release 0.6

Allow jupyterhub-singleuser to run on python 2 install

closes #543

.travis.yml

@@ -12,7 +12,7 @@ before_install:
 install:
     - pip install -f travis-wheels/wheelhouse -r dev-requirements.txt .
 script:
-    - py.test --cov jupyterhub jupyterhub/tests -v
+    - travis_retry py.test --cov jupyterhub jupyterhub/tests -v
 after_success:
     - codecov
 matrix:

Dockerfile

@@ -1,12 +1,27 @@
-# A base docker image that includes juptyerhub and IPython master
+# An incomplete base Docker image for running JupyterHub
 #
-# Build your own derivative images starting with
+# Add your configuration to create a complete derivative Docker image.
 #
-# FROM jupyter/jupyterhub:latest
+# Include your configuration settings by starting with one of two options:
 #
+# Option 1:
+#
+# FROM jupyterhub/jupyterhub:latest
+#
+# And put your configuration file jupyterhub_config.py in /srv/jupyterhub/jupyterhub_config.py.
+#
+# Option 2:
+#
+# Or you can create your jupyterhub config and database on the host machine, and mount it with:
+#
+# docker run -v $PWD:/srv/jupyterhub -t jupyterhub/jupyterhub
+#
+# NOTE
+# If you base on jupyterhub/jupyterhub-onbuild
+# your jupyterhub_config.py will be added automatically
+# from your docker directory.
 
 FROM debian:jessie
-
 MAINTAINER Jupyter Project <jupyter@googlegroups.com>
 
 # install nodejs, utf8 locale
@@ -22,7 +37,8 @@ RUN apt-get -y update && \
 ENV LANG C.UTF-8
 
 # install Python with conda
-RUN wget -q https://repo.continuum.io/miniconda/Miniconda3-3.9.1-Linux-x86_64.sh -O /tmp/miniconda.sh  && \
+RUN wget -q https://repo.continuum.io/miniconda/Miniconda3-4.0.5-Linux-x86_64.sh -O /tmp/miniconda.sh  && \
+    echo 'a7bcd0425d8b6688753946b59681572f63c2241aed77bf0ec6de4c5edc5ceeac */tmp/miniconda.sh' | shasum -a 256 -c - && \
     bash /tmp/miniconda.sh -f -b -p /opt/conda && \
     /opt/conda/bin/conda install --yes python=3.5 sqlalchemy tornado jinja2 traitlets requests pip && \
     /opt/conda/bin/pip install --upgrade pip && \
@@ -32,21 +48,16 @@ ENV PATH=/opt/conda/bin:$PATH
 # install js dependencies
 RUN npm install -g configurable-http-proxy && rm -rf ~/.npm
 
-WORKDIR /srv/
-ADD . /srv/jupyterhub
-WORKDIR /srv/jupyterhub/
+ADD . /src/jupyterhub
+WORKDIR /src/jupyterhub
 
 RUN python setup.py js && pip install . && \
-    rm -rf node_modules ~/.cache ~/.npm
+    rm -rf $PWD ~/.cache ~/.npm
 
+RUN mkdir -p /srv/jupyterhub/
 WORKDIR /srv/jupyterhub/
-
-# Derivative containers should add jupyterhub config,
-# which will be used when starting the application.
-
 EXPOSE 8000
 
 LABEL org.jupyter.service="jupyterhub"
 
-ONBUILD ADD jupyterhub_config.py /srv/jupyterhub/jupyterhub_config.py
-CMD ["jupyterhub", "-f", "/srv/jupyterhub/jupyterhub_config.py"]
+CMD ["jupyterhub"]

MANIFEST.in

@@ -4,7 +4,9 @@ include setupegg.py
 include bower.json
 include package.json
 include *requirements.txt
+include Dockerfile
 
+graft onbuild
 graft jupyterhub
 graft scripts
 graft share

README.md

@@ -3,9 +3,11 @@
 Questions, comments? Visit our Google Group:
 
 [![Google Group](https://img.shields.io/badge/-Google%20Group-lightgrey.svg)](https://groups.google.com/forum/#!forum/jupyter)
-[![Build Status](https://travis-ci.org/jupyter/jupyterhub.svg?branch=master)](https://travis-ci.org/jupyter/jupyterhub)
-[![Circle CI](https://circleci.com/gh/jupyter/jupyterhub.svg?style=shield&circle-token=b5b65862eb2617b9a8d39e79340b0a6b816da8cc)](https://circleci.com/gh/jupyter/jupyterhub)
+[![Build Status](https://travis-ci.org/jupyterhub/jupyterhub.svg?branch=master)](https://travis-ci.org/jupyterhub/jupyterhub)
+[![Circle CI](https://circleci.com/gh/jupyterhub/jupyterhub.svg?style=shield&circle-token=b5b65862eb2617b9a8d39e79340b0a6b816da8cc)](https://circleci.com/gh/jupyterhub/jupyterhub)
 [![Documentation Status](https://readthedocs.org/projects/jupyterhub/badge/?version=latest)](http://jupyterhub.readthedocs.org/en/latest/?badge=latest)
+[![codecov.io](https://codecov.io/github/jupyter/jupyterhub/coverage.svg?branch=master)](https://codecov.io/github/jupyter/jupyterhub?branch=master)
+
 
 JupyterHub, a multi-user server, manages and proxies multiple instances of the single-user <del>IPython</del> Jupyter notebook server.
 
@@ -119,19 +121,24 @@ Some examples, meant as illustration and testing of this concept:
 
 ### Docker
 
-There is a ready to go [docker image](https://hub.docker.com/r/jupyter/jupyterhub/).
-It can be started with the following command:
+There is a ready to go [docker image for JupyterHub](https://hub.docker.com/r/jupyter/jupyterhub/).
+[Note: This `jupyter/jupyterhub` docker image is only an image for running the Hub service itself.
+It does not require the other Jupyter components, which are needed by the single-user servers.
+To run the single-user servers, which may be on the same system as the Hub or not, installation of Jupyter Notebook ≥ 4 is required.]
 
-    docker run -d --name jupyter.cont [-v /home/jupyter-home:/home] jupyter/jupyterhub jupyterhub
+The JupyterHub docker image can be started with the following command:
 
-This command will create a container named `jupyter.cont` that you can stop and resume with `docker stop/start`.
-It will be listening on all interfaces at port 8000. So this is perfect to test docker on your desktop or laptop.
+    docker run -d --name jupyterhub jupyter/jupyterhub jupyterhub
+
+This command will create a container named `jupyterhub` that you can stop and resume with `docker stop/start`.
+It will be listening on all interfaces at port 8000, so this is perfect to test JupyterHub on your desktop or laptop.
 If you want to run docker on a computer that has a public IP then you should (as in MUST) secure it with ssl by
-adding ssl options to your docker configuration or using a ssl enabled proxy. The `-v/--volume` option will
+adding ssl options to your docker configuration or using a ssl enabled proxy.
+[Mounting volumes](https://docs.docker.com/engine/userguide/containers/dockervolumes/) will
 allow you to store data outside the docker image (host system) so it will be persistent, even when you start
-a new image. The command `docker exec -it jupyter.cont bash` will spawn a root shell in your started docker
+a new image. The command `docker exec -it jupyterhub bash` will spawn a root shell in your docker
 container. You can use it to create system users in the container. These accounts will be used for authentication
-in jupyterhub's default configuration. In order to run without SSL, you'll need to set `--no-ssl` explicitly.
+in jupyterhub's default configuration. In order to run without SSL (for testing purposes only), you'll need to set `--no-ssl` explicitly.
 
 # Getting help
 

circle.yml

@@ -8,4 +8,12 @@ dependencies:
 
 test:
   override:
-    - docker build -t jupyter/jupyterhub .
+    - docker build -t jupyterhub/jupyterhub .
+    - docker build -t jupyterhub/jupyterhub-onbuild:${CIRCLE_TAG:-latest} onbuild
+
+deployment:
+  hub:
+    branch: master
+    commands:
+      - docker login -u $DOCKER_USER -p $DOCKER_PASS -e unused@example.com
+      - docker push jupyterhub/jupyterhub-onbuild:${CIRCLE_TAG:-latest}

docs/requirements.txt

@@ -1,3 +1,3 @@
 -r ../requirements.txt
-sphinx
+sphinx>=1.3.6
 recommonmark==0.4.0

docs/source/changelog.md

@@ -2,6 +2,20 @@
 
 See `git log` for a more detailed summary.
 
+## 0.6
+
+- JupyterHub has moved to a new `jupyterhub` namespace on GitHub and Docker. What was `juptyer/jupyterhub` is now `jupyterhub/jupyterhub`, etc.
+- `jupyterhub/jupyterhub` image on DockerHub no longer loads the jupyterhub_config.py in an ONBUILD step. A new `jupyterhub/jupyterhub-onbuild` image does this
+- Add statsd support, via `c.JupyterHub.statsd_{host,port,prefix}`
+- Update to traitlets 4.1 `@default`, `@observe` APIs for traits
+- Allow disabling PAM sessions via `c.PAMAuthenticator.open_sessions = False`. This may be needed on SELinux-enabled systems, where our PAM session logic often does not work properly
+- Add `Spawner.environment` configurable, for defining extra environment variables to load for single-user servers
+- JupyterHub API tokens can be pregenerated and loaded via `JupyterHub.api_tokens`, a dict of `token: username`.
+- JupyterHub API tokens can be requested via the REST API, with a POST request to `/api/authorizations/token`.
+  This can only be used if the Authenticator has a username and password.
+- Various fixes for user URLs and redirects
+
+
 ## 0.5
 
 

docs/source/getting-started.md

@@ -22,9 +22,11 @@ There are three main categories of processes run by the `jupyterhub` command lin
 
 ## JupyterHub's default behavior
 
-**IMPORTANT:** In its default configuration, JupyterHub runs without SSL encryption (HTTPS).
+**IMPORTANT:** In its default configuration, JupyterHub requires SSL encryption (HTTPS) to run.
 **You should not run JupyterHub without SSL encryption on a public network.**
-See [Security documentation](#Security) for how to configure JupyterHub to use SSL.
+See [Security documentation](#Security) for how to configure JupyterHub to use SSL, and in
+certain cases, e.g. behind SSL termination in nginx, allowing the hub to run with no SSL
+by requiring `--no-ssl` (as of [version 0.5](./changelog.html)).
 
