ginsfsm / ginsfsm / protocols / sockjs / server / basehandler.py

The default branch has multiple heads

# -*- encoding: utf-8 -*-
""" basehandler
"""

from datetime import datetime, timedelta

from pyramid.response import Response

#----------------------------------------------------------------#
#                   Base Views
#----------------------------------------------------------------#
CACHE_TIME = 31536000


class BaseHandler(Response):
    # same as initialize() of Tornado
    def __init__(self, context, request):
        self.context = context
        self.request = request
        super(BaseHandler, self).__init__()

    def set_response(self, response):
        """ response can be request.response for static urls
            or self for sessioned urls.
        """
        self.response = response
        return response

    def finish(self):
        """Finishes this response, ending the HTTP request."""
        #self._log_disconnect()
        #super(BaseHandler, self).finish()

    # Various helpers
    def set_header(self, name, value):
        """Sets the given response header name and value.

        If a datetime is given, we automatically format it according to the
        HTTP specification. If the value is not a string, we convert it to
        a string. All header values are then encoded as UTF-8.
        """
        # self._headers[name] = self._convert_header_value(value)  de tornado
        self.response.headerlist.append((name, value))

    def set_status(self, code):
        self.response.status = code

    def set_body(self, body):
        self.response.body = body

    def enable_cache(self):
        """Enable client-side caching for the current request"""
        d = datetime.now() + timedelta(seconds=CACHE_TIME)
        self.set_header('Cache-Control', 'max-age=%d, public' % CACHE_TIME)
        self.set_header('Expires', d.strftime('%a, %d %b %Y %H:%M:%S'))
        self.set_header('Access-Control-Max-Age', str(CACHE_TIME))

    def disable_cache(self):
        """Disable client-side cache for the current request"""
        self.set_header(
            'Cache-Control',
            'no-store, no-cache, must-revalidate, max-age=0'
        )

    def handle_session_cookie(self):
        """Handle JSESSIONID cookie logic"""
        # Tornado:
        # If JSESSIONID support is disabled in the settings,
        # ignore cookie logic
        if not self.context.sockjs_server.jsessionid:
            return

        cookie = self.request.cookies.get('JSESSIONID')
        if not cookie:
            cv = 'dummy'
        else:
            cv = cookie.value
        self.response.set_cookie('JSESSIONID', cv)
        return ('Set-Cookie', self.response.headers['Set-Cookie'])

    def safe_finish(self):
        """Finish session. If it will blow up - connection was set to Keep-Alive and
        client dropped connection, ignore any IOError or socket error."""
        self.finish()

    def write(self, data):
        """ Write data to the network.
            Must be overridden in your application
        """
        raise NotImplementedError()

    def flush(self, include_footers=False, callback=None):
        """Flushes the current output buffer to the network.

        The ``callback`` argument, if given, can be used for flow control:
        it will be run when all flushed data has been written to the socket.
        Note that only one flush callback can be outstanding at a time;
        if another flush occurs before the previous flush's callback
        has been run, the previous callback will be discarded.
        """
        if callback:
            # TODO: must be executed at on event WRITE
            # instead next pooling cycle.
            self.context.sockjs_server.gaplic.add_callback(callback)


class PreflightHandler(BaseHandler):
    """CORS preflight handler"""

    def __init__(self, context, request):
        BaseHandler.__init__(self, context, request)

    def options(self, *args, **kwargs):
        """XHR cross-domain OPTIONS handler"""
        response = self.set_response(self.request.response)
        self.enable_cache()
        self.handle_session_cookie()
        self.preflight()

        if self.verify_origin():
            allowed_methods = getattr(self, 'access_methods', 'OPTIONS, POST')
            self.set_header('Access-Control-Allow-Methods', allowed_methods)
            self.set_header('Allow', allowed_methods)

            self.set_status(204)
        else:
            # Set forbidden
            self.set_status(403)

        # self.finish() TODO: how tell http-server to finish connection?
        return response

    def preflight(self):
        """ Handles request authentication
            Cors headers.
        """
        request = self.request
        # origin = self.request.headers.get('Origin', '*') tornado
        origin = request.environ.get("HTTP_ORIGIN", '*')
        if origin == 'null':
            origin = '*'  # Respond with '*' to 'null' origin

        self.set_header('Access-Control-Allow-Origin', origin)

        # headers = self.request.headers.get('Access-Control-Request-Headers')
        headers = request.environ.get('HTTP_ACCESS_CONTROL_REQUEST_HEADERS')
        if headers:
            self.set_header('Access-Control-Allow-Headers', headers)

        self.set_header('Access-Control-Allow-Credentials', 'true')

    def verify_origin(self):
        """Verify if request can be served"""
        # TODO: Verify origin
        return True
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.