async def get(self, request, *args, **kwargs):
'''Get cosmoz stations.'''
property_filter = request.args.getlist('property_filter', None)
if property_filter:
property_filter = str(next(iter(property_filter))).split(',')
property_filter = [p for p in property_filter if len(p)]
count = request.args.getlist('count', None)
if count:
count = min(int(next(iter(count))), MAX_RETURN_COUNT)
else:
count = 1000
offset = request.args.getlist('offset', None)
if offset:
offset = min(int(next(iter(offset))), MAX_RETURN_COUNT)
else:
offset = 0
obs_params = {
"property_filter": property_filter,
"count": count,
"offset": offset,
}
res = await get_stations_mongo(obs_params, json_safe='orjson')
if use_body_bytes:
resp = HTTPResponse(None,
status=200,
content_type='application/json',
body_bytes=fast_dumps(res,
option=orjson_option))
else:
resp = HTTPResponse(fast_dumps(res, option=orjson_option),
status=200,
content_type='application/json')
return resp
def encode(self,
response: HTTPResponse,
secure: bool = False,
same_site: str = 'lax'):
"""
Transforms session into jwt and then is stored in a cookie.
:param response: Response used to store cookie.
:param secure: If true, connections must be SSL encrypted (aka https).
:param same_site: Allows you to declare if your cookie should be restricted to a first-party or same-site context.
"""
payload = {
'uid': str(self.uid),
'parent_uid': str(self.parent_uid),
'ip': self.ip
}
encoded = jwt.encode(payload,
config_parser['ROSE']['secret'],
algorithm='HS256').decode('utf-8')
cookie_name = self.cookie_name()
response.cookies[cookie_name] = encoded
response.cookies[cookie_name]['expires'] = self.expiration_date
response.cookies[cookie_name]['secure'] = secure
response.cookies[cookie_name]['samesite'] = same_site
async def post(self):
urls = []
one_url = self.request.json.get('page')
if one_url:
if not url_regex.match(one_url):
return HTTPResponse(body='Invalid url', status=501)
urls.append(one_url)
many_url = self.request.json.get('pages')
if many_url:
if isinstance(many_url, str):
many_url = many_url.split('\n')
elif isinstance(many_url, list):
pass
else:
return HTTPResponse(body='Pages type is unsupported',
status=501)
for url in many_url:
if url_regex.match(url):
urls.append(url)
async with self.app.pg_pool.acquire() as conn:
for url in urls:
res = await conn.fetchrow(
'SELECT * FROM estate_queue WHERE page = $1', url)
if not res:
await conn.execute(
'INSERT INTO estate_queue (page) VALUES ($1)', url)
return HTTPResponse(status=201)
async def dispatch_request(self, request: Request): # type: ignore
request_method = request.method.lower()
if not self.graphiql and request_method == "get":
abort(404)
show_graphiql = request_method == "get" and self.should_display_graphiql(
request)
if show_graphiql:
template = render_graphiql_page()
return self.render_template(template=template)
data = request.json
try:
query = data["query"]
except KeyError:
return HTTPResponse("No valid query was provided for the request",
400)
variables = data.get("variables")
operation_name = data.get("operationName")
context = self.get_context(request)
result = await self.schema.execute(
query,
variable_values=variables,
context_value=context,
operation_name=operation_name,
root_value=self.get_root_value(),
)
response_data = self.process_result(result)
return HTTPResponse(json.dumps(response_data),
status=200,
content_type="application/json")
async def _handler(request, file_uri=None):
# Using this to determine if the URL is trying to break out of the path
# served. os.path.realpath seems to be very slow
if file_uri and '../' in file_uri:
raise InvalidUsage("Invalid URL")
# Merge served directory and requested file if provided
# Strip all / that in the beginning of the URL to help prevent python
# from herping a derp and treating the uri as an absolute path
root_path = file_path = file_or_directory
