Skip to main content

Collection of utilities for TurboGears2

Project description

About tgext.utils

https://travis-ci.org/amol-/tgext.utils.png?branch=master https://coveralls.io/repos/amol-/tgext.utils/badge.png?branch=master https://img.shields.io/pypi/v/tgext.utils.svg https://img.shields.io/pypi/dm/tgext.utils.svg

tgext.utils is a collection of utilities for the TurboGears2 web framework.

Installing

tgext.utils can be installed from pypi:

pip install tgext.utils

should just work for most of the users.

CSRF Protection

tgext.utils.csrf provides two decorators @csrf_token and @csrf_protect which generate a CSRF token for inclusion in a form and check that the token is valid.

The user must apply @csrf_token decorator to the action that exposes the form, and put an <input type="hidden"> into the form with a request.csrf_token as the value and _csrf_token as name:

@csrf_token
@expose()
def form(self):
    return '''
    <form method="POST" action="/post_form">
        <input type="hidden" name="_csrf_token" value="%s">
    </form>''' % request.csrf_token

The action that receives the form must have @csrf_protect decorator, no particular action or check is required on this action:

@csrf_protect
@expose()
def post_form(self, **kwargs):
    return 'OK!'

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tgext.utils-0.0.1.tar.gz (4.3 kB view details)

Uploaded Source

File details

Details for the file tgext.utils-0.0.1.tar.gz.

File metadata

File hashes

Hashes for tgext.utils-0.0.1.tar.gz
Algorithm Hash digest
SHA256 0a6a3d9cdec7638d3559948692d7e7fd64baa1e2e153fa649e266231a78773b0
MD5 8e9a6ce748f3d0ba73d3b6d8602b571e
BLAKE2b-256 f21a8f31a1eef33bafff244648b9d0c6e3e4364a16a32c24bc75bc9edde8aa8e

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page