def register(request): '''View function handling user registration. This function parse and validate incoming request's form data and check table auth_user for authenticity before storing user record in table or output error message. Args: request: Incoming request. Returns: Indicator that user is successfully created or error message that either form data is invalid or user exists. ''' form = UserForm(request.POST) response = HttpResponse() if form.is_valid(): try: user = User.objects.create_user( form.cleaned_data['name'], password=form.cleaned_data['passwd']) success(request, 'Successfully create user.') except IntegrityError: error(request, 'User name exists.') response.status_code = 400 else: error(request, 'Invalid input data') response.status_code = 400 response.write(''.join([item.message for item in get_messages(request)])) return response
def register(request): '''View function handling user registration. This function parse and validate incoming request's form data and check table auth_user for authenticity before storing user record in table or output error message. Args: request: Incoming request. Returns: Indicator that user is successfully created or error message that either form data is invalid or user exists. ''' form = UserForm(request.POST) response = HttpResponse() if form.is_valid(): try: user = User.objects.create_user(form.cleaned_data['name'], password=form.cleaned_data['passwd']) success(request, 'Successfully create user.') except IntegrityError: error(request, 'User name exists.') response.status_code = 400 else: error(request, 'Invalid input data') response.status_code = 400 response.write(''.join([item.message for item in get_messages(request)])) return response
def employes(request): msg = check_access(request) if msg == 'ok': if 'page' in request.GET: page = paginate(request.GET['page'], Employe.objects.all()) if page is None: resp = HttpResponse() resp.status_code = 500 return resp objects = page.object_list else: objects = get_list_or_404(Employe) employe_list = ["emp: {0} position: {1} id: {2}".format(obj.user.first_name, obj.position.name, obj.user.id) for obj in objects] response_data = {} response_data['items_cnt'] = len(employe_list) response_data['employes'] = employe_list resp = HttpResponse(json.dumps(response_data), content_type="application/json") resp.status_code = 200 return resp else: resp = HttpResponse() resp.status_code = 401 return resp
def log_in(request): '''View function corresponding to url /login. The purpose of this function vary with http method. If method is GET it behaves as unauthorize redirect destination; If method is POST it accepts request's form data, validates it and adds session to authorize the user. Args: request: Incoming request Returns: When GET, indicate the page has been redirected here; When POST, return either message that user is logged in or error that form invalid or user name/password error. ''' response = HttpResponse() if request.method == 'GET': info(request, 'Indicator') else: form = UserForm(request.POST) if form.is_valid(): user = authenticate(username=form.cleaned_data['name'], password=form.cleaned_data['passwd']) if user != None: login(request, user) success(request, 'User exists.') else: error(request, 'User does not exist.') response.status_code = 400 else: error(request, 'Invalid input data') response.status_code = 400 response.write(''.join([item.message for item in get_messages(request)])) return response
def position_id(request, pos_id): msg = check_access(request) if msg == 'ok': access_code = request.META['HTTP_AUTHORIZATION'] acc_obj = access_token.objects.get(token=access_code) user = acc_obj.user str_user_id = "{0}".format(user.id) str_pos_id = "{0}".format(pos_id) if str_user_id != str_pos_id: resp = HttpResponse() resp.status_code = 403 return resp try: emp_obj = Employe.objects.get(user=pos_id) except Employe.DoesNotExist: raise Http404 position = emp_obj.position response_data = {} response_data['full_name'] = user.first_name response_data['position_name'] = position.name response_data['salary'] = position.salary response_data['salary_currency'] = position.salary_currency resp = HttpResponse(json.dumps(response_data), content_type="application/json") resp.status_code = 200 return resp else: resp = HttpResponse() resp.status_code = 401 return resp
def employe_id(request, emp_id): msg = check_access(request) if msg == 'ok': access_code = request.META['HTTP_AUTHORIZATION'] acc_obj = access_token.objects.get(token=access_code) user = acc_obj.user str_user_id = "{0}".format(user.id) str_emp_id = "{0}".format(emp_id) if str_user_id != str_emp_id: resp = HttpResponse() resp.status_code = 403 return resp try: emp_obj = Employe.objects.get(user=emp_id) except Employe.DoesNotExist: raise Http404 position = emp_obj.position response_data = {} response_data['full_name'] = user.first_name response_data['username'] = user.username response_data['email'] = user.email response_data['mobile_phone'] = user.mobile_phone response_data['birthday'] = user.birth_day response_data['position'] = position.name resp = HttpResponse(json.dumps(response_data), content_type="application/json") resp.status_code = 200 return resp else: resp = HttpResponse() resp.status_code = 401 return resp
