jupyter login
anaconda2/lib/python2.7/site-packages/notebook/auth/login.py
"""Tornado handlers for logging into the notebook.""" # Copyright (c) Jupyter Development Team.
# Distributed under the terms of the Modified BSD License. import re
import urllib2
import json
import os try:
from urllib.parse import urlparse # Py 3
except ImportError:
from urlparse import urlparse # Py 2
import uuid from tornado.escape import url_escape from ..auth.security import passwd_check from ..base.handlers import IPythonHandler class LoginHandler(IPythonHandler):
"""The basic tornado login handler authenticates with a hashed password from the configuration.
"""
def _render(self, message=None):
self.write(self.render_template('login.html',
next=url_escape(self.get_argument('next', default=self.base_url)),
message=message,
)) def _redirect_safe(self, url, default=None):
"""Redirect if url is on our PATH Full-domain redirects are allowed if they pass our CORS origin checks. Otherwise use default (self.base_url if unspecified).
"""
if default is None:
default = self.base_url
if not url.startswith(self.base_url):
# require that next_url be absolute path within our path
allow = False
# OR pass our cross-origin check
if '://' in url:
# if full URL, run our cross-origin check:
parsed = urlparse(url.lower())
origin = '%s://%s' % (parsed.scheme, parsed.netloc)
if self.allow_origin:
allow = self.allow_origin == origin
elif self.allow_origin_pat:
allow = bool(self.allow_origin_pat.match(origin))
if not allow:
# not allowed, use default
self.log.warning("Not allowing login redirect to %r" % url)
url = default
self.redirect(url) def get(self):
if self.current_user:
next_url = self.get_argument('next', default=self.base_url)
self._redirect_safe(next_url)
else:
self._render() @property
def hashed_password(self):
return self.password_from_settings(self.settings) def passwd_check(self, a, b):
return passwd_check(a, b) #
# rr
#
def sas_token_check(self, t):
try:
if not t or t == '':
return None
token_url = os.environ['SAS_TOKEN_URL']
if token_url == '':
return None
req = urllib2.Request(url=token_url+t)
r = json.loads(urllib2.urlopen(req).read())
if r['err'] != 0:
return None
if r['data'] is None or r['data'] == '':
return None
except:
return None return r['data'] def post(self):
typed_password = self.get_argument('password', default=u'')
typed_sas_token = self.get_argument('sas_token', default=u'')
if self.get_login_available(self.settings):
if self.passwd_check(self.hashed_password, typed_password) and self.sas_token_check(typed_sas_token):
self.set_login_cookie(self, uuid.uuid4().hex)
# save sas token to cookie
os.environ['SAS_SUBMIT_USER'] = typed_sas_token
self.set_cookie_val(self, "sas.submit.user", typed_sas_token)
# decode sas token
typed_sas_token = self.sas_token_check(typed_sas_token)
# save decoded sas token to cookie
try:
os.environ['SAS_SUBMIT_USER_REAL'] =re.match(r'^DSP_(.+)_\d+$', typed_sas_token).groups()[0]
except:
os.environ['SAS_SUBMIT_USER_REAL'] =re.match(r'^DSP_(.+)$', typed_sas_token).groups()[0]
self.set_cookie_val(self, "sas.submit.user.real", os.environ['SAS_SUBMIT_USER_REAL'])
#elif self.token and self.token == typed_password:
# self.set_login_cookie(self, uuid.uuid4().hex)
else:
self.set_status(401)
self._render(message={'error': 'Invalid password or SAS Token'})
return next_url = self.get_argument('next', default=self.base_url)
self._redirect_safe(next_url) #
# rr
#
@classmethod
def set_cookie_val(cls, handler, key, value):
"""Call this on handlers to set the login cookie for success"""
cookie_options = handler.settings.get('cookie_options', {})
cookie_options.setdefault('httponly', True)
# tornado <4.2 has a bug that considers secure==True as soon as
# 'secure' kwarg is passed to set_secure_cookie
if handler.settings.get('secure_cookie', handler.request.protocol == 'https'):
cookie_options.setdefault('secure', True)
handler.set_secure_cookie(key, value, **cookie_options) @classmethod
def set_login_cookie(cls, handler, user_id=None):
"""Call this on handlers to set the login cookie for success"""
cookie_options = handler.settings.get('cookie_options', {})
cookie_options.setdefault('httponly', True)
# tornado <4.2 has a bug that considers secure==True as soon as
# 'secure' kwarg is passed to set_secure_cookie
if handler.settings.get('secure_cookie', handler.request.protocol == 'https'):
cookie_options.setdefault('secure', True)
handler.set_secure_cookie(handler.cookie_name, user_id, **cookie_options)
return user_id auth_header_pat = re.compile('token\s+(.+)', re.IGNORECASE) @classmethod
def get_token(cls, handler):
"""Get the user token from a request Default: - in URL parameters: ?token=<token>
- in header: Authorization: token <token>
""" user_token = handler.get_argument('token', '')
if not user_token:
# get it from Authorization header
m = cls.auth_header_pat.match(handler.request.headers.get('Authorization', ''))
if m:
user_token = m.group(1)
return user_token @classmethod
def should_check_origin(cls, handler):
"""Should the Handler check for CORS origin validation? Origin check should be skipped for token-authenticated requests. Returns:
- True, if Handler must check for valid CORS origin.
