我试图有条件地应用装饰器(Flask-HTTPAuth' s login_required)。如果sky_is_blue == True,我想将装饰器(如果为False)应用于。
这需要随叫随到,因为它可能会在应用程序的生命周期中发生变化(实际上在实践中并没有那么多,但绝对是出于单元测试的目的,而且我对任何情况下的原因都很好奇)。
所以我把装饰器包装在一个装饰器中。
行为与False案例中的预期一致(不应用装饰器),但我在True案例中应用装饰器时遇到了麻烦。我不确定这是否是我做错了,或者是与Flask-HTTPAuth的奇怪互动。
以下脚本演示了两个单元测试的问题。 test_sky_not_blue传递,但test_sky_blue失败,堆栈跟踪。
from flask import Flask
from flask.ext.httpauth import HTTPBasicAuth
from functools import update_wrapper, wraps
from flask.ext.testing import TestCase
import unittest
app = Flask(__name__)
app.config['TESTING'] = True
sky_is_blue = True
auth = HTTPBasicAuth()
class ConditionalAuth(object):
def __init__(self, decorator):
print("ini with {}".format(decorator.__name__))
self.decorator = decorator
update_wrapper(self, decorator)
def __call__(self, func):
print("__call__: ".format(func.__name__))
@wraps(func)
def wrapped(*args, **kwargs):
print("Wrapped call, function {}".format(func.__name__))
if sky_is_blue:
rv = self.decorator(func(*args, **kwargs))
return rv
else:
rv = func(*args, **kwargs)
return rv
return wrapped
@app.route('/')
@ConditionalAuth(auth.login_required)
def index():
"""
Get a token
"""
return "OK"
class TestSky(TestCase):
def create_app(self):
return app
def test_sky_blue(self):
global sky_is_blue
sky_is_blue = True
response = self.client.get('/')
self.assert200(response)
def test_sky_not_blue(self):
global sky_is_blue
sky_is_blue = False
response = self.client.get('/')
self.assert200(response)
def suite():
return unittest.makeSuite(TestSky)
if __name__ == '__main__':
unittest.main(defaultTest='suite')
我得到的完整堆栈跟踪是:
Traceback (most recent call last):
File "test.py", line 64, in test_sky_blue
response = self.client.get('/')
File "/usr/local/lib/python2.7/site-packages/werkzeug/test.py", line 778, in get
return self.open(*args, **kw)
File "/usr/local/lib/python2.7/site-packages/flask/testing.py", line 108, in open
follow_redirects=follow_redirects)
File "/usr/local/lib/python2.7/site-packages/werkzeug/test.py", line 751, in open
response = self.run_wsgi_app(environ, buffered=buffered)
File "/usr/local/lib/python2.7/site-packages/werkzeug/test.py", line 668, in run_wsgi_app
rv = run_wsgi_app(self.application, environ, buffered=buffered)
File "/usr/local/lib/python2.7/site-packages/werkzeug/test.py", line 871, in run_wsgi_app
app_rv = app(environ, start_response)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "test.py", line 40, in wrapped
rv = self.decorator(func(*args, **kwargs))
File "/usr/local/lib/python2.7/site-packages/flask_httpauth.py", line 48, in login_required
@wraps(f)
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/functools.py", line 33, in update_wrapper
setattr(wrapper, attr, getattr(wrapped, attr))
AttributeError: 'str' object has no attribute '__module__'
使用Python 2.7.11,Flask-HTTPAuth == 2.7.1,Flask == 0.10.1进行测试,我们将非常感谢任何见解。
答案 0 :(得分:4)
有趣的是,解决问题的有效方法是帮助解决问题。
问题是装饰者调用中的括号:
rv = self.decorator(func(*args, **kwargs))
将其更改为以下内容会修复它:
rv = self.decorator(func)(*args, **kwargs)
装饰器需要返回一个函数,但通过直接将参数传递给func(),我没有给它机会这样做。
将其分成单独的电话会让我更清楚,我想:
decorated_function = self.decorator(func)
return decorated_function(*args, **kwargs))
答案 1 :(得分:1)
有趣的问题。请注意,如果您只想选择绕过身份验证逻辑,则可以更轻松地执行此操作,而无需使用新的装饰器。只需将旁路逻辑合并到verify_password回调中:
@auth.verify_password
def verify(username, password):
if not sky_is_blue:
return True # let the request through, no questions asked!
# your authentication logic here
return False # this will trigger a 401 response
现在您可以像往常一样应用login_required装饰器,只要sky_is_blue == False {/ p>,身份验证就会成功
@app.route('/')
@auth.login_required
def index():
"""
Get a token
"""
return "OK"
希望这有帮助!
答案 2 :(得分:0)
如果您需要对所有路由应用条件身份验证检查而不在所有路由上定义login_required包装,那么这是一个解决方案。只需使用before_request钩子:
@app.before_request
def conditional_auth_check():
if your_condition:
@auth.login_required
def _check_login():
return None
return _check_login()
login_required并不一定需要直接包裹路线。
答案 3 :(得分:0)
似乎有条件地使用optional装饰器的auth.login_required关键字参数来开箱即用提供授权。
来自API docs:
可以将可选的
optional参数设置为True,以在请求中不包含身份验证时也允许路由执行,在这种情况下,auth.current_user()将设置为None。示例:
@auth.login_required(optional=True)
def private_page():
user = auth.current_user()
return "Hello {}!".format(user.name if user is not None else 'anonymous')