pyview-web 0.0.7a0__py3-none-any.whl → 0.0.9a0__py3-none-any.whl

pyview/auth/__init__.py

@@ -0,0 +1,2 @@
+from .required import requires
+from .provider import AuthProvider, AllowAllAuthProvider, AuthProviderFactory

pyview/auth/provider.py

@@ -0,0 +1,32 @@
+from typing import Protocol, TypeVar, Callable
+from starlette.websockets import WebSocket
+from pyview import LiveView
+
+_CallableType = TypeVar("_CallableType", bound=Callable)
+
+
+class AuthProvider(Protocol):
+    async def has_required_auth(self, websocket: WebSocket) -> bool:
+        ...
+
+    def wrap(self, func: _CallableType) -> _CallableType:
+        ...
+
+
+class AllowAllAuthProvider(AuthProvider):
+    async def has_required_auth(self, websocket: WebSocket) -> bool:
+        return True
+
+    def wrap(self, func: _CallableType) -> _CallableType:
+        return func
+
+
+class AuthProviderFactory:
+    @classmethod
+    def get(cls, lv: type[LiveView]) -> AuthProvider:
+        return getattr(lv, "__pyview_auth_provider__", AllowAllAuthProvider())
+
+    @classmethod
+    def set(cls, lv: type[LiveView], auth_provider: AuthProvider) -> type[LiveView]:
+        setattr(lv, "__pyview_auth_provider__", auth_provider)
+        return lv

pyview/auth/required.py

@@ -0,0 +1,43 @@
+import typing
+from dataclasses import dataclass
+from starlette.websockets import WebSocket
+from starlette.authentication import requires as starlette_requires, has_required_scope
+from .provider import AuthProvider, AuthProviderFactory
+from pyview import LiveView
+import sys
+
+if sys.version_info >= (3, 10):  # pragma: no cover
+    from typing import ParamSpec
+else:  # pragma: no cover
+    from typing_extensions import ParamSpec
+
+_P = ParamSpec("_P")
+
+
+@dataclass
+class RequiredScopeAuthProvider(AuthProvider):
+    scopes: typing.Sequence[str]
+    status_code: int = 403
+    redirect: typing.Optional[str] = None
+
+    def wrap(
+        self, func: typing.Callable[_P, typing.Any]
+    ) -> typing.Callable[_P, typing.Any]:
+        return starlette_requires(self.scopes, self.status_code, self.redirect)(func)
+
+    async def has_required_auth(self, websocket: WebSocket) -> bool:
+        return has_required_scope(websocket, self.scopes)
+
+
+def requires(
+    scopes: typing.Union[str, typing.Sequence[str]],
+    status_code: int = 403,
+    redirect: typing.Optional[str] = None,
+) -> typing.Callable[[type[LiveView]], type[LiveView]]:
+    def decorator(cls: type[LiveView]) -> type[LiveView]:
+        scopes_list = [scopes] if isinstance(scopes, str) else list(scopes)
+        return AuthProviderFactory.set(
+            cls, RequiredScopeAuthProvider(scopes_list, status_code, redirect)
+        )
+
+    return decorator

pyview/pyview.py

@@ -2,7 +2,6 @@ from starlette.applications import Starlette
 from fastapi import WebSocket
 from fastapi.responses import HTMLResponse
 from starlette.middleware.gzip import GZipMiddleware
-from starlette.middleware.sessions import SessionMiddleware
 from starlette.routing import Route
 from starlette.requests import Request
 import uuid
@@ -11,23 +10,11 @@ from urllib.parse import parse_qs
 from pyview.live_socket import UnconnectedSocket
 from pyview.csrf import generate_csrf_token
 from pyview.session import serialize_session
-from pyview.secret import get_secret
+from pyview.auth import AuthProviderFactory
 from .ws_handler import LiveSocketHandler
 from .live_view import LiveView
 from .live_routes import LiveViewLookup
-from typing import Callable, Optional, TypedDict
-
-
-class RootTemplateContext(TypedDict):
-    id: str
-    content: str
-    title: Optional[str]
-    css: Optional[str]
-    csrf_token: str
-    session: Optional[str]
-
-
-RootTemplate = Callable[[RootTemplateContext], str]
+from .template import RootTemplate, RootTemplateContext, defaultRootTemplate
 
 
 class PyView(Starlette):
@@ -35,7 +22,7 @@ class PyView(Starlette):
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
-        self.rootTemplate = defaultRootTemplate("")
+        self.rootTemplate = defaultRootTemplate()
         self.view_lookup = LiveViewLookup()
         self.live_handler = LiveSocketHandler(self.view_lookup)
 