 To start JupyterHub in its default configuration, type the following at the command line:
 
@@ -64,23 +66,13 @@ The location of these files can be specified via configuration, discussed below.
 
 JupyterHub is configured in two ways:
 
-1. Command-line arguments
-2. Configuration files
+1. Configuration file
+2. Command-line arguments
 
-Type the following for brief information about the command line arguments:
-
-    jupyterhub -h
-
-or:
-
-    jupyterhub --help-all
-
-for the full command line help.
-
-By default, JupyterHub will look for a configuration file (can be missing)
+### Configuration file
+By default, JupyterHub will look for a configuration file (which may not be created yet)
 named `jupyterhub_config.py` in the current working directory.
-You can create an empty configuration file with
-
+You can create an empty configuration file with:
 
     jupyterhub --generate-config
 
@@ -92,6 +84,23 @@ values. You can load a specific config file with:
 See also: [general docs](http://ipython.org/ipython-doc/dev/development/config.html)
 on the config system Jupyter uses.
 
+### Command-line arguments
+Type the following for brief information about the command-line arguments:
+
+    jupyterhub -h
+
+or:
+
+    jupyterhub --help-all
+
+for the full command line help.
+
+All configurable options are technically configurable on the command-line,
+even if some are really inconvenient to type. Just replace the desired option,
+c.Class.trait, with --Class.trait. For example, to configure
+c.Spawner.notebook_dir = '~/assignments' from the command-line:
+
+    jupyterhub --Spawner.notebook_dir='~/assignments'
 
 ## Networking
 
@@ -147,7 +156,7 @@ c.JupyterHub.hub_port = 54321
 
 ## Security
 
-**IMPORTANT:** In its default configuration, JupyterHub runs without SSL encryption (HTTPS).
+**IMPORTANT:** In its default configuration, JupyterHub requires SSL encryption (HTTPS) to run.
 **You should not run JupyterHub without SSL encryption on a public network.**
 
 Security is the most important aspect of configuring Jupyter. There are three main aspects of the
@@ -181,6 +190,10 @@ Some cert files also contain the key, in which case only the cert is needed. It
 these files be put in a secure location on your server, where they are not readable by regular
 users.
 
+Note: In certain cases, e.g. behind SSL termination in nginx, allowing no SSL
+running on the hub may be desired. To run the Hub without SSL, you must opt
+in by configuring and confirming the `--no-ssl` option, added as of [version 0.5](./changelog.html).
+
 ## Cookie secret
 
 The cookie secret is an encryption key, used to encrypt the browser cookies used for
@@ -192,26 +205,36 @@ as follows:
 c.JupyterHub.cookie_secret_file = '/srv/jupyterhub/cookie_secret'
 ```
 
-The content of this file should be a long random string. An example would be to generate this
-file as:
+The content of this file should be a long random string encoded in MIME Base64. An example would be to generate this file as:
 
 ```bash
-openssl rand -hex 1024 > /srv/jupyterhub/cookie_secret
+openssl rand -base64 2048 > /srv/jupyterhub/cookie_secret
 ```
 
 In most deployments of JupyterHub, you should point this to a secure location on the file
 system, such as `/srv/jupyterhub/cookie_secret`. If the cookie secret file doesn't exist when
-the Hub starts, a new cookie secret is generated and stored in the file. The recommended
-permissions for the cookie secret file should be 600 (owner-only rw).
+the Hub starts, a new cookie secret is generated and stored in the file. The
+file must not be readable by group or other or the server won't start.
+The recommended permissions for the cookie secret file are 600 (owner-only rw).
+
 
 If you would like to avoid the need for files, the value can be loaded in the Hub process from
-the `JPY_COOKIE_SECRET` environment variable:
+the `JPY_COOKIE_SECRET` environment variable, which is a hex-encoded string. You
+can set it this way:
 
