subjecttype_region = SubjectType(name="Region")
subjecttype_region.part_of_types.append(subjecttype_country)
DBSession.add(subjecttype_region)
subjecttype_city = SubjectType(name="City")
subjecttype_city.part_of_types.append(subjecttype_region)
DBSession.add(subjecttype_city)
subjecttype_position = SubjectType(name="Position")
DBSession.add(subjecttype_position)
subjecttype_team = SubjectType(name="Team")
DBSession.add(subjecttype_team)
subjecttype_user = DBSession.query(SubjectType).filter_by(name="User").first()
if not subjecttype_user:
subjecttype_user = SubjectType(name="User")
DBSession.add(subjecttype_user)
subjecttype_user.part_of_types.append(subjecttype_city)
subjecttype_user.part_of_types.append(subjecttype_team)
subjecttype_user.part_of_types.append(subjecttype_position)
DBSession.add(subjecttype_user)
subject_germany = Subject(type=subjecttype_country, name="Germany")
DBSession.add(subject_germany)
subject_france = Subject(type=subjecttype_country, name="France")
DBSession.add(subject_france)
subject_india = Subject(type=subjecttype_country, name="India")
DBSession.add(subject_india)
subject_germany_north = Subject(type=subjecttype_region, name="Germany-North")
DBSession.add(subject_germany_north)
subject_germany_west = Subject(type=subjecttype_region, name="Germany-West")
DBSession.add(subject_germany_west)
subject_germany_east = Subject(type=subjecttype_region, name="Germany-East")
DBSession.add(subject_germany_east)
subject_germany_south = Subject(type=subjecttype_region, name="Germany-South")
DBSession.add(subject_germany_south)
subject_paderborn = Subject(type=subjecttype_city, name="Paderborn")
DBSession.add(subject_paderborn)
subject_bielefeld = Subject(type=subjecttype_city, name="Bielefeld")
DBSession.add(subject_bielefeld)
subject_detmold = Subject(type=subjecttype_city, name="Detmold")
DBSession.add(subject_detmold)
subject_berlin = Subject(type=subjecttype_city, name="Berlin")
DBSession.add(subject_berlin)
subject_sales = Subject(type=subjecttype_team, name="Sales")
DBSession.add(subject_sales)
subject_tech = Subject(type=subjecttype_team, name="Tech")
DBSession.add(subject_tech)
subject_junior_developer = Subject(type=subjecttype_position, name="Junior Developer")
DBSession.add(subject_junior_developer)
subject_senior_developer = Subject(type=subjecttype_position, name="Senior Developer")
DBSession.add(subject_senior_developer)
subject_manager = Subject(type=subjecttype_position, name="Manager")
DBSession.add(subject_manager)
subject_promoter = Subject(type=subjecttype_position, name="Promoter")
DBSession.add(subject_promoter)
DBSession.flush()
lang_de = Language(name="de")
lang_en = Language(name="en")
DBSession.add(lang_de)
DBSession.add(lang_en)
var_invited_users = Variable(name="invite_users")
DBSession.add(var_invited_users)
var_invited_users = Variable(name="participate",
group="none")
DBSession.add(var_invited_users)
achievementcategory_community = AchievementCategory(name="community")
DBSession.add(achievementcategory_community)
achievement_invite = Achievement(name='invite_users',
evaluation="immediately",
maxtimes=20,
achievementcategory=achievementcategory_community,
condition='{"term": {"type": "literal", "variable": "invite_users"}}',
goal="5*level",
operator="geq",
player_subjecttype=subjecttype_user
)
DBSession.add(achievement_invite)
achievementcategory_sports = AchievementCategory(name="sports")
DBSession.add(achievementcategory_sports)
achievement_fittest = Achievement(name='fittest',
relevance="friends",
maxlevel=100,
achievementcategory=achievementcategory_sports,
condition='{"term": {"key": ["5","7","9"], "type": "literal", "key_operator": "IN", "variable": "participate"}}',
evaluation="weekly",
goal="5*level",
player_subjecttype=subjecttype_user
)
DBSession.add(achievement_fittest)
property_name = AchievementProperty(name='name')
DBSession.add(property_name)
property_xp = AchievementProperty(name='xp')
DBSession.add(property_xp)
property_icon = AchievementProperty(name='icon')
DBSession.add(property_icon)
reward_badge = Reward(name='badge', rewarded_subjecttype=subjecttype_user)
DBSession.add(reward_badge)
reward_image = Reward(name='backgroud_image', rewarded_subjecttype=subjecttype_user)
DBSession.add(reward_image)
transvar_invite_name = add_translation_variable(name="invite_users_achievement_name")
add_translation(transvar_invite_name, lang_en, 'Invite ${5*level} Users')
add_translation(transvar_invite_name, lang_de, 'Lade ${5*level} Freunde ein')
DBSession.add(AchievementAchievementProperty(achievement=achievement_invite, property=property_name,
value_translation=transvar_invite_name))
DBSession.add(AchievementAchievementProperty(achievement=achievement_invite, property=property_xp,
value='${100 * level}'))
DBSession.add(AchievementAchievementProperty(achievement=achievement_invite, property=property_icon,
value="https://www.gamification-software.com/img/running.png"))
DBSession.add(AchievementReward(achievement=achievement_invite, reward=reward_badge,
value="https://www.gamification-software.com/img/trophy.png", from_level=5))
DBSession.add(AchievementReward(achievement=achievement_invite, reward=reward_image,
value="https://www.gamification-software.com/img/video-controller-336657_1920.jpg",
from_level=5))
