Bases: tic.web.api.HTTPException
Exception for HTTP 502 Bad Gateway
Bases: tic.web.api.HTTPException
Exception for HTTP 400 Bad Request
Bases: tic.web.api.HTTPException
Exception for HTTP 409 Conflict
Bases: tic.web.api.HTTPException
Exception for HTTP 417 Expectation Failed
Bases: tic.web.api.HTTPException
Exception for HTTP 403 Forbidden
Bases: tic.web.api.HTTPException
Exception for HTTP 504 Gateway Timeout
Bases: tic.web.api.HTTPException
Exception for HTTP 410 Gone
Bases: tic.web.api.HTTPException
Exception for HTTP 500 Internal Server Error
Bases: tic.web.api.HTTPException
Exception for HTTP 411 Length Required
Bases: tic.web.api.HTTPException
Exception for HTTP 405 Method Not Allowed
Bases: tic.web.api.HTTPException
Exception for HTTP 406 Not Acceptable
Bases: tic.web.api.HTTPException
Exception for HTTP 404 Not Found
Bases: tic.web.api.HTTPException
Exception for HTTP 501 Not Implemented
Bases: tic.web.api.HTTPException
Exception for HTTP 402 Payment Required
Bases: tic.web.api.HTTPException
Exception for HTTP 412 Precondition Failed
Bases: tic.web.api.HTTPException
Exception for HTTP 407 Proxy Authentication Required
Bases: tic.web.api.HTTPException
Exception for HTTP 413 Request Entity Too Large
Bases: tic.web.api.HTTPException
Exception for HTTP 408 Request Timeout
Bases: tic.web.api.HTTPException
Exception for HTTP 414 Request-Uri Too Long
Bases: tic.web.api.HTTPException
Exception for HTTP 416 Requested Range Not Satisfiable
Bases: tic.web.api.HTTPException
Exception for HTTP 503 Service Unavailable
Bases: tic.web.api.HTTPException
Exception for HTTP 401 Unauthorized
Bases: tic.web.api.HTTPException
Exception for HTTP 415 Unsupported Media Type
Bases: tic.web.api.HTTPException
Exception for HTTP 505 Http Version Not Supported
Bases: tic.core.Interface
Extension point interface for components that can provide the name of the remote user.
Bases: tic.core.Interface
Extension point interface for email handlers.
Bases: tic.core.Interface
Extension point interface for components that want to filter HTTP requests, before and/or after they are processed by the main handler.
Do any post-processing the request might need; typically adding values to the template data dictionary, or changing template or mime type.
data may be update in place.
Always returns a tuple of (template, data, content_type), even if unchanged.
(Since 0.11)
Bases: tic.core.Interface
Extension point interface for request handlers.
Bases: object
Represents a HTTP request/response pair.
This class provides a convenience API over WSGI.
Add a callable to be called prior to executing a redirect.
The callable is passed the arguments to the redirect() call.
The root path of the application
Check the request “If-None-Match” header against an entity tag.
The entity tag is generated from the specified last modified time (datetime), optionally appending an extra string to indicate variants of the requested resource.
That extra parameter can also be a list, in which case the MD5 sum of the list content will be used.
If the generated tag matches the “If-None-Match” header of the request, this method sends a “304 Not Modified” response to the client. Otherwise, it adds the entity tag as an “ETag” header to the response so that consecutive requests can be cached.
Must be called after all headers have been sent and before the actual content is written.
Return the value of the specified HTTP header, or None if there’s no such header in the request.
The HTTP method of the request
Path inside the application
Query part of the request
Send a redirect to the client, forwarding to the specified URL. The url may be relative or absolute, relative URLs will be translated appropriately.
IP address of the remote user
Name of the remote user, None if the userhas not logged in using HTTP authentication
The scheme of the request URL
Send a local file to the browser.
This method includes the “Last-Modified”, “Content-Type” and “Content-Length” headers in the response, corresponding to the file attributes. It also checks the last modification time of the local file against the “If-Modified-Since” provided by the user agent, and sends a “304 Not Modified” response if it matches.