 ```bash
 export JPY_COOKIE_SECRET=`openssl rand -hex 1024`
 ```
 
 For security reasons, this environment variable should only be visible to the Hub.
+If you set it dynamically as above, all users will be logged out each time the
+Hub starts.
+
+You can also set the secret in the configuration file itself as a binary string:
+
+```python
+c.JupyterHub.cookie_secret = bytes.fromhex('VERY LONG SECRET HEX STRING')
+```
 
 ## Proxy authentication token
 

docs/source/index.rst

@@ -46,6 +46,7 @@ Contents:
 
    getting-started
    howitworks
+   websecurity
 
 .. toctree::
    :maxdepth: 2

docs/source/troubleshooting.md

@@ -2,10 +2,98 @@
 
 This document is under active development.
 
-## Networking
+When troubleshooting, you may see unexpected behaviors or receive an error
+message. These two lists provide links to identifying the cause of the
+problem and how to resolve it.
 
-If JupyterHub proxy fails to start:
+## Behavior problems
+- [JupyterHub proxy fails to start](#jupyterhub-proxy-fails-to-start)
+
+## Errors
+- [500 error after spawning a single-user server](#500-error-after-spawning-my-single-user-server)
+
+----
+
+## JupyterHub proxy fails to start
+
+If you have tried to start the JupyterHub proxy and it fails to start:
 
 - check if the JupyterHub IP configuration setting is
   ``c.JupyterHub.ip = '*'``; if it is, try ``c.JupyterHub.ip = ''``
-- Try starting with ``jupyterhub --ip=0.0.0.0``
+- Try starting with ``jupyterhub --ip=0.0.0.0``
+
+----
+
+## 500 error after spawning my single-user server
+
+
+You receive a 500 error when accessing the URL `/user/you/...`. This is often
+seen when your single-user server cannot check your cookies with the Hub.
+
+There are two likely reasons for this:
+
+1. The single-user server cannot connect to the Hub's API (networking
+   configuration problems)
+2. The single-user server cannot *authenticate* its requests (invalid token)
+
+### Symptoms:
+
+The main symptom is a failure to load *any* page served by the single-user
+server, met with a 500 error. This is typically the first page at `/user/you`
+after logging in or clicking "Start my server". When a single-user server
+receives a request, it makes an API request to the Hub to check if the cookie
+corresponds to the right user. This request is logged.
+
+If everything is working, it will look like this:
+
+```
+200 GET /hub/api/authorizations/cookie/jupyter-hub-token-name/[secret] (@10.0.1.4) 6.10ms
+```
+
+You should see a similar 200 message, as above, in the Hub log when you first
+visit your single-user server. If you don't see this message in the log, it
+may mean that your single-user server isn't connecting to your Hub.
+
+If you see 403 (forbidden) like this, it's a token problem:
+
+```
+403 GET /hub/api/authorizations/cookie/jupyter-hub-token-name/[secret] (@10.0.1.4) 4.14ms
+```
+
+Check the logs of the single-user server, which may have more detailed
+information on the cause.
+
+### Causes and resolutions:
+
+#### No authorization request
+
+If you make an API request and it is not received by the server, you likely
+have a network configuration issue. Often, this happens when the Hub is only
+listening on 127.0.0.1 (default) and the single-user servers are not on the
+same 'machine' (can be physically remote, or in a docker container or VM). The
+fix for this case is to make sure that `c.JupyterHub.hub_ip` is an address
+that all single-user servers can connect to, e.g.:
+
+```python
+c.JupyterHub.hub_ip = '10.0.0.1'
+```
+
+#### 403 GET /hub/api/authorizations/cookie
+
+If you receive a 403 error, the API token for the single-user server is likely
+invalid. Commonly, the 403 error is caused by resetting the JupyterHub
+database (either removing jupyterhub.sqlite or some other action) while
+leaving single-user servers running. This happens most frequently when using
+DockerSpawner, because Docker's default behavior is to stop/start containers
+which resets the JupyterHub database, rather than destroying and recreating
+the container every time. This means that the same API token is used by the
+server for its whole life, until the container is rebuilt.
+
+The fix for this Docker case is to remove any Docker containers seeing this
+issue (typicaly all containers created before a certain point in time):
+
+    docker rm -f jupyter-name
+
+After this, when you start your server via JupyterHub, it will build a
+new container. If this was the underlying cause of the issue, you should see
+your server again.

docs/source/websecurity.md

@@ -0,0 +1,63 @@
+# Web Security in JupyterHub
+
+JupyterHub is designed to be a simple multi-user server for modestly sized groups of semi-trusted users.
+While the design reflects serving semi-trusted users,
+JupyterHub is not necessarily unsuitable for serving untrusted users.
+Using JupyterHub with untrusted users does mean more work and much care is required to secure a Hub against untrusted users,
+with extra caution on protecting users from each other as the Hub is serving untrusted users.
+
+One aspect of JupyterHub's design simplicity for semi-trusted users is that the Hub and single-user servers are placed in a single domain, behind a [proxy][configurable-http-proxy].
+As a result, if the Hub is serving untrusted users,
+many of the web's cross-site protections are not applied between single-user servers and the Hub,
+or between single-user servers and each other,
+since browsers see the whole thing (proxy, Hub, and single user servers) as a single website.
+
+To protect users from each other, a user must never be able to write arbitrary HTML and serve it to another user on the Hub's domain.
+JupyterHub's authentication setup prevents this because only the owner of a given single-user server is allowed to view user-authored pages served by their server.
+To protect all users from each other, JupyterHub administrators must ensure that:
+
+* A user does not have permission to modify their single-user server:
+  - A user may not install new packages in the Python environment that runs their server.
+  - If the PATH is used to resolve the single-user executable (instead of an absolute path), a user may not create new files in any PATH directory that precedes the directory containing jupyterhub-singleuser.
+  - A user may not modify environment variables (e.g. PATH, PYTHONPATH) for their single-user server.
+* A user may not modify the configuration of the notebook server (the ~/.jupyter or JUPYTER_CONFIG_DIR directory).
+
+If any additional services are run on the same domain as the Hub, the services must never display user-authored HTML that is neither sanitized nor sandboxed (e.g. IFramed) to any user that lacks authentication as the author of a file.
+
+
+## Mitigations
+
+There are two main configuration options provided by JupyterHub to mitigate these issues:
+
+### Subdomains
+
+JupyterHub 0.5 adds the ability to run single-user servers on their own subdomains,
+which means the cross-origin protections between servers has the desired effect,
+and user servers and the Hub are protected from each other.
+A user's server will be at `username.jupyter.mydomain.com`, etc.
+This requires all user subdomains to point to the same address,
+which is most easily accomplished with wildcard DNS.
+Since this spreads the service across multiple domains, you will need wildcard SSL, as well.
+Unfortunately, for many institutional domains, wildcard DNS and SSL are not available,
+but if you do plan to serve untrusted users, enabling subdomains is highly encouraged,
+as it resolves all of the cross-site issues.
+
+### Disabling user config
+
+If subdomains are not available or not desirable,
+0.5 also adds an option `Spawner.disable_use_config`,
+which you can set to prevent the user-owned configuration files from being loaded.
+This leaves only package installation and PATHs as things the admin must enforce.
+
+For most Spawners, PATH is not something users an influence,
+but care should be taken to ensure that the Spawn does *not* evaluate shell configuration files prior to launching the server.
+
+Package isolation is most easily handled by running the single-user server in a virtualenv with disabled system-site-packages.
+
+## Extra notes
+
+It is important to note that the control over the environment only affects the single-user server,
+and not the environment(s) in which the user's kernel(s) may run.
+Installing additional packages in the kernel environment does not pose additional risk to the web application's security.
+
+[configurable-http-proxy]: https://github.com/jupyterhub/configurable-http-proxy

examples/postgres/hub/Dockerfile

@@ -1,4 +1,4 @@
-FROM jupyter/jupyterhub
+FROM jupyter/jupyterhub-onbuild
 
 MAINTAINER Jupyter Project <jupyter@googlegroups.com>
 

examples/spawn-form/jupyterhub_config.py

@@ -1,5 +1,5 @@
 """
-Example JuptyerHub config allowing users to specify environment variables and notebook-server args
+Example JupyterHub config allowing users to specify environment variables and notebook-server args
 """
 import shlex
 

jupyterhub/apihandlers/auth.py

@@ -6,7 +6,7 @@
 import json
 from urllib.parse import quote
 
-from tornado import web
+from tornado import web, gen
 from .. import orm
 from ..utils import token_authenticated
 from .base import APIHandler
@@ -20,13 +20,25 @@ class TokenAPIHandler(APIHandler):
             raise web.HTTPError(404)
         self.write(json.dumps(self.user_model(self.users[orm_token.user])))
 
+    @gen.coroutine
+    def post(self):
+        if self.authenticator is not None:
+          data = self.get_json_body()
+          username = yield self.authenticator.authenticate(self, data)
+          if username is None:
+            raise web.HTTPError(403)
+          user = self.find_user(username)
+          api_token = user.new_api_token()
+          self.write(json.dumps({"Authentication":api_token}))
+        else:
+          raise web.HTTPError(404)
 
 class CookieAPIHandler(APIHandler):
     @token_authenticated
     def get(self, cookie_name, cookie_value=None):
         cookie_name = quote(cookie_name, safe='')
         if cookie_value is None:
-            self.log.warn("Cookie values in request body is deprecated, use `/cookie_name/cookie_value`")
+            self.log.warning("Cookie values in request body is deprecated, use `/cookie_name/cookie_value`")
             cookie_value = self.request.body
         else:
             cookie_value = cookie_value.encode('utf8')
@@ -39,4 +51,5 @@ class CookieAPIHandler(APIHandler):
 default_handlers = [
     (r"/api/authorizations/cookie/([^/]+)(?:/([^/]+))?", CookieAPIHandler),
     (r"/api/authorizations/token/([^/]+)", TokenAPIHandler),
+    (r"/api/authorizations/token", TokenAPIHandler),
 ]

jupyterhub/apihandlers/base.py

@@ -26,25 +26,29 @@ class APIHandler(BaseHandler):
         # If no header is provided, assume it comes from a script/curl.
         # We are only concerned with cross-site browser stuff here.
         if not host:
-            self.log.warn("Blocking API request with no host")
+            self.log.warning("Blocking API request with no host")
             return False
         if not referer:
-            self.log.warn("Blocking API request with no referer")
+            self.log.warning("Blocking API request with no referer")
             return False
         
         host_path = url_path_join(host, self.hub.server.base_url)
         referer_path = referer.split('://', 1)[-1]
         if not (referer_path + '/').startswith(host_path):
-            self.log.warn("Blocking Cross Origin API request.  Referer: %s, Host: %s",
+            self.log.warning("Blocking Cross Origin API request.  Referer: %s, Host: %s",
