Example #1
0
 async def login(self, request: Request, identity: str,
                 credential: str) -> t.Optional[Identity]:
     user = await self.user_provider.find_by_identity(identity)
     if user:
         hasher = self.hasher or request.app.get(PasswordHasher)
         assert hasher
         hashed = user.get_hashed_password()
         if hasher.verify(credential, hashed):
             request.session[SESSION_KEY] = user.get_id()
             await request.session.regenerate_id()
             return user
     return None
Example #2
0
def https_request():
    scope = {
        "type": "http",
        "method": "GET",
        "scheme": "https",
        "headers": [],
    }

    async def receive(*args):
        return {
            "type": "http.request",
            "body": b'{"key":"value", "key2": 2}',
            "more_body": False,
        }

    return Request(scope, receive)
Example #3
0
def test_full_url_matches():
    request = Request({
        "type": "http",
        "scheme": "http",
        "server": ("example.com", 80),
        "query_string": b"csrf-token=TOKEN",
        "path": "/account/login",
        "headers": {},
    })
    assert request.full_url_matches(r"http://example.com")
    assert request.full_url_matches(r"http://example.com/account/*")
    assert request.full_url_matches("http://example.com/account/login")
    assert request.full_url_matches(
        "http://example.com/account/login?csrf-token=TOKEN")
    assert not request.full_url_matches(r"http://another.com/account/login")
Example #4
0
def test_url_matches():
    request = Request({
        "type": "http",
        "scheme": "http",
        "server": (b"example.com", 80),
        "query_string": b"csrf-token=TOKEN",
        "path": "/account/login",
        "headers": {},
    })
    assert request.url_matches(r"/account/login")
    assert request.url_matches(r".*ogin")
    assert request.url_matches(r"/account/*")
    assert not request.url_matches(r"/admin")
Example #5
0
def xhr_request():
    scope = {
        "type":
        "http",
        "method":
        "GET",
        "headers": [
            [b"content-type", b"application/json"],
            [b"x-requested-with", b"XMLHttpRequest"],
        ],
    }

    async def receive(*args):
        return {
            "type": "http.request",
            "body": b'{"key":"value", "key2": 2}',
            "more_body": False,
        }

    return Request(scope, receive)
Example #6
0
def json_request():
    scope = {
        "type":
        "http",
        "method":
        "POST",
        "headers": [
            [b"content-type", b"application/json"],
            [b"accept", b"application/json"],
        ],
    }

    async def receive(*args):
        return {
            "type": "http.request",
            "body": b'{"key":"value", "key2": 2}',
            "more_body": False,
        }

    return Request(scope, receive)
Example #7
0
def form_request():
    scope = {
        "type":
        "http",
        "method":
        "POST",
        "scheme":
        "http",
        "client": ("0.0.0.0", "8080"),
        "headers": [
            [b"accept", b"text/html"],
            [b"content-type", b"application/x-www-form-urlencoded"],
        ],
    }

    async def receive(*args):
        return {
            "type": "http.request",
            "body": b"id=1&email=root@localhost",
            "more_body": False,
        }

    return Request(scope, receive)
Example #8
0
 def should_check_token(self, request: Request) -> bool:
     return not any([
         request.method.lower() in self.safe_methods,
         request.url_matches(*self._exclude_urls),
         request.full_url_matches(*self._exclude_urls),
     ])
Example #9
0
def pass_old_input(request: Request) -> dict:
    return {
        "old_input": request.old_data(),
    }
Example #10
0
def pass_errors(request: Request) -> dict:
    return {"errors": request.errors()}
Example #11
0
 def view(request: Request):
     request.session["id"] = 1
     return JSONResponse({})