transvar_fittest_name = add_translation_variable(name="fittest_achievement_name")
add_translation(transvar_fittest_name, lang_en, 'Do the most sport activities among your friends')
add_translation(transvar_fittest_name, lang_de, 'Mache unter deinen Freunden am meisten Sportaktivitäten')
DBSession.add(AchievementAchievementProperty(achievement=achievement_fittest, property=property_name,
value_translation=transvar_fittest_name))
DBSession.add(AchievementAchievementProperty(achievement=achievement_fittest, property=property_xp,
value='${50 + (200 * level)}'))
DBSession.add(AchievementAchievementProperty(achievement=achievement_fittest, property=property_icon,
value="https://www.gamification-software.com/img/colorwheel.png"))
DBSession.add(AchievementReward(achievement=achievement_fittest, reward=reward_badge,
value="https://www.gamification-software.com/img/easel.png", from_level=1))
DBSession.add(AchievementReward(achievement=achievement_fittest, reward=reward_image,
value="https://www.gamification-software.com/img/game-characters-622654.jpg",
from_level=1))
DBSession.flush()
user1 = Subject(lat=10, lng=50, timezone="Europe/Berlin", name="Fritz", type=subjecttype_user)
user2 = Subject(lat=10, lng=50, timezone="US/Eastern", name="Ludwig", type=subjecttype_user)
user3 = Subject(lat=10, lng=50, name="Helene", type=subjecttype_user)
user1.friends.append(user2)
user1.friends.append(user3)
user2.friends.append(user1)
user2.friends.append(user3)
user3.friends.append(user1)
user3.friends.append(user2)
user1.part_of_subjects.append(subject_bielefeld)
user1.part_of_subjects.append(subject_sales)
user1.part_of_subjects.append(subject_manager)
user2.part_of_subjects.append(subject_bielefeld)
user2.part_of_subjects.append(subject_sales)
user2.part_of_subjects.append(subject_promoter)
user3.part_of_subjects.append(subject_paderborn)
user3.part_of_subjects.append(subject_sales)
user3.part_of_subjects.append(subject_promoter)
DBSession.add(user2)
DBSession.add(user3)
DBSession.flush()
try:
auth_user = DBSession.query(AuthUser).filter_by(email="*****@*****.**").first()
if not auth_user:
auth_user = AuthUser(subject=user1, email="*****@*****.**", password="******",
active=True)
DBSession.add(auth_user)
auth_role = DBSession.query(AuthRole).filter_by(name="Global Admin").first()
if not auth_role:
auth_role = AuthRole(name="Global Admin")
DBSession.add(auth_role)
DBSession.flush()
for perm in yield_all_perms():
if not exists_by_expr(t_auth_roles_permissions, and_(
t_auth_roles_permissions.c.auth_role_id == auth_role.id,
t_auth_roles_permissions.c.name == perm[0]
)):
DBSession.add(AuthRolePermission(role=auth_role, name=perm[0]))
auth_user.roles.append(auth_role)
DBSession.add(auth_user)
except ImportError as e:
print("[auth] feature not installed - not importing auth demo data")
def get_user_subjecttype():
return DBSession.query(SubjectType).filter_by(name="User").first()
def admin_tenant(environ, start_response):
from gengine.app.admin import adminapp
def admin_app(environ, start_response):
#return HTTPSProxied(DebuggedApplication(adminapp.wsgi_app, True))(environ, start_response)
return HTTPSProxied(adminapp.wsgi_app)(environ, start_response)
def request_auth(environ, start_response):
resp = Response()
resp.status_code = 401
resp.www_authenticate = 'Basic realm="%s"' % (
"Gamification Engine Admin", )
return resp(environ, start_response)
if not asbool(get_settings().get("enable_user_authentication", False)):
return admin_app(environ, start_response)
req = Request(environ)
def _get_basicauth_credentials(request):
authorization = request.headers.get("authorization", "")
try:
authmeth, auth = authorization.split(' ', 1)
except ValueError: # not enough values to unpack
return None
if authmeth.lower() == 'basic':
try:
auth = base64.b64decode(auth.strip()).decode("UTF-8")
except binascii.Error: # can't decode
return None
try:
login, password = auth.split(':', 1)
except ValueError: # not enough values to unpack
return None
return {'login': login, 'password': password}
return None
user = None
cred = _get_basicauth_credentials(req)
token = req.cookies.get("token", None)
if token:
tokenObj = DBSession.query(AuthToken).filter(
AuthToken.token == token).first()
user = None
if tokenObj and tokenObj.valid_until < datetime.datetime.utcnow():
tokenObj.extend()
if tokenObj:
user = tokenObj.user
if not user:
if cred:
user = DBSession.query(AuthUser).filter_by(
email=cred["login"]).first()
if not user or not user.verify_password(cred["password"]):
return request_auth(environ, start_response)
if user:
j = t_auth_users_roles.join(t_auth_roles).join(
t_auth_roles_permissions)
q = select(
[t_auth_roles_permissions.c.name],
from_obj=j).where(t_auth_users_roles.c.auth_user_id == user.id)
permissions = [r["name"] for r in DBSession.execute(q).fetchall()]
if not perm_global_access_admin_ui in permissions:
return request_auth(environ, start_response)
else:
token_s = user.get_or_create_token().token
def start_response_with_headers(status, headers, exc_info=None):
cookie = SimpleCookie()
cookie['X-Auth-Token'] = token_s
cookie['X-Auth-Token']['path'] = get_settings().get(
"urlprefix", "").rstrip("/") + "/"
headers.append(
('Set-Cookie', cookie['X-Auth-Token'].OutputString()), )
return start_response(status, headers, exc_info)
return admin_app(environ, start_response_with_headers)