- False, if Handler should skip origin check since requests are token-authenticated.
"""
return not cls.is_token_authenticated(handler) @classmethod
def is_token_authenticated(cls, handler):
"""Returns True if handler has been token authenticated. Otherwise, False. Login with a token is used to signal certain things, such as: - permit access to REST API
- xsrf protection
- skip origin-checks for scripts
"""
if getattr(handler, '_user_id', None) is None:
# ensure get_user has been called, so we know if we're token-authenticated
handler.get_current_user()
return getattr(handler, '_token_authenticated', False) @classmethod
def get_user(cls, handler):
"""Called by handlers.get_current_user for identifying the current user. See tornado.web.RequestHandler.get_current_user for details.
"""
# Can't call this get_current_user because it will collide when
# called on LoginHandler itself.
if getattr(handler, '_user_id', None):
return handler._user_id
user_id = cls.get_user_token(handler)
if user_id is None:
user_id = handler.get_secure_cookie(handler.cookie_name)
try:
os.environ['SAS_SUBMIT_USER'] = handler.get_secure_cookie("sas.submit.user")
os.environ['SAS_SUBMIT_USER_REAL'] = handler.get_secure_cookie("sas.submit.user.real")
except:
pass
else:
cls.set_login_cookie(handler, user_id)
# Record that the current request has been authenticated with a token.
# Used in is_token_authenticated above.
handler._token_authenticated = True
if user_id is None:
# prevent extra Invalid cookie sig warnings:
handler.clear_login_cookie()
if not handler.login_available:
# Completely insecure! No authentication at all.
# No need to warn here, though; validate_security will have already done that.
user_id = 'anonymous' # cache value for future retrievals on the same request
handler._user_id = user_id
return user_id @classmethod
def get_user_token(cls, handler):
"""Identify the user based on a token in the URL or Authorization header Returns:
- uuid if authenticated
- None if not
"""
token = handler.token
if not token:
return
# check login token from URL argument or Authorization header
user_token = cls.get_token(handler)
one_time_token = handler.one_time_token
authenticated = False
if user_token == token:
# token-authenticated, set the login cookie
handler.log.debug("Accepting token-authenticated connection from %s", handler.request.remote_ip)
authenticated = True
elif one_time_token and user_token == one_time_token:
# one-time-token-authenticated, only allow this token once
handler.settings.pop('one_time_token', None)
handler.log.info("Accepting one-time-token-authenticated connection from %s", handler.request.remote_ip)
authenticated = True if authenticated:
return uuid.uuid4().hex
else:
return None @classmethod
def validate_security(cls, app, ssl_options=None):
"""Check the notebook application's security. Show messages, or abort if necessary, based on the security configuration.
"""
if not app.ip:
warning = "WARNING: The notebook server is listening on all IP addresses"
if ssl_options is None:
app.log.warning(warning + " and not using encryption. This "
"is not recommended.")
if not app.password and not app.token:
app.log.warning(warning + " and not using authentication. "
"This is highly insecure and not recommended.")
else:
if not app.password and not app.token:
app.log.warning(
"All authentication is disabled."
" Anyone who can connect to this server will be able to run code.") @classmethod
def password_from_settings(cls, settings):
"""Return the hashed password from the tornado settings. If there is no configured password, an empty string will be returned.