                 referer, host_path)
             return False
         return True
     
     def get_current_user_cookie(self):
         """Override get_user_cookie to check Referer header"""
-        if not self.check_referer():
+        cookie_user = super().get_current_user_cookie()
+        # check referer only if there is a cookie user,
+        # avoiding misleading "Blocking Cross Origin" messages
+        # when there's no cookie set anyway.
+        if cookie_user and not self.check_referer():
             return None
-        return super().get_current_user_cookie()
+        return cookie_user
 
     def get_json_body(self):
         """Return the body of the request as JSON data."""

jupyterhub/apihandlers/users.py

@@ -41,7 +41,7 @@ class UserListAPIHandler(APIHandler):
                 continue
             user = self.find_user(name)
             if user is not None:
-                self.log.warn("User %s already exists" % name)
+                self.log.warning("User %s already exists" % name)
             else:
                 to_create.append(name)
         
@@ -195,7 +195,7 @@ class UserAdminAccessAPIHandler(APIHandler):
     @admin_only
     def post(self, name):
         current = self.get_current_user()
-        self.log.warn("Admin user %s has requested access to %s's server",
+        self.log.warning("Admin user %s has requested access to %s's server",
             current.name, name,
         )
         if not self.settings.get('admin_access', False):

jupyterhub/auth.py

@@ -15,7 +15,7 @@ from tornado import gen
 import pamela
 
 from traitlets.config import LoggingConfigurable
-from traitlets import Bool, Set, Unicode, Dict, Any
+from traitlets import Bool, Set, Unicode, Dict, Any, default, observe
 
 from .handlers.login import LoginHandler
 from .utils import url_path_join
@@ -29,19 +29,19 @@ class Authenticator(LoggingConfigurable):
     """
     
     db = Any()
-    admin_users = Set(config=True,
+    admin_users = Set(
         help="""set of usernames of admin users
 
         If unspecified, only the user that launches the server will be admin.
         """
-    )
-    whitelist = Set(config=True,
+    ).tag(config=True)
+    whitelist = Set(
         help="""Username whitelist.
         
         Use this to restrict which users can login.
         If empty, allow any user to attempt login.
         """
-    )
+    ).tag(config=True)
     custom_html = Unicode('',
         help="""HTML login form for custom handlers.
         Override in form-based custom authenticators
@@ -55,16 +55,17 @@ class Authenticator(LoggingConfigurable):
         """
     )
     
-    username_pattern = Unicode(config=True,
+    username_pattern = Unicode(
         help="""Regular expression pattern for validating usernames.
         
         If not defined: allow any username.
         """
-    )
-    def _username_pattern_changed(self, name, old, new):
-        if not new:
+    ).tag(config=True)
+    @observe('username_pattern')
+    def _username_pattern_changed(self, change):
+        if not change['new']:
             self.username_regex = None
-        self.username_regex = re.compile(new)
+        self.username_regex = re.compile(change['new'])
     
     username_regex = Any()
     
@@ -77,14 +78,14 @@ class Authenticator(LoggingConfigurable):
             return True
         return bool(self.username_regex.match(username))
     
-    username_map = Dict(config=True,
+    username_map = Dict(
         help="""Dictionary mapping authenticator usernames to JupyterHub users.
         
         Can be used to map OAuth service names to local users, for instance.
         
         Used in normalize_username.
         """
-    )
+    ).tag(config=True)
     
     def normalize_username(self, username):
         """Normalize a username.
@@ -246,12 +247,12 @@ class LocalAuthenticator(Authenticator):
     Checks for local users, and can attempt to create them if they exist.
     """
     
-    create_system_users = Bool(False, config=True,
+    create_system_users = Bool(False,
         help="""If a user is added that doesn't exist on the system,
         should I try to create the system user?
         """
-    )
-    add_user_cmd = Command(config=True,
+    ).tag(config=True)
+    add_user_cmd = Command(
         help="""The command to use for creating users as a list of strings.
         
         For each element in the list, the string USERNAME will be replaced with
@@ -271,7 +272,9 @@ class LocalAuthenticator(Authenticator):
         
         when the user 'river' is created.
         """
-    )
+    ).tag(config=True)
+    
+    @default('add_user_cmd')
     def _add_user_cmd_default(self):
         if sys.platform == 'darwin':
             raise ValueError("I don't know how to create users on OS X")
@@ -283,13 +286,12 @@ class LocalAuthenticator(Authenticator):
             return ['adduser', '-q', '--gecos', '""', '--disabled-password']
 
     group_whitelist = Set(
-        config=True,
         help="Automatically whitelist anyone in this group.",
-    )
-
-    def _group_whitelist_changed(self, name, old, new):
+    ).tag(config=True)
+    @observe('group_whitelist')
+    def _group_whitelist_changed(self, change):
         if self.whitelist:
-            self.log.warn(
+            self.log.warning(
                 "Ignoring username whitelist because group whitelist supplied!"
             )
 
@@ -351,12 +353,24 @@ class LocalAuthenticator(Authenticator):
 
 class PAMAuthenticator(LocalAuthenticator):
     """Authenticate local Linux/UNIX users with PAM"""
-    encoding = Unicode('utf8', config=True,
+    encoding = Unicode('utf8',
         help="""The encoding to use for PAM"""
-    )
-    service = Unicode('login', config=True,
+    ).tag(config=True)
+    service = Unicode('login',
         help="""The PAM service to use for authentication."""
-    )
+    ).tag(config=True)
+    open_sessions = Bool(True,
+        help="""Whether to open PAM sessions when spawners are started.
+        
+        This may trigger things like mounting shared filsystems,
+        loading credentials, etc. depending on system configuration,
+        but it does not always work.
+        
+        It can be disabled with::
+        
+            c.PAMAuthenticator.open_sessions = False
+        """
+    ).tag(config=True)
     
     @gen.coroutine
     def authenticate(self, handler, data):
@@ -369,23 +383,31 @@ class PAMAuthenticator(LocalAuthenticator):
             pamela.authenticate(username, data['password'], service=self.service)
         except pamela.PAMError as e:
             if handler is not None:
-                self.log.warn("PAM Authentication failed (@%s): %s", handler.request.remote_ip, e)
+                self.log.warning("PAM Authentication failed (%s@%s): %s", username, handler.request.remote_ip, e)
             else:
-                self.log.warn("PAM Authentication failed: %s", e)
+                self.log.warning("PAM Authentication failed: %s", e)
         else:
             return username
     
     def pre_spawn_start(self, user, spawner):
         """Open PAM session for user"""
+        if not self.open_sessions:
+            return
         try:
             pamela.open_session(user.name, service=self.service)
         except pamela.PAMError as e:
-            self.log.warn("Failed to open PAM session for %s: %s", user.name, e)
+            self.log.warning("Failed to open PAM session for %s: %s", user.name, e)
+            self.log.warning("Disabling PAM sessions from now on.")
+            self.open_sessions = False
     
     def post_spawn_stop(self, user, spawner):
         """Close PAM session for user"""
+        if not self.open_sessions:
+            return
         try:
             pamela.close_session(user.name, service=self.service)
         except pamela.PAMError as e:
-            self.log.warn("Failed to close PAM session for %s: %s", user.name, e)
+            self.log.warning("Failed to close PAM session for %s: %s", user.name, e)
+            self.log.warning("Disabling PAM sessions from now on.")
+            self.open_sessions = False
     

jupyterhub/emptyclass.py

@@ -0,0 +1,13 @@
+"""
+Simple empty class that returns itself for all functions called on it.
+This allows us to call any method of any name on this, and it'll return another
+instance of itself that'll allow any method to be called on it.
+
+Primarily used to mock out the statsd client when statsd is not being used
+"""
+class EmptyClass:
+    def empty_function(self, *args, **kwargs):
+        return self
+
+    def __getattr__(self, attr):
+        return self.empty_function

jupyterhub/handlers/base.py

@@ -46,35 +46,39 @@ class BaseHandler(RequestHandler):
     @property
     def base_url(self):
         return self.settings.get('base_url', '/')
-    
+
     @property
     def version_hash(self):
         return self.settings.get('version_hash', '')
-    
+
     @property
     def subdomain_host(self):
         return self.settings.get('subdomain_host', '')
-    
+
     @property
     def domain(self):
         return self.settings['domain']
-    
+
     @property
     def db(self):
         return self.settings['db']
-    
+
     @property
     def users(self):
         return self.settings.setdefault('users', {})
-    
+
     @property
     def hub(self):
         return self.settings['hub']
-    
+
     @property
     def proxy(self):
         return self.settings['proxy']
-    
+
+    @property
+    def statsd(self):
+        return self.settings['statsd']
+
     @property
     def authenticator(self):
         return self.settings.get('authenticator', None)
@@ -83,28 +87,28 @@ class BaseHandler(RequestHandler):
         """Roll back any uncommitted transactions from the handler."""
         self.db.rollback()
         super().finish(*args, **kwargs)
-    
+
     #---------------------------------------------------------------
     # Security policies
     #---------------------------------------------------------------
-    
+
     @property
     def csp_report_uri(self):
         return self.settings.get('csp_report_uri',
             url_path_join(self.hub.server.base_url, 'security/csp-report')
         )
-    
+
     @property
     def content_security_policy(self):
         """The default Content-Security-Policy header
-        
+
         Can be overridden by defining Content-Security-Policy in settings['headers']
         """
         return '; '.join([
             "frame-ancestors 'self'",
             "report-uri " + self.csp_report_uri,
         ])
-    
+
     def set_default_headers(self):
         """
         Set any headers passed as tornado_settings['headers'].
@@ -113,7 +117,7 @@ class BaseHandler(RequestHandler):
         """
         headers = self.settings.get('headers', {})
         headers.setdefault("Content-Security-Policy", self.content_security_policy)
-        
+
         for header_name, header_content in headers.items():
             self.set_header(header_name, header_content)
 
@@ -124,7 +128,7 @@ class BaseHandler(RequestHandler):
     @property
     def admin_users(self):
         return self.settings.setdefault('admin_users', set())
-    
+
     @property
     def cookie_max_age_days(self):
         return self.settings.get('cookie_max_age_days', None)
@@ -141,7 +145,7 @@ class BaseHandler(RequestHandler):
             return None
         else:
             return orm_token.user
-    
+
     def _user_for_cookie(self, cookie_name, cookie_value=None):
         """Get the User for a given cookie, if there is one"""
         cookie_id = self.get_secure_cookie(
@@ -151,41 +155,41 @@ class BaseHandler(RequestHandler):
         )
         def clear():