if file_uri:
file_path = path.join(file_or_directory,
sub('^[/]*', '', file_uri))
# URL decode the path sent by the browser otherwise we won't be able to
# match filenames which got encoded (filenames with spaces etc)
file_path = path.abspath(unquote(file_path))
if not file_path.startswith(root_path):
raise FileNotFound('File not found',
path=file_or_directory,
relative_url=file_uri)
try:
headers = {}
# Check if the client has been sent this file before
# and it has not been modified since
stats = None
if use_modified_since:
stats = await stat(file_path)
modified_since = strftime('%a, %d %b %Y %H:%M:%S GMT',
gmtime(stats.st_mtime))
if request.headers.get('If-Modified-Since') == modified_since:
return HTTPResponse(status=304)
headers['Last-Modified'] = modified_since
_range = None
if use_content_range:
_range = None
if not stats:
stats = await stat(file_path)
headers['Accept-Ranges'] = 'bytes'
headers['Content-Length'] = str(stats.st_size)
if request.method != 'HEAD':
try:
_range = ContentRangeHandler(request, stats)
except HeaderNotFound:
pass
else:
del headers['Content-Length']
for key, value in _range.headers.items():
headers[key] = value
if request.method == 'HEAD':
return HTTPResponse(headers=headers,
content_type=guess_type(file_path)[0]
or 'text/plain')
else:
return await file(file_path, headers=headers, _range=_range)
except ContentRangeError:
raise
except Exception:
raise FileNotFound('File not found',
path=file_or_directory,
relative_url=file_uri)
async def checkaccesskey(request, api_key):
if request.method == "OPTIONS":
return HTTPResponse(None, 200, None)
if api_key is None:
raise Unauthorized("Please include API Key in query")
valid, message = await check_apikey_valid(api_key)
if not valid:
if request.method == "HEAD":
return HTTPResponse(None, 401, None)
else:
if message:
raise Unauthorized(
"API Key validation error: {}".format(message))
raise Unauthorized("API Key is not valid")
works, message = await test_apikey(api_key)
if not works:
if request.method == "HEAD":
return HTTPResponse(None, 401, None)
else:
if message:
raise Unauthorized("API Key Test error: {}".format(message))
raise Unauthorized(
"API Key is not valid but does not work. Perhaps the OAuth access key has been revoked."
)
return HTTPResponse(message, 200)
async def index(request):
file_url = request.args.get('video')
logger.debug('file_url: %s', file_url)
if file_url:
splitted = urlsplit(file_url)
origin_host = splitted.netloc
path = splitted.path
else:
logger.error('no file_url')
return HTTPResponse(status=400)
try:
server = await sc.get_server()
except Exception as e:
logger.error('unexpected error on choosing server: %s', e)
return HTTPResponse(status=500)
logger.debug('choosen server: %s', server)
if server:
if urlsplit(server).netloc != origin_host:
url = urljoin(f'{server}', path.lstrip('/'))
logger.debug('redirect to cdn: %s', url)
return redirect(url)
else:
logger.debug('redirect to origin: %s', file_url)
return redirect(file_url)
else:
logger.error('no server available')
return HTTPResponse(status=503)
async def set_security_headers(
request: Request, response: HTTPResponse
) -> HTTPResponse:
try:
response.headers['X-Content-Type-Options'] = 'nosniff'
response.headers['X-Frame-Options'] = 'deny'
finally:
return response
def response(self, id, error):
id = id if id else uuid.uuid1().__str__()
base64_data, code = self.code()
session[id] = code
body = self.body.format(base64_data=base64_data, error=error)
response = HTTPResponse(body, content_type="text/html; charset=utf-8")
response.cookies["uuid"] = id
return response
async def handle_exception(
self, request: Request, exception: BaseException
):
"""
A handler that catches specific exceptions and outputs a response.
