def test_middleware_called_if_routed_to_sub_app(route: str, origin: str,
expected: str,
expected_body: str):
app = App(
enable_cors=True,
cors_config={
"allow_origins": ["example.com", "localhost:8001", "ietf.org"]
},
)
@app.route("/")
async def index(req, res):
res.text = "Hello"
sub = App()
@sub.route("/")
class SubApp:
async def get(self, req, res):
res.text = "OK"
app.mount("/sub", sub)
client = create_client(app)
res = client.get(route, headers={"origin": origin})
assert res.text == expected_body
if not expected: # unknown origin -> no allow-origin header
assert "access-control-allow-origin" not in res.headers
else: # allowed origin -> allow-origin header"
assert "access-control-allow-origin" in res.headers
assert res.headers.get("access-control-allow-origin") == expected
def test_if_origin_not_in_allow_origins_then_400():
app = App(enable_cors=True, cors_config={"allow_origins": ["foobar.com"]})
@app.route("/")
async def index(req, res):
pass
client = create_client(app)
response = client.options(
"/",
headers={
"origin": "foobar.com",
"access-control-request-method": "GET",
},
)
assert response.status_code == 200
response = client.options(
"/",
headers={
"origin": "example.com",
"access-control-request-method": "GET",
},
)
assert response.status_code == 400
def test_if_static_dir_is_none_then_no_assets_served(tmpdir_factory):
static_dir = tmpdir_factory.mktemp("static")
_create_asset(static_dir)
app = App(static_dir=None)
client = create_client(app)
assert client.get(f"/static/{FILE_DIR}/{FILE_NAME}").status_code == 404
def test_static_root_defaults_to_static_dir(tmpdir_factory):
static_dir = tmpdir_factory.mktemp("foo")
_create_asset(static_dir)
app = App(static_dir=str(static_dir), static_root=None)
client = create_client(app)
response = client.get(f"{static_dir}/{FILE_DIR}/{FILE_NAME}")
assert response.status_code == 200
def test_if_host_not_allowed_then_400():
app = App(allowed_hosts=["example.com"])
client = create_client(app)
@app.route("/")
async def index(req, res):
pass
response = client.get("/")
assert response.status_code == 400
def test_reverse_named_sub_app_route(app: App):
sub = App("sub")
@sub.route("/foo")
async def foo(req, res):
pass
app.mount("/sub", sub)
assert app.url_for("sub:foo") == "/sub/foo"
def test_assets_are_served_at_static_by_default(tmpdir_factory):
static_dir = tmpdir_factory.mktemp("static")
_create_asset(static_dir)
app = App(static_dir=str(static_dir))
client = create_client(app)
response = client.get(f"/static/{FILE_DIR}/{FILE_NAME}")
assert response.status_code == 200
assert response.text == FILE_CONTENTS
def test_mount_route_parameter(app, client):
other = App()
@other.route("/items/{pk}")
async def get_item(req, res, pk: int):
res.json = {"pk": pk}
app.mount("/other", other)
r = client.get("/other/items/12")
assert r.json() == {"pk": 12}
def test_cannot_reverse_unnamed_sub_app_route(app: App):
sub = App()
@sub.route("/foo")
async def foo(req, res):
pass
app.mount("/sub", sub)
with pytest.raises(HTTPError):
app.url_for("sub:foo")
def test_if_hsts_enabled_and_request_is_on_http_then_redirects_to_https():
app = App(enable_hsts=True)
@app.route("/")
async def index(req, res):
pass
client = create_client(app)
response = client.get("/", allow_redirects=False)
assert response.status_code == 301
assert response.headers["location"] == "https://testserver/"
def test_if_gzip_enabled_then_response_is_compressed():
app = App(enable_gzip=True, gzip_min_size=0)
@app.route("/")
async def index(req, res):
pass
client = create_client(app)
response = client.get("/", headers={"Accept-Encoding": "gzip"})
assert response.status_code == 200
assert response.headers["content-encoding"] == "gzip"
def test_mount_extra_static_files_dirs(tmpdir_factory):
static_dir = tmpdir_factory.mktemp("staticfiles")
_create_asset(static_dir)
app = App(static_dir=None)
app.mount("assets", static(str(static_dir)))
client = create_client(app)
response = client.get(f"/assets/{FILE_DIR}/{FILE_NAME}")
assert response.status_code == 200
assert response.text == FILE_CONTENTS
def test_customize_static_root(tmpdir_factory):
static_dir = tmpdir_factory.mktemp("static")
_create_asset(static_dir)
app = App(static_dir=str(static_dir), static_root="assets")
client = create_client(app)
assert client.get(f"/static/{FILE_DIR}/{FILE_NAME}").status_code == 404
response = client.get(f"/assets/{FILE_DIR}/{FILE_NAME}")
assert response.status_code == 200
assert response.text == FILE_CONTENTS
def test_access_sub_route(app: App, client):
other = App()
@other.route("/foo")
async def foo(req, res):
res.text = "OK"
app.mount("/other", other)
r = client.get("/other/foo")
assert r.status_code == 200
assert r.text == "OK"
def test_include_router_nested_apps(app, client, path, status):
other = App()
@other.route("/foo")
async def foo(req, res):
pass
router = Router()
router.mount("/other", other)
app.include_router(router, prefix="/tacos")
assert client.get(path).status_code == status
def test_middleware_called_if_routed_to_sub_app(app: App, client):
with build_middleware() as middleware:
app.add_middleware(middleware)
sub = App()
@sub.route("/home")
async def home(req, res):
res.text = "OK"
app.mount("/sub", sub)
r = client.get("/sub/home")
assert r.status_code == 200
