Quick housekeeping Last Two Homeworks Extra Credit for demoing project prototypes Reminder about Project Deadlines/specifics Class on April 12th Resul

Similar documents
CIS192 Python Programming

CIS192 Python Programming

CIS192 Python Programming

HOW TO FLASK. And a very short intro to web development and databases

Building Web Applications

LECTURE 14. Web Frameworks

web.py Tutorial Tom Kelliher, CS 317 This tutorial is the tutorial from the web.py web site, with a few revisions for our local environment.

A Sample Approach to your Project

flask-jwt-simple Documentation

CIS192 Python Programming

Distributed Systems. 03r. Python Web Services Programming Tutorial. Paul Krzyzanowski TA: Long Zhao Rutgers University Fall 2017

CS October 2017

LECTURE 14. Web Frameworks

CIS192 Python Programming

Python web frameworks

15-388/688 - Practical Data Science: Data collection and scraping. J. Zico Kolter Carnegie Mellon University Spring 2017

Semantic Analysis. Lecture 9. February 7, 2018

nacelle Documentation

EXPERIENCES MOVING FROM DJANGO TO FLASK

29-27 May 2013 CERN WEB FRAMEWORKS. Adrian Mönnich

CIS192 Python Programming

CSE 115. Introduction to Computer Science I

Signals Documentation

Microservices using Python and Oracle. Arup Nanda Longtime Oracle DBA And Explorer of New Things

A bit more on Testing

Django with Python Course Catalog

DATABASE SYSTEMS. Database programming in a web environment. Database System Course,

Develop Mobile Front Ends Using Mobile Application Framework A - 2

CS50 Quiz Review. November 13, 2017

APIs and API Design with Python

Intro. Scheme Basics. scm> 5 5. scm>

CIS 192: Lecture 9 Working with APIs

welcome to BOILERCAMP HOW TO WEB DEV

Django urls Django Girls Tutorial

Lecture 10(-ish) Web [Application] Frameworks

Buzzy Documentation. Release 0. Sebastian Pawluś

Connexion Documentation

Django-Select2 Documentation. Nirupam Biswas

GitHub-Flask Documentation

CIS192 Python Programming

django-oauth2-provider Documentation

Django-CSP Documentation

Building a Django Twilio Programmable Chat Application

Security. CSC309 TA: Sukwon Oh

django-gollum Documentation

Building a Python Flask Website A beginner-friendly guide

RESTful Services. Distributed Enabling Platform

CSCE 120: Learning To Code

Now go to bash and type the command ls to list files. The unix command unzip <filename> unzips a file.

CSE 115. Introduction to Computer Science I

Table of Contents. Developer Manual...1

Privacy and Security in Online Social Networks Department of Computer Science and Engineering Indian Institute of Technology, Madras

Flask Slither Documentation

INJECTING SECURITY INTO WEB APPS WITH RUNTIME PATCHING AND CONTEXT LEARNING

django-secure Documentation

Lecture 18: Server Configuration & Miscellanea. Monday, April 23, 2018

CIS192 Python Programming

REST. Web-based APIs

Client Side JavaScript and AJAX

Text Input and Conditionals

Leveraging the Globus Platform in your Web Applications. GlobusWorld April 26, 2018 Greg Nawrocki

Networking & The Web. HCID 520 User Interface Software & Technology

LECTURE 15. Web Servers

We are assuming you have node installed!

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Human-Computer Interaction Design

Rocking with Racket. Marc Burns Beatlight Inc

Back-end architecture

[301] JSON. Tyler Caraza-Harter

CS637 Midterm Review

django-telegram-login Documentation

SCHEME 8. 1 Introduction. 2 Primitives COMPUTER SCIENCE 61A. March 23, 2017

django-ratelimit-backend Documentation

Gimme Documentation. Release Tim Radke

CS1 Lecture 3 Jan. 22, 2018

REST API OVERVIEW. Design and of Web APIs using the REST paradigm.

SCHEME 7. 1 Introduction. 2 Primitives COMPUTER SCIENCE 61A. October 29, 2015

DIRECTORY INTEGRATION: USING ACTIVE DIRECTORY FOR AUTHENTICATION. Gabriella Davis The Turtle Partnership

Web Hosting. Important features to consider

Manipulating Web Application Interfaces a New Approach to Input Validation Testing. AppSec DC Nov 13, The OWASP Foundation

CS 155 Project 2. Overview & Part A

Catbook Workshop: Intro to NodeJS. Monde Duinkharjav

flask-jwt Documentation

Lecture 4. Ruby on Rails 1 / 49

Backend Development. SWE 432, Fall 2017 Design and Implementation of Software for the Web

SCHEME INTERPRETER GUIDE 4

Web client programming

Python - A Crash Course

Science-as-a-Service

ZipRecruiter Apply Webhook Documentation. ZR ATS Integration Team. Version 1.1,

7401ICT eservice Technology. (Some of) the actual examination questions will be more precise than these.

Server-side Development using Python and SQL

Django File Picker Documentation

CS1 Lecture 5 Jan. 25, 2019

CIS 194: Homework 6. Due Friday, October 17, Preface. Setup. Generics. No template file is provided for this homework.

