klein.Authorization

class documentation

class Authorization: (source)

Implements interfaces: klein.interfaces.IDependencyInjector, klein.interfaces.IRequiredParameter

Declare that a require-decorated function requires a certain interface be authorized from the session.

This is a dependency injector used in conjunction with a klein.Requirer, like so:

    from klein import Requirer, SesssionProcurer
    from klein.interfaces import ISession

    from myapp import ISuperDuperAdmin

    requirer = Requirer()
    procurer = SessionProcurer(store=someSessionStore)
    @requirer.prerequisite(ISession)
    def sessionize(request):
        return procurer.procureSession(request)

    app = Klein()

    @requirer.require(
        app.route("/admin"),
        adminPowers=Authorization(ISuperDuperAdmin)
    )
    def myRoute(adminPowers):
        return 'ok admin: ' + adminPowers.doAdminThing()

In this example, ISuperDuperAdmin is an interface known to your application, and (via authorization plugins depending on your session storage backend) to your session store. It has a doAdminThing method. When a user hits /admin in their browser, if they are duly authorized, they'll see 'ok admin: ' and whatever the super-secret result of doAdminThing is. If not, by default, they'll simply get an HTTP UNAUTHORIZED response that says "myapp.ISuperDuperAdmin DENIED". (This behavior can be customized via the whenDenied parameter to Authorization.)

Method	`finalize`	Nothing to finalize when registering.
Method	`injectValue`	Inject a value by asking the request's session.
Method	`registerInjector`	Register this authorization to inject a parameter.
Instance Variable	`_interface`	the interface that is required. a provider of this interface is what will be dependency-injected.
Instance Variable	`_required`	is this authorization required? If so (the default), don't invoke the application code if it cannot be authorized by the procured session, and instead return the object specified by whenDenied from the dependency-injection process...
Instance Variable	`_whenDenied`	when this authorization is denied, what object - usually an IResource - should be returned to the route decorator that was passed to `Requirer.require`? Note that this will never be used if `required` is set to ...

def finalize(self): (source)

from klein.interfaces.IDependencyInjector

Nothing to finalize when registering.

@inlineCallbacks
def injectValue(self, instance, request, routeParams): (source)

from klein.interfaces.IDependencyInjector

Inject a value by asking the request's session.

Parameters
instance:`Any`	Undocumented
request:`IRequest`	Undocumented
routeParams:`Dict[str, Any]`	Undocumented
Returns
`Any`	Undocumented

def registerInjector(self, injectionComponents, parameterName, lifecycle): (source)

from klein.interfaces.IRequiredParameter

Parameters
injectionComponents:`Componentized`	Undocumented
parameterName:`str`	Undocumented
lifecycle:`IRequestLifecycle`	Undocumented
Returns
`IDependencyInjector`	Undocumented

_interface: Type[Interface] = (source)

the interface that is required. a provider of this interface is what will be dependency-injected.

_required: bool = (source)

is this authorization required? If so (the default), don't invoke the application code if it cannot be authorized by the procured session, and instead return the object specified by whenDenied from the dependency-injection process. If not, then just pass None if it is not on the session.

_whenDenied: Callable[[Type[Interface], Any], Any] = (source)

when this authorization is denied, what object - usually an IResource - should be returned to the route decorator that was passed to Requirer.require? Note that this will never be used if required is set to False.