Send the response header with the specified name and value.
value must either be an unicode string or can be converted to one (e.g. numbers, ...)
Name of the server
Port number the server is bound to
Bases: object
Implements a callable that constructs URLs with the given base. The function can be called with any number of positional and keyword arguments which than are used to assemble the URL.
Positional arguments are appended as individual segments to the path of the URL:
>>> href = Href('/trac')
>>> href('ticket', 540)
'/trac/ticket/540'
>>> href('ticket', 540, 'attachment', 'bugfix.patch')
'/trac/ticket/540/attachment/bugfix.patch'
>>> href('ticket', '540/attachment/bugfix.patch')
'/trac/ticket/540/attachment/bugfix.patch'
If a positional parameter evaluates to None, it will be skipped:
>>> href('ticket', 540, 'attachment', None)
'/trac/ticket/540/attachment'
The first path segment can also be specified by calling an attribute of the instance, as follows:
>>> href.ticket(540)
'/trac/ticket/540'
>>> href.changeset(42, format='diff')
'/trac/changeset/42?format=diff'
Simply calling the Href object with no arguments will return the base URL:
>>> href()
'/trac'
Keyword arguments are added to the query string, unless the value is None:
>>> href = Href('/trac')
>>> href('timeline', format='rss')
'/trac/timeline?format=rss'
>>> href('timeline', format=None)
'/trac/timeline'
>>> href('search', q='foo bar')
'/trac/search?q=foo+bar'
Multiple values for one parameter are specified using a sequence (a list or tuple) for the parameter:
>>> href('timeline', show=['ticket', 'wiki', 'changeset'])
'/trac/timeline?show=ticket&show=wiki&show=changeset'
Alternatively, query string parameters can be added by passing a dict or list as last positional argument:
>>> href('timeline', {'from': '02/24/05', 'daysback': 30})
'/trac/timeline?daysback=30&from=02%2F24%2F05'
>>> href('timeline', {})
'/trac/timeline'
>>> href('timeline', [('from', '02/24/05')])
'/trac/timeline?from=02%2F24%2F05'
>>> href('timeline', ()) == href('timeline', []) == href('timeline', {})
True
The usual way of quoting arguments that would otherwise be interpreted as Python keywords is supported too:
>>> href('timeline', from_='02/24/05', daysback=30)
'/trac/timeline?from=02%2F24%2F05&daysback=30'
If the order of query string parameters should be preserved, you may also pass a sequence of (name, value) tuples as last positional argument:
>>> href('query', (('group', 'component'), ('groupdesc', 1)))
'/trac/query?group=component&groupdesc=1'
>>> params = []
>>> params.append(('group', 'component'))
>>> params.append(('groupdesc', 1))
>>> href('query', params)
'/trac/query?group=component&groupdesc=1'
By specifying an absolute base, the function returned will also generate absolute URLs:
>>> href = Href('http://trac.edgewall.org')
>>> href('ticket', 540)
'http://trac.edgewall.org/ticket/540'
>>> href = Href('https://trac.edgewall.org')
>>> href('ticket', 540)
'https://trac.edgewall.org/ticket/540'
In common usage, it may improve readability to use the function-calling ability for the first component of the URL as mentioned earlier:
>>> href = Href('/trac')
>>> href.ticket(540)
'/trac/ticket/540'
>>> href.browser('/trunk/README.txt', format='txt')
'/trac/browser/trunk/README.txt?format=txt'
Bases: tic.core.Component
This is the default handler. It basically handles the entry, index.html and converting any dojo files to cross domain,xd, files if needed
Bases: tic.core.Component
Default handler for the favicon to return nothing.. this is just to escape erroring out which cost alot in appengine
This can be overridden by configuring it in the app.yaml file. see appengine docs for more details
Bases: tic.core.Component
Router for all incomming mail
List of components that implement tic.web.api.IEmailHandler
Bases: tic.core.Component
Web request dispatcher. This component dispatches incoming requests to registered handlers.
