From 8c2ced501d9ab291a4b12a367b120b9c7a3a3848 Mon Sep 17 00:00:00 2001 From: Min RK Date: Mon, 8 Dec 2014 10:51:14 -0800 Subject: [PATCH] address review in custom auth --- IPython/html/auth/login.py | 29 ++++++++++++++++++----------- IPython/html/base/handlers.py | 2 +- IPython/html/notebookapp.py | 2 +- 3 files changed, 20 insertions(+), 13 deletions(-) diff --git a/IPython/html/auth/login.py b/IPython/html/auth/login.py index 9de7fcf5d..a4120829f 100644 --- a/IPython/html/auth/login.py +++ b/IPython/html/auth/login.py @@ -44,14 +44,17 @@ class LoginHandler(IPythonHandler): self.redirect(self.get_argument('next', default=self.base_url)) - @staticmethod - def get_user(handler): - """Called by handlers for identifying the current user.""" + @classmethod + def get_user(cls, handler): + """Called by handlers.get_current_user for identifying the current user. + + See tornado.web.RequestHandler.get_current_user for details. + """ # Can't call this get_current_user because it will collide when # called on LoginHandler itself. user_id = handler.get_secure_cookie(handler.cookie_name) - # For now the user_id should not return empty, but it could eventually + # For now the user_id should not return empty, but it could, eventually. if user_id == '': user_id = 'anonymous' if user_id is None: @@ -63,18 +66,22 @@ class LoginHandler(IPythonHandler): @classmethod - def validate_notebook_app_security(cls, notebook_app, ssl_options=None): - if not notebook_app.ip: + def validate_security(cls, app, ssl_options=None): + """Check the notebook application's security. + + Show messages, or abort if necessary, based on the security configuration. + """ + if not app.ip: warning = "WARNING: The notebook server is listening on all IP addresses" if ssl_options is None: - notebook_app.log.critical(warning + " and not using encryption. This " + app.log.critical(warning + " and not using encryption. This " "is not recommended.") - if not notebook_app.password: - notebook_app.log.critical(warning + " and not using authentication. " + if not app.password: + app.log.critical(warning + " and not using authentication. " "This is highly insecure and not recommended.") - @staticmethod - def password_from_settings(settings): + @classmethod + def password_from_settings(cls, settings): """Return the hashed password from the tornado settings. If there is no configured password, an empty string will be returned. diff --git a/IPython/html/base/handlers.py b/IPython/html/base/handlers.py index a45d4f761..70a1b13bf 100644 --- a/IPython/html/base/handlers.py +++ b/IPython/html/base/handlers.py @@ -87,7 +87,7 @@ class AuthenticatedHandler(web.RequestHandler): @property def login_handler(self): - """Return the login handler for this application.""" + """Return the login handler for this application, if any.""" return self.settings.get('login_handler_class', None) @property diff --git a/IPython/html/notebookapp.py b/IPython/html/notebookapp.py index 5484bd535..6b798c821 100644 --- a/IPython/html/notebookapp.py +++ b/IPython/html/notebookapp.py @@ -797,7 +797,7 @@ class NotebookApp(BaseIPythonApplication): ssl_options['keyfile'] = self.keyfile else: ssl_options = None - self.login_handler_class.validate_notebook_app_security(self, ssl_options=ssl_options) + self.login_handler_class.validate_security(self, ssl_options=ssl_options) self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options, xheaders=self.trust_xheaders)