def __get__(self, request, *args, **kwargs): if '_session_security' not in request.session: return response.HttpResponse('logout') last_activity = get_last_activity(request.sessoin) idle_time = (datetime.now() - last_activity).seconds return response.HttpResponse(idle_time)
def test_that_middleware_does_nothing_to_js_requests(self): resp = response.HttpResponse(mimetype='text/javascript', content='var blah = [];') mware = middleware.AngularJsonVulnerabilityMiddleware() mware.process_response(request.HttpRequest(), resp) self.assertEqual(resp.content, 'var blah = [];')
def test_that_middleware_adds_prefix_to_valid_json_requests(self): resp = response.HttpResponse(mimetype='application/json', content='[1, 2, 3]') mware = middleware.AngularJsonVulnerabilityMiddleware() mware.process_response(request.HttpRequest(), resp) self.assertEqual(resp.content, mware.CONTENT_PREFIX + '[1, 2, 3]')
def test_that_middleware_does_nothing_to_html_requests(self): resp = response.HttpResponse(mimetype='text/html', content='<html></html>') mware = middleware.AngularJsonVulnerabilityMiddleware() mware.process_response(request.HttpRequest(), resp) self.assertEqual(resp.content, '<html></html>')
def xsd(request, schema_name): ret = render_to_string( schema_name + '.xsd', request=request, context={'url': '{}://{}'.format(request.scheme, request.get_host())} ) return response.HttpResponse(ret, content_type='text/xml')
def auto_response(resp): if isinstance(resp, text_type): return response.HttpResponse(resp) elif isinstance(resp, dict): return response.JsonResponse(resp) else: return resp
def login_bak(request): # resp=HttpResponse() if request.method == 'POST': user = json.dumps(request.body) # 异常,要在settings文件中,放行 mytoken = request.META.get('HTTP_TOKEN') print(mytoken) result = { "code": "800" } # data body部分 resp = response.HttpResponse(json.dumps(result), status=200, charset='utf-8', content_type='application/json') date_int = datetime.utcnow() + timedelta(hours=1) # resp.set_cookie('token','1234567890',expires=date_int) # 把token放在header中传给客户端 # data header部分 resp['token'] = '888888888888888888888888888' resp['Access-Control-Expose-Headers'] = 'token' return resp else: # return HttpResponse('{"code":"404"}') result = { "code": "800" } resp = JsonResponse(result, status=200, charset='utf-8', content_type='application/json') date_int = datetime.utcnow() + timedelta(hours=1) resp.set_cookie('token', '1234567890'.encode('utf-8'), expires=date_int) return resp
def test_session(self): """测试授权后session状态保持""" openid = "12345" rf = RequestFactory() request = rf.get("/test?code=123") view = lambda request, *args, **kwargs: response.HttpResponse( request.wechat.openid) handler = self._make_handler(request, view=view) with oauth_api(openid): resp = handler.dispatch(request) self.assertEqual(resp.content, openid.encode()) # 首次授权后不再授权 session_key = "wechat_test_user" def ban_api(*args, **kwargs): self.assertFalse(True) request = rf.get("/test?code=123") request.COOKIES[session_key] = resp.cookies[session_key].value with oauth_api(openid, ban_api): resp = handler.dispatch(request) request = rf.get("/") request.COOKIES[session_key] = resp.cookies[session_key].value with oauth_api(openid, ban_api): resp = handler.dispatch(request)
def regist(request): data = json.loads(request.body) user = { "uname": data['uname'], "telephone": data['telephone'], "password": generate_password_hash(data['password'], method='pbkdf2:sha1:2000', salt_length=8), "pub_time": datetime.now().strftime('%Y-%m-%d %H:%M:%S'), "email": data['email'] } print(user) if request.method == 'POST': try: result = {"code": "808"} uu = models.UserBase.objects.create(**user) resp = response.HttpResponse(json.dumps(result), status=200, charset='utf-8', content_type='application/json') resp['token'] = jwtEncoding(data['telephone']) resp['Access-Control-Expose-Headers'] = 'token' return resp except Exception as ex: return JsonResponse({"code": "408"}) else: return JsonResponse({"code": "408"})