:param request: The current request object
:type request: :class:`SanicASGITestClient`
:param exception: The exception that was raised
:type exception: BaseException
:raises ServerError: response 500
"""
# -------------------------------------------- #
# Request Middleware
# -------------------------------------------- #
response = await self._run_request_middleware(
request, request_name=None
)
# No middleware results
if not response:
try:
response = self.error_handler.response(request, exception)
if isawaitable(response):
response = await response
except Exception as e:
if isinstance(e, SanicException):
response = self.error_handler.default(request, e)
elif self.debug:
response = HTTPResponse(
(
f"Error while handling error: {e}\n"
f"Stack: {format_exc()}"
),
status=500,
)
else:
response = HTTPResponse(
"An error occurred while handling an error", status=500
)
if response is not None:
try:
response = await request.respond(response)
except BaseException:
# Skip response middleware
if request.stream:
request.stream.respond(response)
await response.send(end_stream=True)
raise
else:
if request.stream:
response = request.stream.response
if isinstance(response, BaseHTTPResponse):
await response.send(end_stream=True)
else:
raise ServerError(
f"Invalid response type {response!r} (need HTTPResponse)"
)
async def response_bytes(request: Request, size):
if request.method == "GET":
request.args.get("source")
r = HTTPResponse(n_bytes_json(size), content_type="Application/json")
return r
data = request.json
data.get('a')
r = HTTPResponse(ok_json(), content_type="Application/json")
return r
async def delete(self):
async with self.app.pg_pool.acquire() as conn:
result = await conn.fetchrow(
'SELECT * FROM estate_pages WHERE id = $1', self.page_id)
if result:
await conn.execute('DELETE FROM estate_pages WHERE id = $1',
self.page_id)
return HTTPResponse(status=200)
else:
return HTTPResponse(status=404)
async def dispatch_request(self, request, *args, **kwargs):
try:
request_method = request.method.lower()
data = self.parse_body(request)
show_graphiql = request_method == 'get' and self.should_display_graphiql(
request)
catch = show_graphiql
pretty = self.pretty or show_graphiql or request.args.get('pretty')
if request_method != 'options':
execution_results, all_params = run_http_query(
self.schema,
request_method,
data,
query_data=request.args,
batch_enabled=self.batch,
catch=catch,
# Execute options
return_promise=self._enable_async,
root_value=self.get_root_value(request),
context_value=self.get_context(request),
middleware=self.get_middleware(request),
executor=self.get_executor(request),
)
awaited_execution_results = await Promise.all(execution_results
)
result, status_code = encode_execution_results(
awaited_execution_results,
is_batch=isinstance(data, list),
format_error=partial(self._format_error, request),
encode=partial(self.encode, pretty=pretty))
if show_graphiql:
return await self.render_graphiql(params=all_params[0],
result=result)
return HTTPResponse(result,
status=status_code,
content_type='application/json')
else:
return self.process_preflight(request)
except HttpQueryError as e:
_log.exception(GraphQLView.dispatch_request.__name__)
return HTTPResponse(self.encode(
{'errors': [self._format_error(request, e)]}),
status=e.status_code,
headers=e.headers,
content_type='application/json')
async def oauth_callback(req: Request):
# Retrieve the auth code and state from the request params
if "code" in req.args:
state = req.args.get("state")
if state_store.consume(state):
code = req.args.get("code")
client = AsyncWebClient() # no prepared token needed for this app
oauth_response = await client.oauth_v2_access(
client_id=client_id, client_secret=client_secret, code=code)
logger.info(f"oauth.v2.access response: {oauth_response}")
installed_enterprise = oauth_response.get("enterprise") or {}
installed_team = oauth_response.get("team") or {}
installer = oauth_response.get("authed_user") or {}
incoming_webhook = oauth_response.get("incoming_webhook") or {}
bot_token = oauth_response.get("access_token")
# NOTE: oauth.v2.access doesn't include bot_id in response
bot_id = None
if bot_token is not None:
auth_test = await client.auth_test(token=bot_token)
bot_id = auth_test["bot_id"]
installation = Installation(
app_id=oauth_response.get("app_id"),
enterprise_id=installed_enterprise.get("id"),
team_id=installed_team.get("id"),
bot_token=bot_token,
bot_id=bot_id,
bot_user_id=oauth_response.get("bot_user_id"),
bot_scopes=oauth_response.get(
"scope"), # comma-separated string
user_id=installer.get("id"),
user_token=installer.get("access_token"),
user_scopes=installer.get("scope"), # comma-separated string
incoming_webhook_url=incoming_webhook.get("url"),
incoming_webhook_channel_id=incoming_webhook.get("channel_id"),
incoming_webhook_configuration_url=incoming_webhook.get(
"configuration_url"),
)
installation_store.save(installation)
return HTTPResponse(status=200,
body="Thanks for installing this app!")
