Show More
@@ -35,48 +35,46 b' except ImportError:' | |||||
35 | # Top-level handlers |
|
35 | # Top-level handlers | |
36 | #----------------------------------------------------------------------------- |
|
36 | #----------------------------------------------------------------------------- | |
37 |
|
37 | |||
38 |
class |
|
38 | class AuthenticatedHandler(web.RequestHandler): | |
|
39 | """A RequestHandler with an authenticated user.""" | |||
39 | def get_current_user(self): |
|
40 | def get_current_user(self): | |
40 | user_id = self.get_secure_cookie("user") |
|
|||
41 | if user_id is None: |
|
|||
42 | self.clear_cookie('user') |
|
|||
43 | self.clear_cookie('password') |
|
|||
44 | password = self.get_secure_cookie("password") |
|
41 | password = self.get_secure_cookie("password") | |
|
42 | if password is None: | |||
|
43 | # cookie doesn't exist, or is invalid. Clear to prevent repeated | |||
|
44 | # 'Invalid cookie signature' warnings. | |||
|
45 | self.clear_cookie('password') | |||
|
46 | self.clear_cookie("user_id") | |||
45 | if self.application.password and self.application.password != password: |
|
47 | if self.application.password and self.application.password != password: | |
46 | return None |
|
48 | return None | |
47 | if not user_id: |
|
49 | return self.get_secure_cookie("user") or 'anonymous' | |
48 | user_id = 'anonymous' |
|
|||
49 | return user_id |
|
|||
50 |
|
50 | |||
51 |
class NBBrowserHandler( |
|
51 | class NBBrowserHandler(AuthenticatedHandler): | |
52 | @web.authenticated |
|
52 | @web.authenticated | |
53 | def get(self): |
|
53 | def get(self): | |
54 | nbm = self.application.notebook_manager |
|
54 | nbm = self.application.notebook_manager | |
55 | project = nbm.notebook_dir |
|
55 | project = nbm.notebook_dir | |
56 | self.render('nbbrowser.html', project=project) |
|
56 | self.render('nbbrowser.html', project=project) | |
57 |
|
57 | |||
58 |
class LoginHandler( |
|
58 | class LoginHandler(AuthenticatedHandler): | |
59 | def get(self): |
|
59 | def get(self): | |
60 | user_id = self.get_secure_cookie("user") |
|
60 | user_id = self.get_secure_cookie("user") or '' | |
61 | if user_id is None: |
|
|||
62 | self.clear_cookie('user') |
|
|||
63 | self.clear_cookie('password') |
|
|||
64 | user_id = '' |
|
|||
65 |
|
||||
66 | self.render('login.html', user_id=user_id) |
|
61 | self.render('login.html', user_id=user_id) | |
67 |
|
62 | |||
68 | def post(self): |
|
63 | def post(self): | |
69 | self.set_secure_cookie("user", self.get_argument("name", default=u'')) |
|
64 | self.set_secure_cookie("user", self.get_argument("name", default=u'')) | |
70 | self.set_secure_cookie("password", self.get_argument("password", default=u'')) |
|
65 | self.set_secure_cookie("password", self.get_argument("password", default=u'')) | |
71 | self.redirect("/") |
|
66 | url = self.get_argument("next", default="/") | |
|
67 | self.redirect(url) | |||
72 |
|
68 | |||
73 |
class NewHandler( |
|
69 | class NewHandler(AuthenticatedHandler): | |
|
70 | @web.authenticated | |||
74 | def get(self): |
|
71 | def get(self): | |
75 | notebook_id = self.application.notebook_manager.new_notebook() |
|
72 | notebook_id = self.application.notebook_manager.new_notebook() | |
76 | self.render('notebook.html', notebook_id=notebook_id) |
|
73 | self.render('notebook.html', notebook_id=notebook_id) | |
77 |
|
74 | |||
78 |
|
75 | |||
79 |
class NamedNotebookHandler( |
|
76 | class NamedNotebookHandler(AuthenticatedHandler): | |
|
77 | @web.authenticated | |||
80 | def get(self, notebook_id): |
|
78 | def get(self, notebook_id): | |
81 | nbm = self.application.notebook_manager |
|