List of components that implement tic.web.api.IAuthenticator
List of components that implement tic.web.api.IRequestHandler
Modifications by Adam Thurlow – extracted to be standalone sessions
Copyright (c) 2008, appengine-utilities project All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Bases: object
Sessions are used to maintain user presence between requests.
Sessions can either be stored server side in the datastore/memcache, or be kept entirely as cookies. This is set either with the settings file or on initialization, using the writer argument/setting field. Valid values are “datastore” or “cookie”.
The datastore writer was written with the focus being on security, reliability, and performance. In that order.
It is based off of a session token system. All data is stored server side in the datastore and memcache. A token is given to the browser, and stored server side. Optionally (and on by default), user agent and ip checking is enabled. Tokens have a configurable time to live (TTL), which defaults to 5 seconds. The current token, plus the previous 2, are valid for any request. This is done in order to manage ajax enabled sites which may have more than on request happening at a time. This means any token is valid for 15 seconds. A request with a token who’s TTL has passed will have a new token generated.
In order to take advantage of the token system for an authentication system, you will want to tie sessions to accounts, and make sure only one session is valid for an account. You can do this by setting a db.ReferenceProperty(_AppEngineUtilities_Session) attribute on your user Model, and use the get_ds_entity() method on a valid session to populate it on login.
Note that even with this complex system, sessions can still be hijacked and it will take the user logging in to retrieve the account. In the future an ssl only cookie option may be implemented for the datastore writer, which would further protect the session token from being sniffed, however it would be restricted to using cookies on the .appspot.com domain, and ssl requests are a finite resource. This is why such a thing is not currently implemented.
Session data objects are stored in the datastore pickled, so any python object is valid for storage.
Sessions using the cookie writer are stored entirely in the browser and no interaction with the datastore is required. This creates a drastic improvement in performance, but provides no security for session hijack. This is useful for requests where identity is not important, but you wish to keep state between requests.
Information is stored in a json format, as pickled data from the server is unreliable.
Note: There is no checksum validation of session data on this method, it’s streamlined for pure performance. If you need to make sure data is not tampered with, use the datastore writer which stores the data server side.
Retrieves the token from a cookie and validates that it is a valid token for an existing cookie. Cookie validation is based on the token existing on a session that has not expired.
This is useful for determining if datastore or cookie writer should be used in hybrid implementations.
cookie_name: Name of the cookie to check for a token. delete_invalid: If the token is not valid, delete the session
cookie, to avoid datastore queries on future requests.
Returns True/False
Delete expired sessions from the datastore.
This is a class method which can be used by applications for maintenance if they don’t want to use the built in session cleaning.
count: The amount of session to clean. session_expire_time: The age in seconds to determine outdated
sessions.
Returns True on completion
Removes session data items, doesn’t delete the session. It does work with cookie sessions, and must be called before any output is sent to the browser, as it set cookies.
Returns True
Delete the current session and start a new one.
This is useful for when you need to get rid of all data tied to a current session, such as when you are logging out a user.
Returns True
Deletes all sessions and session data from the data store. This does not delete the entities from memcache (yet). Depending on the amount of sessions active in your datastore, this request could timeout before completion and may have to be called multiple times.
NOTE: This can not delete cookie only sessions as it has no way to access them. It will only delete datastore writer sessions.
Returns True on completion.
Delete item from session data, ignoring exceptions if necessary.
Returns either the value for the keyname or a default value passed.
Returns value of keyname, or default, or None
Will return the session entity from the datastore if one exists, otherwise will return None (as in the case of cookie writer session.
Equivalent to k in a, use that form in new code
Returns True/False
Generates headers to avoid any page caching in the browser. Useful for highly dynamic sites.
Returns a unicode string of headers.
Returns either the value for the keyname or a default value passed. If keyname lookup is a miss, the keyname is set with a value of default.
Returns value of keyname, or default, or None
Bases: object
Abstract base class for WSGI servers or gateways.
alias of _FileWrapper
Bases: BaseHTTPServer.BaseHTTPRequestHandler
Bases: BaseHTTPServer.HTTPServer
Bases: tic.web.wsgi.WSGIGateway