本文整理汇总了Python中common.crypto.XsrfTokenManager类的典型用法代码示例。如果您正苦于以下问题:Python XsrfTokenManager类的具体用法?Python XsrfTokenManager怎么用?Python XsrfTokenManager使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了XsrfTokenManager类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get
def get(self):
"""Respond to the REST GET verb with the contents of the item."""
key = self.request.get('key')
if not roles.Roles.is_course_admin(self.app_context):
transforms.send_json_response(
self, 401, 'Access denied.', {'key': key})
return
if key:
item = self.DAO.load(key)
version = item.dict.get('version')
if version not in self.SCHEMA_VERSIONS:
transforms.send_json_response(
self, 403, 'Version %s not supported.' % version,
{'key': key})
return
display_dict = copy.copy(item.dict)
display_dict['id'] = item.id
payload_dict = self.transform_for_editor_hook(display_dict)
else:
payload_dict = self.get_default_content()
transforms.send_json_response(
self, 200, 'Success',
payload_dict=payload_dict,
xsrf_token=XsrfTokenManager.create_xsrf_token(self.XSRF_TOKEN))示例2: get
def get(self):
"""Handles GET request."""
user = self.personalize_page_and_get_user()
if not user:
self.redirect(users.create_login_url(self.request.uri), normalize=False)
return
student = Student.get_enrolled_student_by_user(user)
if student:
self.redirect("/course")
return
can_register = self.app_context.get_environ()["reg_form"]["can_register"]
if not can_register:
self.redirect("/course#registration_closed")
return
# pre-fill nick name from the profile if available
self.template_value["current_name"] = ""
profile = StudentProfileDAO.get_profile_by_user_id(user.user_id())
if profile and profile.nick_name:
self.template_value["current_name"] = profile.nick_name
self.template_value["navbar"] = {}
self.template_value["transient_student"] = True
self.template_value["register_xsrf_token"] = XsrfTokenManager.create_xsrf_token("register-post")
alternate_content = []
for hook in self.PREVENT_REGISTRATION_HOOKS:
alternate_content.extend(hook(self.app_context, user.user_id()))
self.template_value["alternate_content"] = alternate_content
self.render("register.html")示例3: personalize_page_and_get_user
def personalize_page_and_get_user(self):
"""If the user exists, add personalized fields to the navbar."""
user = self.get_user()
PageInitializerService.get().initialize(self.template_value)
if hasattr(self, 'app_context'):
self.template_value['can_register'] = self.app_context.get_environ(
)['reg_form']['can_register']
if user:
email = user.email()
self.template_value['email_no_domain_name'] = (
email[:email.find('@')] if '@' in email else email)
self.template_value['email'] = email
self.template_value['logoutUrl'] = (
users.create_logout_url(self.request.uri))
self.template_value['transient_student'] = False
# configure page events
self.template_value['record_tag_events'] = (
CAN_PERSIST_TAG_EVENTS.value)
self.template_value['record_page_events'] = (
CAN_PERSIST_PAGE_EVENTS.value)
self.template_value['record_events'] = (
CAN_PERSIST_ACTIVITY_EVENTS.value)
self.template_value['event_xsrf_token'] = (
XsrfTokenManager.create_xsrf_token('event-post'))
else:
self.template_value['loginUrl'] = users.create_login_url(
self.request.uri)
self.template_value['transient_student'] = True
return None
return user示例4: personalize_page_and_get_user
def personalize_page_and_get_user(self):
"""If the user exists, add personalized fields to the navbar."""
user = self.get_user()
PageInitializerService.get().initialize(self.template_value)
if hasattr(self, "app_context"):
self.template_value["can_register"] = self.app_context.get_environ()["reg_form"]["can_register"]
if user:
email = user.email()
self.template_value["email_no_domain_name"] = email[: email.find("@")] if "@" in email else email
self.template_value["email"] = email
self.template_value["logoutUrl"] = users.create_logout_url(self.request.uri)
self.template_value["transient_student"] = False
# configure page events
self.template_value["record_tag_events"] = CAN_PERSIST_TAG_EVENTS.value
self.template_value["record_page_events"] = CAN_PERSIST_PAGE_EVENTS.value
self.template_value["record_events"] = CAN_PERSIST_ACTIVITY_EVENTS.value
self.template_value["event_xsrf_token"] = XsrfTokenManager.create_xsrf_token("event-post")
else:
self.template_value["loginUrl"] = users.create_login_url(self.request.uri)
self.template_value["transient_student"] = True
return None
return user示例5: get
def get(self):
"""Handles GET request."""
