jupyter login
anaconda2/lib/python2.7/site-packages/notebook/auth/login.py
"""Tornado handlers for logging into the notebook.""" # Copyright (c) Jupyter Development Team.
# Distributed under the terms of the Modified BSD License. import re
import urllib2
import json
import os try:
from urllib.parse import urlparse # Py 3
except ImportError:
from urlparse import urlparse # Py 2
import uuid from tornado.escape import url_escape from ..auth.security import passwd_check from ..base.handlers import IPythonHandler class LoginHandler(IPythonHandler):
"""The basic tornado login handler authenticates with a hashed password from the configuration.
"""
def _render(self, message=None):
self.write(self.render_template('login.html',
next=url_escape(self.get_argument('next', default=self.base_url)),
message=message,
)) def _redirect_safe(self, url, default=None):
"""Redirect if url is on our PATH Full-domain redirects are allowed if they pass our CORS origin checks. Otherwise use default (self.base_url if unspecified).
"""
if default is None:
default = self.base_url
if not url.startswith(self.base_url):
# require that next_url be absolute path within our path
allow = False
# OR pass our cross-origin check
if '://' in url:
# if full URL, run our cross-origin check:
parsed = urlparse(url.lower())
origin = '%s://%s' % (parsed.scheme, parsed.netloc)
if self.allow_origin:
allow = self.allow_origin == origin
elif self.allow_origin_pat:
allow = bool(self.allow_origin_pat.match(origin))
if not allow:
# not allowed, use default
self.log.warning("Not allowing login redirect to %r" % url)
url = default
self.redirect(url) def get(self):
if self.current_user:
next_url = self.get_argument('next', default=self.base_url)
self._redirect_safe(next_url)
else:
self._render() @property
def hashed_password(self):
return self.password_from_settings(self.settings) def passwd_check(self, a, b):
return passwd_check(a, b) #
# rr
#
def sas_token_check(self, t):
try:
if not t or t == '':
return None
token_url = os.environ['SAS_TOKEN_URL']
if token_url == '':
return None
req = urllib2.Request(url=token_url+t)
r = json.loads(urllib2.urlopen(req).read())
if r['err'] != 0:
return None
if r['data'] is None or r['data'] == '':
return None
except:
return None return r['data'] def post(self):
typed_password = self.get_argument('password', default=u'')
typed_sas_token = self.get_argument('sas_token', default=u'')
if self.get_login_available(self.settings):
if self.passwd_check(self.hashed_password, typed_password) and self.sas_token_check(typed_sas_token):
self.set_login_cookie(self, uuid.uuid4().hex)
# save sas token to cookie
os.environ['SAS_SUBMIT_USER'] = typed_sas_token
self.set_cookie_val(self, "sas.submit.user", typed_sas_token)
# decode sas token
typed_sas_token = self.sas_token_check(typed_sas_token)
# save decoded sas token to cookie
try:
os.environ['SAS_SUBMIT_USER_REAL'] =re.match(r'^DSP_(.+)_\d+$', typed_sas_token).groups()[0]
except:
os.environ['SAS_SUBMIT_USER_REAL'] =re.match(r'^DSP_(.+)$', typed_sas_token).groups()[0]
self.set_cookie_val(self, "sas.submit.user.real", os.environ['SAS_SUBMIT_USER_REAL'])
#elif self.token and self.token == typed_password:
# self.set_login_cookie(self, uuid.uuid4().hex)
else:
self.set_status(401)
self._render(message={'error': 'Invalid password or SAS Token'})
return next_url = self.get_argument('next', default=self.base_url)
self._redirect_safe(next_url) #
# rr
#
@classmethod
def set_cookie_val(cls, handler, key, value):
"""Call this on handlers to set the login cookie for success"""
cookie_options = handler.settings.get('cookie_options', {})
cookie_options.setdefault('httponly', True)
# tornado <4.2 has a bug that considers secure==True as soon as
# 'secure' kwarg is passed to set_secure_cookie
if handler.settings.get('secure_cookie', handler.request.protocol == 'https'):
cookie_options.setdefault('secure', True)
handler.set_secure_cookie(key, value, **cookie_options) @classmethod
def set_login_cookie(cls, handler, user_id=None):
"""Call this on handlers to set the login cookie for success"""
cookie_options = handler.settings.get('cookie_options', {})
cookie_options.setdefault('httponly', True)
# tornado <4.2 has a bug that considers secure==True as soon as
# 'secure' kwarg is passed to set_secure_cookie
if handler.settings.get('secure_cookie', handler.request.protocol == 'https'):
cookie_options.setdefault('secure', True)
handler.set_secure_cookie(handler.cookie_name, user_id, **cookie_options)
return user_id auth_header_pat = re.compile('token\s+(.+)', re.IGNORECASE) @classmethod
def get_token(cls, handler):
"""Get the user token from a request Default: - in URL parameters: ?token=<token>
- in header: Authorization: token <token>
""" user_token = handler.get_argument('token', '')
if not user_token:
# get it from Authorization header
m = cls.auth_header_pat.match(handler.request.headers.get('Authorization', ''))
if m:
user_token = m.group(1)
return user_token @classmethod
def should_check_origin(cls, handler):
"""Should the Handler check for CORS origin validation? Origin check should be skipped for token-authenticated requests. Returns:
- True, if Handler must check for valid CORS origin.