else:
return HTTPResponse(
status=400,
body=
"Try the installation again (the state value is already expired)"
)
error = req.args["error"] if "error" in req.args else ""
return HTTPResponse(
status=400,
body=f"Something is wrong with the installation (error: {error})")
async def authorize(request, *args, context=None, **kwargs):
# NOTICE: for real project, you need to require login
if request.method == 'GET':
# render a page for user to confirm the authorization
return await jinja2.render_async('confirm.html', request, g=g)
if request.method == 'HEAD':
# if HEAD is supported properly, request parameters like
# client_id should be validated the same way as for 'GET'
response = HTTPResponse('', 200)
response.headers['X-Client-ID'] = kwargs.get('client_id')
return response
confirm = request.form.get('confirm', 'no')
return confirm == 'yes'
async def process(self):
request = self.request
if request.method == 'OPTIONS':
headers = (
('Content-Type', "application/javascript; charset=UTF-8"),
('Access-Control-Allow-Methods', "OPTIONS, POST"),
)
headers += session_cookie(request)
headers += cors_headers(request.headers)
headers += cache_headers()
return HTTPResponse(None, status=204, headers=headers)
headers = (
('Content-Type', "application/javascript; charset=UTF-8"),
('Cache-Control', CACHE_CONTROL),
)
headers += session_cookie(request)
headers += cors_headers(request.headers)
async def stream(_response):
nonlocal self
self.response = _response
await self.handle_session()
return StreamingHTTPResponse(stream, headers=headers)
def render_template(template_name, request, context, *,
app_key=APP_KEY, encoding='utf-8',
headers=None, status=200):
"""
Return sanic.response.Response which contains template template_name filled with context.
Returned response has Content-Type header set to 'text/html'.
:param template_name: template name.
:param request: a parameter from web-handler, sanic.request.Request instance.
:param context: context for rendering.
:param encoding: response encoding, 'utf-8' by default.
:param status: HTTP status code for returned response, 200 (OK) by default.
:param app_key: a optional key for application instance. If not provided,
default value will be used.
