flask allowed hosts
1.0.0
此擴展程序提供了一種基於輸入請求的主機名或IP地址或IP地址範圍(網絡)的限制對燒瓶應用程序的訪問的方法。
使用PIP安裝軟件包:
pip install flask-allowed-hostsAllowedHosts類。@allowed_hosts.limit()裝飾器(可選)將訪問控件應用於路線。 from flask import Flask , jsonify , abort
from flask_allowed_hosts import AllowedHosts
app = Flask ( __name__ )
ALLOWED_HOSTS = [ "93.184.215.14" , "api.example.com" ]
def custom_on_denied ():
error = { "error" : "Oops! Looks like you are not allowed to access this page!" }
return jsonify ( error ), 403
allowed_hosts = AllowedHosts ( app , allowed_hosts = ALLOWED_HOSTS , on_denied = custom_on_denied )
# Allows all incoming requests
@ app . route ( "/api/public" , methods = [ "GET" ])
def public_endpoint ():
data = { "message" : "This is public!" }
return jsonify ( data ), 200
# Only allows incoming requests from "93.184.215.14" and "api.example.com"
@ app . route ( "/api/private" , methods = [ "GET" ])
@ allowed_hosts . limit ()
def private_endpoint ():
data = { "message" : "This is private!" }
return jsonify ( data ), 200
# We can override the allowed_hosts list and the on_denied function for each route
@ app . route ( "/api/private/secret" , methods = [ "GET" ])
@ allowed_hosts . limit ( allowed_hosts = [ "127.0.0.1" ], on_denied = lambda : abort ( 404 ))
def secret_private_endpoint ():
data = { "message" : "This is very private!" }
return jsonify ( data ), 200
if __name__ == '__main__' :
app . run ( host = '0.0.0.0' , port = 5000 , debug = True )警告:這種方法與基於班級的用法相結合時可能會導致意外行為。
@limit_hosts裝飾器將訪問控件應用於路線。 from flask import Flask , jsonify
from flask_allowed_hosts import limit_hosts
app = Flask ( __name__ )
ALLOWED_HOSTS = [ "93.184.215.14" , "api.example.com" ]
def custom_on_denied ():
error = { "error" : "Custom Denied Response" }
return jsonify ( error ), 403
# Allows all incoming requests
@ app . route ( "/api/public" , methods = [ "GET" ])
def public_endpoint ():
data = { "message" : "This is public!" }
return jsonify ( data ), 200
# Only allows incoming requests from "93.184.215.14" and "api.example.com"
@ app . route ( "/api/private" , methods = [ "GET" ])
@ limit_hosts ( allowed_hosts = ALLOWED_HOSTS , on_denied = custom_on_denied )
def private_endpoint ():
return jsonify ({ "message" : "This is private!" }), 200您可以在示例目錄中找到更多示例。
app :燒瓶應用程序實例(可選)。allowed_hosts :允許的主機列表(可選,默認為None ,允許所有主機)。on_denied :拒絕訪問行為的功能(可選)。擴展尊重這些配置:
ALLOWED_HOSTS :燒瓶配置中允許的主機列表。ALLOWED_HOSTS_ON_DENIED :在燒瓶配置中拒絕訪問行為的功能。優先:初始化覆蓋瓶配置值期間提供的值。
您可以通過將ALLOWED_HOSTS_DEBUG環境變量設置為True來啟用調試模式:
export ALLOWED_HOSTS_DEBUG= " True "這將向控制台打印有用的調試消息。
歡迎捐款!請隨時提交拉動請求。
如果您有任何疑問或反饋,請隨時打開問題或提取請求。
該項目已根據[MIT]許可證獲得許可 - 有關詳細信息,請參見許可證文件。
