Contrib packages to add on to API Star.
Project description
API Star Contrib
Contrib packages to add on to API Star.
Free software: MIT license
Documentation: https://api-star-contrib.readthedocs.io.
Features
CSRF Token Hook
Local Session Store (Development)
Timezone Support
TODO
Redis Session Store
DB Session Store
Usage
Local Session Store
from apistar import App, Route, http
from apistar_contrib.sessions import SessionComponent, Session
from apistar_contrib.sessions.local import LocalMemorySessionHook
def index(session: Session, params: http.QueryParams):
for key, value in params:
session[key] = value
return session.data
def clear_session(session: Session):
session.clear()
return session.data
routes = [
Route('/', 'GET', index),
Route('/clear', 'GET', clear_session),
]
app = App(
routes=routes,
components=[SessionComponent()],
event_hooks=[LocalMemorySessionHook]
)
CSRF Token
import os
from apistar import App, Route, http
from apistar_contrib.csrf import EnforceCsrfHook, rotate_token
def show_form():
return app.render_template(
'form.html',
show_csrf=True,
)
def show_no_csrf_form():
return app.render_template(
'form.html',
show_csrf=False,
)
def handle_form(request: http.Request):
rotate_token(request) # You should rotate CSRF tokens after successful POSTs
return app.render_template(
'form.html',
show_csrf=True,
success=True,
)
routes = [
Route('/', 'GET', show_form),
Route('/no_csrf', 'GET', show_no_csrf_form),
Route('/handle', 'POST', handle_form),
]
BASE_DIR = os.path.dirname(__file__)
TEMPLATE_DIR = os.path.join(BASE_DIR, 'templates')
app = App(
routes=routes,
event_hooks=[EnforceCsrfHook],
template_dir=TEMPLATE_DIR,
)
# templates/form.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>CSRF Form</title>
</head>
<body>
<ul>
<li><a href="{{ reverse_url('show_form') }}">Form with CSRF</a></li>
<li><a href="{{ reverse_url('show_no_csrf_form') }}">Form without CSRF</a></li>
</ul>
{% if success %}<h1>Successful POST</h1>{% endif %}
<form action="{{ reverse_url('handle_form') }}" method="post">
{% if show_csrf %} {{ csrf_token() }} {% endif %}
<button type="submit">Submit form {% if show_csrf %}with{% else %}without{% endif %} CSRF</button>
</form>
</body>
</html>
Credits
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.
History
0.0.1 (2018-05-15)
First release on PyPI.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
apistar-contrib-0.0.2.tar.gz
(11.0 kB
view hashes)
Built Distribution
Close
Hashes for apistar_contrib-0.0.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 657787bd1d36547493e52efcafaec6ff185b7f3c8046e9bf6b91dec181de35ac |
|
MD5 | d99f46237610be71993a3d952cb593cd |
|
BLAKE2b-256 | 54025fc0c33cbfa9ce590eb88e281d3cec71e9b2662430aefa727f6f48dd999c |