def healthcheck(request): """Simple view to display the result of defined healthchecks :param request: django request :return: Django response containing text/plain """ # dictionary containing functions to be called checks = {'DB': _test_db_connection, 'Topics': _test_topics_connection, 'Events search': _test_events_search} response = HttpResponse() overall_ok = True for name, service in checks.items(): try: # run the healthcheck function ok, message = service() except Exception as e: ok = False message = e logger.error('Error in healthcheck {name}'.format(name=name), exc_info=True) if not ok: overall_ok = False response.write('* !! {service}: {text}\n'.format(service=name, text=message)) else: response.write('* {service}: {text}\n'.format(service=name, text=message.replace('\n', ''))) response['Content-Type'] = "text/plain; charset=utf-8" response['Cache-Control'] = "must-revalidate,no-cache,no-store" if overall_ok: response.status_code = 200 else: response.status_code = 500 return response
def cart(request): if request.method == "POST": action = request.POST.get("action") # if add item if action == "add": # if added if add_cart_item(request.POST.get("id")): return JsonResponse({"status": "success"}, safe=False) # no added response = HttpResponse(request) response.status_code = 404 return response # if delete elif action == "del": # if removed if del_cart_item(request.POST.get("id")): return JsonResponse({"status": "success"}, safe=False) # no added response = HttpResponse(request) response.status_code = 404 return response cart_items = get_cart_items() response = JsonResponse(cart_items, safe=False) response.headers = {"X-CSRFToken": get_token(request)} return response
def weather(request, story_id): """ This API gets information about Story's locations weather. Filters the gathered information and returns it. It also adds a comment about the weather. """ if (request.method != 'GET'): httpresponse = HttpResponse( 'Only GET method is available for this API') httpresponse.status_code = 405 return httpresponse if (not isinstance(story_id, int)): httpresponse = HttpResponse('Only integer values are used by this API') httpresponse.status_code = 400 return httpresponse try: story = Story.objects.get(id=story_id) except Story.DoesNotExist: httpresponse = HttpResponse('Story does not exist') httpresponse.status_code = 404 return httpresponse resp = requests.get( "http://api.openweathermap.org/data/2.5/weather?lat=%s&lon=%s&appid=%s" % (story.latitude, story.longitude, WEATHER_API_KEY)) if (resp.status_code != 200): httpresponse = HttpResponse( 'Could not send request to OpenWeather API') httpresponse.status_code = 400 return httpresponse weather = resp.json() condition = weather['weather'][0]['main'] temperature = round(weather['main']['temp'] - (273.15), 2) feel = round(weather['main']['feels_like'] - (273.15), 2) wind = weather['wind']['speed'] country = weather['sys']['country'] timezone = round(weather['timezone'] / 3600) if (temperature < 0): comment = "Wow it is freezing out there!" elif (temperature < 15): comment = "It is cold!" elif (temperature < 30): comment = "Temperatures are great! Go out there and have fun!" else: comment = "It is hot! You sure you are OK?" return JsonResponse({ 'condition': condition, 'temperature': temperature, 'feel': feel, 'wind': wind, 'country': country, 'time_zone': timezone, 'comment': comment })
def post(self, request, *args, **kwargs): payload = json.loads(request.body.decode('utf-8')) if request.META.get('HTTP_X_GITHUB_EVENT') == "ping": return HttpResponse('Hi!') if False: if request.META.get('HTTP_X_GITHUB_EVENT') != "push": response = HttpResponse() response.status_code = 403 return response signature = request.META.get('HTTP_X_HUB_SIGNATURE').split('=')[1] secret = settings.GITHUB_HOOK_SECRET if isinstance(secret, str): secret = secret.encode('utf-8') mac = hmac.new(secret, msg=request.body, digestmod=sha1) if not hmac.compare_digest(mac.hexdigest(), signature): response = HttpResponse() response.status_code = 403 return response handle_push_hook_request(payload) return HttpResponse("OK")
def get_majors(request): tour_id = request.GET.get('tour', None) major1_id = request.GET.get('major1', None) major2_id = request.GET.get('major2', None) if tour_id and major1_id and major2_id: try: tour = Tour.objects.get(id=tour_id) majors = tour.majors.filter().exclude(id__in=[major1_id, major2_id]) data = serializers.serialize("json", majors) return HttpResponse(data, content_type='application/json') except Tour.DoesNotExist: response = HttpResponse(content_type='application/json') response.status_code = 400 return response else: if tour_id and major1_id: try: tour = Tour.objects.get(id=tour_id) majors = tour.majors.all().exclude(id__in=[major1_id]) data = serializers.serialize("json", majors) return HttpResponse(data, content_type='application/json') except Tour.DoesNotExist: response = HttpResponse(content_type='application/json') response.status_code = 400 return response else: response = HttpResponse(content_type='application/json') response.status_code = 400 return response
def log_in(request): '''View function corresponding to url /login. The purpose of this function vary with http method. If method is GET it behaves as unauthorize redirect destination; If method is POST it accepts request's form data, validates it and adds session to authorize the user. Args: request: Incoming request Returns: When GET, indicate the page has been redirected here; When POST, return either message that user is logged in or error that form invalid or user name/password error. ''' response = HttpResponse() if request.method == 'GET': info(request, 'Indicator') else: form = UserForm(request.POST) if form.is_valid(): user = authenticate(username=form.cleaned_data['name'], password=form.cleaned_data['passwd']) if user != None: login(request, user) success(request, 'User exists.') else: error(request, 'User does not exist.') response.status_code = 400 else: error(request, 'Invalid input data') response.status_code = 400 response.write(''.join([item.message for item in get_messages(request)])) return response
