def normalize_url(url): url_parts = url_parse(url) if not url_parts.netloc: url = 'http://{}'.format(url) url_parts = url_parse(url) if not url_parts.path: url = '{}/'.format(url) return url
def norm(self): normalized_url = url_normalize(self._url_str) parsed_url = url_parse(normalized_url) scheme = 'https' \ if parsed_url.scheme == 'http' \ else parsed_url.scheme netloc = parsed_url.netloc[4:] \ if parsed_url.netloc.startswith('www.') \ else parsed_url.netloc return Url( url_unparse( parsed_url._replace(scheme=scheme, netloc=netloc, query='')))
def admin(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] user = Manager.query.filter_by(ManagerNum=username).first() if user is None or not user.check_password(password): flash('Invalid username or password!') return redirect(url_for('admin')) login_user(user) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') return redirect(url_for('manager')) return render_template('admin.html')
def make_environ(self): request_url = url_parse(self.path) def shutdown_server(): self.server.shutdown_signal = True url_scheme = self.server.ssl_context is None and 'http' or 'https' path_info = url_unquote(request_url.path) environ = { 'wsgi.version': (1, 0), 'wsgi.url_scheme': url_scheme, 'wsgi.input': self.rfile, 'wsgi.errors': sys.stderr, 'wsgi.multithread': self.server.multithread, 'wsgi.multiprocess': self.server.multiprocess, 'wsgi.run_once': False, 'werkzeug.server.shutdown': shutdown_server, 'SERVER_SOFTWARE': self.server_version, 'REQUEST_METHOD': self.command, 'SCRIPT_NAME': '', 'PATH_INFO': wsgi_encoding_dance(path_info), 'QUERY_STRING': wsgi_encoding_dance(request_url.query), 'CONTENT_TYPE': self.headers.get('Content-Type', ''), 'CONTENT_LENGTH': self.headers.get('Content-Length', ''), 'REMOTE_ADDR': self.client_address[0], 'REMOTE_PORT': self.client_address[1], 'SERVER_NAME': self.server.server_address[0], 'SERVER_PORT': str(self.server.server_address[1]), 'SERVER_PROTOCOL': self.request_version } for key, value in self.headers.items(): key = 'HTTP_' + key.upper().replace('-', '_') if key not in ('HTTP_CONTENT_TYPE', 'HTTP_CONTENT_LENGTH'): environ[key] = value if request_url.netloc: environ['HTTP_HOST'] = request_url.netloc return environ
def login(): if isinstance(current_user._get_current_object(), Manager): logout_user() if current_user.is_authenticated: if isinstance(current_user._get_current_object(), Student): return redirect(url_for('student_index')) elif isinstance(current_user._get_current_object(), Teacher): return redirect(url_for('teacher_index')) if request.method == 'POST': username = request.form['username'] password = request.form['password'] remember = request.form.get('remember') remember = [True if remember == 'on' else False][0] error = None is_student = 1 user = Student.query.filter_by(StudentNum=username).first() # 判断是否为学生 if not user: # 若不是,则选取老师 is_student = 0 user = Teacher.query.filter_by(TeacherNum=username).first() if not user: error = '学号不存在!' elif not user.check_password(password): error = '密码错误!' if error is None: login_user(user, remember=remember) next_page = request.args.get('next') if not next_page or url_parse(next_page).netloc != '': next_page = url_for('index') if is_student: return redirect(url_for('student_index')) else: return redirect(url_for('teacher_index')) flash(error) return render_template('login.html')
def get_headers_for_request(url, region, service, access_key, secret_key, session_token=None, payload='', headers={}, method='GET', t=None): # Create a date for headers and the credential string if not t: t = datetime.datetime.utcnow() amzdate = t.strftime('%Y%m%dT%H%M%SZ') datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope # ************* TASK 1: CREATE A CANONICAL REQUEST ************* # http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html # Step 1 is to define the verb (GET, POST, etc.)--already done. # Step 2: Create canonical URI--the part of the URI from domain to query # string (use '/' if no path) parsed = url_parse(url) host = parsed.netloc canonical_uri = quote(parsed.path) # Step 3: Create the canonical query string. In this example (a GET request), # request parameters are in the query string. Query string values must # be URL-encoded (space=%20). The parameters must be sorted by name. # For this example, the query string is pre-formatted in the request_parameters variable. params = OrderedDict(sorted(parse_qs( parsed.query).items())) if parsed.query else {} canonical_querystring = urlencode(params, doseq=True) # Step 4: Create the canonical headers and signed headers. Header names # and value must be trimmed and lowercase, and sorted in ASCII order. # Note that there is a trailing \n. canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n' # Step 5: Create the list of signed headers. This lists the headers # in the canonical_headers list, delimited with ";" and in alpha order. # Note: The request can include any headers; canonical_headers and # signed_headers lists those that you want to be included in the # hash of the request. "Host" and "x-amz-date" are always required. headers_to_sign = ['host', 'x-amz-date'] signed_headers = ';'.join(headers_to_sign) # Step 6: Create payload hash (hash of the request body content). For GET # requests, the payload is an empty string (""). if payload is None: payload = '' # handle differences between library requests 2.11.0 and previous if type(payload) is bytes: payload_hash = hashlib.sha256(payload).hexdigest() else: payload_hash = hashlib.sha256(payload.encode("utf-8")).hexdigest() # Step 7: Combine elements to create create