upstream/ipython Commit - r5824:28e18f34

authenticate local file access...

MinRK -

r5824:28e18f34

parent child

IPython/frontend/html/notebook/handlers.py

0 +9 0

             """Tornado handlers for the notebook.
             Authors:
             * Brian Granger
             """
             #-----------------------------------------------------------------------------
             #  Copyright (C) 2008-2011  The IPython Development Team
             #
             #  Distributed under the terms of the BSD License.  The full license is in
             #  the file COPYING, distributed as part of this software.
             #-----------------------------------------------------------------------------
             #-----------------------------------------------------------------------------
             # Imports
             #-----------------------------------------------------------------------------
             import logging
             import Cookie
             import uuid
             from tornado import web
             from tornado import websocket
             from zmq.eventloop import ioloop
             from zmq.utils import jsonapi
             from IPython.external.decorator import decorator
             from IPython.zmq.session import Session
             from IPython.lib.security import passwd_check
             try:
                 from docutils.core import publish_string
             except ImportError:
                 publish_string = None
             #-----------------------------------------------------------------------------
             # Monkeypatch for Tornado <= 2.1.1 - Remove when no longer necessary!
             #-----------------------------------------------------------------------------
             # Google Chrome, as of release 16, changed its websocket protocol number.  The
             # parts tornado cares about haven't really changed, so it's OK to continue
             # accepting Chrome connections, but as of Tornado 2.1.1 (the currently released
             # version as of Oct 30/2011) the version check fails, see the issue report:
             # https://github.com/facebook/tornado/issues/385
             # This issue has been fixed in Tornado post 2.1.1:
             # https://github.com/facebook/tornado/commit/84d7b458f956727c3b0d6710
             # Here we manually apply the same patch as above so that users of IPython can
             # continue to work with an officially released Tornado.  We make the
             # monkeypatch version check as narrow as possible to limit its effects; once
             # Tornado 2.1.1 is no longer found in the wild we'll delete this code.
             import tornado
             if tornado.version_info <= (2,1,1):
                 def _execute(self, transforms, *args, **kwargs):
                     from tornado.websocket import WebSocketProtocol8, WebSocketProtocol76
                     self.open_args = args
                     self.open_kwargs = kwargs
                     # The difference between version 8 and 13 is that in 8 the
                     # client sends a "Sec-Websocket-Origin" header and in 13 it's
                     # simply "Origin".
                     if self.request.headers.get("Sec-WebSocket-Version") in ("7", "8", "13"):
                         self.ws_connection = WebSocketProtocol8(self)
                         self.ws_connection.accept_connection()
                     elif self.request.headers.get("Sec-WebSocket-Version"):
                         self.stream.write(tornado.escape.utf8(
                             "HTTP/1.1 426 Upgrade Required\r\n"
                             "Sec-WebSocket-Version: 8\r\n\r\n"))
                         self.stream.close()
                     else:
                         self.ws_connection = WebSocketProtocol76(self)
                         self.ws_connection.accept_connection()
                 websocket.WebSocketHandler._execute = _execute
                 del _execute
             #-----------------------------------------------------------------------------
             # Decorator for disabling read-only handlers
             #-----------------------------------------------------------------------------
             @decorator
             def not_if_readonly(f, self, *args, **kwargs):
                 if self.application.read_only:
                     raise web.HTTPError(403, "Notebook server is read-only")
                 else:
                     return f(self, *args, **kwargs)
             @decorator
             def authenticate_unless_readonly(f, self, *args, **kwargs):
                 """authenticate this page *unless* readonly view is active.
                 In read-only mode, the notebook list and print view should
                 be accessible without authentication.
                 """
                 @web.authenticated
                 def auth_f(self, *args, **kwargs):
                     return f(self, *args, **kwargs)
                 if self.application.read_only:
                     return f(self, *args, **kwargs)
                 else:
                     return auth_f(self, *args, **kwargs)
             #-----------------------------------------------------------------------------
             # Top-level handlers
             #-----------------------------------------------------------------------------
             class RequestHandler(web.RequestHandler):
                 """RequestHandler with default variable setting."""
                 def render(*args, **kwargs):
                     kwargs.setdefault('message', '')
                     return web.RequestHandler.render(*args, **kwargs)
             class AuthenticatedHandler(RequestHandler):
                 """A RequestHandler with an authenticated user."""
                 def get_current_user(self):
                     user_id = self.get_secure_cookie("username")
                     # For now the user_id should not return empty, but it could eventually
                     if user_id == '':
                         user_id = 'anonymous'
                     if user_id is None:
                         # prevent extra Invalid cookie sig warnings:
                         self.clear_cookie('username')
                         if not self.application.password and not self.application.read_only:
                             user_id = 'anonymous'
                     return user_id
                 @property
                 def logged_in(self):
                     """Is a user currently logged in?