def post(self, request, *args, **kwargs): payload = json.loads(request.body.decode()) if request.META.get('HTTP_X_GITHUB_EVENT') == "ping": return HttpResponse('Hi!') if False: if request.META.get('HTTP_X_GITHUB_EVENT') != "push": response = HttpResponse() response.status_code = 403 return response signature = request.META.get('HTTP_X_HUB_SIGNATURE').split('=')[1] secret = settings.GITHUB_HOOK_SECRET if isinstance(secret, str): secret = secret.encode() mac = hmac.new(secret, msg=request.body, digestmod=sha1) if not hmac.compare_digest(mac.hexdigest(), signature): response = HttpResponse() response.status_code = 403 return response handle_push_hook_request(payload) return HttpResponse("OK")
def healthcheck(request): """Simple view to display the result of defined healthchecks :param request: django request :return: Django response containing text/plain """ # dictionary containing functions to be called checks = {'DB': _test_db_connection, 'Topics': _test_topics_connection, 'Events search': _test_events_search} response = HttpResponse() overall_ok = True for name, service in checks.iteritems(): try: # run the healthcheck function ok, message = service() except Exception as e: ok = False message = e logger.error('Error in healthcheck {name}'.format(name=name), exc_info=True) if not ok: overall_ok = False response.write('* !! {service}: {text}\n'.format(service=name, text=message)) else: response.write('* {service}: {text}\n'.format(service=name, text=message.replace('\n', ''))) response['Content-Type'] = "text/plain; charset=utf-8" response['Cache-Control'] = "must-revalidate,no-cache,no-store" if overall_ok: response.status_code = 200 else: response.status_code = 500 return response
def is_logged(request): if request.user.is_authenticated(): res = HttpResponse("") res.status_code = 200 return res else: res = HttpResponse("Unauthorized") res.status_code = 401 return res
def check_url(request): url = request.GET["url"] res = HttpResponse() try: r = requests.head(url) if r.status_code / 400 >= 1: res.status_code = 303 else: res.status_code = r.status_code except: res.status_code = 303 return res
def make_link(request): if request.method == "POST" and len(request.body) > 0: params = json.loads(request.body) # key validation keys = params.keys() if len(keys) > 1 or 'url' not in keys: res = HttpResponse() res.status_code = 400 res.content = 'Please provide a json object with the format { "url" : "http://example.com" }' return res # url validation url = params.get('url') validate = URLValidator() try: validate(url) except: res = HttpResponse() res.status_code = 400 res.content = "Not a valid URL" return res # look up link by long url try: Link.objects.get(long=url) except ObjectDoesNotExist: # if doesnotexist: # generate shortid and make new url in db # add 1 visit record shorty = sid.generate() short_url = build_short_url(request.is_secure(), request.get_host(), shorty) link = Link(long=url, short=short_url) link.save() visit = Visit(link_id=link.id) visit.save() # return newly created short link return JsonResponse({"shorturl": link.short}) # if link exists already, return it found = Link.objects.get(long=url) return JsonResponse({'shorturl': found.short}) return HttpResponse( status=400, content="Bad request body or wrong request type (POST only)")
def login_page(request): if request.method == "POST": form = LoginForm(request, data=request.POST) if form.is_valid(): username = form.cleaned_data.get("username") password = form.cleaned_data.get("password") user = authenticate(username=username, password=password) if user is not None: msg = "You have successfully logged in." messages.success(request, msg) login(request, user) response = HttpResponse(msg) response.status_code = 200 return response else: for msg in form.error_messages: messages.error(request, f"{msg.upper()}: {form.error_messages[msg]}") response = { "msg": render_to_string( "static_html/messages.html", { "messages": messages.get_messages(request), }, ), } res = HttpResponse( json.dumps(response), content_type="application/json", ) res.status_code = 218 return res else: for msg in form.error_messages: messages.error(request, f"{msg.upper()}: {form.error_messages[msg]}") return error_msg_response(request) if request.user.is_authenticated: return redirect("Main:home_page") form = LoginForm() return render(request,"login.html", context={"form": form})
def get(self, request, *args, **kwargs): """ Lors d'une requête GET """ dashboard = self.dashboard_class() dashboard.init_with_context(RequestContext(request)) response = HttpResponse(dashboard.pre_content) response.status_code = 200 return response
def _http_auth_helper(self, request): # At this point, the user is either not logged in, or must log # in using http auth. If they have a header that indicates a # login attempt, then use this to try to login. if 'HTTP_AUTHORIZATION' in request.META: auth = request.META['HTTP_AUTHORIZATION'].split() if len(auth) == 2: if auth[0].lower() == 'basic': # Currently, only basic http auth is used. uname, passwd = base64.b64decode(auth[1]).split(':') user = authenticate(username=uname, password=passwd) if user and user.is_staff: request.session['moat_username'] = uname return # The username/password combo was incorrect, or not provided. # Challenge the user for a username/password. resp = HttpResponse() resp.status_code = 401 try: # If we have a realm in our settings, use this for the # challenge. realm = settings.HTTP_AUTH_REALM except AttributeError: realm = "" resp['WWW-Authenticate'] = 'Basic realm="%s"' % realm return resp