canonical request canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash # ************* TASK 2: CREATE THE STRING TO SIGN************* # Match the algorithm to the hashing algorithm you use, either SHA-1 or # SHA-256 (recommended) algorithm = 'AWS4-HMAC-SHA256' credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request' string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' + hashlib.sha256( canonical_request.encode('utf-8')).hexdigest() # ************* TASK 3: CALCULATE THE SIGNATURE ************* # Create the signing key using the function defined above. signing_key = getSignatureKey(secret_key, datestamp, region, service) # Sign the string_to_sign using the signing_key signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest() # ************* TASK 4: ADD SIGNING INFORMATION TO THE REQUEST ************* # The signing information can be either in a query string value or in # a header named Authorization. This code shows how to use a header. # Create authorization header and add to request headers authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature # The request can include any headers, but MUST include "host", "x-amz-date", # and (for this scenario) "Authorization". "host" and "x-amz-date" must # be included in the canonical_headers and signed_headers, as noted # earlier. Order here is not significant. # Python note: The 'host' header is added automatically by the Python 'requests' library. headers_to_add = { 'x-amz-date': amzdate, 'Authorization': authorization_header } if session_token: headers_to_add['X-Amz-Security-Token'] = session_token headers.update(headers_to_add) return headers
def get_headers_for_request(url, region, service, access_key, secret_key, session_token=None, payload='', headers={}, method='GET', t=None): # Create a date for headers and the credential string if not t: t = datetime.datetime.utcnow() amzdate = t.strftime('%Y%m%dT%H%M%SZ') datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope # ************* TASK 1: CREATE A CANONICAL REQUEST ************* # http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html # Step 1 is to define the verb (GET, POST, etc.)--already done. # Step 2: Create canonical URI--the part of the URI from domain to query # string (use '/' if no path) parsed=url_parse(url) host = parsed.netloc canonical_uri = quote(parsed.path) # Step 3: Create the canonical query string. In this example (a GET request), # request parameters are in the query string. Query string values must # be URL-encoded (space=%20). The parameters must be sorted by name. # For this example, the query string is pre-formatted in the request_parameters variable. params = OrderedDict(sorted(parse_qs(parsed.query).items())) if parsed.query else {} canonical_querystring = unquote(urlencode(params, doseq=True)) # Step 4: Create the canonical headers and signed headers. Header names # and value must be trimmed and lowercase, and sorted in ASCII order. # Note that there is a trailing \n. canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n' # Step 5: Create the list of signed headers. This lists the headers # in the canonical_headers list, delimited with ";" and in alpha order. # Note: The request can include any headers; canonical_headers and # signed_headers lists those that you want to be included in the # hash of the request. "Host" and "x-amz-date" are always required. headers_to_sign=['host','x-amz-date'] signed_headers = ';'.join(headers_to_sign) # Step 6: Create payload hash (hash of the request body content). For GET # requests, the payload is an empty string (""). if payload is None: payload='' # handle differences between library requests 2.11.0 and previous if type(payload) is bytes: payload_hash = hashlib.sha256(payload).hexdigest() else: payload_hash = hashlib.sha256(payload.encode("utf-8")).hexdigest() # Step 7: Combine elements to create create canonical request canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash # ************* TASK 2: CREATE THE STRING TO SIGN************* # Match the algorithm to the hashing algorithm you use, either SHA-1 or # SHA-256 (recommended) algorithm = 'AWS4-HMAC-SHA256' credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request' string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' + hashlib.sha256(canonical_request.encode('utf-8')).hexdigest() # ************* TASK 3: CALCULATE THE SIGNATURE ************* # Create the signing key using the function defined above. signing_key = getSignatureKey(secret_key, datestamp, region, service) # Sign the string_to_sign using the signing_key signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest() # ************* TASK 4: ADD SIGNING INFORMATION TO THE REQUEST ************* # The signing information can be either in a query string value or in # a header named Authorization. This code shows how to use a header. # Create authorization header and add to request headers authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature # The request can include any headers, but MUST include "host", "x-amz-date", # and (for this scenario) "Authorization". "host" and "x-amz-date" must # be included in the canonical_headers and signed_headers, as noted # earlier. Order here is not significant. # Python note: The 'host' header is added automatically by the Python 'requests' library. headers_to_add = {'x-amz-date':amzdate, 'Authorization':authorization_header} if session_token: headers_to_add['X-Amz-Security-Token']=session_token headers.update(headers_to_add) return headers
def is_absolute(self): return bool(url_parse(self._url_str).netloc)