                     """
                     user = self.get_current_user()
                     return (user and not user == 'anonymous')
                 @property
                 def login_available(self):
                     """May a user proceed to log in?
                     This returns True if login capability is available, irrespective of
                     whether the user is already logged in or not.
                     """
                     return bool(self.application.password)
                 @property
                 def read_only(self):
                     """Is the notebook read-only?
                     """
                     return self.application.read_only
                 @property
                 def ws_url(self):
                     """websocket url matching the current request
                     turns http[s]://host[:port] into
                             ws[s]://host[:port]
                     """
                     proto = self.request.protocol.replace('http', 'ws')
                     return "%s://%s" % (proto, self.request.host)
+            class AuthenticatedFileHandler(AuthenticatedHandler, web.StaticFileHandler):
+                """static files should only be accessible when logged in"""
+                @authenticate_unless_readonly
+                def get(self, path):
+                    return web.StaticFileHandler.get(self, path)
             class ProjectDashboardHandler(AuthenticatedHandler):
                 @authenticate_unless_readonly
                 def get(self):
                     nbm = self.application.notebook_manager
                     project = nbm.notebook_dir
                     self.render(
                         'projectdashboard.html', project=project,
                         base_project_url=u'/', base_kernel_url=u'/',
                         read_only=self.read_only,
                         logged_in=self.logged_in,
                         login_available=self.login_available
                     )
             class LoginHandler(AuthenticatedHandler):
                 def _render(self, message=None):
                     self.render('login.html',
                             next=self.get_argument('next', default='/'),
                             read_only=self.read_only,
                             logged_in=self.logged_in,
                             login_available=self.login_available,
                             message=message
                     )
                 def get(self):
                     if self.current_user:
                         self.redirect(self.get_argument('next', default='/'))
                     else:
                         self._render()
                 def post(self):
                     pwd = self.get_argument('password', default=u'')
                     if self.application.password:
                         if passwd_check(self.application.password, pwd):
                             self.set_secure_cookie('username', str(uuid.uuid4()))
                         else:
                             self._render(message={'error': 'Invalid password'})
                             return
                     self.redirect(self.get_argument('next', default='/'))
             class LogoutHandler(AuthenticatedHandler):
                 def get(self):
                     self.clear_cookie('username')
                     if self.login_available:
                         message = {'info': 'Successfully logged out.'}
                     else:
                         message = {'warning': 'Cannot log out.  Notebook authentication '
                                    'is disabled.'}
                     self.render('logout.html',
                                 read_only=self.read_only,
                                 logged_in=self.logged_in,
                                 login_available=self.login_available,
                                 message=message)
             class NewHandler(AuthenticatedHandler):
                 @web.authenticated
                 def get(self):
                     nbm = self.application.notebook_manager
                     project = nbm.notebook_dir
                     notebook_id = nbm.new_notebook()
                     self.render(
                         'notebook.html', project=project,
                         notebook_id=notebook_id,
                         base_project_url=u'/', base_kernel_url=u'/',
                         kill_kernel=False,
                         read_only=False,
                         logged_in=self.logged_in,
                         login_available=self.login_available,
                         mathjax_url=self.application.ipython_app.mathjax_url,
                     )
             class NamedNotebookHandler(AuthenticatedHandler):
                 @authenticate_unless_readonly
                 def get(self, notebook_id):
                     nbm = self.application.notebook_manager
                     project = nbm.notebook_dir
                     if not nbm.notebook_exists(notebook_id):