def follow_unfollow_success_response(request, user_slug): user = UserProfile.objects.get(slug=user_slug).user followings = user.user_profile.following.order_by("username") completed_quizzes = CompletedQuiz.objects.filter( user__user_profile__slug=user_slug ).order_by("-completed_date") data = { "msg": render_to_string( "static_html/messages.html", { "messages": messages.get_messages(request), }, ), "new_page": render_to_string( "user_profile.html", context={ "viewing_user": user, "followings": followings, "completed_quizzes": completed_quizzes, }, request=request ) } response = HttpResponse( json.dumps(data), content_type="application/json", ) response.status_code = 200 return response
def response_resource_written_ok(cls, view_name, resource_id, http_status, http_request=None): """ Internal building of response for Rest services CREATE or UPDATE: the header Location property is completed. :param cls: :type cls: :param view_name:view name is an alias of the URL django configuration of the Rest service writing the resource :type view_name: str :param resource_id: ID of written resource :type resource_id: int or str :param http_status: specified Http code :type http_status: int :param http_request: the request source of this response, optional default None: may be required for the location property prefix in the response :type http_request: django.http.HttpRequest :return: the response of the writing service :rtype: django.http.HttpResponse """ response = HttpResponse() response.status_code = http_status response['Location'] = HttpCommonsIkats.get_resource_location( view_name, resource_id, http_request) return response
def process_request(self, request): """ Parse the session id from the 'Session-Id: ' header when using the api. """ if self.is_api_request(request): try: parsed_session_uri = parse_session_id(request) if parsed_session_uri is not None: domain = get_domain(request) if parsed_session_uri['realm'] != domain: raise exceptions.PermissionDenied( _('Can not accept cookie with realm %s on realm %s') % ( parsed_session_uri['realm'], domain ) ) session_id = session_id_from_parsed_session_uri( parsed_session_uri) request.session = start_or_resume( session_id, session_type=parsed_session_uri['type']) request.parsed_session_uri = parsed_session_uri # since the session id is assigned by the CLIENT, there is # no point in having csrf_protection. Session id's read # from cookies, still need csrf! request.csrf_processing_done = True return None except exceptions.APIException as e: response = HttpResponse('{"reason": "%s"}' % e.detail, content_type='application/json') response.status_code = e.status_code return response return super(HeaderSessionMiddleware, self).process_request(request)
def process_request(self, request): """ Parse the session id from the 'Session-Id: ' header when using the api. """ if self.is_api_request(request): try: parsed_session_uri = parse_session_id(request) if parsed_session_uri is not None: domain = get_domain(request) if parsed_session_uri['realm'] != domain: raise exceptions.PermissionDenied( _('Can not accept cookie with realm %s on realm %s') % ( parsed_session_uri['realm'], domain ) ) session_id = session_id_from_parsed_session_uri( parsed_session_uri) request.session = start_or_resume( session_id, session_type=parsed_session_uri['type']) request.parsed_session_uri = parsed_session_uri # since the session id is assigned by the CLIENT, there is # no point in having csrf_protection. Session id's read # from cookies, still need csrf! request.csrf_processing_done = True return None except exceptions.APIException as e: response = HttpResponse('{"reason": "%s"}' % e.detail, content_type='application/json') response.status_code = e.status_code return response return super(HeaderSessionMiddleware, self).process_request(request)
def getrisktypes(): rtqs = RiskType.objects.all() rtl = [] for e in rtqs: py_dict = {} py_dict[globals.RT_NAME] = e.riskname py_dict[globals.RT_ATTRS] = [] rtaqs = RiskTypeAttribute.objects.filter(risktype=e) for a in rtaqs: eed = {} if a.riskattrtype == globals.TENUM: rtaee = RiskTypeAttributeEnumEntry.objects.filter(riskattr=a) for ee in rtaee: eed[ee.riskenumentryname] = ee.riskenumentryvalue py_dict[globals.RT_ATTRS].append({ globals.RT_ATTR_NAME: a.riskattrname, globals.RT_ATTR_TYPE: a.riskattrtype, globals.EDICT: eed }) else: py_dict[globals.RT_ATTRS].append({ globals.RT_ATTR_NAME: a.riskattrname, globals.RT_ATTR_TYPE: a.riskattrtype }) rtl.append(py_dict) r = HttpResponse(content=json.dumps(rtl), content_type='application/json') r.status_code = 200 return r
def attach(request, app_name): '''View function to attach facebook/twitter account to user. If a twitter account is to be attached, the incoming request is simply an indicator. This function then call twitter request_token api to ask for a temporary twitter token and twitter secret token, save it to database and send back to the client. Args: request: Incoming request. app_name: The name of social network to be attached. Returns: Token string if twitter token is successfully received. Error message if network is not supported. ''' response = HttpResponse() if app_name == 'facebook': success(request, 'facebook account attached') elif app_name == 'twitter': request_token_url = 'https://api.twitter.com/oauth/request_token' oauth = OAuth1(client_key, client_secret=client_secret) r = requests.post(url=request_token_url, auth=oauth, data={'oauth_callback': 'http://ec2-54-173-9-169.compute-1.amazonaws.com:9090/twitter'}) twitter_query = QueryDict(r.content) UserProfile.insert_twitter_token(twitter_query, request.user) return HttpResponse(twitter_query['oauth_token']) else: error(request, 'Unsupported social network') response.status_code = 400 response.write(''.join([item.message for item in get_messages(request)])) return response