@@ -44,17 +31,21 @@ class PyView(Starlette):
 
         self.add_websocket_route("/live/websocket", live_websocket_endpoint)
         self.add_middleware(GZipMiddleware)
-        # self.add_middleware(SessionMiddleware, secret_key=get_secret())
 
-    def add_live_view(self, path: str, view: Callable[[], LiveView]):
+    def add_live_view(self, path: str, view: type[LiveView]):
         async def lv(request: Request):
-            return await liveview_container(self.rootTemplate, self.view_lookup, request)
+            return await liveview_container(
+                self.rootTemplate, self.view_lookup, request
+            )
 
         self.view_lookup.add(path, view)
-        self.routes.append(Route(path, lv, methods=["GET"]))
+        auth = AuthProviderFactory.get(view)
+        self.routes.append(Route(path, auth.wrap(lv), methods=["GET"]))
 
 
-async def liveview_container(template: RootTemplate, view_lookup: LiveViewLookup, request: Request):
+async def liveview_container(
+    template: RootTemplate, view_lookup: LiveViewLookup, request: Request
+):
     url = request.url
     path = url.path
     lv: LiveView = view_lookup.get(path)
@@ -73,49 +64,7 @@ async def liveview_container(template: RootTemplate, view_lookup: LiveViewLookup
         "content": r.text(),
         "title": s.live_title,
         "csrf_token": generate_csrf_token("lv:phx-" + id),
-        "css": None,
         "session": serialize_session(session),
     }
 
     return HTMLResponse(template(context))
-
-
-def defaultRootTemplate(css: str) -> RootTemplate:
-    def template(context: RootTemplateContext) -> str:
-        context["css"] = css
-        return _defaultRootTemplate(context)
-
-    return template
-
-
-def _defaultRootTemplate(context: RootTemplateContext) -> str:
-    suffix = " | LiveView"
-    render_title = (context["title"] + suffix) if context.get("title", None) is not None else "LiveView"  # type: ignore
-    css = context["css"] if context.get("css", None) is not None else ""
-    return f"""
-<!DOCTYPE html>
-<html lang="en">
-    <head>
-      <title data-suffix="{suffix}">{render_title}</title>
-      <meta name="csrf-token" content="{context['csrf_token']}" />
-      <meta charset="utf-8">
-      <meta http-equiv="X-UA-Compatible" content="IE=edge">
-      <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-      <script defer type="text/javascript" src="/static/assets/app.js"></script>
-      {css}
-    </head>
-    <body>
-    <div>
-      <a href="/">Home</a>
-      <div
-        data-phx-main="true"
-        data-phx-session="{context['session']}"
-        data-phx-static=""
-        id="phx-{context['id']}"
-        >
-        {context['content']}
-    </div>
-    </div>
-    </body>
-</html>
-"""

pyview/template/__init__.py

@@ -1,2 +1,3 @@
 from pyview.vendor.ibis import Template
 from .live_template import LiveTemplate, template_file, RenderedContent, LiveRender
+from .root_template import RootTemplate, RootTemplateContext, defaultRootTemplate