                         raise web.HTTPError(404, u'Notebook does not exist: %s' % notebook_id)
                     self.render(
                         'notebook.html', project=project,
                         notebook_id=notebook_id,
                         base_project_url=u'/', base_kernel_url=u'/',
                         kill_kernel=False,
                         read_only=self.read_only,
                         logged_in=self.logged_in,
                         login_available=self.login_available,
                         mathjax_url=self.application.ipython_app.mathjax_url,
                     )
             #-----------------------------------------------------------------------------
             # Kernel handlers
             #-----------------------------------------------------------------------------
             class MainKernelHandler(AuthenticatedHandler):
                 @web.authenticated
                 def get(self):
                     km = self.application.kernel_manager
                     self.finish(jsonapi.dumps(km.kernel_ids))
                 @web.authenticated
                 def post(self):
                     km = self.application.kernel_manager
                     notebook_id = self.get_argument('notebook', default=None)
                     kernel_id = km.start_kernel(notebook_id)
                     data = {'ws_url':self.ws_url,'kernel_id':kernel_id}
                     self.set_header('Location', '/'+kernel_id)
                     self.finish(jsonapi.dumps(data))
             class KernelHandler(AuthenticatedHandler):
                 SUPPORTED_METHODS = ('DELETE')
                 @web.authenticated
                 def delete(self, kernel_id):
                     km = self.application.kernel_manager
                     km.kill_kernel(kernel_id)
                     self.set_status(204)
                     self.finish()
             class KernelActionHandler(AuthenticatedHandler):
                 @web.authenticated
                 def post(self, kernel_id, action):
                     km = self.application.kernel_manager
                     if action == 'interrupt':
                         km.interrupt_kernel(kernel_id)
                         self.set_status(204)
                     if action == 'restart':
                         new_kernel_id = km.restart_kernel(kernel_id)
                         data = {'ws_url':self.ws_url,'kernel_id':new_kernel_id}
                         self.set_header('Location', '/'+new_kernel_id)
                         self.write(jsonapi.dumps(data))
                     self.finish()
             class ZMQStreamHandler(websocket.WebSocketHandler):
                 def _reserialize_reply(self, msg_list):
                     """Reserialize a reply message using JSON.
                     This takes the msg list from the ZMQ socket, unserializes it using
                     self.session and then serializes the result using JSON. This method
                     should be used by self._on_zmq_reply to build messages that can
                     be sent back to the browser.
                     """
                     idents, msg_list = self.session.feed_identities(msg_list)
                     msg = self.session.unserialize(msg_list)
                     try:
                         msg['header'].pop('date')
                     except KeyError:
                         pass
                     try:
                         msg['parent_header'].pop('date')
                     except KeyError:
                         pass
                     msg.pop('buffers')
                     return jsonapi.dumps(msg)
                 def _on_zmq_reply(self, msg_list):
                     try:
                         msg = self._reserialize_reply(msg_list)
                     except:
                         self.application.log.critical("Malformed message: %r" % msg_list)
                     else:
                         self.write_message(msg)
             class AuthenticatedZMQStreamHandler(ZMQStreamHandler):
                 def open(self, kernel_id):
                     self.kernel_id = kernel_id.decode('ascii')
                     try:
                         cfg = self.application.ipython_app.config
                     except AttributeError:
                         # protect from the case where this is run from something other than
                         # the notebook app:
                         cfg = None
                     self.session = Session(config=cfg)
                     self.save_on_message = self.on_message
                     self.on_message = self.on_first_message
                 def get_current_user(self):
                     user_id = self.get_secure_cookie("username")
                     if user_id == '' or (user_id is None and not self.application.password):
                         user_id = 'anonymous'
                     return user_id
                 def _inject_cookie_message(self, msg):
                     """Inject the first message, which is the document cookie,
                     for authentication."""