def login(request): data = json.loads(request.body) user = { "telphone": data['telphone'], "password": generate_password_hash(data['password'], method='pbkdf2:sha1:2000', salt_length=8) } if request.method == 'POST': try: u = models.UserBase.objects.filter( telephone=user['telphone']).values('password') print(u[0]['password']) print(data['password']) if u and check_password_hash(u[0]['password'], data['password']): result = {"code": "808"} resp = response.HttpResponse(json.dumps(result), status=200, charset='utf-8', content_type='application/json') resp['token'] = jwtEncoding(data['telphone']) resp['Access-Control-Expose-Headers'] = 'token' return resp else: return JsonResponse({"code": "404"}) except Exception as ex: return JsonResponse({"code": "408"}) else: return JsonResponse({"code": "408"})
def login_view(request: request.HttpRequest): form = forms.AuthenticationForm() if request.method != 'POST': return render( request=request, template_name='user-login.html', context={ 'form': form, } ) user = authenticate( username=request.POST['username'], password=request.POST['password'] ) if not user: return render( request=request, template_name='user-login.html', context={ 'login_error': 'Имя пользователя и пароль не совпадают. \ Введите правильные данные.', 'form': form, } ) if user.is_active: login(request, user) return redirect(to='index') return response.HttpResponse({'error': 'Аккаунт заблокирован'})
def finalize_response(self, request, response, *args, **kwargs): if isinstance(response, text_type): response = django_response.HttpResponse(response) elif isinstance(response, dict): response = django_response.JsonResponse(response) return super(WeChatViewMixin, self).finalize_response( request, response, *args, **kwargs)
def user_profile_details(self, user_profile_dto): user_profile_response = { "user_id": user_profile_dto.user_id, "name": user_profile_dto.name, "is_admin": user_profile_dto.is_admin } return response.HttpResponse(json.dumps(user_profile_response), status=201)
def get_added_washing_machine_details(self, washing_machine_dto): added_washing_machine_response = { "washing_machine_id": washing_machine_dto.washing_machine_id, "washing_machine_status": washing_machine_dto.washing_machine_status } return response.HttpResponse( json.dumps(added_washing_machine_response), status=200)
def test_that_middleware_does_nothing_to_invalid_json_requests(self): resp = response.HttpResponse(mimetype='application/json', content='[1, 2, 3]', status=400) mware = middleware.AngularJsonVulnerabilityMiddleware() mware.process_response(request.HttpRequest(), resp) self.assertEqual(resp.content, '[1, 2, 3]')
def send_text(request): response = request.GET['content'] + " Reply STOP to stop SMS notifications." message = client.messages.create(from_=twilio_number, body=response, to="+" + request.GET['dest']) return httpresponse.HttpResponse("Successful")
def user_login_response(self, token_dto, user_is_admin): # print("\n"*10,UserAuthTokensDTO) print("**********", "\n", token_dto) login_response = { "access_token": token_dto.access_token, "is_admin": user_is_admin } return response.HttpResponse(json.dumps(login_response), status=200)
def raise_exception_for_user_is_admin(self): response_object = response.HttpResponse(json.dumps( { "response": USER_IS_ADMIN[0], "http_status_code": USER_IS_ADMIN[1], "res_status": 404 } ), status=404) return response_object