"""
return settings.get('password', u'') @classmethod
def get_login_available(cls, settings):
"""Whether this LoginHandler is needed - and therefore whether the login page should be displayed."""
return bool(cls.password_from_settings(settings) or settings.get('token'))
jupyter login的更多相关文章
- window下安装jupyter
1.Install [Anaconda](https://docs.continuum.io/anaconda/install#anaconda-install) 实际上安装了anaconda就已经安 ...
- Jupyter Notebook
Jupyter Notebook(此前被称为 IPython notebook)是一个交互式笔记本,支持运行 40 多种编程语言.在本文中,我们将介绍 Jupyter notebook 的主要特性,以 ...
- Pycharm安装并配置jupyter notebook
Pycharm安装并配置jupyter notebook Pycharm安装并配置jupyter notebook 一: 安装命令jupyter: pip install jupyter 如果缺少依赖 ...
- Python - 搭建Jupyter notebook环境
1- Jupyter简介 HomePage:https://jupyter.org/ 安装指南:https://jupyter.org/install.html 官方文档:https://jupyte ...
- [人工智能] 安装python jupyter
1. 什么是python jupyter ? 简单的说,可以理解为一个IDE. http://jupyter.org/ 2. 安装python jupyter notebook http://ju ...
- Windows下的Jupyter Notebook 安装与自定义启动(图文详解)
不多说,直接上干货! 前期博客 Windows下的Python 3.6.1的下载与安装(适合32bits和64bits)(图文详解) 这是我自定义的Python 的安装目录 (D:\SoftWare\ ...
- 在CentOS7服务器端启动jupyter notebook服务,在windows端使用jupyter notebook,服务器充当后台计算云端
在CentOS7服务器端启动jupyter notebook服务,在windows端使用jupyter notebook,服务器充当后台计算云端 在服务器端启动jupyter notebook服务,在 ...
- jupyter notebook 初步使用配置调整
jupyter notebook 官方说明 初始部分: 如何打开特定的笔记本? 以下代码应在当前运行的笔记本服务器中打开给定的笔记本,必要时启动一个. jupyter notebook noteboo ...
- windows安装Jupyter Notebook
这是我自定义的Python 的安装目录 (D:\SoftWare\Python\Python36\Scripts) 1.Jupyter Notebook 和 pip 为了更加方便地写 Python 代 ...
随机推荐
- POJ 1789 Prim
给定N个字符串,某个字符串转为另一个字符串的花费为他们每一位不相同的字符数. 求最小花费Q. Input 多组输入,以0结束. 保证N不超过2000. Output 每组输出"The hig ...
- c# ServiceStack web 搭建
用的是4.5的.net版本 构建model /// <summary> /// 通过id获取资料 /// </summary> //[Route("/GetStude ...
- 判断两个list是否元素一样
首先创建枚举 public enum TheType { type1 = , type2 = , type3 = } 1.如果不考虑顺序,即顺序不一样,只要元素都一样即可 List<TheTyp ...
- Oracle 如何查看当前的实例及切换实例
一.Oracle查看当前实例 1.打开终端,输入命令sqlpuls / as sysdba连接到数据库 2.输入命令show parameter name便可以查看当前登录数据库的参数配置,如下可以看 ...
- python实现蓝牙通信
安装和示例 linux下安装 -dev sudo pip install bluepy 官方示例 import btle class MyDelegate(btle.DefaultDelegate): ...
- SQL学习——SELECT INTO和INSERT INTO SELECT
原文链接 SELECT INTO 作用 SELECT INTO 语句从一个表中复制数据,然后将数据插入到另一个新表中. SELECT INTO 语法 我们可以把所有的列都复制到新表中: SELECT ...
- Spring Cloud(二)服务提供者 Eureka + 服务消费者(rest + Ribbon)
Ribbon是什么? Ribbon是Netflix发布的开源项目,主要功能是提供客户端的软件负载均衡算法,将Netflix的中间层服务连接在一起.Ribbon客户端组件提供一系列完善的配置项如连接超时 ...
- 智能指针原理及实现(1)shared_ptr
0.异常安全 C++没有内存回收机制,每次程序员new出来的对象需要手动delete,流程复杂时可能会漏掉delete,导致内存泄漏.于是C++引入智能指针,可用于动态资源管理,资源即对象的管理策略. ...
- 使用Fiddler工具在夜神模拟器或手机上抓包
下载安装Fiddler 地址:https://www.telerik.com/download/fiddler-everywhere Fiddler端设置 Tools>Options>Co ...
- Delphi 线程的基本概念