Request and Response

class pigwig.Request(app, method, path, query, headers, body, cookies, wsgi_environ)[source]

Bases: object

an instance of this class is passed to every route handler. has the following instance attrs:

  • app - an instance of PigWig
  • method - the request method/verb (GET, POST, etc.)
  • path - WSGI environ PATH_INFO (/foo/bar)
  • query - dict of parsed query string. duplicate keys appear as lists
  • headers - HTTPHeaders of the headers
  • body - dict of parsed body content. see PigWig.content_handlers for a list of supported content types
  • cookies - an instance of http.cookies.SimpleCookie
  • wsgi_environ - the raw WSGI environ handed down from the server

decode and verify a cookie set with Response.set_secure_cookie()

  • keykey passed to set_secure_cookie
  • max_time (datetime.timedelta or None) – amount of time since cookie was set that it should be considered valid for. this is normally equal to the max_age passed to set_secure_cookie. longer times mean larger windows during which a replay attack is valid. this can be None, in which case no expiry check is performed
Return type:

str or None

class pigwig.Response(body=None, code=200, content_type='text/plain', location=None, extra_headers=None)[source]

Bases: object

every route handler should return an instance of this class (or raise an exceptions.HTTPException)

  • body
    • if None, the response body is empty
    • if a str, the response body is UTF-8 encoded
    • if a bytes, the response body is sent as-is
    • if a generator, the response streams the yielded bytes
  • code (int) – HTTP status code; the “reason phrase” is generated automatically from http.client.responses
  • content_type – sets the Content-Type header
  • location – if not None, sets the Location header. you must still specify a 3xx code
  • extra_headers – if not None, an iterable of extra header 2-tuples to be sent

has the following instance attrs:

  • code
  • body
  • headers - a list of 2-tuples
DEFAULT_HEADERS = [('Access-Control-Allow-Origin', '*'), ('Access-Control-Allow-Headers', 'Authorization, X-Requested-With, X-Request')]
json_encoder = <json.encoder.JSONEncoder object>

adds a Set-Cookie header

  • expires (datetime.datetime) – if set to a value in the past, the cookie is deleted. if this and max_age are not set, the cookie becomes a session cookie.
  • max_age (datetime.timedelta) – according to the spec, has precedence over expires. if you specify both, both are sent.
  • secure – controls when the browser sends the cookie back - unrelated to set_secure_cookie()

see the docs for an explanation of the other params

this function accepts the same keyword arguments as set_cookie() but stores a timestamp and a signature based on decode with Request.get_secure_cookie().

the signature is a SHA-256 hmac of the key, value, and timestamp. the value is not encrypted and is readable by the user, but is signed and tamper-proof (assuming the cookie_secret is secure). because we store the signing time, expiry is checked with get_secure_cookie. you generally will want to pass this function a max_age equal to max_time used when reading the cookie.

classmethod json(obj)[source]

generate a streaming Response object from an object with an application/json content type. the default json_encoder indents with tabs - override if you want different indentation or need special encoding.

classmethod _gen_json(obj)[source]

internal use generator for converting json.JSONEncoder.iterencode output to bytes

classmethod render(request, template, context)[source]

generate a streaming Response object from a template and a context with a text/html content type.

  • request (Request) – the request to generate the response for
  • template (str) – the template name to render, relative to
  • context – if you used the default jinja2 template engine, this is a dict
class pigwig.request_response.HTTPHeaders(**kwargs)[source]

Bases: collections.UserDict

behaves like a regular dict but casefolds the keys