assert r.text == "OK"
def test_no_allowed_origins_by_default():
app = App(enable_cors=True)
@app.route("/")
async def index(req, res):
pass
client = create_client(app)
response = client.options(
"/",
headers={
"origin": "foobar.com",
"access-control-request-method": "GET",
},
)
assert response.status_code == 400
def test_mount(app: App, client, path):
other = App()
requested_path = None
async def view(req, res):
nonlocal requested_path
requested_path = req.url.path
other.route("/")(view)
other.route("/foo")(view)
app.mount("/other", other)
r = client.get(path)
assert r.status_code == 200
assert requested_path is not None
assert requested_path.rstrip("/") == path
def test_sessions_enabled_secret_key_present():
with override_env("SECRET_KEY", "not-so-secret"):
app = App(enable_sessions=True)
@app.route("/set")
@view(methods=["post"])
async def set_session(req, res):
req.session["data"] = "something"
res.text = "Saved"
@app.route("/")
async def index(req, res):
data = req.session["data"]
res.text = f"Hello {data}"
client = create_client(app)
client.post("/set")
response = client.get("/")
assert "something" in response.text
assert "session" in response.cookies
def test_sessions_enabled_secret_key_present(ctx, config):
with ctx:
app = App(enable_sessions=True, sessions_config=config)
@app.route("/set")
@view(methods=["post"])
async def set_session(req, res):
req.session["data"] = "something"
res.text = "Saved"
@app.route("/")
async def index(req, res):
data = req.session["data"]
res.text = f"Hello {data}"
client = create_client(app)
client.post("/set")
response = client.get("/")
assert "something" in response.text
assert "session" in response.cookies
from bocadillo import App
app = App()
@app.websocket_route("/conversation")
async def converse(ws, diego, save_client):
with save_client(ws):
async for message in ws:
response = diego.get_response(message)
await ws.send(str(response))
@app.route("/client-count")
async def client_count(req, res, clients):
res.media = {"count": len(clients)}
from bocadillo import App
app = App(
enable_cors=True,
cors_config={"allow_origins": ["*"], "allow_methods": ["*"]},
)
_COURSES = [
{
"id": 1,
"code": "adv-maths",
"name": "Advanced Mathematics",
"created": "2018-08-14T12:09:45",
},
{
"id": 2,
"code": "cs1",
"name": "Computer Science I",
"created": "2018-06-12T18:34:16",
},
]
@app.route("/courses")
async def courses_list(req, res):
res.media = _COURSES
if __name__ == "__main__":
app.run()
from bocadillo import App, Templates, static, view
from models import *
# Initialize app
app = App(static_dir=None)
templates = Templates(app, directory='../app/static/dist')
###### Please make sure to use env variables as this information should be private #########
db.bind(provider='postgres',
user='******',
password='******',
host='postgres',
database='yourdbname')
#^^^^^ Please make sure to use env variables as this information should be private ^^^^^^###
db.generate_mapping(create_tables=True)
# Create index route
@app.route("/")
# Allow post and get methods (only get is allowed by default)
@view(methods=['POST', 'GET'])
async def homepage(req, res):
# Check if a post request is inbound
if 'POST' in req.method:
# Grab the data from the form of the post request
data = await req.form()
# Use function defined in models to add obj to database
add_animal(name=data['name'], age=data['age'])
print(data)
with orm.db_session:
dbquery = orm.select((a.age, a.name) for a in Animal)[:]
def test_sessions_enabled_no_secret_key():
with pytest.raises(RuntimeError):
App(enable_sessions=True)
def test_can_specify_media_type_when_creating_the_api_object():
App(media_type=CONTENT_TYPE.JSON)
def test_if_media_type_not_supported_then_passing_it_raises_error(
app: App, foo_type):
with pytest.raises(UnsupportedMediaType) as ctx:
App(media_type=foo_type)
assert foo_type in str(ctx.value)
from bocadillo import App, view, provider
app = App(enable_sessions=True)
@provider(scope="app", name="todos")
def provide_todos():
return [
{
"id": 0,
"content": "Go shopping"
},
{
"id": 1,
"content": "Cook fries"
},
{
"id": 2,
"content": "Do laundry"
},
]
@app.route("/unseen-todos")
async def get_unseen_todos(req, res, todos):
last_id = req.session.get("last_id", -1)
unseen_todos = todos[last_id + 1:]
if unseen_todos:
req.session["last_id"] = unseen_todos[-1]["id"]
def test_sessions_enabled_secret_key_empty():
with override_env("SECRET_KEY", ""):
with pytest.raises(MissingSecretKey):
App(enable_sessions=True)
# HTTP error responses!
raise HTTPError(400, detail="Invalid JSON")
# NOTE: you're free to integrate a third-party
# validation library such as Marshmallow or jsonschema.
for field in "name", "teacher":
if field not in data:
raise HTTPError(400, detail=f"{field} is a required field")
# Now, let's assemble the actual application, shall we?
app = App(
# Built-in CORS, HSTS and GZip!
enable_cors=True,
enable_hsts=False, # the default
enable_gzip=True,
gzip_min_size=1024, # the default
)
# Register the token middleware.
app.add_middleware(TokenMiddleware)
# Instanciate helper backends.
storage = Storage()
analytics = Analytics()
# Jinja templates!
templates = Templates(app)
def test_sessions_enabled_no_secret_key():
with pytest.raises(MissingSecretKey):
App(enable_sessions=True)