def getrisktype(rtname): try: rt = RiskType.objects.get(riskname=rtname) except RiskType.DoesNotExist: raise error.RTException(error.RISKTYPE_NOT_EXISTS) py_dict = {} py_dict[globals.RT_NAME] = rt.riskname py_dict[globals.RT_ATTRS] = [] rtaqs = RiskTypeAttribute.objects.filter(risktype=rt) for e in rtaqs: eed = {} if e.riskattrtype == globals.TENUM: rtaee = RiskTypeAttributeEnumEntry.objects.filter(riskattr=e) for ee in rtaee: eed[ee.riskenumentryname] = ee.riskenumentryvalue py_dict[globals.RT_ATTRS].append({ globals.RT_ATTR_NAME: e.riskattrname, globals.RT_ATTR_TYPE: e.riskattrtype, globals.EDICT: eed }) else: py_dict[globals.RT_ATTRS].append({ globals.RT_ATTR_NAME: e.riskattrname, globals.RT_ATTR_TYPE: e.riskattrtype }) r = HttpResponse(content=json.dumps(py_dict), content_type='application/json') r.status_code = 200 return r
def risktype(request, rtname=''): if request.method == 'POST': try: return createrisktype(request) except Exception as e: if type(e) is error.RTException: return error.handle_RT_exception(e) else: return error.handle_RT_exception( error.RTException(e.__str__(), 500)) elif request.method == 'GET': try: return getrisktype(rtname) except Exception as e: if type(e) is error.RTException: return error.handle_RT_exception(e) else: return error.handle_RT_exception( error.RTException(e.__str__(), 500)) else: r = HttpResponse(content=json.dumps( {globals.MSG: error.HTTP_METHOD_NOT_SUPPORTED}), content_type='application/json') r.status_code = 400 return r
def postImageContent(request): userId = request.session.get(KEY_USER_ID, '') if not userId: return HttpResponse('你还未登录或登录已过期') print(str(request.POST)) images = request.POST.getlist('images[]') texts = request.POST.getlist('texts[]') title = request.POST.get('title') category = request.POST.get('category') author = request.POST.get('author') print("分类:", category) articleType = 3 # 图文 contentType = 3 # 图文 if articleService.addImageArticle(userId, title, category, contentType, articleType, images, texts, author): return HttpResponse(SUCCESS) else: response = HttpResponse(ERROR) response.status_code = 500 return response
def set_cookie(request): print(request.COOKIES) res = HttpResponse() res.content = '我已经设置好了cookie!!!' res.status_code = 200 res.set_cookie('name', value='lisi', max_age=30) return res
def login_response(request): # 1. 操作 参数 # return HttpResponse( # content="浏览器显示的内容", # # 服务器接收内容的类型 # # content_type='application/json', # # status=200, # ) # 2. 操作 属性 # 实例一个response对象 response = HttpResponse() # 设置属性 response.content = '操作属性' response.status_code = 200 response.status_code = HttpResponseBadRequest.status_code
def render_response(self, result, http_headers, status_code, fieldset): if isinstance(result, HttpResponseBase): return result else: if not fieldset and 'fields' in self.request._rest_context: del self.request._rest_context['fields'] response = HttpResponse() try: response.status_code = status_code http_headers = self._get_headers(http_headers) self._serialize(response, result, status_code, http_headers) except UnsupportedMediaTypeException: response.status_code = 415 http_headers['Content-Type'] = self.request.get('HTTP_ACCEPT') self._set_response_headers(response, http_headers) return response
def logout(request): logger.info('enter logout page') logout_data = json.loads(str(request.body, encoding="utf-8")) response = HttpResponse(content_type='application/json') try: del request.session['user_email'] logger.info('logout fail') response.status_code = 406 response.content = json.dumps({'msg': 'logout fail', 'data': ''}) return response except: response.status_code = 200 response.content = json.dumps({ 'msg': 'logout successfully', 'data': '' }) return response
def make_response(status=200, content=None): if content is None: content = {} response = HttpResponse() response.status_code = status response['Content-Type'] = "application/json" response.content = json.dumps(content) return response
def index(request): response_data = {} response_data['server'] = 'oauth2_server.com' response_data['version'] = 'django {0}'.format(get_version()) resp = HttpResponse(json.dumps(response_data), content_type="application/json") resp.status_code = 200 return resp
def render_response(self, result, http_headers, status_code, fieldset): if isinstance(result, HttpResponseBase): return result else: if not fieldset and 'fields' in self.request._rest_context: del self.request._rest_context['fields'] response = HttpResponse() try: response.status_code = status_code http_headers = self._get_headers(http_headers) self._serialize(response, result, status_code, http_headers) except UnsupportedMediaTypeException: response.status_code = 415 http_headers['Content-Type'] = self.request.get('HTTP_ACCEPT') self._set_response_headers(response, http_headers) return response
def riskhome(request): if request.method == 'GET': return render(request, 'risk.htm') else: r = HttpResponse(content=json.dumps( {globals.MSG: error.HTTP_METHOD_NOT_SUPPORTED}), content_type='application/json') r.status_code = 400 return r