pyview/template/root_template.py

@@ -0,0 +1,71 @@
+from typing import Callable, Optional, TypedDict
+from markupsafe import Markup
+
+
+class RootTemplateContext(TypedDict):
+    id: str
+    content: str
+    title: Optional[str]
+    csrf_token: str
+    session: Optional[str]
+
+
+RootTemplate = Callable[[RootTemplateContext], str]
+ContentWrapper = Callable[[RootTemplateContext, Markup], Markup]
+
+
+def defaultRootTemplate(
+    css: Optional[Markup] = None, content_wrapper: Optional[ContentWrapper] = None
+) -> RootTemplate:
+    content_wrapper = content_wrapper or (lambda c, m: m)
+
+    def template(context: RootTemplateContext) -> str:
+        return _defaultRootTemplate(context, css or Markup(""), content_wrapper)
+
+    return template
+
+
+def _defaultRootTemplate(
+    context: RootTemplateContext, css: Markup, contentWrapper: ContentWrapper
+) -> str:
+    suffix = " | LiveView"
+    render_title = (context["title"] + suffix) if context.get("title", None) is not None else "LiveView"  # type: ignore
+    main_content = contentWrapper(
+        context,
+        Markup(
+            f"""
+      <div
+        data-phx-main="true"
+        data-phx-session="{context['session']}"
+        data-phx-static=""
+        id="phx-{context['id']}"
+        >
+        {context['content']}
+    </div>"""
+        ),
+    )
+
+    return (
+        Markup(
+            f"""
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+      <title data-suffix="{suffix}">{render_title}</title>
+      <meta name="csrf-token" content="{context['csrf_token']}" />
+      <meta charset="utf-8">
+      <meta http-equiv="X-UA-Compatible" content="IE=edge">
+      <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+      <script defer type="text/javascript" src="/static/assets/app.js"></script>
+      {css}
+    </head>
+    <body>"""
+        )
+        + main_content
+        + Markup(
+            """
+    </body>
+</html>
+"""
+        )
+    )

pyview/ws_handler.py

@@ -6,6 +6,11 @@ from pyview.live_socket import LiveViewSocket
 from pyview.live_routes import LiveViewLookup
 from pyview.csrf import validate_csrf_token
 from pyview.session import deserialize_session
+from pyview.auth import AuthProviderFactory
+
+
+class AuthException(Exception):
+    pass
 
 
 class LiveSocketHandler:
@@ -14,6 +19,10 @@ class LiveSocketHandler:
         self.manager = ConnectionManager()
         self.sessions = 0
 
+    async def check_auth(self, websocket: WebSocket, lv):
+        if not await AuthProviderFactory.get(lv).has_required_auth(websocket):
+            raise AuthException()
+
     async def handle(self, websocket: WebSocket):
         await self.manager.connect(websocket)
 
@@ -25,13 +34,14 @@ class LiveSocketHandler:
             data = await websocket.receive_text()
             [joinRef, mesageRef, topic, event, payload] = json.loads(data)
             if event == "phx_join":
+                if not validate_csrf_token(payload["params"]["_csrf_token"], topic):
+                    raise AuthException("Invalid CSRF token")
+
                 url = urlparse(payload["url"])
                 lv = self.routes.get(url.path)
+                await self.check_auth(websocket, lv)
                 socket = LiveViewSocket(websocket, topic, lv)
 
-                if not validate_csrf_token(payload["params"]["_csrf_token"], topic):
-                    raise Exception("Invalid CSRF token")
-
                 session = {}
                 if "session" in payload:
                     session = deserialize_session(payload["session"])
@@ -53,10 +63,12 @@ class LiveSocketHandler:
                 await self.handle_connected(socket)
 
         except WebSocketDisconnect:
-            self.manager.disconnect(websocket)
             if socket:
                 await socket.close()
             self.sessions -= 1
+        except AuthException:
+            await websocket.close()
+            self.sessions -= 1
 
     async def handle_connected(self, socket: LiveViewSocket):
         while True:
@@ -122,18 +134,10 @@ async def _render(socket: LiveViewSocket):
 
 class ConnectionManager:
     def __init__(self):
-        self.active_connections: list[WebSocket] = []
+        pass
 
     async def connect(self, websocket: WebSocket):
         await websocket.accept()
-        self.active_connections.append(websocket)
-
-    def disconnect(self, websocket: WebSocket):
-        self.active_connections.remove(websocket)
 
     async def send_personal_message(self, message: str, websocket: WebSocket):
         await websocket.send_text(message)
-
-    async def broadcast(self, message: str):
-        for connection in self.active_connections:
-            await connection.send_text(message)