             self.clear_cookie(cookie_name, path=self.hub.server.base_url)
-        
+
         if cookie_id is None:
             if self.get_cookie(cookie_name):
-                self.log.warn("Invalid or expired cookie token")
+                self.log.warning("Invalid or expired cookie token")
                 clear()
             return
         cookie_id = cookie_id.decode('utf8', 'replace')
         u = self.db.query(orm.User).filter(orm.User.cookie_id==cookie_id).first()
         user = self._user_from_orm(u)
         if user is None:
-            self.log.warn("Invalid cookie token")
+            self.log.warning("Invalid cookie token")
             # have cookie, but it's not valid. Clear it and start over.
             clear()
         return user
-    
+
     def _user_from_orm(self, orm_user):
         """return User wrapper from orm.User object"""
         if orm_user is None:
             return
         return self.users[orm_user]
-    
+
     def get_current_user_cookie(self):
         """get_current_user from a cookie token"""
         return self._user_for_cookie(self.hub.server.cookie_name)
-    
+
     def get_current_user(self):
         """get current username"""
         user = self.get_current_user_token()
         if user is not None:
             return user
         return self.get_current_user_cookie()
-    
+
     def find_user(self, name):
         """Get a user by name
-        
+
         return None if no such user
         """
         orm_user = orm.User.find(db=self.db, name=name)
@@ -200,8 +204,9 @@ class BaseHandler(RequestHandler):
             self.db.add(u)
             self.db.commit()
             user = self._user_from_orm(u)
+            self.authenticator.add_user(user)
         return user
-    
+
     def clear_login_cookie(self, name=None):
         if name is None:
             user = self.get_current_user()
@@ -213,7 +218,7 @@ class BaseHandler(RequestHandler):
         if user and user.server:
             self.clear_cookie(user.server.cookie_name, path=user.server.base_url, **kwargs)
         self.clear_cookie(self.hub.server.cookie_name, path=self.hub.server.base_url, **kwargs)
-    
+
     def _set_user_cookie(self, user, server):
         # tornado <4.2 have a bug that consider secure==True as soon as
         # 'secure' kwarg is passed to set_secure_cookie
@@ -230,15 +235,15 @@ class BaseHandler(RequestHandler):
             path=server.base_url,
             **kwargs
         )
-    
+
     def set_server_cookie(self, user):
         """set the login cookie for the single-user server"""
         self._set_user_cookie(user, user.server)
-    
+
     def set_hub_cookie(self, user):
         """set the login cookie for the Hub"""
         self._set_user_cookie(user, self.hub.server)
-    
+
     def set_login_cookie(self, user):
         """Set login cookies for the Hub and single-user server."""
         if self.subdomain_host and not self.request.host.startswith(self.domain):
@@ -248,11 +253,11 @@ class BaseHandler(RequestHandler):
         # create and set a new cookie token for the single-user server
         if user.server:
             self.set_server_cookie(user)
-        
+
         # create and set a new cookie token for the hub
         if not self.get_current_user_cookie():
             self.set_hub_cookie(user)
-    
+
     @gen.coroutine
     def authenticate(self, data):
         auth = self.authenticator
@@ -278,7 +283,7 @@ class BaseHandler(RequestHandler):
     @property
     def spawner_class(self):
         return self.settings.get('spawner_class', LocalProcessSpawner)
-    
+
     @gen.coroutine
     def spawn_single_user(self, user, options=None):
         if user.spawn_pending:
@@ -290,7 +295,7 @@ class BaseHandler(RequestHandler):
         @gen.coroutine
         def finish_user_spawn(f=None):
             """Finish the user spawn by registering listeners and notifying the proxy.
-            
+
             If the spawner is slow to start, this is passed as an async callback,
             otherwise it is called immediately.
             """
@@ -299,16 +304,17 @@ class BaseHandler(RequestHandler):
                 return
             toc = IOLoop.current().time()
             self.log.info("User %s server took %.3f seconds to start", user.name, toc-tic)
+            self.statsd.timing('spawner.success', (toc - tic) * 1000)
             yield self.proxy.add_user(user)
             user.spawner.add_poll_callback(self.user_stopped, user)
-        
+
         try:
             yield gen.with_timeout(timedelta(seconds=self.slow_spawn_timeout), f)
         except gen.TimeoutError:
             if user.spawn_pending:
                 # still in Spawner.start, which is taking a long time
                 # we shouldn't poll while spawn_pending is True
-                self.log.warn("User %s server is slow to start", user.name)
+                self.log.warning("User %s server is slow to start", user.name)
                 # schedule finish for when the user finishes spawning
                 IOLoop.current().add_future(f, finish_user_spawn)
             else:
@@ -318,26 +324,28 @@ class BaseHandler(RequestHandler):
                 if status is None:
                     # hit timeout, but server's running. Hope that it'll show up soon enough,
                     # though it's possible that it started at the wrong URL
-                    self.log.warn("User %s server is slow to become responsive", user.name)
+                    self.log.warning("User %s server is slow to become responsive", user.name)
                     # schedule finish for when the user finishes spawning
                     IOLoop.current().add_future(f, finish_user_spawn)
                 else:
+                    toc = IOLoop.current().time()
+                    self.statsd.timing('spawner.failure', (toc - tic) * 1000)
                     raise web.HTTPError(500, "Spawner failed to start [status=%s]" % status)
         else:
             yield finish_user_spawn()
-    
+
     @gen.coroutine
     def user_stopped(self, user):
         """Callback that fires when the spawner has stopped"""
         status = yield user.spawner.poll()
         if status is None:
             status = 'unknown'
-        self.log.warn("User %s server stopped, with exit code: %s",
+        self.log.warning("User %s server stopped, with exit code: %s",
             user.name, status,
         )
         yield self.proxy.delete_user(user)
         yield user.stop()
-    
+
     @gen.coroutine
     def stop_single_user(self, user):
         if user.stop_pending:
@@ -348,7 +356,7 @@ class BaseHandler(RequestHandler):
         @gen.coroutine
         def finish_stop(f=None):
             """Finish the stop action by noticing that the user is stopped.
-            
+
             If the spawner is slow to stop, this is passed as an async callback,
             otherwise it is called immediately.
             """
@@ -357,13 +365,13 @@ class BaseHandler(RequestHandler):
                 return
             toc = IOLoop.current().time()
             self.log.info("User %s server took %.3f seconds to stop", user.name, toc-tic)
-        
+
         try:
             yield gen.with_timeout(timedelta(seconds=self.slow_stop_timeout), f)
         except gen.TimeoutError:
             if user.stop_pending:
                 # hit timeout, but stop is still pending
-                self.log.warn("User %s server is slow to stop", user.name)
+                self.log.warning("User %s server is slow to stop", user.name)
                 # schedule finish for when the server finishes stopping
                 IOLoop.current().add_future(f, finish_stop)
             else:
@@ -443,7 +451,7 @@ class Template404(BaseHandler):
 
 class PrefixRedirectHandler(BaseHandler):
     """Redirect anything outside a prefix inside.
-    
+
     Redirects /foo to /prefix/foo, etc.
     """
     def get(self):
@@ -470,6 +478,7 @@ class UserSpawnHandler(BaseHandler):
             if current_user.spawner:
                 if current_user.spawn_pending:
                     # spawn has started, but not finished
+                    self.statsd.incr('redirects.user_spawn_pending', 1)
                     html = self.render_template("spawn_pending.html", user=current_user)
                     self.finish(html)
                     return
@@ -489,13 +498,15 @@ class UserSpawnHandler(BaseHandler):
             if self.subdomain_host:
                 target = current_user.host + target
             self.redirect(target)
+            self.statsd.incr('redirects.user_after_login')
         elif current_user:
             # logged in as a different user, redirect
-            target = url_path_join(self.base_url, 'user', current_user.name,
-                                   user_path or '')
+            self.statsd.incr('redirects.user_to_user', 1)
+            target = url_path_join(current_user.url, user_path or '')
             self.redirect(target)
         else:
             # not logged in, clear any cookies and reload
+            self.statsd.incr('redirects.user_to_login', 1)
             self.clear_login_cookie()
             self.redirect(url_concat(
                 self.settings['login_url'],
@@ -508,8 +519,12 @@ class CSPReportHandler(BaseHandler):
     @web.authenticated
     def post(self):
         '''Log a content security policy violation report'''
-        self.log.warn("Content security violation: %s",
-                      self.request.body.decode('utf8', 'replace'))
+        self.log.warning(
+            "Content security violation: %s",
+            self.request.body.decode('utf8', 'replace')
+        )
+        # Report it to statsd as well
+        self.statsd.incr('csp_report')
 
 default_handlers = [
     (r'/user/([^/]+)(/.*)?', UserSpawnHandler),

jupyterhub/handlers/login.py

@@ -20,6 +20,7 @@ class LogoutHandler(BaseHandler):
             self.clear_login_cookie(name)
         user.other_user_cookies = set([])
         self.redirect(self.hub.server.base_url, permanent=False)
+        self.statsd.incr('logout')
 
 
 class LoginHandler(BaseHandler):
@@ -35,6 +36,7 @@ class LoginHandler(BaseHandler):
         )
 
     def get(self):
+        self.statsd.incr('login.request')
         next_url = self.get_argument('next', '')
         if not next_url.startswith('/'):
             # disallow non-absolute next URLs (e.g. full URLs)
@@ -43,7 +45,7 @@ class LoginHandler(BaseHandler):
         if user:
             if not next_url:
                 if user.running:
-                    next_url = user.server.base_url
+                    next_url = user.url
                 else:
                     next_url = self.hub.server.base_url
             # set new login cookie
@@ -61,8 +63,13 @@ class LoginHandler(BaseHandler):
         for arg in self.request.arguments:
             data[arg] = self.get_argument(arg)
 
+        auth_timer = self.statsd.timer('login.authenticate').start()
         username = yield self.authenticate(data)
+        auth_timer.stop(send=False)
+
         if username:
+            self.statsd.incr('login.success')
+            self.statsd.timing('login.authenticate.success', auth_timer.ms)
             user = self.user_from_username(username)
             already_running = False
             if user.spawner:
@@ -78,7 +85,9 @@ class LoginHandler(BaseHandler):
             self.redirect(next_url)
             self.log.info("User logged in: %s", username)
         else:
-            self.log.debug("Failed login for %s", username)
+            self.statsd.incr('login.failure')
+            self.statsd.timing('login.authenticate.failure', auth_timer.ms)
