async def login(self, request: Request, identity: str, credential: str) -> t.Optional[Identity]: user = await self.user_provider.find_by_identity(identity) if user: hasher = self.hasher or request.app.get(PasswordHasher) assert hasher hashed = user.get_hashed_password() if hasher.verify(credential, hashed): request.session[SESSION_KEY] = user.get_id() await request.session.regenerate_id() return user return None
def https_request(): scope = { "type": "http", "method": "GET", "scheme": "https", "headers": [], } async def receive(*args): return { "type": "http.request", "body": b'{"key":"value", "key2": 2}', "more_body": False, } return Request(scope, receive)
def test_full_url_matches(): request = Request({ "type": "http", "scheme": "http", "server": ("example.com", 80), "query_string": b"csrf-token=TOKEN", "path": "/account/login", "headers": {}, }) assert request.full_url_matches(r"http://example.com") assert request.full_url_matches(r"http://example.com/account/*") assert request.full_url_matches("http://example.com/account/login") assert request.full_url_matches( "http://example.com/account/login?csrf-token=TOKEN") assert not request.full_url_matches(r"http://another.com/account/login")
def test_url_matches(): request = Request({ "type": "http", "scheme": "http", "server": (b"example.com", 80), "query_string": b"csrf-token=TOKEN", "path": "/account/login", "headers": {}, }) assert request.url_matches(r"/account/login") assert request.url_matches(r".*ogin") assert request.url_matches(r"/account/*") assert not request.url_matches(r"/admin")
def xhr_request(): scope = { "type": "http", "method": "GET", "headers": [ [b"content-type", b"application/json"], [b"x-requested-with", b"XMLHttpRequest"], ], } async def receive(*args): return { "type": "http.request", "body": b'{"key":"value", "key2": 2}', "more_body": False, } return Request(scope, receive)
def json_request(): scope = { "type": "http", "method": "POST", "headers": [ [b"content-type", b"application/json"], [b"accept", b"application/json"], ], } async def receive(*args): return { "type": "http.request", "body": b'{"key":"value", "key2": 2}', "more_body": False, } return Request(scope, receive)
def form_request(): scope = { "type": "http", "method": "POST", "scheme": "http", "client": ("0.0.0.0", "8080"), "headers": [ [b"accept", b"text/html"], [b"content-type", b"application/x-www-form-urlencoded"], ], } async def receive(*args): return { "type": "http.request", "body": b"id=1&email=root@localhost", "more_body": False, } return Request(scope, receive)
def should_check_token(self, request: Request) -> bool: return not any([ request.method.lower() in self.safe_methods, request.url_matches(*self._exclude_urls), request.full_url_matches(*self._exclude_urls), ])
def pass_old_input(request: Request) -> dict: return { "old_input": request.old_data(), }
def pass_errors(request: Request) -> dict: return {"errors": request.errors()}
def view(request: Request): request.session["id"] = 1 return JSONResponse({})