user = self.personalize_page_and_get_user()
if not user:
self.redirect(
users.create_login_url(self.request.uri), normalize=False)
return
student = Student.get_enrolled_student_by_email(user.email())
if student:
self.redirect('/course')
return
can_register = self.app_context.get_environ(
)['reg_form']['can_register']
if not can_register:
self.redirect('/course#registration_closed')
return
# pre-fill nick name from the profile if available
self.template_value['current_name'] = ''
profile = StudentProfileDAO.get_profile_by_user_id(user.user_id())
if profile and profile.nick_name:
self.template_value['current_name'] = profile.nick_name
self.template_value['navbar'] = {}
self.template_value['transient_student'] = True
self.template_value['register_xsrf_token'] = (
XsrfTokenManager.create_xsrf_token('register-post'))
self.render('register.html')示例6: assert_xsrf_token_or_fail
def assert_xsrf_token_or_fail(self, request, action):
"""Asserts the current request has proper XSRF token or fails."""
token = request.get('xsrf_token')
if not token or not XsrfTokenManager.is_xsrf_token_valid(token, action):
self.error(403)
return False
return True示例7: get
def get(self):
"""Respond to the REST GET verb with the contents of the item."""
key = self.request.get("key")
if not roles.Roles.is_course_admin(self.app_context):
transforms.send_json_response(self, 401, "Access denied.", {"key": key})
return
if key:
item = self.DAO.load(key)
version = item.dict.get("version")
if version not in self.SCHEMA_VERSIONS:
transforms.send_json_response(self, 403, "Version %s not supported." % version, {"key": key})
return
display_dict = copy.copy(item.dict)
display_dict["id"] = item.id
common_utils.run_hooks(self.PRE_LOAD_HOOKS, item, display_dict)
payload_dict = self.transform_for_editor_hook(display_dict)
else:
payload_dict = self.get_default_content()
transforms.send_json_response(
self,
200,
"Success",
payload_dict=payload_dict,
xsrf_token=XsrfTokenManager.create_xsrf_token(self.XSRF_TOKEN),
)示例8: get
def get(self):
"""Respond to the REST GET verb with the contents of the item."""
key = self.request.get('key')
if not roles.Roles.is_course_admin(self.app_context):
transforms.send_json_response(
self, 401, 'Access denied.', {'key': key})
return
if key:
item = self.DAO.load(key)
if item is None:
transforms.send_json_response(
self, 404, 'Not found.', {'key': key})
return
version = item.dict.get('version')
if version not in self.SCHEMA_VERSIONS:
transforms.send_json_response(
self, 400, 'Version %s not supported.' % version,
{'key': key})
return
display_dict = copy.copy(item.dict)
display_dict['id'] = item.id
common_utils.run_hooks(self.PRE_LOAD_HOOKS, item, display_dict)
payload_dict = self.transform_for_editor_hook(display_dict)
elif self.CAN_CREATE:
payload_dict = self.get_default_content()
else:
transforms.send_json_response(
self, 404, 'Key is required in URL.', {})
return
transforms.send_json_response(
self, 200, 'Success',
payload_dict=payload_dict,
xsrf_token=XsrfTokenManager.create_xsrf_token(self.XSRF_TOKEN))示例9: assert_xsrf_token_or_fail
def assert_xsrf_token_or_fail(self, token_dict, action, args_dict):
"""Asserts that current request has proper XSRF token or fails."""
token = token_dict.get("xsrf_token")
if not token or not XsrfTokenManager.is_xsrf_token_valid(token, action):
transforms.send_json_response(self, 403, "Bad XSRF token. Please reload the page and try again", args_dict)
return False
return True示例10: init_template_values
def init_template_values(self, environ, prefs=None):
"""Initializes template variables with common values."""