                     if isinstance(msg, unicode):
                         # Cookie can't constructor doesn't accept unicode strings for some reason
                         msg = msg.encode('utf8', 'replace')
                     try:
                         self.request._cookies = Cookie.SimpleCookie(msg)
                     except:
                         logging.warn("couldn't parse cookie string: %s",msg, exc_info=True)
                 def on_first_message(self, msg):
                     self._inject_cookie_message(msg)
                     if self.get_current_user() is None:
                         logging.warn("Couldn't authenticate WebSocket connection")
                         raise web.HTTPError(403)
                     self.on_message = self.save_on_message
             class IOPubHandler(AuthenticatedZMQStreamHandler):
                 def initialize(self, *args, **kwargs):
                     self._kernel_alive = True
                     self._beating = False
                     self.iopub_stream = None
                     self.hb_stream = None
                 def on_first_message(self, msg):
                     try:
                         super(IOPubHandler, self).on_first_message(msg)
                     except web.HTTPError:
                         self.close()
                         return
                     km = self.application.kernel_manager
                     self.time_to_dead = km.time_to_dead
                     kernel_id = self.kernel_id
                     try:
                         self.iopub_stream = km.create_iopub_stream(kernel_id)
                         self.hb_stream = km.create_hb_stream(kernel_id)
                     except web.HTTPError:
                         # WebSockets don't response to traditional error codes so we
                         # close the connection.
                         if not self.stream.closed():
                             self.stream.close()
                         self.close()
                     else:
                         self.iopub_stream.on_recv(self._on_zmq_reply)
                         self.start_hb(self.kernel_died)
                 def on_message(self, msg):
                     pass
                 def on_close(self):
                     # This method can be called twice, once by self.kernel_died and once
                     # from the WebSocket close event. If the WebSocket connection is
                     # closed before the ZMQ streams are setup, they could be None.
                     self.stop_hb()
                     if self.iopub_stream is not None and not self.iopub_stream.closed():
                         self.iopub_stream.on_recv(None)
                         self.iopub_stream.close()
                     if self.hb_stream is not None and not self.hb_stream.closed():
                         self.hb_stream.close()
                 def start_hb(self, callback):
                     """Start the heartbeating and call the callback if the kernel dies."""
                     if not self._beating:
                         self._kernel_alive = True
                         def ping_or_dead():
                             if self._kernel_alive:
                                 self._kernel_alive = False
                                 self.hb_stream.send(b'ping')
                             else:
                                 try:
                                     callback()
                                 except:
                                     pass
                                 finally:
                                     self._hb_periodic_callback.stop()
                         def beat_received(msg):
                             self._kernel_alive = True
                         self.hb_stream.on_recv(beat_received)
                         self._hb_periodic_callback = ioloop.PeriodicCallback(ping_or_dead, self.time_to_dead*1000)
                         self._hb_periodic_callback.start()
                         self._beating= True
                 def stop_hb(self):
                     """Stop the heartbeating and cancel all related callbacks."""
                     if self._beating:
                         self._hb_periodic_callback.stop()
                         if not self.hb_stream.closed():
                             self.hb_stream.on_recv(None)
                 def kernel_died(self):
                     self.application.kernel_manager.delete_mapping_for_kernel(self.kernel_id)
                     self.write_message(
                         {'header': {'msg_type': 'status'},
                          'parent_header': {},
                          'content': {'execution_state':'dead'}
                         }
                     )
                     self.on_close()
             class ShellHandler(AuthenticatedZMQStreamHandler):
                 def initialize(self, *args, **kwargs):
                     self.shell_stream = None
                 def on_first_message(self, msg):
                     try:
                         super(ShellHandler, self).on_first_message(msg)
                     except web.HTTPError:
                         self.close()
                         return
                     km = self.application.kernel_manager
                     self.max_msg_size = km.max_msg_size
                     kernel_id = self.kernel_id
                     try:
                         self.shell_stream = km.create_shell_stream(kernel_id)
                     except web.HTTPError:
                         # WebSockets don't response to traditional error codes so we
                         # close the connection.
                         if not self.stream.closed():
                             self.stream.close()
                         self.close()
                     else:
                         self.shell_stream.on_recv(self._on_zmq_reply)
                 def on_message(self, msg):
                     if len(msg) < self.max_msg_size:
                         msg = jsonapi.loads(msg)
                         self.session.send(self.shell_stream, msg)
                 def on_close(self):
