mirror of
https://github.com/jupyterhub/jupyterhub.git
synced 2025-10-16 14:33:00 +00:00
Reduce the number of endpoints that expose auth_state
This commit is contained in:
Tim Head
@@ -18,14 +18,14 @@ from .base import BaseHandler, APIHandler
|
|||||||
|
|
||||||
class TokenAPIHandler(APIHandler):
|
class TokenAPIHandler(APIHandler):
|
||||||
@token_authenticated
|
@token_authenticated
|
||||||
async def get(self, token):
|
def get(self, token):
|
||||||
orm_token = orm.APIToken.find(self.db, token)
|
orm_token = orm.APIToken.find(self.db, token)
|
||||||
if orm_token is None:
|
if orm_token is None:
|
||||||
orm_token = orm.OAuthAccessToken.find(self.db, token)
|
orm_token = orm.OAuthAccessToken.find(self.db, token)
|
||||||
if orm_token is None:
|
if orm_token is None:
|
||||||
raise web.HTTPError(404)
|
raise web.HTTPError(404)
|
||||||
if orm_token.user:
|
if orm_token.user:
|
||||||
model = await self.user_model(self.users[orm_token.user])
|
model = self.user_model(self.users[orm_token.user])
|
||||||
elif orm_token.service:
|
elif orm_token.service:
|
||||||
model = self.service_model(orm_token.service)
|
model = self.service_model(orm_token.service)
|
||||||
else:
|
else:
|
||||||
@@ -71,13 +71,13 @@ class TokenAPIHandler(APIHandler):
|
|||||||
api_token = user.new_api_token(note=note)
|
api_token = user.new_api_token(note=note)
|
||||||
self.write(json.dumps({
|
self.write(json.dumps({
|
||||||
'token': api_token,
|
'token': api_token,
|
||||||
'user': await self.user_model(user),
|
'user': self.user_model(user),
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
|
||||||
class CookieAPIHandler(APIHandler):
|
class CookieAPIHandler(APIHandler):
|
||||||
@token_authenticated
|
@token_authenticated
|
||||||
async def get(self, cookie_name, cookie_value=None):
|
def get(self, cookie_name, cookie_value=None):
|
||||||
cookie_name = quote(cookie_name, safe='')
|
cookie_name = quote(cookie_name, safe='')
|
||||||
if cookie_value is None:
|
if cookie_value is None:
|
||||||
self.log.warning("Cookie values in request body is deprecated, use `/cookie_name/cookie_value`")
|
self.log.warning("Cookie values in request body is deprecated, use `/cookie_name/cookie_value`")
|
||||||
@@ -87,7 +87,7 @@ class CookieAPIHandler(APIHandler):
|
|||||||
user = self._user_for_cookie(cookie_name, cookie_value)
|
user = self._user_for_cookie(cookie_name, cookie_value)
|
||||||
if user is None:
|
if user is None:
|
||||||
raise web.HTTPError(404)
|
raise web.HTTPError(404)
|
||||||
self.write(json.dumps(await self.user_model(user)))
|
self.write(json.dumps(self.user_model(user)))
|
||||||
|
|
||||||
|
|
||||||
class OAuthHandler(BaseHandler, OAuth2Handler):
|
class OAuthHandler(BaseHandler, OAuth2Handler):
|
||||||
|
|||||||
@@ -94,7 +94,7 @@ class APIHandler(BaseHandler):
|
|||||||
'message': message or status_message,
|
'message': message or status_message,
|
||||||
}))
|
}))
|
||||||
|
|
||||||
async def user_model(self, user):
|
def user_model(self, user):
|
||||||
"""Get the JSON model for a User object"""
|
"""Get the JSON model for a User object"""
|
||||||
if isinstance(user, orm.User):
|
if isinstance(user, orm.User):
|
||||||
user = self.users[user.id]
|
user = self.users[user.id]
|
||||||
@@ -107,7 +107,6 @@ class APIHandler(BaseHandler):
|
|||||||
'server': user.url if user.running else None,
|
'server': user.url if user.running else None,
|
||||||
'pending': None,
|
'pending': None,
|
||||||
'last_activity': user.last_activity.isoformat(),
|
'last_activity': user.last_activity.isoformat(),
|
||||||
'auth_state': await user.get_auth_state(),
|
|
||||||
}
|
}
|
||||||
if '' in user.spawners:
|
if '' in user.spawners:
|
||||||
