##// END OF EJS Templates
upstream » ipython
RSS

Clone from https://github.com/ipython/ipython.git

address review in custom auth
Min RK -
Show More
Show file before | Show file after | Hide comments
@@ -44,14 +44,17 b' class LoginHandler(IPythonHandler):'
44
44
45 self.redirect(self.get_argument('next', default=self.base_url))
45 self.redirect(self.get_argument('next', default=self.base_url))
46
46
47 @staticmethod
47 @classmethod
48 def get_user(handler):
48 def get_user(cls, handler):
49 """Called by handlers for identifying the current user."""
49 """Called by handlers.get_current_user for identifying the current user.
50
51 See tornado.web.RequestHandler.get_current_user for details.
52 """
50 # Can't call this get_current_user because it will collide when
53 # Can't call this get_current_user because it will collide when
51 # called on LoginHandler itself.
54 # called on LoginHandler itself.
52
55
53 user_id = handler.get_secure_cookie(handler.cookie_name)
56 user_id = handler.get_secure_cookie(handler.cookie_name)
54 # For now the user_id should not return empty, but it could eventually
57 # For now the user_id should not return empty, but it could, eventually.
55 if user_id == '':
58 if user_id == '':
56 user_id = 'anonymous'
59 user_id = 'anonymous'
57 if user_id is None:
60 if user_id is None:
@@ -63,18 +66,22 b' class LoginHandler(IPythonHandler):'
63
66
64
67
65 @classmethod
68 @classmethod
66 def validate_notebook_app_security(cls, notebook_app, ssl_options=None):
69 def validate_security(cls, app, ssl_options=None):
67 if not notebook_app.ip:
70 """Check the notebook application's security.
71
72 Show messages, or abort if necessary, based on the security configuration.
73 """
74 if not app.ip:
68 warning = "WARNING: The notebook server is listening on all IP addresses"
75 warning = "WARNING: The notebook server is listening on all IP addresses"
69 if ssl_options is None:
76 if ssl_options is None:
70 notebook_app.log.critical(warning + " and not using encryption. This "
77 app.log.critical(warning + " and not using encryption. This "
71 "is not recommended.")
78 "is not recommended.")
72 if not notebook_app.password:
79 if not app.password:
73 notebook_app.log.critical(warning + " and not using authentication. "
80 app.log.critical(warning + " and not using authentication. "
74 "This is highly insecure and not recommended.")
81 "This is highly insecure and not recommended.")
75
82
76 @staticmethod
83 @classmethod
77 def password_from_settings(settings):
84 def password_from_settings(cls, settings):
78 """Return the hashed password from the tornado settings.
85 """Return the hashed password from the tornado settings.
79
86
80 If there is no configured password, an empty string will be returned.
87 If there is no configured password, an empty string will be returned.
Show file before | Show file after | Hide comments
@@ -87,7 +87,7 b' class AuthenticatedHandler(web.RequestHandler):'
87
87
88 @property
88 @property
89 def login_handler(self):
89 def login_handler(self):
90 """Return the login handler for this application."""
90 """Return the login handler for this application, if any."""
91 return self.settings.get('login_handler_class', None)
91 return self.settings.get('login_handler_class', None)
92
92
93 @property
93 @property
Show file before | Show file after | Hide comments
@@ -797,7 +797,7 b' class NotebookApp(BaseIPythonApplication):'
797 ssl_options['keyfile'] = self.keyfile
797 ssl_options['keyfile'] = self.keyfile
798 else:
798 else:
799 ssl_options = None
799 ssl_options = None
800 self.login_handler_class.validate_notebook_app_security(self, ssl_options=ssl_options)
800 self.login_handler_class.validate_security(self, ssl_options=ssl_options)
801 self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options,
801 self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options,
802 xheaders=self.trust_xheaders)
802 xheaders=self.trust_xheaders)
803
803
General Comments 0
You need to be logged in to leave comments. Login now