                     # Make sure the stream exists and is not already closed.
                     if self.shell_stream is not None and not self.shell_stream.closed():
                         self.shell_stream.close()
             #-----------------------------------------------------------------------------
             # Notebook web service handlers
             #-----------------------------------------------------------------------------
             class NotebookRootHandler(AuthenticatedHandler):
                 @authenticate_unless_readonly
                 def get(self):
                     nbm = self.application.notebook_manager
                     files = nbm.list_notebooks()
                     self.finish(jsonapi.dumps(files))
                 @web.authenticated
                 def post(self):
                     nbm = self.application.notebook_manager
                     body = self.request.body.strip()
                     format = self.get_argument('format', default='json')
                     name = self.get_argument('name', default=None)
                     if body:
                         notebook_id = nbm.save_new_notebook(body, name=name, format=format)
                     else:
                         notebook_id = nbm.new_notebook()
                     self.set_header('Location', '/'+notebook_id)
                     self.finish(jsonapi.dumps(notebook_id))
             class NotebookHandler(AuthenticatedHandler):
                 SUPPORTED_METHODS = ('GET', 'PUT', 'DELETE')
                 @authenticate_unless_readonly
                 def get(self, notebook_id):
                     nbm = self.application.notebook_manager
                     format = self.get_argument('format', default='json')
                     last_mod, name, data = nbm.get_notebook(notebook_id, format)
                     if format == u'json':
                         self.set_header('Content-Type', 'application/json')
                         self.set_header('Content-Disposition','attachment; filename="%s.ipynb"' % name)
                     elif format == u'py':
                         self.set_header('Content-Type', 'application/x-python')
                         self.set_header('Content-Disposition','attachment; filename="%s.py"' % name)
                     self.set_header('Last-Modified', last_mod)
                     self.finish(data)
                 @web.authenticated
                 def put(self, notebook_id):
                     nbm = self.application.notebook_manager
                     format = self.get_argument('format', default='json')
                     name = self.get_argument('name', default=None)
                     nbm.save_notebook(notebook_id, self.request.body, name=name, format=format)
                     self.set_status(204)
                     self.finish()
                 @web.authenticated
                 def delete(self, notebook_id):
                     nbm = self.application.notebook_manager
                     nbm.delete_notebook(notebook_id)
                     self.set_status(204)
                     self.finish()
             #-----------------------------------------------------------------------------
             # RST web service handlers
             #-----------------------------------------------------------------------------
             class RSTHandler(AuthenticatedHandler):
                 @web.authenticated
                 def post(self):
                     if publish_string is None:
                         raise web.HTTPError(503, u'docutils not available')
                     body = self.request.body.strip()
                     source = body
                     # template_path=os.path.join(os.path.dirname(__file__), u'templates', u'rst_template.html')
                     defaults = {'file_insertion_enabled': 0,
                                 'raw_enabled': 0,
                                 '_disable_config': 1,
                                 'stylesheet_path': 0
                                 # 'template': template_path
                     }
                     try:
                         html = publish_string(source, writer_name='html',
                                               settings_overrides=defaults
                         )
                     except:
                         raise web.HTTPError(400, u'Invalid RST')
                     print html
                     self.set_header('Content-Type', 'text/html')
                     self.finish(html)

IPython/frontend/html/notebook/notebookapp.py

0 +3 -2

             """A tornado based IPython notebook server.
             Authors:
             * Brian Granger
             """
