Example #1
0
 def setUp(self):
     self.response = itty3.HttpResponse("Hello, world!")
     self.complex_resp = itty3.HttpResponse(
         '{"success": false}',
         status_code=403,
         headers={
             "X-Auth-Token": "abcdef1234567890",
         },
         content_type="application/json",
     )
Example #2
0
def create_post(request):
    # This is unauthorized. Maybe for development or different auth in
    # production.
    # Regardless, some HTTP Basic Auth is added in `run.py`.
    if request.method != itty3.POST:
        return itty3.HttpResponse(request, "Nerp.", status_code=400)

    title = request.POST.get("title", "")
    content = request.POST.get("content", "")

    # Imagine putting it in a database here.

    return itty3.HttpResponse("", status_code=302, headers={"Location": "/"})
Example #3
0
def logout(req):
    resp = itty3.HttpResponse(
        body="", headers={"Location": "/"}, status_code=302,
    )

    # All we need to provide is the key.
    resp.delete_cookie("username")

    return resp
Example #4
0
def api_list(request):
    # We're taking a whole different set of views (an API in this case) &
    # composing it into our main app in `run.py`.
    # Imagine this is doing something interesting.
    data = {
        "posts": [
            {
                "title": "First Post!",
                "content": "I started a blog today like it was 2008.",
            },
        ],
    }
    return itty3.HttpResponse(json.dumps(data), content_type=itty3.JSON)
Example #5
0
def set_username(req):
    username = req.GET.get("username", "unknown")

    # First, we manually create the redirect response.
    resp = itty3.HttpResponse(
        body="", headers={"Location": "/"}, status_code=302,
    )

    # Now, set the `username` in the cookies!
    resp.set_cookie("username", username)

    # Don't forget to return that `resp` at the end!
    return resp
Example #6
0
def overridden_create_post(request):
    # Check some HTTP Basic Auth for a known user/pass.
    #
    # NOTE: This isn't secure at all over regular HTTP! Add SSL if you deploy
    #     code like this to a production environment!
    #     It's probably also incomplete!
    if "Authorization" not in request.headers:
        return itty3.HttpResponse(request, "", status_code=403)

    # Take the header, base64-decode it & split on the ":".
    raw_auth = request.headers["Authorization"]
    bits = base64.b64decode(raw_auth).split(":", 1)

    # If there aren't enough bits or something is empty, reject.
    if len(bits) < 2 or not bits[0] or not bits[1]:
        return itty3.HttpResponse(request, "", status_code=403)

    # If the credentials don't match, reject.
    if bits[0] != USERNAME or bits[1] != PASSWORD:
        return itty3.HttpResponse(request, "", status_code=403)

    # They're authorized. Let them post.
    return webui.create_post(request)
Example #7
0
def unused_api(request, post_id):
    # And in `run.py`, this view isn't even hooked up!
    post = {
        # ...
    }
    return itty3.HttpResponse(json.dumps(post), content_type=itty3.JSON)
Example #8
0
def index(request):
    # You can imagine the database lookup & template rendering here.
    posts = "<p>No posts yet.</p>"
    # You can directly instantiate responses if you don't want to use
    # the `app` module-level object or `app.render` specifically.
    return itty3.HttpResponse(posts)