+            self.log.debug("Failed login for %s", data.get('username', 'unknown user'))
             html = self._render(
                 login_error='Invalid username or password',
                 username=username,

jupyterhub/handlers/pages.py

@@ -8,17 +8,17 @@ from tornado import web, gen
 from .. import orm
 from ..utils import admin_only, url_path_join
 from .base import BaseHandler
-from .login import LoginHandler
+from urllib.parse import quote
 
 
 class RootHandler(BaseHandler):
     """Render the Hub root page.
-    
+
     If logged in, redirects to:
-    
+
     - single-user server if running
     - hub home, otherwise
-    
+
     Otherwise, renders login page.
     """
     def get(self):
@@ -27,6 +27,7 @@ class RootHandler(BaseHandler):
             if user.running:
                 url = user.url
                 self.log.debug("User is running: %s", url)
+                self.set_login_cookie(user) # set cookie
             else:
                 url = url_path_join(self.hub.server.base_url, 'home')
                 self.log.debug("User is not running: %s", url)
@@ -49,9 +50,9 @@ class HomeHandler(BaseHandler):
 
 class SpawnHandler(BaseHandler):
     """Handle spawning of single-user servers via form.
-    
+
     GET renders the form, POST handles form submission.
-    
+
     Only enabled when Spawner.options_form is defined.
     """
     def _render_form(self, message=''):
@@ -75,9 +76,8 @@ class SpawnHandler(BaseHandler):
             self.finish(self._render_form())
         else:
             # not running, no form. Trigger spawn.
-            url = url_path_join(self.base_url, 'user', user.name)
-            self.redirect(url)
-    
+            self.redirect(user.url)
+
     @web.authenticated
     @gen.coroutine
     def post(self):
@@ -122,14 +122,14 @@ class AdminHandler(BaseHandler):
         }
         sorts = self.get_arguments('sort') or default_sort
         orders = self.get_arguments('order')
-        
+
         for bad in set(sorts).difference(available):
-            self.log.warn("ignoring invalid sort: %r", bad)
+            self.log.warning("ignoring invalid sort: %r", bad)
             sorts.remove(bad)
         for bad in set(orders).difference({'asc', 'desc'}):
-            self.log.warn("ignoring invalid order: %r", bad)
+            self.log.warning("ignoring invalid order: %r", bad)
             orders.remove(bad)
-        
+
         # add default sort as secondary
         for s in default_sort:
             if s not in sorts:
@@ -139,17 +139,17 @@ class AdminHandler(BaseHandler):
                 orders.append(default_order[col])
         else:
             orders = orders[:len(sorts)]
-        
+
         # this could be one incomprehensible nested list comprehension
         # get User columns
         cols = [ getattr(orm.User, mapping.get(c, c)) for c in sorts ]
         # get User.col.desc() order objects
         ordered = [ getattr(c, o)() for c, o in zip(cols, orders) ]
-        
+
         users = self.db.query(orm.User).order_by(*ordered)
         users = [ self._user_from_orm(u) for u in users ]
         running = [ u for u in users if u.running ]
-        
+
         html = self.render_template('admin.html',
             user=self.get_current_user(),
             admin_access=self.settings.get('admin_access', False),

jupyterhub/orm.py

@@ -303,11 +303,21 @@ class User(Base):
                 name=self.name,
             )
 
-    def new_api_token(self):
-        """Create a new API token"""
+    def new_api_token(self, token=None):
+        """Create a new API token
+        
+        If `token` is given, load that token.
+        """
         assert self.id is not None
         db = inspect(self).session
-        token = new_token()
+        if token is None:
+            token = new_token()
+        else:
+            if len(token) < 8:
+                raise ValueError("Tokens must be at least 8 characters, got %r" % token)
+            found = APIToken.find(db, token)
+            if found:
+                raise ValueError("Collision on token: %s..." % token[:4])
         orm_token = APIToken(user_id=self.id)
         orm_token.token = token
         db.add(orm_token)
@@ -378,6 +388,8 @@ def new_session_factory(url="sqlite:///:memory:", reset=False, **kwargs):
     """Create a new session at url"""
     if url.startswith('sqlite'):
         kwargs.setdefault('connect_args', {'check_same_thread': False})
+    elif url.startswith('mysql'):
+        kwargs.setdefault('pool_recycle', 60)
 
     if url.endswith(':memory:'):
         # If we're using an in-memory database, ensure that only one connection

jupyterhub/spawner.py

@@ -10,6 +10,7 @@ import pwd
 import signal
 import sys
 import grp
+import warnings
 from subprocess import Popen
 from tempfile import mkdtemp
 
@@ -41,39 +42,38 @@ class Spawner(LoggingConfigurable):
     hub = Any()
     authenticator = Any()
     api_token = Unicode()
-    ip = Unicode('127.0.0.1', config=True,
+    ip = Unicode('127.0.0.1',
         help="The IP address (or hostname) the single-user server should listen on"
-    )
-    start_timeout = Integer(60, config=True,
+    ).tag(config=True)
+    start_timeout = Integer(60,
         help="""Timeout (in seconds) before giving up on the spawner.
         
         This is the timeout for start to return, not the timeout for the server to respond.
         Callers of spawner.start will assume that startup has failed if it takes longer than this.
         start should return when the server process is started and its location is known.
         """
-    )
+    ).tag(config=True)
 
-    http_timeout = Integer(
-        30, config=True,
+    http_timeout = Integer(30,
         help="""Timeout (in seconds) before giving up on a spawned HTTP server
 
         Once a server has successfully been spawned, this is the amount of time
         we wait before assuming that the server is unable to accept
         connections.
         """
-    )
+    ).tag(config=True)
 
-    poll_interval = Integer(30, config=True,
+    poll_interval = Integer(30,
         help="""Interval (in seconds) on which to poll the spawner."""
-    )
+    ).tag(config=True)
     _callbacks = List()
     _poll_callback = Any()
     
-    debug = Bool(False, config=True,
+    debug = Bool(False,
         help="Enable debug-logging of the single-user server"
-    )
+    ).tag(config=True)
     
-    options_form = Unicode("", config=True, help="""
+    options_form = Unicode("", help="""
         An HTML form for options a user can specify on launching their server.
         The surrounding `<form>` element and the submit button are already provided.
         
@@ -87,7 +87,7 @@ class Spawner(LoggingConfigurable):
               <option value="A">The letter A</option>
               <option value="B">The letter B</option>
             </select>
-    """)
+    """).tag(config=True)
 
     def options_from_form(self, form_data):
         """Interpret HTTP form data
@@ -113,34 +113,41 @@ class Spawner(LoggingConfigurable):
         'VIRTUAL_ENV',
         'LANG',
         'LC_ALL',
-    ], config=True,
+    ],
         help="Whitelist of environment variables for the subprocess to inherit"
-    )
-    env = Dict()
-    def _env_default(self):
-        env = {}
-        for key in self.env_keep:
-            if key in os.environ:
-                env[key] = os.environ[key]
-        env['JPY_API_TOKEN'] = self.api_token
-        return env
+    ).tag(config=True)
+    env = Dict(help="""Deprecated: use Spawner.get_env or Spawner.environment
     
-    cmd = Command(['jupyterhub-singleuser'], config=True,
+    - extend Spawner.get_env for adding required env in Spawner subclasses
+    - Spawner.environment for config-specified env
+    """)
+    
+    environment = Dict(
+        help="""Environment variables to load for the Spawner.
+
+        Value could be a string or a callable. If it is a callable, it will
+        be called with one parameter, which will be the instance of the spawner
+        in use. It should quickly (without doing much blocking operations) return
+        a string that will be used as the value for the environment variable.
+        """
+    ).tag(config=True)
+    
+    cmd = Command(['jupyterhub-singleuser'],
         help="""The command used for starting notebooks."""
-    )
-    args = List(Unicode, config=True,
+    ).tag(config=True)
+    args = List(Unicode(),
         help="""Extra arguments to be passed to the single-user server"""
-    )
+    ).tag(config=True)
     
-    notebook_dir = Unicode('', config=True,
+    notebook_dir = Unicode('',
         help="""The notebook directory for the single-user server
         
         `~` will be expanded to the user's home directory
         `%U` will be expanded to the user's username
         """
-    )
+    ).tag(config=True)
 
-    default_url = Unicode('', config=True,
+    default_url = Unicode('',
         help="""The default URL for the single-user server. 
 
         Can be used in conjunction with --notebook-dir=/ to enable 
@@ -149,15 +156,15 @@ class Spawner(LoggingConfigurable):
 
         `%U` will be expanded to the user's username
         """
-    )
+    ).tag(config=True)
     
-    disable_user_config = Bool(False, config=True,
+    disable_user_config = Bool(False,
         help="""Disable per-user configuration of single-user servers.
         
         This prevents any config in users' $HOME directories
         from having an effect on their server.
         """
-    )
+    ).tag(config=True)
     
     def __init__(self, **kwargs):
         super(Spawner, self).__init__(**kwargs)
@@ -204,12 +211,34 @@ class Spawner(LoggingConfigurable):
         self.api_token = ''
     
     def get_env(self):
-        """Return the environment we should use
-        
-        Default returns a copy of self.env.
+        """Return the environment dict to use for the Spawner.
+
+        This applies things like `env_keep`, anything defined in `Spawner.environment`,
+        and adds the API token to the env.
+
         Use this to access the env in Spawner.start to allow extension in subclasses.
         """
-        return self.env.copy()
+        env = {}
+        if self.env:
+            warnings.warn("Spawner.env is deprecated, found %s" % self.env, DeprecationWarning)
+            env.update(self.env)
+        
+        for key in self.env_keep:
+            if key in os.environ:
+                env[key] = os.environ[key]
+
+        # config overrides. If the value is a callable, it will be called with
+        # one parameter - the current spawner instance - and the return value
+        # will be assigned to the environment variable. This will be called at
+        # spawn time.
+        for key, value in self.environment.items():
+            if callable(value):
+                env[key] = value(self)
+            else:
+                env[key] = value
+
+        env['JPY_API_TOKEN'] = self.api_token
+        return env
     
     def get_args(self):
         """Return the arguments to be passed after self.cmd"""
@@ -369,15 +398,15 @@ class LocalProcessSpawner(Spawner):
     This is the default spawner for JupyterHub.
     """
     
-    INTERRUPT_TIMEOUT = Integer(10, config=True,
+    INTERRUPT_TIMEOUT = Integer(10,
         help="Seconds to wait for process to halt after SIGINT before proceeding to SIGTERM"
-    )
-    TERM_TIMEOUT = Integer(5, config=True,
+    ).tag(config=True)
+    TERM_TIMEOUT = Integer(5,
         help="Seconds to wait for process to halt after SIGTERM before proceeding to SIGKILL"
-    )
-    KILL_TIMEOUT = Integer(5, config=True,
+    ).tag(config=True)
+    KILL_TIMEOUT = Integer(5,
