Contrib packages to add on to API Star.
Project description
API Star Contrib
Contrib packages to add on to API Star.
Free software: MIT license
Documentation: https://api-star-contrib.readthedocs.io.
Features
CSRF Token Hook
Local Session Store (Development)
Timezone Support
TODO
Redis Session Store
DB Session Store
Usage
Local Session Store
from apistar import App, Route, http
from apistar_contrib.sessions import Session, SessionComponent, SessionHook, LocalMemorySessionStore
def use_session(session: Session, params: http.QueryParams):
for key, value in params:
session[key] = value
return session.data
def clear_session(session: Session):
session.clear()
return session.data
routes = [
Route('/', 'GET', use_session),
Route('/clear', 'GET', clear_session),
]
app = App(
routes=routes,
components=[SessionComponent(LocalMemorySessionStore)],
event_hooks=[SessionHook]
)
CSRF Token
import os
from apistar import App, Route, http
from apistar_contrib.csrf import EnforceCsrfHook, rotate_token
def show_form():
return app.render_template(
'form.html',
show_csrf=True,
)
def show_no_csrf_form():
return app.render_template(
'form.html',
show_csrf=False,
)
def handle_form(request: http.Request):
# You should rotate CSRF tokens after successful login/logout
rotate_token(request)
return app.render_template(
'form.html',
show_csrf=True,
success=True,
)
routes = [
Route('/', 'GET', show_form),
Route('/no_csrf', 'GET', show_no_csrf_form),
Route('/handle', 'POST', handle_form),
]
BASE_DIR = os.path.dirname(__file__)
TEMPLATE_DIR = os.path.join(BASE_DIR, 'templates')
app = App(
routes=routes,
event_hooks=[EnforceCsrfHook],
template_dir=TEMPLATE_DIR,
)
<!-- templates/form.html -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>CSRF Form</title>
</head>
<body>
<ul>
<li><a href="{{ reverse_url('show_form') }}">Form with CSRF</a></li>
<li><a href="{{ reverse_url('show_no_csrf_form') }}">Form without CSRF</a></li>
</ul>
{% if success %}<h1>Successful POST</h1>{% endif %}
<form action="{{ reverse_url('handle_form') }}" method="post">
{% if show_csrf %} {{ csrf_token() }} {% endif %}
<button type="submit">Submit form {% if show_csrf %}with{% else %}without{% endif %} CSRF</button>
</form>
</body>
</html>
Credits
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.
History
0.0.5 (2018-05-19)
Added Redis Session Store
Created first tests
0.0.4 (2018-05-18)
Remove default components
0.0.3 (2018-05-18)
Refactor Session component
0.0.2 (2018-05-17)
Add CSRF token hook
0.0.1 (2018-05-15)
First release on PyPI.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
apistar-contrib-0.0.5.tar.gz
(12.2 kB
view hashes)
Built Distribution
Close
Hashes for apistar_contrib-0.0.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 773aabe431430b9332dd277b5f5784452d80e9e4fca6959fb5dac3984aad0eb3 |
|
MD5 | 63e7a42f68feaee17a8092aa4498f3d7 |
|
BLAKE2b-256 | 78d87fe9ff19d169e6fc9f3b5c0f55f3f1f3efadc5f2a1ae3642beb492c0ab9f |