本文整理匯總了Python中webob.exc.HTTPUnauthorized方法的典型用法代碼示例。如果您正苦於以下問題:Python exc.HTTPUnauthorized方法的具體用法?Python exc.HTTPUnauthorized怎麽用?Python exc.HTTPUnauthorized使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類webob.exc的用法示例。
在下文中一共展示了exc.HTTPUnauthorized方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: change_password
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def change_password(self, **kw):
ap = plugin.AuthenticationProvider.get(request)
try:
enforce_hibp_password_check(ap, kw['pw'], '.')
ap.set_password(c.user, kw['oldpw'], kw['pw'])
session['_id'] = _session_id() # new one so even if this session had been intercepted somehow, its invalid
session.save()
c.user.set_tool_data('allura', pwd_reset_preserve_session=session.id)
c.user.set_tool_data('AuthPasswordReset', hash='', hash_expiry='')
except wexc.HTTPUnauthorized:
flash('Incorrect password', 'error')
redirect('.')
flash('Password changed')
h.auditlog_user('Password changed')
email_body = g.jinja2_env.get_template('allura:templates/mail/password_changed.md').render(dict(
user=c.user,
config=config,
))
send_system_mail_to_user(c.user, 'Password Changed', email_body)
redirect('.') 示例2: set_password
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def set_password(self, user, old_password, new_password):
dn = ldap_user_dn(user.username)
if old_password:
ldap_ident = dn
ldap_pass = old_password.encode('utf-8')
else:
ldap_ident = ldap_pass = None
try:
con = ldap_conn(ldap_ident, ldap_pass)
new_password = self._encode_password(new_password)
con.modify_s(
dn, [(ldap.MOD_REPLACE, b'userPassword', new_password)])
con.unbind_s()
user.last_password_updated = datetime.utcnow()
session(user).flush(user)
except ldap.INVALID_CREDENTIALS:
raise exc.HTTPUnauthorized() 示例3: validate
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def validate(self, value, state=None):
super(LoginForm, self).validate(value, state=state)
auth_provider = plugin.AuthenticationProvider.get(request)
# can't use a validator attr on the username TextField, since the antispam encoded name changes and doesn't
# match the name used in the form submission
auth_provider.username_validator(long_message=False).to_python(value['username'])
try:
auth_provider.login()
except exc.HTTPUnauthorized:
msg = 'Invalid login'
raise Invalid(
msg,
dict(username=value['username'], rememberme=value.get('rememberme'),
return_to=value.get('return_to')),
None)
except exc.HTTPBadRequest as e:
raise Invalid(
e.args[0],
dict(username=value['username'], rememberme=value.get('rememberme'),
return_to=value.get('return_to')),
None)
return value 示例4: test_login_overlay
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def test_login_overlay(self, c, require_access, request):
pi = base.ProjectImporter(mock.Mock())
require_access.side_effect = HTTPUnauthorized
c.show_login_overlay = False
request.path = '/test-importer/'
pi._check_security()
self.assertEqual(c.show_login_overlay, True)
c.show_login_overlay = False
request.path = '/test-importer/check_names/'
pi._check_security()
self.assertEqual(c.show_login_overlay, True)
c.show_login_overlay = False
request.path = '/test-importer/process/'
with td.raises(HTTPUnauthorized):
pi._check_security()
self.assertEqual(c.show_login_overlay, False) 示例5: _check_access
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def _check_access(self, req, environ, start_response):
if req.app.private_token:
sent_private_token = req.GET.get("private_token", None)
if not (req.app.private_token == sent_private_token):
return exc.HTTPUnauthorized()(environ, start_response) 示例6: _unauthorized
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def _unauthorized(self, message):
body = {'error': {
'code': 401,
'title': 'Unauthorized',
'message': message,
}}
raise exc.HTTPUnauthorized(body=jsonutils.dumps(body),
headers=self.reject_auth_headers,
charset='UTF-8',
content_type='application/json') 示例7: _unauthorized
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def _unauthorized(self, message):
body = {'error': {
'code': httplib.UNAUTHORIZED,
'title': httplib.responses.get(httplib.UNAUTHORIZED),
'message': message,
}}
raise exc.HTTPUnauthorized(body=jsonutils.dumps(body),
headers=self.reject_auth_headers,
charset='UTF-8',
content_type='application/json') 示例8: abort_unauthorized
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def abort_unauthorized(msg=None):
raise exc.HTTPUnauthorized('Unauthorized - %s' % msg if msg else 'Unauthorized') 示例9: _requestAuth
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def _requestAuth(self, detail=None):
raise exc.HTTPUnauthorized(
detail=detail,
headers=[('WWW-Authenticate',
'Basic realm="Conary Repository"')],
) 示例10: _verify_addr
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def _verify_addr(self, addr, do_auth_check=True):
confirmed_by_other = M.EmailAddress.find(dict(email=addr.email, confirmed=True)).all() if addr else []
confirmed_by_other = [item for item in confirmed_by_other if item != addr]
if addr and not confirmed_by_other:
user = addr.claimed_by_user(include_pending=True)
if do_auth_check and not user.pending:
# pending is ok, since you can't be logged in to your account yet :)
require_authenticated()
if c.user != user:
flash('You must be logged in to the correct account', 'warning')
# raising HTTPUnauthorized does this same logic, but doesn't preserve the flash() message
# so we have to do similar logic as LoginRedirectMiddleware right here
login_url = tg.config.get('auth.login_url', '/auth/')
