def _save_session(session: SecureCookieSession) -> Response: interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = 'secret' response = Response('') interface.save_session(app, session, response) return response
def test_access_log_standard_atoms() -> None: request_headers = CIMultiDict({ 'Referer': 'stet.io', 'Remote-Addr': '127.0.0.1', 'User-Agent': 'quart', }) request = Request('GET', '/?x=y', request_headers) response = Response('Hello', 202) atoms = AccessLogAtoms(request, response, 'h2', 0.000023) assert atoms['h'] == '127.0.0.1' assert atoms['l'] == '-' assert time.strptime(atoms['t'], '[%d/%b/%Y:%H:%M:%S %z]') assert int(atoms['s']) == 202 assert atoms['m'] == 'GET' assert atoms['U'] == '/' assert atoms['q'] == 'x=y' assert atoms['H'] == 'h2' assert int(atoms['b']) == len('Hello') assert int(atoms['B']) == len('Hello') assert atoms['f'] == 'stet.io' assert atoms['a'] == 'quart' assert atoms['p'] == f"<{os.getpid()}>" assert atoms['not-atom'] == '-' assert atoms['T'] == 0 assert atoms['D'] == 23 assert atoms['L'] == '0.000023'
async def _save_session(session: SecureCookieSession) -> Response: interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = "secret" response = Response("") await interface.save_session(app, session, response) return response
def test_access_log_environ_atoms() -> None: os.environ['Random'] = 'Environ' request_headers = CIMultiDict({ 'Remote-Addr': '127.0.0.1', }) request = Request('GET', '/', request_headers) response = Response('Hello', 200) atoms = AccessLogAtoms(request, response, 'h2', 0) assert atoms['{random}e'] == 'Environ'
async def save_session( # type: ignore self, app: "Quart", session: SecureCookieSession, response: Response) -> None: # prevent set-cookie on unmodified session objects if not session.modified: return # prevent set-cookie on (static) file responses # https://github.com/fengsp/flask-session/pull/70 if self._config['SESSION_STATIC_FILE'] is False and \ isinstance(response.response, FileBody): return session_key = self.key_prefix + session.sid domain = self.get_cookie_domain(app) path = self.get_cookie_path(app) if not session: if session.modified: await self.delete(key=session_key, app=app) response.delete_cookie(app.session_cookie_name, domain=domain, path=path) return httponly = self.get_cookie_httponly(app) secure = self.get_cookie_secure(app) expires = self.get_expiration_time(app, session) if self.serializer is None: val = dict(session) else: val = self.serializer.dumps(dict(session)) await self.set(key=session_key, value=val, app=app) if self.use_signer: session_id = self._get_signer(app).sign(want_bytes(session.sid)) else: session_id = session.sid response.set_cookie(app.session_cookie_name, session_id, expires=expires, httponly=httponly, domain=domain, path=path, secure=secure)
def test_secure_cookie_session_interface_open_session() -> None: session = SecureCookieSession() session['something'] = 'else' interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = 'secret' response = Response('') interface.save_session(app, session, response) request = Request('GET', 'http', '/', b'', CIMultiDict()) request.headers['Cookie'] = response.headers['Set-Cookie'] new_session = interface.open_session(app, request) assert new_session == session
async def username(username): if 'Origin' in request.headers: hostname = urlparse(request.headers['Origin']).hostname response = Response("{}", headers={ 'Access-Control-Allow-Origin': 'https://' + hostname, 'Access-Control-Allow-Headers': 'authorization' }) return response return 'hello {}'.format(username)
def test_access_log_header_atoms() -> None: request_headers = CIMultiDict({ 'Random': 'Request', 'Remote-Addr': '127.0.0.1', }) request = Request('GET', '/', request_headers) response_headers = CIMultiDict({ 'Random': 'Response', }) response = Response('Hello', 200, response_headers) atoms = AccessLogAtoms(request, response, 'h2', 0) assert atoms['{random}i'] == 'Request' assert atoms['{RANDOM}i'] == 'Request' assert atoms['{not-atom}i'] == '-' assert atoms['{random}o'] == 'Response' assert atoms['{RANDOM}o'] == 'Response'
