Contrib packages to add on to API Star.
Project description
API Star Contrib
Contrib packages to add on to API Star.
Free software: MIT license
Documentation: https://api-star-contrib.readthedocs.io.
Features
CSRF Token Hook
Local Session Store (Development)
Timezone Support
TODO
Redis Session Store
DB Session Store
Usage
Local Session Store
from apistar import App, Route, http
from apistar_contrib.sessions import Session, SessionComponent, SessionHook, LocalMemorySessionStore
def use_session(session: Session, params: http.QueryParams):
for key, value in params:
session[key] = value
return session.data
def clear_session(session: Session):
session.clear()
return session.data
routes = [
Route('/', 'GET', use_session),
Route('/clear', 'GET', clear_session),
]
app = App(
routes=routes,
components=[SessionComponent(LocalMemorySessionStore)],
event_hooks=[SessionHook]
)
CSRF Token
import os
from apistar import App, Route, http
from apistar_contrib.csrf import EnforceCsrfHook, rotate_token
def show_form():
return app.render_template(
'form.html',
show_csrf=True,
)
def show_no_csrf_form():
return app.render_template(
'form.html',
show_csrf=False,
)
def handle_form(request: http.Request):
rotate_token(request) # You should rotate CSRF tokens after successful POSTs
return app.render_template(
'form.html',
show_csrf=True,
success=True,
)
routes = [
Route('/', 'GET', show_form),
Route('/no_csrf', 'GET', show_no_csrf_form),
Route('/handle', 'POST', handle_form),
]
BASE_DIR = os.path.dirname(__file__)
TEMPLATE_DIR = os.path.join(BASE_DIR, 'templates')
app = App(
routes=routes,
event_hooks=[EnforceCsrfHook],
template_dir=TEMPLATE_DIR,
)
# templates/form.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>CSRF Form</title>
</head>
<body>
<ul>
<li><a href="{{ reverse_url('show_form') }}">Form with CSRF</a></li>
<li><a href="{{ reverse_url('show_no_csrf_form') }}">Form without CSRF</a></li>
</ul>
{% if success %}<h1>Successful POST</h1>{% endif %}
<form action="{{ reverse_url('handle_form') }}" method="post">
{% if show_csrf %} {{ csrf_token() }} {% endif %}
<button type="submit">Submit form {% if show_csrf %}with{% else %}without{% endif %} CSRF</button>
</form>
</body>
</html>
Credits
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.
History
0.0.4 (2018-05-18)
Remove default components
0.0.3 (2018-05-18)
Refactor Session component
0.0.2 (2018-05-17)
Add CSRF token hook
0.0.1 (2018-05-15)
First release on PyPI.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
apistar-contrib-0.0.4.tar.gz
(11.2 kB
view hashes)
Built Distribution
Close
Hashes for apistar_contrib-0.0.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | edb58414ab73d8b4aa659ac39031ca297bfe4869c861928bd4a6ec4f1ee55a27 |
|
MD5 | a6c45468959104ee2cce09c1e29cebe0 |
|
BLAKE2b-256 | b9b00972e846a09b403530a8cc147e21efe4fef872c17f16d49f20a8a6103506 |