"""
if context is None:
context = {}
text = render_string(template_name, request, context, app_key=app_key)
content_type = "text/html; charset={encoding}".format(encoding=encoding)
return HTTPResponse(
text, status=status, headers=headers,
content_type=content_type
)
async def process(self):
request = self.request
headers = (
('Connection', request.headers.get('Connection', "close")),
('Content-Type', "application/javascript; charset=UTF-8"),
('Cache-Control', CACHE_CONTROL),
)
headers += session_cookie(request)
headers += cors_headers(request.headers)
if request.method == 'OPTIONS':
headers += (('Access-Control-Allow-Methods', "OPTIONS, POST"), )
headers += cache_headers()
return HTTPResponse(None, status=204, headers=headers)
async def stream(_response):
nonlocal self
self.response = _response
await _response.write(self.open_seq)
# event loop
await self.handle_session()
# open sequence (sockjs protocol)
return StreamingHTTPResponse(stream, headers=headers)
async def metrics(request: Request) -> HTTPResponse:
latest_metrics = prometheus_client.generate_latest(monitoring_registry)
return HTTPResponse(
body=latest_metrics.decode("utf-8"),
content_type=prometheus_client.CONTENT_TYPE_LATEST,
headers={"Content-Length": str(len(latest_metrics))},
)
async def get_political_party(request, name):
votes = 0
name = constants.QUOTED_PARTY_MAP.get(name)
html = await get_party_cache(name)
if not html:
for r in await get_election_results():
if r['political_party'] == name:
votes += r['count'] or 0
# cur.execute('SELECT * FROM candidates WHERE political_party = "{}"'.format(name))
candidate_ids = constants.PARTY_MASTER.get(name)
candidates = [
get_candidate_by_id(candidate_id) for candidate_id in candidate_ids
]
keywords = await get_voice_of_supporter(candidate_ids)
html = render_string('political_party.html',
request,
context=dict(political_party=name,
votes=votes,
candidates=candidates,
keywords=keywords))
await set_party_cache(name, html)
return HTTPResponse(
html,
status=200,
content_type="text/html; charset=utf-8",
)
async def get_index(request):
html = await get_index_cache()
if not html:
candidates = []
election_results = await get_election_results()
# 上位10人と最下位のみ表示
candidates += election_results[:10]
candidates.append(election_results[-1])
parties_name = get_all_party_name()
parties = {}
for name in parties_name:
parties[name] = 0
for r in election_results:
parties[r['political_party']] += r['count'] or 0
parties = sorted(parties.items(), key=lambda x: x[1], reverse=True)
sex_ratio = {'men': 0, 'women': 0}
for r in election_results:
if r['sex'] == '男':
sex_ratio['men'] += r['count'] or 0
elif r['sex'] == '女':
sex_ratio['women'] += r['count'] or 0
html = render_string('index.html',
request,
context=dict(candidates=candidates,
parties=parties,
sex_ratio=sex_ratio))
await set_index_cache(html)
return HTTPResponse(
html,
status=200,
content_type="text/html; charset=utf-8",
)
def handle_delete(id):
todo = db.get(eid=id)
if todo is None:
return text('todo not found', 404)
db.remove(eids=[id])
return HTTPResponse('{}',
content_type='application/json; charset=utf-8')
async def handle_single(request, id):
def handle_get(id):
todo = db.get(eid=id)
if todo is None:
return text('todo not found', 404)
return json(make_todo(todo))
def handle_patch(body, id):
todo = db.get(eid=id)
if todo is None:
return text('todo not found', 404)
todo.update(body)
db.update(todo, eids=[id])
return json(make_todo(todo))
def handle_delete(id):
todo = db.get(eid=id)
if todo is None:
return text('todo not found', 404)
db.remove(eids=[id])
return HTTPResponse('{}',
content_type='application/json; charset=utf-8')
if request.method == 'GET':
return handle_get(id)
elif request.method == 'PATCH':
return handle_patch(request.json, id)
elif request.method == 'DELETE':
return handle_delete(id)
elif request.method == 'OPTION' or request.method == 'OPTIONS':
return HTTPResponse(status=204,
headers={'Allow': 'GET, PATCH, DELETE'})
else:
return text('GET/PATCH/DELETE', 405)
async def respond(
self,
response: Optional[BaseHTTPResponse] = None,
*,
status: int = 200,
headers: Optional[Union[Header, Dict[str, str]]] = None,
content_type: Optional[str] = None,
):