self.template_value[COURSE_INFO_KEY] = environ
self.template_value[
'page_locale'] = self.app_context.get_current_locale()
self.template_value['html_hooks'] = HtmlHooks(
self.get_course(), prefs=prefs)
self.template_value['is_course_admin'] = Roles.is_course_admin(
self.app_context)
self.template_value['can_see_drafts'] = (
courses_module.courses.can_see_drafts(self.app_context))
self.template_value[
'is_read_write_course'] = self.app_context.fs.is_read_write()
self.template_value['is_super_admin'] = Roles.is_super_admin()
self.template_value[COURSE_BASE_KEY] = self.get_base_href(self)
self.template_value['left_links'] = []
for func in self.LEFT_LINKS:
self.template_value['left_links'].extend(func(self.app_context))
self.template_value['right_links'] = []
for func in self.RIGHT_LINKS:
self.template_value['right_links'].extend(func(self.app_context))
if not prefs:
prefs = models.StudentPreferencesDAO.load_or_create()
self.template_value['student_preferences'] = prefs
if (Roles.is_course_admin(self.app_context) and
not appengine_config.PRODUCTION_MODE and
prefs and prefs.show_jinja_context):
@jinja2.contextfunction
def get_context(context):
return context
self.template_value['context'] = get_context
if CAN_PUT_DEBUG_INFO_INTO_PAGES.value:
self.template_value['debug_info'] = self.debug_info()
self.template_value[
'extra_global_css_urls'] = self.EXTRA_GLOBAL_CSS_URLS
self.template_value[
'extra_global_js_urls'] = self.EXTRA_GLOBAL_JS_URLS
# Common template information for the locale picker (only shown for
# user in session)
can_student_change_locale = (
self.get_course().get_course_setting('can_student_change_locale')
or self.get_course().app_context.can_pick_all_locales())
if can_student_change_locale:
self.template_value['available_locales'] = [
{
'name': locales.get_locale_display_name(loc),
'value': loc
} for loc in self.app_context.get_allowed_locales()]
self.template_value['locale_xsrf_token'] = (
XsrfTokenManager.create_xsrf_token(
StudentLocaleRESTHandler.XSRF_TOKEN_NAME))
self.template_value['selected_locale'] = self.get_locale_for(
self.request, self.app_context, prefs=prefs)示例11: get
def get(self):
key = self.request.get('key')
if not roles.Roles.is_course_admin(self.app_context):
transforms.send_json_response(
self, 401, 'Access denied.', {'key': key})
return
if key:
question_dto = models.QuestionDAO.load(key)
if question_dto.type == models.QuestionDTO.MULTIPLE_CHOICE:
mc_dict = question_dto.dict
sa_dict = SaQuestionRESTHandler().get_default_content()
qu_type = 'mc'
elif question_dto.type == models.QuestionDTO.SHORT_ANSWER:
mc_dict = McQuestionRESTHandler().get_default_content()
sa_dict = question_dto.dict
qu_type = 'sa'
else:
raise ValueError(
'Unrecognized question type ' + question_dto.type)
else:
mc_dict = McQuestionRESTHandler().get_default_content()
sa_dict = SaQuestionRESTHandler().get_default_content()
qu_type = None
question_dict = {
'quid': key,
'qu_type': qu_type,
'mc_tab': mc_dict,
'sa_tab': sa_dict,
'select_tab': {
'quid': key
}
}
xsrf_token_dict = {
'mc_tab': XsrfTokenManager.create_xsrf_token(
McQuestionRESTHandler.XSRF_TOKEN),
'sa_tab': XsrfTokenManager.create_xsrf_token(
SaQuestionRESTHandler.XSRF_TOKEN)
}
transforms.send_json_response(
self, 200, 'Success',
payload_dict=question_dict,
xsrf_token=transforms.dumps(xsrf_token_dict))示例12: get
def get(self):
"""Handles GET requests."""