             #-----------------------------------------------------------------------------
             #  Copyright (C) 2008-2011  The IPython Development Team
             #
             #  Distributed under the terms of the BSD License.  The full license is in
             #  the file COPYING, distributed as part of this software.
             #-----------------------------------------------------------------------------
             #-----------------------------------------------------------------------------
             # Imports
             #-----------------------------------------------------------------------------
             # stdlib
             import errno
             import logging
             import os
             import signal
             import socket
             import sys
             import threading
             import webbrowser
             # Third party
             import zmq
             # Install the pyzmq ioloop. This has to be done before anything else from
             # tornado is imported.
             from zmq.eventloop import ioloop
             # FIXME: ioloop.install is new in pyzmq-2.1.7, so remove this conditional
             # when pyzmq dependency is updated beyond that.
             if hasattr(ioloop, 'install'):
                 ioloop.install()
             else:
                 import tornado.ioloop
                 tornado.ioloop.IOLoop = ioloop.IOLoop
             from tornado import httpserver
             from tornado import web
             # Our own libraries
             from .kernelmanager import MappingKernelManager
             from .handlers import (LoginHandler, LogoutHandler,
                 ProjectDashboardHandler, NewHandler, NamedNotebookHandler,
                 MainKernelHandler, KernelHandler, KernelActionHandler, IOPubHandler,
-                ShellHandler, NotebookRootHandler, NotebookHandler, RSTHandler
+                ShellHandler, NotebookRootHandler, NotebookHandler, RSTHandler,
+                AuthenticatedFileHandler,
             )
             from .notebookmanager import NotebookManager
             from IPython.config.application import catch_config_error, boolean_flag
             from IPython.core.application import BaseIPythonApplication
             from IPython.core.profiledir import ProfileDir
             from IPython.lib.kernel import swallow_argv
             from IPython.zmq.session import Session, default_secure
             from IPython.zmq.zmqshell import ZMQInteractiveShell
             from IPython.zmq.ipkernel import (
                 flags as ipkernel_flags,
                 aliases as ipkernel_aliases,
                 IPKernelApp
             )
             from IPython.utils.traitlets import Dict, Unicode, Integer, List, Enum, Bool
             #-----------------------------------------------------------------------------
             # Module globals
             #-----------------------------------------------------------------------------
             _kernel_id_regex = r"(?P<kernel_id>\w+-\w+-\w+-\w+-\w+)"
             _kernel_action_regex = r"(?P<action>restart|interrupt)"
             _notebook_id_regex = r"(?P<notebook_id>\w+-\w+-\w+-\w+-\w+)"
             LOCALHOST = '127.0.0.1'
             _examples = """
             ipython notebook                       # start the notebook
             ipython notebook --profile=sympy       # use the sympy profile
             ipython notebook --pylab=inline        # pylab in inline plotting mode
             ipython notebook --certfile=mycert.pem # use SSL/TLS certificate
             ipython notebook --port=5555 --ip=*    # Listen on port 5555, all interfaces
             """
             #-----------------------------------------------------------------------------
             # The Tornado web application
             #-----------------------------------------------------------------------------
             class NotebookWebApplication(web.Application):
                 def __init__(self, ipython_app, kernel_manager, notebook_manager, log, settings_overrides):
                     handlers = [
                         (r"/", ProjectDashboardHandler),
                         (r"/login", LoginHandler),
                         (r"/logout", LogoutHandler),
                         (r"/new", NewHandler),
                         (r"/%s" % _notebook_id_regex, NamedNotebookHandler),
                         (r"/kernels", MainKernelHandler),
                         (r"/kernels/%s" % _kernel_id_regex, KernelHandler),
                         (r"/kernels/%s/%s" % (_kernel_id_regex, _kernel_action_regex), KernelActionHandler),
                         (r"/kernels/%s/iopub" % _kernel_id_regex, IOPubHandler),
                         (r"/kernels/%s/shell" % _kernel_id_regex, ShellHandler),
                         (r"/notebooks", NotebookRootHandler),
                         (r"/notebooks/%s" % _notebook_id_regex, NotebookHandler),
                         (r"/rstservice/render", RSTHandler),
-                        (r"/local/(.*)", web.StaticFileHandler, {'path' : notebook_manager.notebook_dir}),
+                        (r"/local/(.*)", AuthenticatedFileHandler, {'path' : notebook_manager.notebook_dir}),
                     ]
                     settings = dict(
                         template_path=os.path.join(os.path.dirname(__file__), "templates"),
                         static_path=os.path.join(os.path.dirname(__file__), "static"),
                         cookie_secret=os.urandom(1024),
                         login_url="/login",
                     )
                     # allow custom overrides for the tornado web app.
                     settings.update(settings_overrides)
                     super(NotebookWebApplication, self).__init__(handlers, **settings)
                     self.kernel_manager = kernel_manager
                     self.log = log
                     self.notebook_manager = notebook_manager
                     self.ipython_app = ipython_app
                     self.read_only = self.ipython_app.read_only
             #-----------------------------------------------------------------------------
             # Aliases and Flags
             #-----------------------------------------------------------------------------
             flags = dict(ipkernel_flags)
             flags['no-browser']=(
                 {'NotebookApp' : {'open_browser' : False}},
                 "Don't open the notebook in a browser after startup."
             )
             flags['no-mathjax']=(
                 {'NotebookApp' : {'enable_mathjax' : False}},
                 """Disable MathJax
                 MathJax is the javascript library IPython uses to render math/LaTeX. It is
                 very large, so you may want to disable it if you have a slow internet
                 connection, or for offline use of the notebook.
