def simple_webapp(loop, base_world):
async def index(request):
return web.Response(status=200, text='hello!')
@security.authentication_exempt
async def public(request):
return web.Response(status=200, text='public')
async def private(request):
return web.Response(status=200, text='private')
@security.authentication_exempt
async def login(request):
await auth_svc.login_user(
request) # Note: auth_svc defined in context function
app = web.Application()
app.router.add_get('/', index)
app.router.add_post('/login', login)
app.router.add_get('/public', public)
app.router.add_get('/private', private)
auth_svc = AuthService()
loop.run_until_complete(
auth_svc.apply(app=app, users=base_world.get_config('users')))
# The authentication_required middleware needs to run after the session middleware.
# AuthService.apply(...) adds session middleware to the app, so we can append the
# the auth middleware after. Not doing this will cause a 500 in regards to the
# session middleware not being set up correctly.
app.middlewares.append(
security.authentication_required_middleware_factory(auth_svc))
return app
def knowledge_webapp(event_loop, app_svc, base_world, data_svc):
app_svc.add_service('auth_svc', AuthService())
app_svc.add_service('knowledge_svc', KnowledgeService())
app_svc.add_service('file_svc', FileSvc(
)) # This needs to be done this way, or it we won't have a valid BaseWorld
services = app_svc.get_services()
app = web.Application(middlewares=[
authentication_required_middleware_factory(services['auth_svc']),
json_request_validation_middleware
])
FactApi(services).add_routes(app)
return app
async def test_authentication_exempt_bound_method_returns_200(base_world, aiohttp_client):
class Api:
async def public(self, request):
return web.Response(status=200, text='hello!')
api = Api()
app = web.Application()
app.router.add_get('/public', security.authentication_exempt(api.public))
auth_svc = AuthService()
await auth_svc.apply(
app=app,
users=base_world.get_config('users')
)
app.middlewares.append(security.authentication_required_middleware_factory(auth_svc))
client = await aiohttp_client(app)
resp = await client.get('/public')
assert resp.status == 200
def make_app(svcs):
warnings.filterwarnings(
"ignore", message="Multiple schemas resolved to the name")
app = web.Application(middlewares=[
authentication_required_middleware_factory(svcs['auth_svc']),
json_request_validation_middleware
])
AgentApi(svcs).add_routes(app)
AbilityApi(svcs).add_routes(app)
OperationApi(svcs).add_routes(app)
AdversaryApi(svcs).add_routes(app)
ContactApi(svcs).add_routes(app)
ObjectiveApi(svcs).add_routes(app)
ObfuscatorApi(svcs).add_routes(app)
PluginApi(svcs).add_routes(app)
FactSourceApi(svcs).add_routes(app)
PlannerApi(svcs).add_routes(app)
HealthApi(svcs).add_routes(app)
ScheduleApi(svcs).add_routes(app)
return app