def test_secure_cookie_session_interface_save_session() -> None: session = SecureCookieSession() session['something'] = 'else' interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = 'secret' response = Response('') interface.save_session(app, session, response) cookies = SimpleCookie() cookies.load(response.headers['Set-Cookie']) cookie = cookies[app.session_cookie_name] assert cookie['path'] == interface.get_cookie_path(app) assert cookie['httponly'] == '' if not interface.get_cookie_httponly(app) else True assert cookie['secure'] == '' if not interface.get_cookie_secure(app) else True assert cookie['domain'] == (interface.get_cookie_domain(app) or '') assert cookie['expires'] == (interface.get_expiration_time(app, session) or '') assert response.headers['Vary'] == 'Cookie'
async def test_secure_cookie_session_interface_open_session() -> None: session = SecureCookieSession() session["something"] = "else" interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = "secret" response = Response("") await interface.save_session(app, session, response) request = Request("GET", "http", "/", b"", Headers(), "", "1.1", {}, send_push_promise=no_op_push) request.headers["Cookie"] = response.headers["Set-Cookie"] new_session = await interface.open_session(app, request) assert new_session == session
async def test_secure_cookie_session_interface_save_session() -> None: session = SecureCookieSession() session["something"] = "else" interface = SecureCookieSessionInterface() app = Quart(__name__) app.secret_key = "secret" response = Response("") await interface.save_session(app, session, response) cookies: SimpleCookie = SimpleCookie() cookies.load(response.headers["Set-Cookie"]) cookie = cookies[app.session_cookie_name] assert cookie["path"] == interface.get_cookie_path(app) assert cookie["httponly"] == "" if not interface.get_cookie_httponly( app) else True assert cookie["secure"] == "" if not interface.get_cookie_secure( app) else True if version_info >= (3, 8): assert cookie["samesite"] == (interface.get_cookie_samesite(app) or "") assert cookie["domain"] == (interface.get_cookie_domain(app) or "") assert cookie["expires"] == (interface.get_expiration_time(app, session) or "") assert response.headers["Vary"] == "Cookie"
import asyncio from typing import NoReturn, Optional, Set import pytest from _pytest.monkeypatch import MonkeyPatch from asynctest import Mock as AsyncMock from quart.app import Quart from quart.datastructures import CIMultiDict from quart.globals import session, websocket from quart.sessions import SecureCookieSession, SessionInterface from quart.testing import no_op_push, WebsocketResponse from quart.typing import ResponseReturnValue from quart.wrappers import Response TEST_RESPONSE = Response("") def test_endpoint_overwrite() -> None: app = Quart(__name__) def route() -> str: return "" def route2() -> str: return "" async def route3() -> str: return "" app.add_url_rule("/a", "index", route, ["GET"])
import os from typing import Optional, Set from unittest.mock import Mock import pytest from quart.app import Quart from quart.globals import session, websocket from quart.sessions import SecureCookieSession from quart.testing import WebsocketResponse from quart.typing import ResponseReturnValue from quart.wrappers import Response TEST_RESPONSE = Response('') def test_endpoint_overwrite() -> None: app = Quart(__name__) def route() -> str: return '' def route2() -> str: return '' async def route3() -> str: return '' app.add_url_rule('/a', 'index', route, ['GET']) app.add_url_rule('/a/a', 'index', route, ['GET']) # Should not assert, as same view func
async def test_response_body() -> None: response = Response(b'Body') assert b'Body' == (await response.get_data()) # type: ignore # Fetch again to ensure it isn't exhausted assert b'Body' == (await response.get_data()) # type: ignore
import pytest from _pytest.monkeypatch import MonkeyPatch from hypercorn.typing import HTTPScope, WebsocketScope from werkzeug.datastructures import Headers from werkzeug.exceptions import InternalServerError from werkzeug.wrappers import Response as WerkzeugResponse from quart.app import Quart from quart.globals import current_app, session, websocket from quart.sessions import SecureCookieSession, SessionInterface from quart.testing import no_op_push, WebsocketResponseError from quart.typing import ResponseReturnValue from quart.wrappers import Request, Response TEST_RESPONSE = Response("") try: from unittest.mock import AsyncMock except ImportError: # Python < 3.8 from mock import AsyncMock # type: ignore class SimpleError(Exception): pass def test_endpoint_overwrite() -> None: app = Quart(__name__)