                 When disabled, equations etc. will appear as their untransformed TeX source.
                 """
             )
             flags['read-only'] = (
                 {'NotebookApp' : {'read_only' : True}},
                 """Allow read-only access to notebooks.
                 When using a password to protect the notebook server, this flag
                 allows unauthenticated clients to view the notebook list, and
                 individual notebooks, but not edit them, start kernels, or run
                 code.
                 If no password is set, the server will be entirely read-only.
                 """
             )
             # Add notebook manager flags
             flags.update(boolean_flag('script', 'NotebookManager.save_script',
                            'Auto-save a .py script everytime the .ipynb notebook is saved',
                            'Do not auto-save .py scripts for every notebook'))
             # the flags that are specific to the frontend
             # these must be scrubbed before being passed to the kernel,
             # or it will raise an error on unrecognized flags
             notebook_flags = ['no-browser', 'no-mathjax', 'read-only', 'script', 'no-script']
             aliases = dict(ipkernel_aliases)
             aliases.update({
                 'ip': 'NotebookApp.ip',
                 'port': 'NotebookApp.port',
                 'keyfile': 'NotebookApp.keyfile',
                 'certfile': 'NotebookApp.certfile',
                 'notebook-dir': 'NotebookManager.notebook_dir',
             })
             # remove ipkernel flags that are singletons, and don't make sense in
             # multi-kernel evironment:
             aliases.pop('f', None)
             notebook_aliases = [u'port', u'ip', u'keyfile', u'certfile',
                                 u'notebook-dir']
             #-----------------------------------------------------------------------------
             # NotebookApp
             #-----------------------------------------------------------------------------
             class NotebookApp(BaseIPythonApplication):
                 name = 'ipython-notebook'
                 default_config_file_name='ipython_notebook_config.py'
                 description = """
                     The IPython HTML Notebook.
                     This launches a Tornado based HTML Notebook Server that serves up an
                     HTML5/Javascript Notebook client.
                 """
                 examples = _examples
                 classes = [IPKernelApp, ZMQInteractiveShell, ProfileDir, Session,
                            MappingKernelManager, NotebookManager]
                 flags = Dict(flags)
                 aliases = Dict(aliases)
                 kernel_argv = List(Unicode)
                 log_level = Enum((0,10,20,30,40,50,'DEBUG','INFO','WARN','ERROR','CRITICAL'),
                                 default_value=logging.INFO,
                                 config=True,
                                 help="Set the log level by value or name.")
                 # Network related information.
                 ip = Unicode(LOCALHOST, config=True,
                     help="The IP address the notebook server will listen on."
                 )
                 def _ip_changed(self, name, old, new):
                     if new == u'*': self.ip = u''
                 port = Integer(8888, config=True,
                     help="The port the notebook server will listen on."
                 )
                 certfile = Unicode(u'', config=True,
                     help="""The full path to an SSL/TLS certificate file."""
                 )
                 keyfile = Unicode(u'', config=True,
                     help="""The full path to a private key file for usage with SSL/TLS."""
                 )
                 password = Unicode(u'', config=True,
                                   help="""Hashed password to use for web authentication.
                                   To generate, type in a python/IPython shell:
                                     from IPython.lib import passwd; passwd()
                                   The string should be of the form type:salt:hashed-password.
                                   """
                 )
                 open_browser = Bool(True, config=True,
                                     help="Whether to open in a browser after starting.")
                 read_only = Bool(False, config=True,
                     help="Whether to prevent editing/execution of notebooks."
                 )
                 webapp_settings = Dict(config=True,
                         help="Supply overrides for the tornado.web.Application that the "
                              "IPython notebook uses.")
                 enable_mathjax = Bool(True, config=True,
                     help="""Whether to enable MathJax for typesetting math/TeX
                     MathJax is the javascript library IPython uses to render math/LaTeX. It is
                     very large, so you may want to disable it if you have a slow internet
                     connection, or for offline use of the notebook.
                     When disabled, equations etc. will appear as their untransformed TeX source.
                     """
                 )
                 def _enable_mathjax_changed(self, name, old, new):
                     """set mathjax url to empty if mathjax is disabled"""
                     if not new:
                         self.mathjax_url = u''
                 mathjax_url = Unicode("", config=True,
                     help="""The url for MathJax.js."""
