linotp.controllers.base module

The Controller’s Base class

class linotp.controllers.base.BaseController(name, install_name='', **kwargs)

Bases: Blueprint

BaseController class - will be called with every request

after_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.AfterRequestCallable]]

A data structure of functions to call at the end of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the after_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

before_handler()

Call derived controller’s legacy __before__ method if it exists

This method is called before each request is processed.

before_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.BeforeRequestCallable]]

A data structure of functions to call at the beginning of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the before_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

default_url_prefix = ''

Suggested URL to access this controller.

The URL at which this controller will be available depends on a number of factors. These are, in order of priority: 1. Any explicit path in the

settings ENABLE_CONTROLLER or DISABLE_CONTROLLER = ControllerName:PATH

  1. The controller’s base_url_prefix setting

  2. The name of the controller

deferred_functions: t.List[DeferredSetupFunction]
error_handler_spec: t.Dict[ft.AppOrBlueprintKey, t.Dict[t.Optional[int], t.Dict[t.Type[Exception], ft.ErrorHandlerCallable]]]

A data structure of registered error handlers, in the format {scope: {code: {class: handler}}}. The scope key is the name of a blueprint the handlers are active for, or None for all requests. The code key is the HTTP status code for HTTPException, or None for other exceptions. The innermost dictionary maps exception classes to handler functions.

To register an error handler, use the errorhandler() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

jwt_check()

Check whether the current request needs to be authenticated using JWT, and if so, whether it contains a valid JWT access token. The login name from the access token is then stored in g.authUser for the benefit of lib.user.getUserFromRequest().

jwt_exempt = False
name: str
parse_requesting_user()

load the requesting user

The result is placed into request_context[‘RequestUser’]

property request_params
teardown_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TeardownCallable]]

A data structure of functions to call at the end of each request even if an exception is raised, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the teardown_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

template_context_processors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TemplateContextProcessorCallable]]

A data structure of functions to call to pass extra context values when rendering templates, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the context_processor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_default_functions: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLDefaultCallable]]

A data structure of functions to call to modify the keyword arguments when generating URLs, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_defaults() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_value_preprocessors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLValuePreprocessorCallable]]

A data structure of functions to call to modify the keyword arguments passed to the view function, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_value_preprocessor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

view_functions: t.Dict[str, t.Callable]

A dictionary mapping endpoint names to view functions.

To register a view function, use the route() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

class linotp.controllers.base.ControllerMetaClass(name, bases, dct)

Bases: type

This is used to determine the list of methods of a new controller that should be made available as API endpoints. Basically every method whose name does not start with an underscore has a Flask route to it added in the blueprint when a controller class is instantiated.

class linotp.controllers.base.JWTMixin

Bases: object

Provides login and logout methods that generate or dispose of JWT access tokens (and double-submit tokens for CSRF protection).

This is a mixin class so we can keep all the JWT stuff closely together instead of spreading it out across various controllers.

login()

POST /base/login

manage authentication

Checks a user’s credentials and issues them a JWT access token if their credentials are valid. We’re using cookies to store the access token plus a double-submit token for CSRF protection, which makes it easy to refresh access tokens transparently if they are nearing expiry.

Parameters:

  • username – the name of the user

  • password – the password of the user

Returns:

a json document and the jwt cookies are replied

logout()

Logs a user out by obliterating their JWT access token cookies. NOTE: We may wish to block further use of the access token in question in case the user has saved a copy somewhere. See the Flask-JWT-Extended docs for ideas about how to do this.

linotp.controllers.base.add_hyphenated_url(f)

Decorator that sets the hyphenated_url attribute on a function. We could set the attribute directly after the function definition but this way it looks nicer, and the code in the other file doesn’t need to know about the attribute.

linotp.controllers.base.jwt_exempt(f)

Decorator for methods that should be exempt from JWT validation.

linotp.controllers.base.jwt_refresh(response)

Transparently refresh a JWT access token that is close to expiry. This is pretty much straight from the Flask-JWT-Extended docs, except we’re making the refresh period configurable.

linotp.controllers.base.methods(mm=['GET'])

Decorator to specify the allowable HTTP methods for a controller/blueprint method. It turns out that Flask.add_url_rule looks at a function object’s methods property when figuring out what HTTP methods should be allowed on a view, so that’s where we’re putting the methods list.