Exemplos de csrf_protect em Python, exemplos de endpoints.csrf.csrf_protect em Python

Exemplo n.º 1

0

Exibir arquivo

Arquivo: login.py Projeto: jonathankingfc/quay

from auth.decorators import require_session_login
from data import model
from data.users.shared import can_create_user
from endpoints.common import common_login
from endpoints.web import index, render_page_template_with_routedata
from endpoints.csrf import csrf_protect, OAUTH_CSRF_TOKEN_NAME, generate_csrf_token
from oauth.login import OAuthLoginException
from util.validation import generate_valid_usernames
from util.request import get_request_ip

logger = logging.getLogger(__name__)
client = app.config["HTTPCLIENT"]
oauthlogin = Blueprint("oauthlogin", __name__)

oauthlogin_csrf_protect = csrf_protect(OAUTH_CSRF_TOKEN_NAME,
                                       "state",
                                       all_methods=True,
                                       check_header=False)

OAuthResult = namedtuple(
    "oauthresult",
    [
        "user_obj", "service_name", "error_message", "register_redirect",
        "requires_verification"
    ],
)


def _oauthresult(
    user_obj=None,
    service_name=None,
    error_message=None,

Exemplo n.º 2

0

Exibir arquivo

Arquivo: __init__.py Projeto: ynnt/quay


CROSS_DOMAIN_HEADERS = ["Authorization", "Content-Type", "X-Requested-With"]
FRESH_LOGIN_TIMEOUT = convert_to_timedelta(app.config.get("FRESH_LOGIN_TIMEOUT", "10m"))


class ApiExceptionHandlingApi(Api):
    @crossdomain(origin="*", headers=CROSS_DOMAIN_HEADERS)
    def handle_error(self, error):
        return super(ApiExceptionHandlingApi, self).handle_error(error)


api = ApiExceptionHandlingApi()
api.init_app(api_bp)
api.decorators = [
    csrf_protect(),
    crossdomain(origin="*", headers=CROSS_DOMAIN_HEADERS),
    process_oauth,
    require_xhr_from_browser,
]


def resource(*urls, **kwargs):
    def wrapper(api_resource):
        if not api_resource:
            return None

        api_resource.registered = True
        api.add_resource(api_resource, *urls, **kwargs)
        return api_resource

Exemplo n.º 3

0

Exibir arquivo

Arquivo: __init__.py Projeto: xzwupeng/quay

logger = logging.getLogger(__name__)
api_bp = Blueprint('api', __name__)


CROSS_DOMAIN_HEADERS = ['Authorization', 'Content-Type', 'X-Requested-With']

class ApiExceptionHandlingApi(Api):
  @crossdomain(origin='*', headers=CROSS_DOMAIN_HEADERS)
  def handle_error(self, error):
    return super(ApiExceptionHandlingApi, self).handle_error(error)


api = ApiExceptionHandlingApi()
api.init_app(api_bp)
api.decorators = [csrf_protect(),
                  crossdomain(origin='*', headers=CROSS_DOMAIN_HEADERS),
                  process_oauth, time_decorator(api_bp.name, metric_queue),
                  require_xhr_from_browser]


def resource(*urls, **kwargs):
  def wrapper(api_resource):
    if not api_resource:
      return None

    api_resource.registered = True
    api.add_resource(api_resource, *urls, **kwargs)
    return api_resource
  return wrapper