                 )
                 def _mathjax_url_default(self):
                     if not self.enable_mathjax:
                         return u''
                     static_path = self.webapp_settings.get("static_path", os.path.join(os.path.dirname(__file__), "static"))
                     if os.path.exists(os.path.join(static_path, 'mathjax', "MathJax.js")):
                         self.log.info("Using local MathJax")
                         return u"static/mathjax/MathJax.js"
                     else:
                         self.log.info("Using MathJax from CDN")
                         return u"http://cdn.mathjax.org/mathjax/latest/MathJax.js"
                 def _mathjax_url_changed(self, name, old, new):
                     if new and not self.enable_mathjax:
                         # enable_mathjax=False overrides mathjax_url
                         self.mathjax_url = u''
                     else:
                         self.log.info("Using MathJax: %s", new)
                 def parse_command_line(self, argv=None):
                     super(NotebookApp, self).parse_command_line(argv)
                     if argv is None:
                         argv = sys.argv[1:]
                     # Scrub frontend-specific flags
                     self.kernel_argv = swallow_argv(argv, notebook_aliases, notebook_flags)
                     # Kernel should inherit default config file from frontend
                     self.kernel_argv.append("--KernelApp.parent_appname='%s'"%self.name)
                 def init_configurables(self):
                     # Don't let Qt or ZMQ swallow KeyboardInterupts.
                     signal.signal(signal.SIGINT, signal.SIG_DFL)
                     # force Session default to be secure
                     default_secure(self.config)
                     # Create a KernelManager and start a kernel.
                     self.kernel_manager = MappingKernelManager(
                         config=self.config, log=self.log, kernel_argv=self.kernel_argv,
                         connection_dir = self.profile_dir.security_dir,
                     )
                     self.notebook_manager = NotebookManager(config=self.config, log=self.log)
                     self.notebook_manager.list_notebooks()
                 def init_logging(self):
                     super(NotebookApp, self).init_logging()
                     # This prevents double log messages because tornado use a root logger that
                     # self.log is a child of. The logging module dipatches log messages to a log
                     # and all of its ancenstors until propagate is set to False.
                     self.log.propagate = False
                 @catch_config_error
                 def initialize(self, argv=None):
                     super(NotebookApp, self).initialize(argv)
                     self.init_configurables()
                     self.web_app = NotebookWebApplication(
                         self, self.kernel_manager, self.notebook_manager, self.log,
                         self.webapp_settings
                     )
                     if self.certfile:
                         ssl_options = dict(certfile=self.certfile)
                         if self.keyfile:
                             ssl_options['keyfile'] = self.keyfile
                     else:
                         ssl_options = None
                     self.web_app.password = self.password
                     self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options)
                     if ssl_options is None and not self.ip:
                         self.log.critical('WARNING: the notebook server is listening on all IP addresses '
                                           'but not using any encryption or authentication. This is highly '
                                           'insecure and not recommended.')
                     # Try random ports centered around the default.
                     from random import randint
                     n = 50  # Max number of attempts, keep reasonably large.
                     for port in range(self.port, self.port+5) + [self.port + randint(-2*n, 2*n) for i in range(n-5)]:
                         try:
                             self.http_server.listen(port, self.ip)
                         except socket.error, e:
                             if e.errno != errno.EADDRINUSE:
                                 raise
                             self.log.info('The port %i is already in use, trying another random port.' % port)
                         else:
                             self.port = port
                             break
                 def start(self):
                     ip = self.ip if self.ip else '[all ip addresses on your system]'
                     proto = 'https' if self.certfile else 'http'
                     info = self.log.info
                     info("The IPython Notebook is running at: %s://%s:%i" %
                          (proto, ip, self.port) )
                     info("Use Control-C to stop this server and shut down all kernels.")
                     if self.open_browser:
                         ip = self.ip or '127.0.0.1'
                         b = lambda : webbrowser.open("%s://%s:%i" % (proto, ip, self.port),
                                                      new=2)
                         threading.Thread(target=b).start()
                     ioloop.IOLoop.instance().start()
             #-----------------------------------------------------------------------------
             # Main entry point
             #-----------------------------------------------------------------------------
             def launch_new_instance():
                 app = NotebookApp()
                 app.initialize()
                 app.start()

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages