Navigation

Source code for pyramid_fullauth.routing.predicates

# Copyright (c) 2013 - 2014 by pyramid_fullauth authors and contributors <see AUTHORS file>
#
# This module is part of pyramid_fullauth and is released under
# the MIT License (MIT): http://opensource.org/licenses/MIT
"""Routing predicate definitions."""

from sqlalchemy.orm.exc import NoResultFound
from pyramid.config.predicates import CheckCSRFTokenPredicate
from pyramid.httpexceptions import HTTPUnauthorized
import pyramid_basemodel

from pyramid_fullauth.models import User



[docs]def reset_hash(info, request):
    """
    Check whether reset hash is correct.

    :param dict info: pyramid info dict with path fragments and info
    :param pyramid.request.Request request: request object

    :returns: whether reset hash exists or not
    :rtype: bool

    """
    reset_hash = info['match'].get('hash', None)
    if reset_hash:
        try:
            info['match']['user'] = pyramid_basemodel.Session.query(User).filter(User.reset_key == reset_hash).one()
            return True
        except NoResultFound:
            pass
    return False




[docs]def change_email_hash(info, request):
    """
    Check whether change email hash is correct.

    :param dict info: pyramid info dict with path fragments and info
    :param pyramid.request.Request request: request object

    :returns: whether change email hash exists or not
    :rtype: bool

    """
    change_email_hash = info['match'].get('hash', None)
    if change_email_hash:
        try:
            info['match']['user'] = pyramid_basemodel.Session.query(User).filter(User.email_change_key == change_email_hash).one()
            return True
        except NoResultFound:
            pass
    return False




[docs]class CSRFCheckPredicate(CheckCSRFTokenPredicate):

    """
    Run csrf check dependant on configuration.

    .. note::

        Raises HTTPUnauthorized exception if check fails.

    :raises: pyramid.httpexceptions.HTTPUnauthorized

    :returns: True if check succeeds or turned off.
    :rtype: bool

    """

    def __call__(self, context, request):
        """
        Run predicate check.

        :param context:
        :param pyramid.request.Request request:

        """
        if request.registry['config'].fullauth.check_csrf:
            result = CheckCSRFTokenPredicate.__call__(self, context, request)
            if not result:
                raise HTTPUnauthorized

        return True

Navigation

© Copyright 2013, Grzegorz Śliwiński. Created using Sphinx 1.2.2.