{pyview_web-0.0.7a0.dist-info → pyview_web-0.0.9a0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pyview-web
-Version: 0.0.7a0
+Version: 0.0.9a0
 Summary: LiveView in Python
 Home-page: https://pyview.rocks
 License: MIT
@@ -22,10 +22,8 @@ Classifier: Programming Language :: Python
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
-Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3 :: Only
-Classifier: Programming Language :: Python :: 3.10
-Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Topic :: Internet
 Classifier: Topic :: Internet :: WWW/HTTP
@@ -36,7 +34,7 @@ Classifier: Topic :: Software Development :: Libraries :: Application Frameworks
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Classifier: Typing :: Typed
 Requires-Dist: APScheduler (==3.9.1.post1)
-Requires-Dist: fastapi (==0.89.1)
+Requires-Dist: fastapi (==0.111.0)
 Requires-Dist: itsdangerous (>=2.1.2,<3.0.0)
 Requires-Dist: markupsafe (>=2.1.2,<3.0.0)
 Requires-Dist: psutil (>=5.9.4,<6.0.0)
@@ -59,10 +57,22 @@ PyView enables dynamic, real-time web apps, using server-rendered HTML.
 
 `pip install pyview-web`
 
+## Quickstart
+
+There's a [cookiecutter](https://github.com/cookiecutter/cookiecutter) template available
+
+```
+cookiecutter gh:ogrodnek/pyview-cookiecutter
+```
+
 # Live Examples
 
 [https://examples.pyview.rocks/](https://examples.pyview.rocks/)
 
+## Other Examples
+
+- [pyview AI chat](https://github.com/pyview/pyview-example-ai-chat)
+
 ## Simple Counter
 
 [See it live!](https://examples.pyview.rocks/count)