return_to = request.environ['PATH_INFO']
if request.environ.get('QUERY_STRING'):
return_to += '?' + request.environ['QUERY_STRING']
redirect(login_url, {'return_to': return_to})
if do_auth_check:
# don't send email when do_auth_check=False (e.g. admin panel move)
email_body = g.jinja2_env.get_template('allura:templates/mail/email_added.md').render(dict(
user=user,
config=config,
addr=addr.email
))
send_system_mail_to_user(user, 'New Email Address Added', email_body)
addr.confirmed = True
flash('Email address confirmed')
h.auditlog_user('Email address verified: %s', addr.email, user=user)
if user.get_pref('email_address') is None:
user.set_pref('email_address', addr.email)
if user.pending:
plugin.AuthenticationProvider.get(request).activate_user(user)
projectname = plugin.AuthenticationProvider.get(request).user_project_shortname(user)
n = M.Neighborhood.query.get(name='Users')
n.register_project(projectname, user=user, user_project=True)
else:
flash('Unknown verification link', 'error') 示例11: pwd_expired_change
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def pwd_expired_change(self, **kw):
require_authenticated()
return_to = kw.get('return_to')
ap = plugin.AuthenticationProvider.get(request)
failure_redirect_url = tg.url('/auth/pwd_expired', dict(return_to=return_to))
enforce_hibp_password_check(ap, kw['pw'], failure_redirect_url)
try:
expired_username = session.get('expired-username')
expired_user = M.User.query.get(username=expired_username) if expired_username else None
ap.set_password(expired_user or c.user, kw['oldpw'], kw['pw'])
expired_user.set_tool_data('allura', pwd_reset_preserve_session=session.id)
expired_user.set_tool_data('AuthPasswordReset', hash='', hash_expiry='') # Clear password reset token
except wexc.HTTPUnauthorized:
flash('Incorrect password', 'error')
redirect(failure_redirect_url)
flash('Password changed')
session.pop('pwd-expired', None)
session['username'] = session.get('expired-username')
session.pop('expired-username', None)
expired_reason = session.pop('expired-reason', None)
session.save()
h.auditlog_user('Password reset ({})'.format(expired_reason))
if return_to and return_to != request.url:
redirect(return_to)
else:
redirect('/') 示例12: request_token
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def request_token(self, **kw):
req = oauth.Request.from_request(
request.method,
request.url.split('?')[0],
headers=request.headers,
parameters=dict(request.params),
query_string=request.query_string
)
consumer_token = M.OAuthConsumerToken.query.get(
api_key=req['oauth_consumer_key'])
if consumer_token is None:
log.error('Invalid consumer token')
raise exc.HTTPUnauthorized
consumer = consumer_token.consumer
try:
self.server.verify_request(req, consumer, None)
except oauth.Error as e:
log.error('Invalid signature %s %s', type(e), e)
raise exc.HTTPUnauthorized
req_token = M.OAuthRequestToken(
consumer_token_id=consumer_token._id,
callback=req.get('oauth_callback', 'oob')
)
session(req_token).flush()
log.info('Saving new request token with key: %s', req_token.api_key)
return req_token.to_string() 示例13: access_token
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def access_token(self, **kw):
req = oauth.Request.from_request(
request.method,
request.url.split('?')[0],
headers=request.headers,
parameters=dict(request.params),
query_string=request.query_string
)
consumer_token = M.OAuthConsumerToken.query.get(
api_key=req['oauth_consumer_key'])
request_token = M.OAuthRequestToken.query.get(
api_key=req['oauth_token'])
if consumer_token is None:
log.error('Invalid consumer token')
raise exc.HTTPUnauthorized
if request_token is None:
log.error('Invalid request token')
raise exc.HTTPUnauthorized
pin = req['oauth_verifier']
if pin != request_token.validation_pin:
log.error('Invalid verifier')
raise exc.HTTPUnauthorized
rtok = request_token.as_token()
rtok.set_verifier(pin)
consumer = consumer_token.consumer
try:
self.server.verify_request(req, consumer, rtok)
except oauth.Error as e:
log.error('Invalid signature %s %s', type(e), e)
raise exc.HTTPUnauthorized
acc_token = M.OAuthAccessToken(
consumer_token_id=consumer_token._id,
request_token_id=request_token._id,
user_id=request_token.user_id,
)
return acc_token.to_string() 示例14: test_set_password_with_old_password
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def test_set_password_with_old_password(self):
user = Mock()
user.__ming__ = Mock()
self.provider.validate_password = lambda u, p: False
self.provider._encode_password = Mock()
assert_raises(
exc.HTTPUnauthorized,
self.provider.set_password, user, 'old', 'new')
assert_equal(self.provider._encode_password.call_count, 0)
self.provider.validate_password = lambda u, p: True
self.provider.set_password(user, 'old', 'new')
self.provider._encode_password.assert_called_once_with('new') 示例15: test_post_permission_check
# 需要導入模塊: from webob import exc [as 別名]
# 或者: from webob.exc import HTTPUnauthorized [as 別名]
def test_post_permission_check():
d = M.Discussion(shortname='test', name='test')
t = M.Thread.new(discussion_id=d._id, subject='Test Thread')
c.user = M.User.anonymous()
try:
t.post('This post will fail the check.')
assert False, "Expected an anonymous post to fail."
except exc.HTTPUnauthorized:
pass
t.post('This post will pass the check.', ignore_security=True)