# This logic of determining which response to use is subject to change
if response is None:
response = (self.stream and self.stream.response) or HTTPResponse(
status=status,
headers=headers,
content_type=content_type,
)
# Connect the response
if isinstance(response, BaseHTTPResponse) and self.stream:
response = self.stream.respond(response)
# Run response middleware
try:
response = await self.app._run_response_middleware(
self, response, request_name=self.name)
except CancelledErrors:
raise
except Exception:
error_logger.exception(
"Exception occurred in one of response middleware handlers")
return response
def output_xml(app, data, code, headers=None):
"""Makes a Flask response with a XML encoded body"""
resp = HTTPResponse(dumps({'response': data}),
status=code,
headers=headers)
resp.headers.extend(headers or {})
return resp
async def oauth(request: Request) -> HTTPResponse:
provider = request.ctx.__dict__.get('oauth_provider', None)
provider_confs = request.app.config.get('OAUTH_PROVIDERS', {})
if provider is None and 'default' in provider_confs:
provider = 'default'
if provider:
if provider not in provider_confs:
return HTTPResponse(status=404)
provider_conf = provider_confs[provider]
use_scope = provider_conf['SCOPE']
use_redirect_uri = provider_conf['REDIRECT_URI']
use_after_auth_default_redirect = \
provider_conf['AFTER_AUTH_DEFAULT_REDIRECT']
else:
use_scope = request.app.config.OAUTH_SCOPE
use_redirect_uri = request.app.config.OAUTH_REDIRECT_URI
use_after_auth_default_redirect = \
request.app.config.OAUTH_AFTER_AUTH_DEFAULT_REDIRECT
client = request.app.oauth_factory(provider=provider)
if 'code' not in request.args:
return redirect(
client.get_authorize_url(scope=use_scope,
redirect_uri=use_redirect_uri))
token, _data = await client.get_access_token(request.args.get('code'),
redirect_uri=use_redirect_uri)
request.ctx.__dict__['session']['token'] = token
if provider:
# remember provider
request.ctx.__dict__['session']['oauth_provider'] = provider
elif 'oauth_provider' in request.ctx.__dict__['session']:
# forget remembered provider
del request.ctx.__dict__['session']['oauth_provider']
return redirect(request.ctx.__dict__['session'].get(
'after_auth_redirect', use_after_auth_default_redirect))
async def get(self, request):
# await asyncio.sleep(6)
pets = Pet.select()
pets_list = [model_to_dict(p) for p in pets]
# return json(pets_list)
# 使用default=str 可以正常序列化时间
return HTTPResponse(sjson.dumps(pets_list, default=str))
async def update_product(request):
await service.update_product(
id_=1,
validated_data=abstract.UpdateProduct(name="Dell"),
uow=unit_of_work.UpdateProductUnitOfWork,
event=events.ProductUpdated)
return HTTPResponse("success")
def json(request: Request,
body,
status=200,
headers: dict = None,
dumps=json_dumps,
**kwargs):
"""
Returns response object with body in json format.
:param request: The inbound request object.
:param body: Response data to be serialized.
:param status: Response code.
:param headers: Custom Headers.
:param kwargs: Remaining arguments that are passed to the json encoder.
"""
content_type = "application/json"
# Build headers
if headers is None:
headers = {}
if Request.request_id_header not in headers:
headers[Request.request_id_header] = request.request_id
return HTTPResponse(dumps(body, **kwargs),
headers=headers,
status=status,
content_type=content_type)
async def handle_collection(request):
def handle_get():
return json([make_todo(todo) for todo in db.all()])
def handle_post(body=None):
if not body or 'title' not in body:
return text('POST request body must contain title', 400)
eid = db.insert({
'title': body['title'],
'completed': body.get('completed', False),
'order': body.get('order', 10)
})
return json(make_todo(db.get(eid=eid)))
def handle_delete():
eids = map(lambda t: t.eid, db.all())
db.remove(eids=eids)
return HTTPResponse('[]',
content_type='application/json; charset=utf-8')
if request.method == 'GET':
return handle_get()
elif request.method == 'POST':
return handle_post(request.json)
elif request.method == 'DELETE':
return handle_delete()
elif request.method == 'OPTION' or request.method == 'OPTIONS':
return HTTPResponse(status=204, headers={'Allow': 'GET, POST, DELETE'})
else:
return text('GET/POST/DELETE', 405)
