ginsfsm / ginsfsm / protocols / sockjs / server /

The default branch has multiple heads

Full commit
# -*- encoding: utf-8 -*-
""" basehandler

from datetime import datetime, timedelta

from pyramid.response import Response

#                   Base Views
CACHE_TIME = 31536000

class BaseHandler(Response):
    # same as initialize() of Tornado
    def __init__(self, context, request):
        self.context = context
        self.request = request
        super(BaseHandler, self).__init__()
        self.ginsfsm_request = None
        self.ginsfsm_response = None

    def set_response(self, response):
        """ response can be request.response for static urls
            or self for sessioned urls.
        self.response = response
        return response

    # Various helpers
    def set_header(self, name, value):
        """Sets the given response header name and value.

        If a datetime is given, we automatically format it according to the
        HTTP specification. If the value is not a string, we convert it to
        a string. All header values are then encoded as UTF-8.
        # self._headers[name] = self._convert_header_value(value)  de tornado
        self.response.headerlist.append((name, value))

    def set_status(self, code):
        self.response.status = code

    def set_body(self, body):
        self.response.body = body

    def add_body(self, chunk):

    def enable_cache(self):
        """Enable client-side caching for the current request"""
        d = + timedelta(seconds=CACHE_TIME)
        self.set_header('Cache-Control', 'max-age=%d, public' % CACHE_TIME)
        self.set_header('Expires', d.strftime('%a, %d %b %Y %H:%M:%S'))
        self.set_header('Access-Control-Max-Age', str(CACHE_TIME))

    def disable_cache(self):
        """Disable client-side cache for the current request"""
            'no-store, no-cache, must-revalidate, max-age=0'

    def handle_session_cookie(self):
        """Handle JSESSIONID cookie logic"""
        # Tornado:
        # If JSESSIONID support is disabled in the settings,
        # ignore cookie logic
        if not self.context.sockjs_server.jsessionid:

        cookie = self.request.cookies.get('JSESSIONID')
        if not cookie:
            cv = 'dummy'
            cv = cookie.value
        self.response.set_cookie('JSESSIONID', cv)
        return ('Set-Cookie', self.response.headers['Set-Cookie'])

    def finish(self):
        """Finishes this response, ending the HTTP request."""
        #super(BaseHandler, self).finish()
        if self.ginsfsm_response:

    def safe_finish(self):
        """ Finish session.
        If it will blow up - connection was set to Keep-Alive and
        client dropped connection, ignore any IOError or socket error."""

    def write(self, data):
        """ Write data to the network.
            Must be overridden in your application
        if self.ginsfsm_response:

    def flush(self, include_footers=False, callback=None):
        """Flushes the current output buffer to the network.

        The ``callback`` argument, if given, can be used for flow control:
        it will be run when all flushed data has been written to the socket.
        Note that only one flush callback can be outstanding at a time;
        if another flush occurs before the previous flush's callback
        has been run, the previous callback will be discarded.
        if self.ginsfsm_response:
        if callback:
            # TODO: must be executed at on event WRITE
            # instead next pooling cycle.

class PreflightHandler(BaseHandler):
    """CORS preflight handler"""

    def __init__(self, context, request):
        BaseHandler.__init__(self, context, request)

    def options(self, *args, **kwargs):
        """XHR cross-domain OPTIONS handler"""
        response = self.set_response(self.request.response)

        if self.verify_origin():
            allowed_methods = getattr(self, 'access_methods', 'OPTIONS, POST')
            self.set_header('Access-Control-Allow-Methods', allowed_methods)
            self.set_header('Allow', allowed_methods)

            # Set forbidden

        # self.finish() TODO: how tell http-server to finish connection?
        return response

    def preflight(self):
        """ Handles request authentication
            Cors headers.
        request = self.request
        # origin = self.request.headers.get('Origin', '*') tornado
        origin = request.environ.get("HTTP_ORIGIN", '*')
        if origin == 'null':
            origin = '*'  # Respond with '*' to 'null' origin

        self.set_header('Access-Control-Allow-Origin', origin)

        # headers = self.request.headers.get('Access-Control-Request-Headers')
        headers = request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')
        if headers:
            self.set_header('Access-Control-Allow-Headers', headers)

        self.set_header('Access-Control-Allow-Credentials', 'true')

    def verify_origin(self):
        """Verify if request can be served"""
        # TODO: Verify origin
        return True