79 | nbm = self.application.notebook_manager | |
82 | if not nbm.notebook_exists(notebook_id): |
|
80 | if not nbm.notebook_exists(notebook_id): | |
@@ -89,12 +87,14 b' class NamedNotebookHandler(web.RequestHandler):' | |||||
89 | #----------------------------------------------------------------------------- |
|
87 | #----------------------------------------------------------------------------- | |
90 |
|
88 | |||
91 |
|
89 | |||
92 |
class MainKernelHandler( |
|
90 | class MainKernelHandler(AuthenticatedHandler): | |
93 |
|
91 | |||
|
92 | @web.authenticated | |||
94 | def get(self): |
|
93 | def get(self): | |
95 | km = self.application.kernel_manager |
|
94 | km = self.application.kernel_manager | |
96 | self.finish(jsonapi.dumps(km.kernel_ids)) |
|
95 | self.finish(jsonapi.dumps(km.kernel_ids)) | |
97 |
|
96 | |||
|
97 | @web.authenticated | |||
98 | def post(self): |
|
98 | def post(self): | |
99 | km = self.application.kernel_manager |
|
99 | km = self.application.kernel_manager | |
100 | notebook_id = self.get_argument('notebook', default=None) |
|
100 | notebook_id = self.get_argument('notebook', default=None) | |
@@ -105,10 +105,11 b' class MainKernelHandler(web.RequestHandler):' | |||||
105 | self.finish(jsonapi.dumps(data)) |
|
105 | self.finish(jsonapi.dumps(data)) | |
106 |
|
106 | |||
107 |
|
107 | |||
108 |
class KernelHandler( |
|
108 | class KernelHandler(AuthenticatedHandler): | |
109 |
|
109 | |||
110 | SUPPORTED_METHODS = ('DELETE') |
|
110 | SUPPORTED_METHODS = ('DELETE') | |
111 |
|
111 | |||
|
112 | @web.authenticated | |||
112 | def delete(self, kernel_id): |
|
113 | def delete(self, kernel_id): | |
113 | km = self.application.kernel_manager |
|
114 | km = self.application.kernel_manager | |
114 | km.kill_kernel(kernel_id) |
|
115 | km.kill_kernel(kernel_id) | |
@@ -116,8 +117,9 b' class KernelHandler(web.RequestHandler):' | |||||
116 | self.finish() |
|
117 | self.finish() | |
117 |
|
118 | |||
118 |
|
119 | |||
119 |
class KernelActionHandler( |
|
120 | class KernelActionHandler(AuthenticatedHandler): | |
120 |
|
121 | |||
|
122 | @web.authenticated | |||
121 | def post(self, kernel_id, action): |
|
123 | def post(self, kernel_id, action): | |
122 | km = self.application.kernel_manager |
|
124 | km = self.application.kernel_manager | |
123 | if action == 'interrupt': |
|
125 | if action == 'interrupt': | |
@@ -278,13 +280,15 b' class ShellHandler(ZMQStreamHandler):' | |||||
278 | # Notebook web service handlers |
|
280 | # Notebook web service handlers | |
279 | #----------------------------------------------------------------------------- |
|
281 | #----------------------------------------------------------------------------- | |
280 |
|
282 | |||
281 |
class NotebookRootHandler( |
|
283 | class NotebookRootHandler(AuthenticatedHandler): | |
282 |
|
284 | |||
|
285 | @web.authenticated | |||
283 | def get(self): |
|
286 | def get(self): | |
284 | nbm = self.application.notebook_manager |
|
287 | nbm = self.application.notebook_manager | |
285 | files = nbm.list_notebooks() |
|
288 | files = nbm.list_notebooks() | |
286 | self.finish(jsonapi.dumps(files)) |
|
289 | self.finish(jsonapi.dumps(files)) | |
287 |
|
290 | |||
|
291 | @web.authenticated | |||
288 | def post(self): |
|
292 | def post(self): | |
289 | nbm = self.application.notebook_manager |
|
293 | nbm = self.application.notebook_manager | |
290 | body = self.request.body.strip() |
|
294 | body = self.request.body.strip() | |
@@ -298,10 +302,11 b' class NotebookRootHandler(web.RequestHandler):' | |||||
298 | self.finish(jsonapi.dumps(notebook_id)) |
|
302 | self.finish(jsonapi.dumps(notebook_id)) | |
299 |
|
303 | |||
300 |
|
304 | |||