def check_common_authorization(request): #credential check if request.META.has_key('HTTP_AUTHORIZATION') != True: debug_print('>>> no HTTP_AUTHORIZATION') r = HttpResponse(content_type=RESPONSE_COMMON_CONTENT_TYPE_TAXII_JSON) r['WWW-Authenticate'] = 'Basic realm="taxii", type=1, title="Login to \"apps\"", Basic realm="simple"' r.status_code = 401 return r if request.META['HTTP_AUTHORIZATION'] != HTTP_AUTHORIZATION_VALUE: debug_print('>>> invalid HTTP_AUTHORIZATION') debug_print(HTTP_AUTHORIZATION_VALUE) debug_print(request.META['HTTP_AUTHORIZATION']) r = HttpResponse(content_type=RESPONSE_COMMON_CONTENT_TYPE_TAXII_JSON) r['WWW-Authenticate'] = 'Basic realm="taxii", type=1, title="Login to \"apps\"", Basic realm="simple"' r.status_code = 401 return r return None
def redirect_through_normal_response_new_headers_attr(request): private = "private" next = request.GET.get("next") resp = HttpResponse() # $ HttpResponse mimetype=text/html resp.status_code = 302 resp.headers['Location'] = next # $ MISSING: redirectLocation=next resp.content = private # $ MISSING: responseBody=private return resp
def test_should_throw_a_runtime_exception_when_status_code_is_not_200(self): rest_client = RestClient() rest_client.post_data = MagicMock() output_content = b"" expeted_response = HttpResponse(content=output_content) expeted_response.status_code = 500 rest_client.post_data.return_value = expeted_response service = CompilerService(rest_client) self.assertRaises(RuntimeError,service.run_code,"print('hi')", "python3")
def robots_txt(request): content = 'User-agent: *\n' \ 'Disallow: /admin/*\n' \ 'Sitemap: https://mervinz.me/sitemap.xml\n' response = HttpResponse() response.status_code = 200 response.charset = 'utf-8' response['Content-Type'] = 'text/plain; charset=UTF-8' response.write(content.encode(encoding='utf-8')) return response
def get(self, request): if not request.user.is_authenticated(): response = HttpResponse(json.dumps( {"errors": ["Not authenticated"]}), content_type='application/json') response.status_code = 403 return response if not request.user.profile.school: response = HttpResponse(json.dumps( {"errors": ["Not associated with any school"]}), content_type='application/json') response.status_code = 403 return response form = ExportForm(request.GET) if form.is_valid(): download = export_logs(form.cleaned_data, self.request.user.profile.timezone) if download: # Mime type data: # https://blogs.msdn.microsoft.com/vsofficedeveloper/2008/05/08/office-2007-file-format-mime-types-for-http-content-streaming-2/ now = datetime.now(timezone(TIME_ZONE)) filename = "{}.logs.{}-{}-{}".format( request.user.profile.school.short_name, now.year, now.month, now.day ) response = HttpResponse( download.read(), content_type="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" ) response['Content-Disposition'] = 'attachment; filename={}.xlsx'.format( filename) return response response = HttpResponse(json.dumps( {"errors": ["No columns selected"]})) response.status_code = 400 return response else: response = HttpResponse(json.dumps(form.errors)) response.status_code = 400 return response
def search(search_query): ''' :param search_query: ''' response = HttpResponse() try: response.content = extract_and_search(search_query) except Exception, ex: response.status_code = 500 logger.exception(ex)
def throw_error(errno, pretty =False, xlimits =[]): print(errno) json_pretty = ConsoleAPI.json_base_response(errno['ERRNO'], errno['ERRMSG']) json_pretty = json.dumps(json_pretty, sort_keys=True, indent=4) if pretty else json.dumps(json_pretty) response = HttpResponse(json_pretty, content_type="application/json") response.status_code = errno['HTTP_CODE'] if xlimits: response['X-RateLimit-Limit'] = xlimits[1] response['X-RateLimit-Remaining'] = xlimits[2] response['X-RateLimit-Reset'] = xlimits[3] return response
def test_should_print_a_simple_hi(self): rest_client = RestClient() rest_client.post_data = MagicMock() output_content = b"hi" expeted_response = HttpResponse(content=output_content) expeted_response.status_code = 200 rest_client.post_data.return_value = expeted_response service = CompilerService(rest_client) actual_output = service.run_code("print('hi')", "python3") self.assertEqual(output_content, actual_output)
def json_response(errno, data, pretty =False, xlimits =[]): json_data = ConsoleAPI.json_base_response(errno['ERRNO'], errno['ERRMSG']) json_data['data'] = data json_pretty = ConsoleAPI._pretty_json(json_data) response = HttpResponse(json_pretty, content_type="application/json") response.status_code = errno['HTTP_CODE'] if xlimits: response['X-RateLimit-Limit'] = xlimits[1] response['X-RateLimit-Remaining'] = xlimits[2] response['X-RateLimit-Reset'] = xlimits[3] return response
def upload(request): logger.info('server get message from rsp success') data = json.loads(str(request.body, encoding="utf-8")) response = HttpResponse(content_type='application/json') if data['email'] is None or data['email'] == '': logger.info('data lacks email', data) response.status_code = 406 response.content = json.dumps({'msg': '', 'date': ''}) if data['type'] is None or data['type'] == '': # must select one type logger.info('data lacks type', data) response.status_code = 406 response.content = json.dumps({ 'msg': 'please confirm your message type', 'date': '' }) return response if data['type'] == 'clock' or data['type'] == 'todo': if data['time'] is None or data['time'] == '': logger.info('data lacks time', data) response.status_code = 406 response.content = json.dumps({ 'msg': 'this message must have time', 'date': '' }) return response try: Users.objects.get(email=data['email']) except Users.DoesNotExist: response.status_code = 401 response.content = json.dumps({ 'msg': 'you have not registered yet', 'date': '' }) return response message_save = Messages.create(data) message_save.save() logger.info('message is saved') response.status_code = 200 response.content = json.dumps({'msg': 'upload successfully', 'date': ''}) return response