- False, if Handler should skip origin check since requests are token-authenticated.
"""
return not cls.is_token_authenticated(handler) @classmethod
def is_token_authenticated(cls, handler):
"""Returns True if handler has been token authenticated. Otherwise, False. Login with a token is used to signal certain things, such as: - permit access to REST API
- xsrf protection
- skip origin-checks for scripts
"""
if getattr(handler, '_user_id', None) is None:
# ensure get_user has been called, so we know if we're token-authenticated
handler.get_current_user()
return getattr(handler, '_token_authenticated', False) @classmethod
def get_user(cls, handler):
"""Called by handlers.get_current_user for identifying the current user. See tornado.web.RequestHandler.get_current_user for details.
"""
# Can't call this get_current_user because it will collide when
# called on LoginHandler itself.
if getattr(handler, '_user_id', None):
return handler._user_id
user_id = cls.get_user_token(handler)
if user_id is None:
user_id = handler.get_secure_cookie(handler.cookie_name)
try:
os.environ['SAS_SUBMIT_USER'] = handler.get_secure_cookie("sas.submit.user")
os.environ['SAS_SUBMIT_USER_REAL'] = handler.get_secure_cookie("sas.submit.user.real")
except:
pass
else:
cls.set_login_cookie(handler, user_id)
# Record that the current request has been authenticated with a token.
# Used in is_token_authenticated above.
handler._token_authenticated = True
if user_id is None:
# prevent extra Invalid cookie sig warnings:
handler.clear_login_cookie()
if not handler.login_available:
# Completely insecure! No authentication at all.
# No need to warn here, though; validate_security will have already done that.
user_id = 'anonymous' # cache value for future retrievals on the same request
handler._user_id = user_id
return user_id @classmethod
def get_user_token(cls, handler):
"""Identify the user based on a token in the URL or Authorization header Returns:
- uuid if authenticated
- None if not
"""
token = handler.token
if not token:
return
# check login token from URL argument or Authorization header
user_token = cls.get_token(handler)
one_time_token = handler.one_time_token
authenticated = False
if user_token == token:
# token-authenticated, set the login cookie
handler.log.debug("Accepting token-authenticated connection from %s", handler.request.remote_ip)
authenticated = True
elif one_time_token and user_token == one_time_token:
# one-time-token-authenticated, only allow this token once
handler.settings.pop('one_time_token', None)
handler.log.info("Accepting one-time-token-authenticated connection from %s", handler.request.remote_ip)
authenticated = True if authenticated:
return uuid.uuid4().hex
else:
return None @classmethod
def validate_security(cls, app, ssl_options=None):
"""Check the notebook application's security. Show messages, or abort if necessary, based on the security configuration.
"""
if not app.ip:
warning = "WARNING: The notebook server is listening on all IP addresses"
if ssl_options is None:
app.log.warning(warning + " and not using encryption. This "
"is not recommended.")
if not app.password and not app.token:
app.log.warning(warning + " and not using authentication. "
"This is highly insecure and not recommended.")
else:
if not app.password and not app.token:
app.log.warning(
"All authentication is disabled."
" Anyone who can connect to this server will be able to run code.") @classmethod
def password_from_settings(cls, settings):
"""Return the hashed password from the tornado settings. If there is no configured password, an empty string will be returned.
"""
return settings.get('password', u'') @classmethod
def get_login_available(cls, settings):
"""Whether this LoginHandler is needed - and therefore whether the login page should be displayed."""
return bool(cls.password_from_settings(settings) or settings.get('token'))
jupyter login的更多相关文章
- window下安装jupyter
1.Install [Anaconda](https://docs.continuum.io/anaconda/install#anaconda-install) 实际上安装了anaconda就已经安 ...