301 |
class NotebookHandler( |
|
305 | class NotebookHandler(AuthenticatedHandler): | |
302 |
|
306 | |||
303 | SUPPORTED_METHODS = ('GET', 'PUT', 'DELETE') |
|
307 | SUPPORTED_METHODS = ('GET', 'PUT', 'DELETE') | |
304 |
|
308 | |||
|
309 | @web.authenticated | |||
305 | def get(self, notebook_id): |
|
310 | def get(self, notebook_id): | |
306 | nbm = self.application.notebook_manager |
|
311 | nbm = self.application.notebook_manager | |
307 | format = self.get_argument('format', default='json') |
|
312 | format = self.get_argument('format', default='json') | |
@@ -315,6 +320,7 b' class NotebookHandler(web.RequestHandler):' | |||||
315 | self.set_header('Last-Modified', last_mod) |
|
320 | self.set_header('Last-Modified', last_mod) | |
316 | self.finish(data) |
|
321 | self.finish(data) | |
317 |
|
322 | |||
|
323 | @web.authenticated | |||
318 | def put(self, notebook_id): |
|
324 | def put(self, notebook_id): | |
319 | nbm = self.application.notebook_manager |
|
325 | nbm = self.application.notebook_manager | |
320 | format = self.get_argument('format', default='json') |
|
326 | format = self.get_argument('format', default='json') | |
@@ -323,6 +329,7 b' class NotebookHandler(web.RequestHandler):' | |||||
323 | self.set_status(204) |
|
329 | self.set_status(204) | |
324 | self.finish() |
|
330 | self.finish() | |
325 |
|
331 | |||
|
332 | @web.authenticated | |||
326 | def delete(self, notebook_id): |
|
333 | def delete(self, notebook_id): | |
327 | nbm = self.application.notebook_manager |
|
334 | nbm = self.application.notebook_manager | |
328 | nbm.delete_notebook(notebook_id) |
|
335 | nbm.delete_notebook(notebook_id) | |
@@ -334,8 +341,9 b' class NotebookHandler(web.RequestHandler):' | |||||
334 | #----------------------------------------------------------------------------- |
|
341 | #----------------------------------------------------------------------------- | |
335 |
|
342 | |||
336 |
|
343 | |||
337 |
class RSTHandler( |
|
344 | class RSTHandler(AuthenticatedHandler): | |
338 |
|
345 | |||
|
346 | @web.authenticated | |||
339 | def post(self): |
|
347 | def post(self): | |
340 | if publish_string is None: |
|
348 | if publish_string is None: | |
341 | raise web.HTTPError(503, u'docutils not available') |
|
349 | raise web.HTTPError(503, u'docutils not available') |
@@ -13,10 +13,18 b'' | |||||
13 | <link rel="stylesheet" href="static/css/boilerplate.css" type="text/css" /> |
|
13 | <link rel="stylesheet" href="static/css/boilerplate.css" type="text/css" /> | |
14 | <link rel="stylesheet" href="static/css/layout.css" type="text/css" /> |
|
14 | <link rel="stylesheet" href="static/css/layout.css" type="text/css" /> | |
15 | <link rel="stylesheet" href="static/css/base.css" type="text/css" /> |
|
15 | <link rel="stylesheet" href="static/css/base.css" type="text/css" /> | |
16 |
|
16 | <script type="text/javascript" charset="utf-8"> | ||
|
17 | function add_next_to_action(){ | |||
|
18 | // add 'next' argument to action url, to preserve redirect | |||
|
19 | var query = location.search.substring(1); | |||
|
20 | var form = document.forms[0]; | |||
|
21 | var action = form.getAttribute("action"); | |||
|
22 | form.setAttribute("action", action + '?' + query); | |||
|
23 | } | |||
|
24 | </script> | |||
17 | </head> |
|
25 | </head> | |
18 |
|
26 | |||
19 | <body> |
|
27 | <body onload="add_next_to_action()"> | |
20 |
|
28 | |||
21 | <div id="header"> |
|
29 | <div id="header"> | |
22 | <span id="ipython_notebook"><h1>IPython Notebook</h1></span> |
|
30 | <span id="ipython_notebook"><h1>IPython Notebook</h1></span> |
General Comments 0
You need to be logged in to leave comments.
Login now