         help="Seconds to wait for process to halt after SIGKILL before giving up"
-    )
+    ).tag(config=True)
     
     proc = Instance(Popen, allow_none=True)
     pid = Integer(0)
@@ -513,5 +542,5 @@ class LocalProcessSpawner(Spawner):
         status = yield self.poll()
         if status is None:
             # it all failed, zombie process
-            self.log.warn("Process %i never died", self.pid)
+            self.log.warning("Process %i never died", self.pid)
     

jupyterhub/tests/mocking.py

@@ -13,6 +13,8 @@ from tornado import gen
 from tornado.concurrent import Future
 from tornado.ioloop import IOLoop
 
+from traitlets import default
+
 from ..app import JupyterHub
 from ..auth import PAMAuthenticator
 from .. import orm
@@ -44,7 +46,7 @@ class MockSpawner(LocalProcessSpawner):
     
     def user_env(self, env):
         return env
-    
+    @default('cmd')
     def _cmd_default(self):
         return [sys.executable, '-m', 'jupyterhub.tests.mocksu']
 
@@ -66,6 +68,7 @@ class SlowSpawner(MockSpawner):
 class NeverSpawner(MockSpawner):
     """A spawner that will never start"""
     
+    @default('start_timeout')
     def _start_timeout_default(self):
         return 1
     
@@ -90,6 +93,7 @@ class FormSpawner(MockSpawner):
 
 
 class MockPAMAuthenticator(PAMAuthenticator):
+    @default('admin_users')
     def _admin_users_default(self):
         return {'admin'}
     
@@ -113,15 +117,19 @@ class MockHub(JupyterHub):
     
     last_activity_interval = 2
     
+    @default('subdomain_host')
     def _subdomain_host_default(self):
         return os.environ.get('JUPYTERHUB_TEST_SUBDOMAIN_HOST', '')
     
+    @default('ip')
     def _ip_default(self):
         return '127.0.0.1'
     
+    @default('authenticator_class')
     def _authenticator_class_default(self):
         return MockPAMAuthenticator
     
+    @default('spawner_class')
     def _spawner_class_default(self):
         return MockSpawner
     

jupyterhub/tests/test_api.py

@@ -41,7 +41,7 @@ def check_db_locks(func):
 
 def find_user(db, name):
     return db.query(orm.User).filter(orm.User.name==name).first()
-    
+
 def add_user(db, app=None, **kwargs):
     orm_user = orm.User(**kwargs)
     db.add(orm_user)
@@ -81,17 +81,17 @@ def test_auth_api(app):
     db = app.db
     r = api_request(app, 'authorizations', 'gobbledygook')
     assert r.status_code == 404
-    
+
     # make a new cookie token
     user = db.query(orm.User).first()
     api_token = user.new_api_token()
-    
+
     # check success:
     r = api_request(app, 'authorizations/token', api_token)
     assert r.status_code == 200
     reply = r.json()
     assert reply['name'] == user.name
-    
+
     # check fail
     r = api_request(app, 'authorizations/token', api_token,
         headers={'Authorization': 'no sir'},
@@ -115,7 +115,7 @@ def test_referer_check(app, io_loop):
     # stop the admin's server so we don't mess up future tests
     io_loop.run_sync(lambda : app.proxy.delete_user(app_user))
     io_loop.run_sync(app_user.stop)
-    
+
     r = api_request(app, 'users',
         headers={
             'Authorization': '',
@@ -152,7 +152,7 @@ def test_get_users(app):
     db = app.db
     r = api_request(app, 'users')
     assert r.status_code == 200
-    
+
     users = sorted(r.json(), key=lambda d: d['name'])
     for u in users:
         u.pop('last_activity')
@@ -230,21 +230,21 @@ def test_add_multi_user(app):
     reply = r.json()
     r_names = [ user['name'] for user in reply ]
     assert names == r_names
-    
+
     for name in names:
         user = find_user(db, name)
         assert user is not None
         assert user.name == name
         assert not user.admin
-    
+
     # try to create the same users again
     r = api_request(app, 'users', method='post',
         data=json.dumps({'usernames': names}),
     )
     assert r.status_code == 400
-    
+
     names = ['a', 'b', 'ab']
-    
+
     # try to create the same users again
     r = api_request(app, 'users', method='post',
         data=json.dumps({'usernames': names}),
@@ -265,7 +265,7 @@ def test_add_multi_user_admin(app):
     reply = r.json()
     r_names = [ user['name'] for user in reply ]
     assert names == r_names
-    
+
     for name in names:
         user = find_user(db, name)
         assert user is not None
@@ -298,7 +298,7 @@ def test_delete_user(app):
     mal = add_user(db, name='mal')
     r = api_request(app, 'users', 'mal', method='delete')
     assert r.status_code == 204
-    
+
 
 def test_make_admin(app):
     db = app.db
@@ -321,7 +321,7 @@ def test_make_admin(app):
 
 def get_app_user(app, name):
     """Get the User object from the main thread
-    
+
     Needed for access to the Spawner.
     No ORM methods should be called on the result.
     """
@@ -350,7 +350,7 @@ def test_spawn(app, io_loop):
     assert not app_user.spawn_pending
     status = io_loop.run_sync(app_user.spawner.poll)
     assert status is None
-    
+
     assert user.server.base_url == '/user/%s' % name
     url = user_url(user, app)
     print(url)
@@ -365,10 +365,10 @@ def test_spawn(app, io_loop):
         assert expected in argv
     if app.subdomain_host:
         assert '--hub-host=%s' % app.subdomain_host in argv
-    
+
     r = api_request(app, 'users', name, 'server', method='delete')
     assert r.status_code == 204
-    
+
     assert 'pid' not in user.state
     status = io_loop.run_sync(app_user.spawner.poll)
     assert status == 0
@@ -390,12 +390,12 @@ def test_slow_spawn(app, io_loop):
     assert app_user.spawner is not None
     assert app_user.spawn_pending
     assert not app_user.stop_pending
-    
+
     @gen.coroutine
     def wait_spawn():
         while app_user.spawn_pending:
             yield gen.sleep(0.1)
-    
+
     io_loop.run_sync(wait_spawn)
     assert not app_user.spawn_pending
     status = io_loop.run_sync(app_user.spawner.poll)
@@ -417,13 +417,13 @@ def test_slow_spawn(app, io_loop):
     assert r.status_code == 202
     assert app_user.spawner is not None
     assert app_user.stop_pending
-    
+
     io_loop.run_sync(wait_stop)
     assert not app_user.stop_pending
     assert app_user.spawner is not None
     r = api_request(app, 'users', name, 'server', method='delete')
     assert r.status_code == 400
-    
+
 
 def test_never_spawn(app, io_loop):
     app.tornado_settings['spawner_class'] = mocking.NeverSpawner
@@ -437,12 +437,12 @@ def test_never_spawn(app, io_loop):
     app_user = get_app_user(app, name)
     assert app_user.spawner is not None
     assert app_user.spawn_pending
-    
+
     @gen.coroutine
     def wait_pending():
         while app_user.spawn_pending:
             yield gen.sleep(0.1)
-    
+
     io_loop.run_sync(wait_pending)
     assert not app_user.spawn_pending
     status = io_loop.run_sync(app_user.spawner.poll)
@@ -464,7 +464,7 @@ def test_cookie(app):
     assert r.status_code == 201
     assert 'pid' in user.state
     app_user = get_app_user(app, name)
-    
+
     cookies = app.login_user(name)
     # cookie jar gives '"cookie-value"', we want 'cookie-value'
     cookie = cookies[user.server.cookie_name][1:-1]
@@ -475,7 +475,7 @@ def test_cookie(app):
     r.raise_for_status()
     reply = r.json()
     assert reply['name'] == name
-    
+
     # deprecated cookie in body:
     r = api_request(app, 'authorizations/cookie', user.server.cookie_name, data=cookie)
     r.raise_for_status()
@@ -493,6 +493,27 @@ def test_token(app):
     r = api_request(app, 'authorizations/token', 'notauthorized')
     assert r.status_code == 404
 
+def test_get_token(app):
+    name = 'user'
+    user = add_user(app.db, app=app, name=name)
+    r = api_request(app, 'authorizations/token', method='post', data=json.dumps({
+        'username': name,
+        'password': name,
+    }))
+    assert r.status_code == 200
+    data = r.content.decode("utf-8")
+    token = json.loads(data)
+    assert not token['Authentication'] is None
+
+def test_bad_get_token(app):
+    name = 'user'
+    password = 'fake'
+    user = add_user(app.db, app=app, name=name)
+    r = api_request(app, 'authorizations/token', method='post', data=json.dumps({
+        'username': name,
+        'password': password,
+    }))
+    assert r.status_code == 403
 
 def test_options(app):
     r = api_request(app, 'users', method='options')

jupyterhub/tests/test_app.py

@@ -1,11 +1,17 @@
 """Test the JupyterHub entry point"""
 
+import binascii
 import os
 import re
 import sys
 from subprocess import check_output, Popen, PIPE
 from tempfile import NamedTemporaryFile, TemporaryDirectory
+from unittest.mock import patch
+
+import pytest
+
 from .mocking import MockHub
+from .. import orm
 
 def test_help_all():
     out = check_output([sys.executable, '-m', 'jupyterhub', '--help-all']).decode('utf8', 'replace')
@@ -48,3 +54,89 @@ def test_generate_config():
     assert cfg_file in out
     assert 'Spawner.cmd' in cfg_text
     assert 'Authenticator.whitelist' in cfg_text
+
+
+def test_init_tokens():
+    with TemporaryDirectory() as td:
+        db_file = os.path.join(td, 'jupyterhub.sqlite')
+        tokens = {
+            'super-secret-token': 'alyx',
+            'also-super-secret': 'gordon',
+            'boagasdfasdf': 'chell',
+        }
+        app = MockHub(db_file=db_file, api_tokens=tokens)
+        app.initialize([])
+        db = app.db
+        for token, username in tokens.items():
+            api_token = orm.APIToken.find(db, token)
+            assert api_token is not None
+            user = api_token.user
+            assert user.name == username
+        
+        # simulate second startup, reloading same tokens:
+        app = MockHub(db_file=db_file, api_tokens=tokens)
+        app.initialize([])
+        db = app.db
+        for token, username in tokens.items():
+            api_token = orm.APIToken.find(db, token)
+            assert api_token is not None
+            user = api_token.user
+            assert user.name == username
+        
+        # don't allow failed token insertion to create users:
+        tokens['short'] = 'gman'
+        app = MockHub(db_file=db_file, api_tokens=tokens)
+        # with pytest.raises(ValueError):
+        app.initialize([])
+        assert orm.User.find(app.db, 'gman') is None
+
+
+def test_write_cookie_secret(tmpdir):
+    secret_path = str(tmpdir.join('cookie_secret'))
+    hub = MockHub(cookie_secret_file=secret_path)
+    hub.init_secrets()
+    assert os.path.exists(secret_path)
+    assert os.stat(secret_path).st_mode & 0o600
+    assert not os.stat(secret_path).st_mode & 0o177
+
+
+def test_cookie_secret_permissions(tmpdir):
+    secret_file = tmpdir.join('cookie_secret')
+    secret_path = str(secret_file)
+    secret = os.urandom(1024)
+    secret_file.write(binascii.b2a_base64(secret))
+    hub = MockHub(cookie_secret_file=secret_path)
+
+    # raise with public secret file
+    os.chmod(secret_path, 0o664)
+    with pytest.raises(SystemExit):
+        hub.init_secrets()
+
+    # ok with same file, proper permissions
+    os.chmod(secret_path, 0o660)
+    hub.init_secrets()
+    assert hub.cookie_secret == secret
+
+
+def test_cookie_secret_content(tmpdir):
+    secret_file = tmpdir.join('cookie_secret')
+    secret_file.write('not base 64: uñiço∂e')
+    secret_path = str(secret_file)
+    os.chmod(secret_path, 0o660)
+    hub = MockHub(cookie_secret_file=secret_path)
+    with pytest.raises(SystemExit):
+        hub.init_secrets()
+
+
+def test_cookie_secret_env(tmpdir):
+    hub = MockHub(cookie_secret_file=str(tmpdir.join('cookie_secret')))
+
+    with patch.dict(os.environ, {'JPY_COOKIE_SECRET': 'not hex'}):
+        with pytest.raises(ValueError):
+            hub.init_secrets()