model['pending'] = user.spawners[''].pending or None
|
model['pending'] = user.spawners[''].pending or None
|
||||||
|
|||||||
@@ -24,13 +24,15 @@ class SelfAPIHandler(APIHandler):
|
|||||||
user = self.get_current_user_oauth_token()
|
user = self.get_current_user_oauth_token()
|
||||||
if user is None:
|
if user is None:
|
||||||
raise web.HTTPError(403)
|
raise web.HTTPError(403)
|
||||||
self.write(json.dumps(await self.user_model(user)))
|
user_ = self.user_model(user)
|
||||||
|
user_['auth_state'] = await user.get_auth_state()
|
||||||
|
self.write(json.dumps(user_))
|
||||||
|
|
||||||
|
|
||||||
class UserListAPIHandler(APIHandler):
|
class UserListAPIHandler(APIHandler):
|
||||||
@admin_only
|
@admin_only
|
||||||
async def get(self):
|
def get(self):
|
||||||
data = [ await self.user_model(u) for u in self.db.query(orm.User) ]
|
data = [ self.user_model(u) for u in self.db.query(orm.User) ]
|
||||||
self.write(json.dumps(data))
|
self.write(json.dumps(data))
|
||||||
|
|
||||||
@admin_only
|
@admin_only
|
||||||
@@ -83,7 +85,7 @@ class UserListAPIHandler(APIHandler):
|
|||||||
else:
|
else:
|
||||||
created.append(user)
|
created.append(user)
|
||||||
|
|
||||||
self.write(json.dumps([ await self.user_model(u) for u in created ]))
|
self.write(json.dumps([ self.user_model(u) for u in created ]))
|
||||||
self.set_status(201)
|
self.set_status(201)
|
||||||
|
|
||||||
|
|
||||||
@@ -104,12 +106,12 @@ def admin_or_self(method):
|
|||||||
|
|
||||||
class UserAPIHandler(APIHandler):
|
class UserAPIHandler(APIHandler):
|
||||||
|
|
||||||
#@gen.coroutine
|
|
||||||
@admin_or_self
|
@admin_or_self
|
||||||
async def get(self, name):
|
async def get(self, name):
|
||||||
user = self.find_user(name)
|
user = self.find_user(name)
|
||||||
user = await self.user_model(user)
|
user_ = self.user_model(user)
|
||||||
self.write(json.dumps(user))
|
user_['auth_state'] = await user.get_auth_state()
|
||||||
|
self.write(json.dumps(user_))
|
||||||
|
|
||||||
@admin_only
|
@admin_only
|
||||||
async def post(self, name):
|
async def post(self, name):
|
||||||
@@ -133,7 +135,7 @@ class UserAPIHandler(APIHandler):
|
|||||||
self.users.delete(user)
|
self.users.delete(user)
|
||||||
raise web.HTTPError(400, "Failed to create user: %s" % name)
|
raise web.HTTPError(400, "Failed to create user: %s" % name)
|
||||||
|
|
||||||
self.write(json.dumps(await self.user_model(user)))
|
self.write(json.dumps(self.user_model(user)))
|
||||||
self.set_status(201)
|
self.set_status(201)
|
||||||
|
|
||||||
@admin_only
|
@admin_only
|
||||||
@@ -170,7 +172,9 @@ class UserAPIHandler(APIHandler):
|
|||||||
for key, value in data.items():
|
for key, value in data.items():
|
||||||
setattr(user, key, value)
|
setattr(user, key, value)
|
||||||
self.db.commit()
|
self.db.commit()
|
||||||
self.write(json.dumps(await self.user_model(user)))
|
user_ = self.user_model(user)
|
||||||
|
user_['auth_state'] = await user.get_auth_state()
|
||||||
|
self.write(json.dumps(user_))
|
||||||
|
|
||||||
|
|
||||||
class UserServerAPIHandler(APIHandler):
|
class UserServerAPIHandler(APIHandler):
|
||||||
|
|||||||
@@ -201,7 +201,6 @@ def test_get_users(app):
|
|||||||
'admin': True,
|
'admin': True,
|
||||||
'server': None,
|
'server': None,
|
||||||
'pending': None,
|
'pending': None,
|
||||||
'auth_state': None,
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
'kind': 'user',
|
'kind': 'user',
|
||||||
@@ -210,7 +209,6 @@ def test_get_users(app):
|
|||||||
'admin': False,
|
'admin': False,
|
||||||
'server': None,
|
'server': None,
|
||||||
'pending': None,
|
'pending': None,
|
||||||
'auth_state': None,
|
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user