{pyview_web-0.0.7a0.dist-info → pyview_web-0.0.9a0.dist-info}/RECORD

@@ -2,6 +2,9 @@ pyview/__init__.py,sha256=MN3RrkiFdM6bOZV6qJgvwifXV81Qx9k_PN2p8zJvq2I,223
 pyview/assets/js/app.js,sha256=n7FiM_VoxZ3ZUkLjtyxbOnSZU88zZkN1A5b8jjhiFoo,2508
 pyview/assets/package-lock.json,sha256=kFCrEUJc3G7VD7EsBQf6__EKQhaKAok-I5rrwiAoX0w,2425
 pyview/assets/package.json,sha256=E6xaX8KMUAektIIedLmI55jGnmlNMSeD2tgKYXWk1vg,151
+pyview/auth/__init__.py,sha256=vMlirETRhD4va61NOzwg8VY8ep9wVOF96GznJGBmzD0,109
+pyview/auth/provider.py,sha256=fwriy2JZcOStutVXD-8VlMPAFXjILCM0l08lhTgmuyE,935
+pyview/auth/required.py,sha256=ZtNmLFth9nK39RxDiJkSzArXwS5Cvr55MUAzfJ1F2e0,1418
 pyview/changesets/__init__.py,sha256=55CLari2JHZtwy4hapHe7CqUyKjcP4dkM_t5d3CY2gU,46
 pyview/changesets/changesets.py,sha256=B1q1nXwI2iuZZQpE3P2T0PpwI21PHjqcsuIQmkKPCvI,1747
 pyview/csrf.py,sha256=VIURva9EJqXXYGC7engweh3SwDQCnHlhV2zWdcdnFqc,789
@@ -10,12 +13,13 @@ pyview/js.py,sha256=4OnPEfBfuvmekeQlm9444As4PLR22zLMIyyzQIIkmls,751
 pyview/live_routes.py,sha256=tsKFh2gmH2BWsjsZQZErzRp_-KiAZcn4lFKNLRIN5Nc,498
 pyview/live_socket.py,sha256=p3eTynzGtvLiooOZyTemmXTrusAJKaoueuZ6Q5gfeYk,3314
 pyview/live_view.py,sha256=RRhj89NMianv6dkYd9onOQEJgpRF-pqUb7nmbQr6R6E,1255
-pyview/pyview.py,sha256=fcpw75kPAZ8XTTLFg1l1VYhVa90tdjo3fLzQYRS0IeU,3801
+pyview/pyview.py,sha256=LdW2irgsd4KRls5TLU22DZJIy5Pmo_2L-ajOwXi9cEs,2302
 pyview/secret.py,sha256=HbaNpGAkFs4uxMVAmk9HwE3FIehg7dmwEOlED7C9moM,363
 pyview/session.py,sha256=nC8ExyVwfCgQfx9T-aJGyFhr2C7jsrEY_QFkaXtP28U,432
 pyview/static/assets/app.js,sha256=vyD-RACuZxOBWGy7VD-BY5-qkgbFyJM43-M-WGgaAHo,199984
-pyview/template/__init__.py,sha256=qQDtCWlOZ_trRUj2LdmV5mE1b5ThGPlovrrX5jkNgjE,124
+pyview/template/__init__.py,sha256=bDaxDV7QhUwBXfy672Ft0NBDNvhT4kEKDV5VUWhADe8,206
 pyview/template/live_template.py,sha256=wSKyBw7ejpUY5qXUZdE36Jeeix8Of0CUq8eZdQwxXyg,1864
+pyview/template/root_template.py,sha256=0U50QIBhLVshLEog0SCbTDWgRjMpkfNDVcqowKFmGSQ,1876
 pyview/template/serializer.py,sha256=WDZfqJr2LMlf36fUW2CmWc2aREc63553_y_GRP2-qYc,826
 pyview/test_csrf.py,sha256=QWTOtfagDMkoYDK_ehYxua34F7-ltPsSeTwQGEOlqHU,684
 pyview/vendor/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -31,8 +35,8 @@ pyview/vendor/ibis/nodes.py,sha256=jNRmlTCHXC4xCF8nfDRlLWINlaYiFa8NGrzebJFJgEM,2
 pyview/vendor/ibis/template.py,sha256=IX9z-Ig13yJyRnMqtB52eiRLe002qdIxnfa7fYEXLqM,2314
 pyview/vendor/ibis/tree.py,sha256=5LAjl3q9iPMZBb6QbKurWj9-QGKLVf11K2_bQotWlUc,2293
 pyview/vendor/ibis/utils.py,sha256=nLSaxPR9vMphzV9qinlz_Iurv9c49Ps6Knv8vyNlewU,2768
-pyview/ws_handler.py,sha256=iDPUv1ofpkDPSSWr6jWHl99vISAL_HIjERPsLjyc2Ic,4707
-pyview_web-0.0.7a0.dist-info/LICENSE,sha256=M_bADaBm9_MV9llX3lCicksLhwk3eZUjA2srE0uUWr0,1071
-pyview_web-0.0.7a0.dist-info/METADATA,sha256=LbhkNmx-nU2Yc2Q3k7Mu5pyjgyIjXhcRpOhvWwg0JWQ,5069
-pyview_web-0.0.7a0.dist-info/WHEEL,sha256=7Z8_27uaHI_UZAc4Uox4PpBhQ9Y5_modZXWMxtUi4NU,88
-pyview_web-0.0.7a0.dist-info/RECORD,,
+pyview/ws_handler.py,sha256=tokN9gtC_Gn1tlPTxfhYGSFfquiSUvD3sHigzjh1gYM,4738
+pyview_web-0.0.9a0.dist-info/LICENSE,sha256=M_bADaBm9_MV9llX3lCicksLhwk3eZUjA2srE0uUWr0,1071
+pyview_web-0.0.9a0.dist-info/METADATA,sha256=A5xUGWuuj2y8FvzoqsSynuwkD3osTc2ZO1HWzYzUm2U,5220
+pyview_web-0.0.9a0.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+pyview_web-0.0.9a0.dist-info/RECORD,,

{pyview_web-0.0.7a0.dist-info → pyview_web-0.0.9a0.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: poetry-core 1.5.2
+Generator: poetry-core 1.9.0
 Root-Is-Purelib: true
 Tag: py3-none-any