- Jupyter Notebook
Jupyter Notebook(此前被称为 IPython notebook)是一个交互式笔记本,支持运行 40 多种编程语言.在本文中,我们将介绍 Jupyter notebook 的主要特性,以 ...
- Pycharm安装并配置jupyter notebook
Pycharm安装并配置jupyter notebook Pycharm安装并配置jupyter notebook 一: 安装命令jupyter: pip install jupyter 如果缺少依赖 ...
- Python - 搭建Jupyter notebook环境
1- Jupyter简介 HomePage:https://jupyter.org/ 安装指南:https://jupyter.org/install.html 官方文档:https://jupyte ...
- [人工智能] 安装python jupyter
1. 什么是python jupyter ? 简单的说,可以理解为一个IDE. http://jupyter.org/ 2. 安装python jupyter notebook http://ju ...
- Windows下的Jupyter Notebook 安装与自定义启动(图文详解)
不多说,直接上干货! 前期博客 Windows下的Python 3.6.1的下载与安装(适合32bits和64bits)(图文详解) 这是我自定义的Python 的安装目录 (D:\SoftWare\ ...
- 在CentOS7服务器端启动jupyter notebook服务,在windows端使用jupyter notebook,服务器充当后台计算云端
在CentOS7服务器端启动jupyter notebook服务,在windows端使用jupyter notebook,服务器充当后台计算云端 在服务器端启动jupyter notebook服务,在 ...
- jupyter notebook 初步使用配置调整
jupyter notebook 官方说明 初始部分: 如何打开特定的笔记本? 以下代码应在当前运行的笔记本服务器中打开给定的笔记本,必要时启动一个. jupyter notebook noteboo ...
- windows安装Jupyter Notebook
这是我自定义的Python 的安装目录 (D:\SoftWare\Python\Python36\Scripts) 1.Jupyter Notebook 和 pip 为了更加方便地写 Python 代 ...
随机推荐
- dl in image process
deep learning目前为止无论在分类还是检测上,都是整体的处理,而不会出现像sift这样的局部特征,这个问题或许如果能克服掉,能让检测效果更进一大步.
- Docker 启动SQLServer
1.运行这个命令 docker run -d -e SA_PASSWORD=Docker123 -e SQLSERVER_DATABASE=qgb -e SQLSERVER_USER=sa -e ...
- windows服务与log4net应用
有时候我们需要用到window服务来执行定时任务,然后配合log4net记录程序运行情况,这里简单记录下配置的整个过程以及注意要点: 一.添加windows服务 1.设计页面,右键添加安装程序
- 【css】display:flex和display:box有什么区别
说法一: 注意:前者是flex 2012年的语法,也将是以后标准的语法,大部分浏览器已经实现了无前缀版本.后者是2009年的语法,已经过时,是需要加上对应前缀的.所以兼容性的代码,大致如下displa ...
- 操作系统中堆(heap)与栈(stack)的区别
主要区别如下: 一.空间分配: 1.堆(操作系统):一般由程序员分配释放,若程序员不释放,程序结束时可能由OS回收,分配方式类似于链表.PS:java中都是系统GC,程序员无法进行GC. 2.栈(操作 ...
- 使用js输出1000以内的水仙花数
什么是水仙花数 水仙花数(Narcissistic number)也被称为超完全数字不变数(pluperfect digital invariant, PPDI).自恋数.自幂数.阿姆斯壮数或阿姆斯特 ...
- requests模块发送数据
通过json dumps发送 import requests import json def agent(): """ 执行命令采集硬件信息 将执行的信息发送给API : ...
- vue中的绑定class和微信小程序中的绑定class的区别
微信小程序 小程序里面的class与style绑定,遵循HTML特性绑定,有关于HTML绑定.在进行class与style绑定时,可以直接绑定,也可以带上逻辑与,或者三元运算进行条件控制 JS dat ...
- bash shell脚本之使用expr运算
bash shell中的数学运算 cat test7: #!/bin/bash # An example of using the expr command var1= var2= var3=`exp ...
- Python: NumPy, Pandas学习资料
NumPy 学习资料 书籍 NumPy Cookbook_[Idris2012] NumPy Beginner's Guide,3rd_[Idris2015] Python数据分析基础教程:NumPy ...