def delete_value(hotel_id): ''' :param hotel_id: ''' response = HttpResponse() try: del DataStore().data[hotel_id] except Exception, ex: response.status_code = 500 logger.exception(ex) raise ex
def position(request): if 'page' in request.GET: page = paginate(request.GET['page'], Position.objects.all()) if page is None: resp = HttpResponse() resp.status_code = 500 return resp objects = page.object_list else: objects = get_list_or_404(Position) position_list = [{'id': obj.id, 'name' : obj.name} for obj in objects] response_data = {} response_data['items_cnt'] = len(position_list) response_data['positions'] = position_list resp = HttpResponse(json.dumps(response_data), content_type="application/json") resp.status_code = 200 return resp
def parse_access_req_params(req_params): access_need_params = {'grant_type' : 0, 'client_id' : 0, 'client_secret' : 0, 'redirect_uri' : 0, 'code' : 0} for key, value in access_need_params.items(): if key not in req_params: print("ERR: no authorization needed param `{0}'").format(key) resp = HttpResponse() resp.status_code = 400 return resp access_need_params[key] = req_params[key] return access_need_params
def me(request): msg = check_access(request) if msg == 'ok': access_code = request.META['HTTP_AUTHORIZATION'] acc_obj = access_token.objects.get(token=access_code) user = acc_obj.user response_data = {} response_data['full_name'] = user.first_name response_data['username'] = user.username response_data['email'] = user.email response_data['mobile_phone'] = user.mobile_phone response_data['birthday'] = user.birth_day resp = HttpResponse(json.dumps(response_data), content_type="application/json") resp.status_code = 200 return resp else: print "ERR: {0}".format(msg) resp = HttpResponse() resp.status_code = 401 return resp
def oidtest(request): ax = (("http://axschema.org/eid/card-validity/end", "http://axschema.org/person/gender", "http://axschema.org/contact/postalAddress/home", "http://axschema.org/namePerson/first", "http://axschema.org/eid/photo", "http://axschema.org/eid/card-validity/begin", "http://axschema.org/contact/city/home", "http://axschema.org/contact/postalCode/home", "http://axschema.org/birthDate", "http://openid.net/schema/birthDate/birthYear", "http://openid.net/schema/birthDate/birthMonth", "http://openid.net/schema/birthDate/birthday", "http://axschema.org/eid/pob", "http://axschema.org/eid/card-number", "http://axschema.org/eid/nationality", "http://axschema.org/namePerson/last", "http://axschema.org/namePerson", "http://axschema.org/eid/rrn", # "http://axschema.org/eid/cert/auth", "http://axschema.org/eid/age"), ()) uri = "https://www.e-contract.be/eid-idp/endpoints/openid/ident" kind, claimedId = openid2rp.normalize_uri(uri) res = openid2rp.discover(claimedId) if res is not None: services, op_endpoint, op_local = res session = openid2rp.associate(services, op_endpoint) redirect_url = openid2rp.request_authentication( services, op_endpoint, session['assoc_handle'], "http://127.0.0.1:8000/tests/openid2", claimedId, op_local, sreg=((), ()), ax=ax ) response = HttpResponse() response['Location'] = redirect_url response.status_code=303 return response
def unauthed(self): response = HttpResponse("""<html><title>Auth required</title><body> <h1>Authorization Required</h1></body></html>""", content_type="text/html") response['WWW-Authenticate'] = 'Basic realm="Staging"' response.status_code = 401 return response
def get_access_token(request): if 'grant_type' not in request.POST: print "ERR: no grant_type field in req" resp = HttpResponse() resp.status_code = 400 return resp if request.POST['grant_type'] == 'authorization_code': access_params = parse_access_req_params(request.POST) for key, value in access_params.items(): print "{0} -> {1}".format(key, value) #check authorization code try: authorization_code = auth_code.objects.get(code=access_params['code']) except auth_code.DoesNotExist: print "ERR: no auth code `{0}' in db".format(access_params['code']) resp = HttpResponse() resp.status_code = 401 return resp #check client id and secret in db client_app = None try: client_app = get_object_or_404(client_info, client_id=access_params['client_id'], client_secret=access_params['client_secret']) except DoesNotExist: print("ERR: client with client_id: {0} client_secret: {1} doesn't exist").format( access_params['client_id'], access_params['client_secret']) resp = HttpResponse() resp.status_code = 400 return resp if authorization_code.client_id != client_app: print "ERR: diff client_id and auth_code.client_id" raise Http404 #check redirect uri if client_app.redirect_domain != access_params['redirect_uri']: print "ERR: redirect_uri {0} is not correct".format(access_params['redirect_uri']) resp = HttpResponse() resp.status_code = 400 return resp #create refresh and access tokens req_refresh_token = generate_code() req_access_token = generate_code() print "INF: created tokens: access: {0} refresh: {1}".format(req_access_token, req_refresh_token) token = access_token.objects.create(token=req_access_token, app_id=client_app, refresh_token=req_refresh_token, user=authorization_code.user) elif request.POST['grant_type'] == 'refresh_token': req_refresh_token = request.POST['refresh_token'] if 'refresh_token' in request.POST else None if req_refresh_token is None: print "ERR: no field `refresh_token' in req" resp = HttpResponse() resp.status_code = 400 return resp #check if refresh token is in db try: token = access_token.objects.get(refresh_token=req_refresh_token) except access_token.DoesNotExist: print "ERR: no refresh_token `{0}' in db".format(req_refresh_token) resp = HttpResponse() resp.status_code = 400 return resp #generate new aceess token req_access_token = generate_code() #update db with new access_token token.token = req_access_token token.creation_time = datetime.now() token.save() print "INF: generated new access_token {0}".format(req_access_token) else: print "ERR: incorrect grant_type" resp = HttpResponse() resp.status_code = 400 return resp return JsonResponse({ 'access_token': token.token, 'token_type' : 'bearer', 'expires_in' : token.expires_in(), 'refresh_token': token.refresh_token, })
def processa_django_request(request): path = request.path.split('/') action = path[1] action = urls.get(action, None) if not action: action = get_service_info # PROCESSA OS PARAMETROS params = [] logger = logging.getLogger(__name__) if request.method == 'POST': params = request.body.decode() params = Serializer.json_to_object(params) if params != None and not len(params): params = [] if not isinstance(params, list): params = [params] # Retorno result = {"result": "OK", "data": ""} try: # if the action is an str which it means that need to make post request if isinstance(action, str): request = Request(action, urlencode(params).encode()) result['data'] = urlopen(request).read().decode() else: result['data'] = action(*params) result = Serializer.object_to_json(result) response = HttpResponse() response.status_code = 200 response.write(result) return response except Exception as e: result['result'] = 'ERRO' result['data'] = {} if not hasattr(e, 'code'): e.code = '' if not hasattr(e, 'message'): e.message = str(e) message_detail2 = '' if hasattr(e, 'message_detail'): message_detail2 = e.message_detail2 if 'positional arguments but' in e.message \ or 'must be a sequence, not NoneType' in e.message \ or 'positional argument' in e.message: e.message = 'Number of parameters incorrect' result['data']['code'] = e.code result['data']['message'] = e.message # message_detail = format_exception(e) # result['data']['message_detail'] = message_detail result['data']['message_detail2'] = message_detail2 logger.error(e.message) return result
def get_visible_fields(self, schema_fields, filter_fields, manual_field_includes, visibilities, exact_fields=[], order_params=[]): ''' Construct an ordered dict of schema fields that are visible, based on - the field["visibility"] of each field on the resource, - if the field is in the manual_field_includes - if the field is in the filter_fields - if the field key in another fields schema field['dependencies'] TODO: this method is not SqlAlchemy specific ''' DEBUG_VISIBILITY = False or logger.isEnabledFor(logging.DEBUG) visibilities = set(visibilities) if DEBUG_VISIBILITY: logger.info('get_visible_fields: field_hash initial: %r, manual: %r, exact: %r', schema_fields.keys(),manual_field_includes, exact_fields ) try: if exact_fields: temp = { key:field for key,field in schema_fields.items() if key in exact_fields or key in filter_fields } else: temp = { key:field for key,field in schema_fields.items() if ((field.get('visibility', None) and visibilities & set(field['visibility'])) or field['key'] in manual_field_includes or '*' in manual_field_includes ) } # manual excludes temp = { key:field for key,field in temp.items() if '-%s' % key not in manual_field_includes } # dependency fields dependency_fields = set() for field in temp.values(): if field.get('value_template', None): dependency_fields.update( re.findall(r'{([a-zA-Z0-9_-]+)}', field['value_template'])) if field.get('display_options', None): dependency_fields.update( re.findall(r'{([a-zA-Z0-9_-]+)}', field['display_options'])) if field.get('dependencies',None): dependency_fields.update(field.get('dependencies')) logger.debug('field: %s, dependencies: %s', field['key'],field.get('dependencies',[])) if DEBUG_VISIBILITY: logger.info('dependency_fields %s', dependency_fields) if dependency_fields: temp.update({ key:field for key,field in schema_fields.items() if key in dependency_fields }) # filter_fields if filter_fields: temp.update({ key:field for key,field in schema_fields.items() if key in filter_fields }) # order params if order_params: temp.update({ key:field for key,field in schema_fields.items() if ( key in order_params or '-%s'%key in order_params) }) field_hash = OrderedDict(sorted(temp.iteritems(), key=lambda x: x[1].get('ordinal',999))) if DEBUG_VISIBILITY: logger.info('field_hash final: %s', field_hash.keys()) if not field_hash: response = HttpResponse('no fields specified') response.status_code = 400 raise ImmediateHttpResponse( response=response) return field_hash except ImmediateHttpResponse: raise except Exception, e: logger.exception('on get_visible_fields') raise e
def response_error(message): response = HttpResponse(json.dumps({'message': message}), 'application/json') response.status_code = 500 return response
def get_response_401(self): response = HttpResponse('Unauthorized\r\n') response.status_code = 401 response['WWW-Authenticate'] = 'Basic realm="What Manager"' return response