+
+    with patch.dict(os.environ, {'JPY_COOKIE_SECRET': 'abc123'}):
+        hub.init_secrets()
+    assert hub.cookie_secret == binascii.a2b_hex('abc123')
+    assert not os.path.exists(hub.cookie_secret_file)
+

jupyterhub/tests/test_orm.py

@@ -93,6 +93,16 @@ def test_tokens(db):
     found = orm.APIToken.find(db, 'something else')
     assert found is None
 
+    secret = 'super-secret-preload-token'
+    token = user.new_api_token(secret)
+    assert token == secret
+    assert len(user.api_tokens) == 3
+
+    # raise ValueError on collision
+    with pytest.raises(ValueError):
+        user.new_api_token(token)
+    assert len(user.api_tokens) == 3
+
 
 def test_spawn_fails(db, io_loop):
     orm_user = orm.User(name='aeofel')

jupyterhub/tests/test_pages.py

@@ -222,6 +222,16 @@ def test_logout(app):
     assert r.cookies == {}
 
 
+def test_login_no_whitelist_adds_user(app):
+    auth = app.authenticator
+    mock_add_user = mock.Mock()
+    with mock.patch.object(auth, 'add_user', mock_add_user):
+        cookies = app.login_user('jubal')
+
+    user = app.users['jubal']
+    assert mock_add_user.mock_calls == [mock.call(user)]
+
+
 def test_static_files(app):
     base_url = ujoin(public_url(app), app.hub.server.base_url)
     print(base_url)

jupyterhub/traitlets.py

@@ -21,7 +21,7 @@ class Command(List):
         kwargs.setdefault('minlen', 1)
         if isinstance(default_value, str):
             default_value = [default_value]
-        super().__init__(Unicode, default_value, **kwargs)
+        super().__init__(Unicode(), default_value, **kwargs)
         
     def validate(self, obj, value):
         if isinstance(value, str):

jupyterhub/user.py

@@ -12,7 +12,7 @@ from sqlalchemy import inspect
 from .utils import url_path_join
 
 from . import orm
-from traitlets import HasTraits, Any, Dict
+from traitlets import HasTraits, Any, Dict, observe, default
 from .spawner import LocalProcessSpawner
 
 
@@ -41,7 +41,7 @@ class UserDict(dict):
         elif isinstance(key, str):
             orm_user = self.db.query(orm.User).filter(orm.User.name==key).first()
             if orm_user is None:
-                raise KeyError("No such user: %s" % name)
+                raise KeyError("No such user: %s" % key)
             else:
                 key = orm_user
         if isinstance(key, orm.User):
@@ -75,22 +75,24 @@ class UserDict(dict):
 
 class User(HasTraits):
     
+    @default('log')
     def _log_default(self):
         return app_log
     
     settings = Dict()
     
     db = Any(allow_none=True)
+    @default('db')
     def _db_default(self):
         if self.orm_user:
             return inspect(self.orm_user).session
-    
-    def _db_changed(self, name, old, new):
+    @observe('db')
+    def _db_changed(self, change):
         """Changing db session reacquires ORM User object"""
         # db session changed, re-get orm User
         if self.orm_user:
             id = self.orm_user.id
-            self.orm_user = new.query(orm.User).filter(orm.User.id==id).first()
+            self.orm_user = change['new'].query(orm.User).filter(orm.User.id==id).first()
         self.spawner.db = self.db
     
     orm_user = None
@@ -186,10 +188,10 @@ class User(HasTraits):
         if self.settings.get('subdomain_host'):
             return '{host}{path}'.format(
                 host=self.host,
-                path=self.server.base_url,
+                path=self.base_url,
             )
         else:
-            return self.server.base_url
+            return self.base_url
     
     @gen.coroutine
     def spawn(self, options=None):
@@ -226,7 +228,7 @@ class User(HasTraits):
             yield gen.with_timeout(timedelta(seconds=spawner.start_timeout), f)
         except Exception as e:
             if isinstance(e, gen.TimeoutError):
-                self.log.warn("{user}'s server failed to start in {s} seconds, giving up".format(
+                self.log.warning("{user}'s server failed to start in {s} seconds, giving up".format(
                     user=self.name, s=spawner.start_timeout,
                 ))
                 e.reason = 'timeout'
@@ -254,7 +256,7 @@ class User(HasTraits):
             yield self.server.wait_up(http=True, timeout=spawner.http_timeout)
         except Exception as e:
             if isinstance(e, TimeoutError):
-                self.log.warn(
+                self.log.warning(
                     "{user}'s server never showed up at {url} "
                     "after {http_timeout} seconds. Giving up".format(
                         user=self.name,

jupyterhub/utils.py

@@ -78,14 +78,14 @@ def wait_for_http_server(url, timeout=10):
                 if e.code != 599:
                     # we expect 599 for no connection,
                     # but 502 or other proxy error is conceivable
-                    app_log.warn("Server at %s responded with error: %s", url, e.code)
+                    app_log.warning("Server at %s responded with error: %s", url, e.code)
                 yield gen.sleep(0.1)
             else:
                 app_log.debug("Server at %s responded with %s", url, e.code)
                 return
         except (OSError, socket.error) as e:
             if e.errno not in {errno.ECONNABORTED, errno.ECONNREFUSED, errno.ECONNRESET}:
-                app_log.warn("Failed to connect to %s (%s)", url, e)
+                app_log.warning("Failed to connect to %s (%s)", url, e)
             yield gen.sleep(0.1)
         else:
             return

jupyterhub/version.py

@@ -5,8 +5,9 @@
 
 version_info = (
     0,
-    5,
+    6,
     0,
+    # 'dev',
 )
 
 __version__ = '.'.join(map(str, version_info))

onbuild/Dockerfile

@@ -0,0 +1,11 @@
+# JupyterHub Dockerfile that loads your jupyterhub_config.py
+#
+# Adds ONBUILD step to jupyter/jupyterhub to load your juptyerhub_config.py into the image
+#
+# Derivative images must have jupyterhub_config.py next to the Dockerfile.
+
+FROM jupyterhub/jupyterhub
+
+ONBUILD ADD jupyterhub_config.py /srv/jupyterhub/jupyterhub_config.py
+
+CMD ["jupyterhub", "-f", "/srv/jupyterhub/jupyterhub_config.py"]

onbuild/README.md

@@ -0,0 +1,10 @@
+# JupyterHub onbuild image
+
+If you base a Dockerfile on this image:
+
+    FROM juptyerhub/jupyterhub-onbuild:0.6
+    ...
+
+then your `jupyterhub_config.py` adjacent to your Dockerfile will be loaded into the image and used by JupyterHub.
+
+This is how the `jupyter/jupyterhub` docker image behaved prior to 0.6.

requirements.txt

@@ -1,6 +1,7 @@
-traitlets>=4
+traitlets>=4.1
 tornado>=4.1
 jinja2
 pamela
+statsd
 sqlalchemy>=1.0
 requests

scripts/jupyterhub-singleuser

@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/env python
 """Extend regular notebook server to be aware of multiuser things."""
 
 # Copyright (c) Jupyter Development Team.
@@ -47,7 +47,7 @@ class JupyterHubLoginHandler(LoginHandler):
     @staticmethod
     def login_available(settings):
         return True
-    
+
     @staticmethod
     def verify_token(self, cookie_name, encrypted_cookie):
         """method for token verification"""
@@ -55,7 +55,7 @@ class JupyterHubLoginHandler(LoginHandler):
         if encrypted_cookie in cookie_cache:
             # we've seen this token before, don't ask upstream again
             return cookie_cache[encrypted_cookie]
-    
+
         hub_api_url = self.settings['hub_api_url']
         hub_api_key = self.settings['hub_api_key']
         r = requests.get(url_path_join(
@@ -78,7 +78,7 @@ class JupyterHubLoginHandler(LoginHandler):
             data = r.json()
         cookie_cache[encrypted_cookie] = data
         return data
-    
+
     @staticmethod
     def get_user(self):
         """alternative get_current_user to query the central server"""
@@ -87,7 +87,7 @@ class JupyterHubLoginHandler(LoginHandler):
         # since this may be called again when trying to render the error page
         if hasattr(self, '_cached_user'):
             return self._cached_user
-        
+
         self._cached_user = None
         my_user = self.settings['user']
         encrypted_cookie = self.get_cookie(self.cookie_name)
@@ -210,37 +210,37 @@ class SingleUserNotebookApp(NotebookApp):
     def _clear_cookie_cache(self):
         self.log.debug("Clearing cookie cache")
         self.tornado_settings['cookie_cache'].clear()
-    
+
     def migrate_config(self):
         if self.disable_user_config:
             # disable config-migration when user config is disabled
             return
         else:
             super(SingleUserNotebookApp, self).migrate_config()
-    
+
     @property
     def config_file_paths(self):
         path = super(SingleUserNotebookApp, self).config_file_paths
-        
+
         if self.disable_user_config:
             # filter out user-writable config dirs if user config is disabled
             path = list(_exclude_home(path))
         return path
-    
+
     @property
     def nbextensions_path(self):
         path = super(SingleUserNotebookApp, self).nbextensions_path
-        
+
         if self.disable_user_config:
             path = list(_exclude_home(path))
         return path
-    
+
     def _static_custom_path_default(self):
         path = super(SingleUserNotebookApp, self)._static_custom_path_default()
         if self.disable_user_config:
             path = list(_exclude_home(path))
         return path
-    
+
     def start(self):
         # Start a PeriodicCallback to clear cached cookies.  This forces us to
         # revalidate our user with the Hub at least every
@@ -251,7 +251,7 @@ class SingleUserNotebookApp(NotebookApp):
                 self.cookie_cache_lifetime * 1e3,
             ).start()
         super(SingleUserNotebookApp, self).start()
-    
+
     def init_webapp(self):
         # load the hub related settings into the tornado settings dict
         env = os.environ
@@ -267,21 +267,21 @@ class SingleUserNotebookApp(NotebookApp):
         s['csp_report_uri'] = self.hub_host + url_path_join(self.hub_prefix, 'security/csp-report')
         super(SingleUserNotebookApp, self).init_webapp()
         self.patch_templates()
-    
+
     def patch_templates(self):
         """Patch page templates to add Hub-related buttons"""
-        
+
         self.jinja_template_vars['logo_url'] = self.hub_host + url_path_join(self.hub_prefix, 'logo')
         env = self.web_app.settings['jinja2_env']
-        
+
         env.globals['hub_control_panel_url'] = \
             self.hub_host + url_path_join(self.hub_prefix, 'home')
-        
+
         # patch jinja env loading to modify page template
         def get_page(name):
             if name == 'page.html':
                 return page_template
-        
+
         orig_loader = env.loader
         env.loader = ChoiceLoader([
             FunctionLoader(get_page),

setup.py

@@ -166,7 +166,7 @@ class Bower(BaseCommand):
         
         if self.should_run_npm():
             print("installing build dependencies with npm")
-            check_call(['npm', 'install'], cwd=here)
+            check_call(['npm', 'install', '--progress=false'], cwd=here)
             os.utime(self.node_modules)
         
         env = os.environ.copy()

share/jupyter/hub/templates/home.html

@@ -10,7 +10,7 @@
       {% endif %}
       <a id="start" class="btn btn-lg btn-success"
       {% if user.running %}
-        href="{{base_url}}user/{{user.name}}/"
+        href="{{ user.url }}"
       {% else %}
         href="{{base_url}}spawn"
       {% endif %}

tools/tasks.py

@@ -133,6 +133,7 @@ def untag(vs, push=False):
     v2 = parse_vs(vs)
     v2.append('dev')
     v2[1] += 1
+    v2[2] = 0
     vs2 = unparse_vs(v2)
     patch_version(vs2, repo_root)
     with cd(repo_root):