class Authorization: (source)
Implements interfaces: klein.interfaces.IDependencyInjector
, klein.interfaces.IRequiredParameter
Declare that a require-decorated function requires a certain interface be authorized from the session.
This is a dependency injector used in conjunction with a klein.Requirer
, like so:
from klein import Requirer, SesssionProcurer from klein.interfaces import ISession from myapp import ISuperDuperAdmin requirer = Requirer() procurer = SessionProcurer(store=someSessionStore) @requirer.prerequisite(ISession) def sessionize(request): return procurer.procureSession(request) app = Klein() @requirer.require( app.route("/admin"), adminPowers=Authorization(ISuperDuperAdmin) ) def myRoute(adminPowers): return 'ok admin: ' + adminPowers.doAdminThing()
In this example, ISuperDuperAdmin is an interface known to your application, and (via authorization plugins depending on your session storage backend) to your session store. It has a doAdminThing method. When a user hits /admin in their browser, if they are duly authorized, they'll see 'ok admin: ' and whatever the super-secret result of doAdminThing is. If not, by default, they'll simply get an HTTP UNAUTHORIZED response that says "myapp.ISuperDuperAdmin DENIED". (This behavior can be customized via the whenDenied parameter to Authorization
.)
Method | finalize |
Nothing to finalize when registering. |
Method | inject |
Inject a value by asking the request's session. |
Method | register |
Register this authorization to inject a parameter. |
Instance Variable | _interface |
the interface that is required. a provider of this interface is what will be dependency-injected. |
Instance Variable | _required |
is this authorization required? If so (the default), don't invoke the application code if it cannot be authorized by the procured session, and instead return the object specified by whenDenied from the dependency-injection process... |
Instance Variable | _when |
when this authorization is denied, what object - usually an IResource - should be returned to the route decorator that was passed to Requirer.require ? Note that this will never be used if required is set to ... |
Inject a value by asking the request's session.
Parameters | |
instance:Any | Undocumented |
request:IRequest | Undocumented |
routeDict[ | Undocumented |
Returns | |
Any | Undocumented |
Register this authorization to inject a parameter.
Parameters | |
injectionComponentized | Undocumented |
parameterstr | Undocumented |
lifecycle:IRequestLifecycle | Undocumented |
Returns | |
IDependencyInjector | Undocumented |
is this authorization required? If so (the default), don't invoke the application code if it cannot be authorized by the procured session, and instead return the object specified by whenDenied from the dependency-injection process. If not, then just pass None if it is not on the session.
when this authorization is denied, what object - usually an IResource - should be returned to the route decorator that was passed to Requirer.require
? Note that this will never be used if required is set to False.