def raise_exception_for_invalid_washing_machine_id(self): response_object = response.HttpResponse(json.dumps( { "response": WASHING_MACHINE_NUMBER_INVALID[0], "http_status_code": WASHING_MACHINE_NUMBER_INVALID[1], "res_status": 403 } ), status=403) return response_object
def raise_exception_for_invalid_date(self): response_object = response.HttpResponse(json.dumps( { "response": DATE_INVALID[0], "http_status_code": DATE_INVALID[1], "res_status": 404 } ), status=404) return response_object
def server_info_xml(request): ret = textwrap.dedent(""" <bmltInfo> <serverVersion> <readableString>5.0.0</readableString> </serverVersion> </bmltInfo> """) return response.HttpResponse(ret, content_type='application/xml')
def algorithms_post_handler(request): post_param = request.POST method = post_param['method'] params = post_param['params'] result = 'none' if method == compute_network_graph.__name__: result = compute_network_graph(params) return response.HttpResponse(result)
def post(self, request): request = WeChatMessageInfo.patch_request(request) reply = self._handle(request.wechat) if reply: xml = reply.render() if request.wechat.app.crypto: xml = request.wechat.app.crypto.encrypt_message( xml, request.GET["nonce"], request.GET["timestamp"]) return response.HttpResponse(xml, content_type="text/xml") return ""
def payload_too_large(): HTTP_RESPONSE_PAYLOAD_TOO_LARGE = 413 payload = _get_error_payload( 'Payload Too Long', 'Payload Too Long', str(HTTP_RESPONSE_PAYLOAD_TOO_LARGE)) return django_resp.HttpResponse( content=json.dumps(payload), status=HTTP_RESPONSE_PAYLOAD_TOO_LARGE, content_type=const.HTTP_RESPONSE_CONTENT_TYPE)
def unsupported_media_type(): HTTP_RESPONSE_UNSUPPORTED_MEDIA_TYPE = 415 payload = _get_error_payload( 'Unsupported Media Type', 'Unsupported Media Type', str(HTTP_RESPONSE_UNSUPPORTED_MEDIA_TYPE)) return django_resp.HttpResponse( content=json.dumps(payload), status=HTTP_RESPONSE_UNSUPPORTED_MEDIA_TYPE, content_type=const.HTTP_RESPONSE_CONTENT_TYPE)
def invalid_accept(): HTTP_RESPONSE_INVALID_ACCEPT = 406 payload = _get_error_payload( 'Not Acceptable', 'Not Acceptable', str(HTTP_RESPONSE_INVALID_ACCEPT)) return django_resp.HttpResponse( content=json.dumps(payload), status=HTTP_RESPONSE_INVALID_ACCEPT, content_type=const.HTTP_RESPONSE_CONTENT_TYPE)
def get_booked_slot_details(self, booked_slot_dto): slot_booking_response = { "slot_start_time": booked_slot_dto.slot_start_time, "slot_end_time": booked_slot_dto.slot_end_time, "slot_date": booked_slot_dto.slot_date, "washing_machine_id": booked_slot_dto.washing_machine_id, "slot_status": booked_slot_dto.slot_status, } return response.HttpResponse(json.dumps(slot_booking_response), status=200)
def post(self, request): return response.HttpResponse( '<?xml version="1.0" encoding="UTF-8"?>' '<PostResponse>' '<Location>https://localhost/test.png</Location>' '<Bucket>AWS_STORAGE_BUCKET_NAME</Bucket>' '<Key>_upload/test.png</Key>' '<ETag>"1e2580c388265551922a1f73ae5954a3"</ETag>' '</PostResponse>', status=201)
def raise_invalid_password_exception(self): import json from gyaan_auth.constants.exception_messages import INVALID_PASSWORD data = json.dumps({ "response": INVALID_PASSWORD[0], "http_status_code": 400, "res_status": INVALID_PASSWORD[1] }) response_object = response.HttpResponse(data, status=400) return response_object
def raise_invalid_username_exception(self): import json from gyaan_auth.constants.exception_messages import INVALID_USERNAME data = json.dumps({ "response": INVALID_USERNAME[0], "http_status_code": 404, "res_status": INVALID_USERNAME[1] }) response_object = response.HttpResponse(data, status=404) return response_object