student = self.personalize_page_and_get_enrolled()
if not student:
return
track_labels = models.LabelDAO.get_all_of_type(
models.LabelDTO.LABEL_TYPE_COURSE_TRACK)
course = self.get_course()
units = []
for unit in course.get_units():
# Don't show assessments that are part of units.
if course.get_parent_unit(unit.unit_id):
continue
units.append({
'unit_id': unit.unit_id,
'title': unit.title,
'labels': list(course.get_unit_track_labels(unit)),
})
name = student.name
profile = student.profile
if profile:
name = profile.nick_name
student_labels = student.get_labels_of_type(
models.LabelDTO.LABEL_TYPE_COURSE_TRACK)
self.template_value['navbar'] = {'progress': True}
self.template_value['student'] = student
self.template_value['student_name'] = name
self.template_value['date_enrolled'] = student.enrolled_on.strftime(
HUMAN_READABLE_DATE_FORMAT)
self.template_value['score_list'] = course.get_all_scores(student)
self.template_value['overall_score'] = course.get_overall_score(student)
self.template_value['student_edit_xsrf_token'] = (
XsrfTokenManager.create_xsrf_token('student-edit'))
self.template_value['can_edit_name'] = (
not models.CAN_SHARE_STUDENT_PROFILE.value)
self.template_value['track_labels'] = track_labels
self.template_value['student_labels'] = student_labels
self.template_value['units'] = units
self.template_value['track_env'] = transforms.dumps({
'label_ids': [label.id for label in track_labels],
'units': units
})
# Append any extra data which is provided by modules
extra_student_data = []
for data_provider in self.EXTRA_STUDENT_DATA_PROVIDERS:
extra_student_data.append(data_provider(self, student, course))
self.template_value['extra_student_data'] = extra_student_data
self.render('student_profile.html')示例13: personalize_page_and_get_user
def personalize_page_and_get_user(self):
"""If the user exists, add personalized fields to the navbar."""
user = self.get_user()
PageInitializerService.get().initialize(self.template_value)
if hasattr(self, 'app_context'):
self.template_value['can_register'] = self.app_context.get_environ(
)['reg_form']['can_register']
if user:
email = user.email()
self.template_value['email_no_domain_name'] = (
email[:email.find('@')] if '@' in email else email)
self.template_value['email'] = email
self.template_value['logoutUrl'] = (
users.create_logout_url(self.request.uri))
self.template_value['transient_student'] = False
# configure page events
self.template_value['record_tag_events'] = (
CAN_PERSIST_TAG_EVENTS.value)
self.template_value['record_page_events'] = (
CAN_PERSIST_PAGE_EVENTS.value)
self.template_value['record_events'] = (
CAN_PERSIST_ACTIVITY_EVENTS.value)
self.template_value['event_xsrf_token'] = (
XsrfTokenManager.create_xsrf_token('event-post'))
## ROSEbotics ##
namespace = namespace_manager.get_namespace()
namespace_manager.set_namespace('')
rosebotics_student = RoseboticsStudent.get_by_id(email.lower())
if rosebotics_student is None:
rosebotics_student = RoseboticsStudent(id=user.email().lower())
rosebotics_student.put()
recent_track_utils.set_recent_track(rosebotics_student.key, self.request.path_qs)
most_recent_course = recent_track_utils.get_most_recent_course(rosebotics_student.key)
if most_recent_course is not None:
self.template_value["most_recent_track"] = most_recent_course
self.template_value.update(recent_track_utils.get_recent_tracks(rosebotics_student.key))
self.template_value["logout_url"] = users.create_logout_url("/")
self.template_value["rosebotics_student"] = rosebotics_student
namespace_manager.set_namespace(namespace)
## END ##
else:
self.template_value['loginUrl'] = users.create_login_url(self.request.uri)
self.template_value["login_url"] = users.create_login_url(self.request.uri)
self.template_value['transient_student'] = True
return None
return user示例14: post
def post(self):
"""Handles POST."""
action = self.request.get('action')
if not action or action not in self.post_actions:
self.error(404)
return
handler = getattr(self, 'post_%s' % action)
if not handler:
self.error(404)
return
# Each POST request must have valid XSRF token.
xsrf_token = self.request.get('xsrf_token')
if not XsrfTokenManager.is_xsrf_token_valid(xsrf_token, action):
self.error(403)
return
return handler()示例15: get_event_xsrf_token
def get_event_xsrf_token():
return XsrfTokenManager.create_xsrf_token('event-post')