Let s Talk About Templates. Armin

CIS192: Python Programming

Human-Computer Interaction Design

CSE : Python Programming

termite Release 0.0.2

Transcription:

CIS192 Python Programming Web Frameworks and Web APIs Harry Smith University of Pennsylvania March 29, 2016 Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 1 / 25

Quick housekeeping Last Two Homeworks Extra Credit for demoing project prototypes Reminder about Project Deadlines/specifics Class on April 12th Results of Midterm Survey Discussion Final Class Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 2 / 25

Outline 1 Web Servers What s a Web Server? Flask 2 Web APIs REST Encoding and Encryption Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 3 / 25

Web Servers We ve been talking about making HTTP requests I typing www.google.com in your browser What about serving them? I where is the code that powers www.google.com? Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 4 / 25

What Servers Do When a client makes a request a server creates the response I Client! Server! Client Server: I Interprets the request (Notices it a a GET for /somepage) I Remembers who is making the request (which IP address) I Decides what to do based on the client and the request I Sends back a response to the client Servers also maintain data that can change (PUT, POST, DELETE) Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 5 / 25

What Are Web Frameworks? Library that makes it easy to setup a web server i.e. Build your own web apps! We ll be looking at Flask today Other examples you might ve heard of: I Python: Django, Tornado, Bottle,... I Ruby: Ruby on Rails, Sinatra,... I JavaScript & Node.js: Express.js, Meteor,... Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 6 / 25

Outline 1 Web Servers What s a Web Server? Flask 2 Web APIs REST Encoding and Encryption Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 7 / 25

Why Flask Micro Framework: I The minimal code needed to accept and respond to requests I Doesn t include many extras I Everything you need and nothing you don t Extensible: I Easy to extend with extra features (libraries) I Easy to replace the few built-in extras Actively Developed I Support for latest Python version and popular tools I Bug fixes Active Community I Can find answers on Stack Overflow Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 8 / 25

Configuring the Server Install: pip3 install flask If pip3 isn t working, click here for alternatives. Create server: from flask import Flask app = Flask( name ) Set options: app.debug = True Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 9 / 25

Handling our first Request First step: Create an Endpoint I This defines where the client is supposed to "go" @app.route( /, methods=[ GET ]) def my_page(): return Hooray Flask is working! Run the server: app.run() If you run the file, it will say what url to use $ python lec11.py * Running on http://127.0.0.1:5000/ * Restarting with reloader Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 10 / 25

What are the endpoints supposed to look like? Jinja for Fancy HTML Flask has Jinja2 as a built-in Template Engine Allows you to write (something like) python inside HTML return render_template( my_template.html, arg= my_value ) I I returns an HTML page by running a template Templates can take arguments Need to put templates in a templates directory Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 11 / 25

Jinja Features 1: Take What s Nice about Python and Throw it in the Garbage Evaluate variable or expression with {{expr}} A block names part of a template {% block name %} some HTML {% endblock %} for loop {% for item in things %} <li>{{ item }}</li> {% endfor %} Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 12 / 25

Jinja Features 2 if statements {% if date %} {{ date }} {% elif other %} {% else %} {% endif %} Inheritance uses parent HTML but can redefined blocks {% extends "my_template.html" %} {% block some_block_name_in_parent %} replacement content {% endblock %} Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 13 / 25

Request Data and Redirects from flask import request, redirect, url_for @app.route( /submit, methods=[ GET, POST ]) check which method with request.method == POST access POST data with request.form[ key ] Access GET params with request.args.get( key ) return redirect(url_for( my_page )) I Sends the user to the Flask endpoint my_page Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 14 / 25

Arguments in URL A route can contain variables @app.route( /say/<message>, methods=[ GET ]) def url_param_example(): return render_template( message.html, message=message) Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 15 / 25

Logging Useful for reporting errors, security inceidents, timestamps, etc. l_name = my_flask.log log_handler = logging.filehandler(l_name) log_handler.setlevel(logging.debug) app.logger.addhandler(log_handler) app.logger.debug( the message to log ) Uses the logging standard library Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 16 / 25

Other Web Frameworks for Python Django I A lot of work done for you: batteries included F Admin interface F User model F Easy database integration I Great for protyping, rapid app development Pyramid I Configurable, flexible I Too many options? Intimidating to start new projects Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 17 / 25

Outline 1 Web Servers What s a Web Server? Flask 2 Web APIs REST Encoding and Encryption Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 18 / 25

Principles A REST API! Representational State Transfer Client-Server: Separation of tasks (data storage vs. user state) Stateless: Each client request has all necessary info Layered system: Client can t tell if connected directly to server Uniform interface: I All resources named the same way (URLs) I All messages describe how to process themselves I State transitions are determined dynamically from the resources Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 19 / 25

Example REST API Dropbox: Dropbox Core API Primarily uses GETs and POSTs The endpoints allow for variables in the url I https://api.dropbox.com/1/metadata/auto/<path> Uses OAuth 2.0 for login Responses are encoded with JSON Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 20 / 25

Outline 1 Web Servers What s a Web Server? Flask 2 Web APIs REST Encoding and Encryption Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 21 / 25

Review of JSON Many Web APIs transmit data in JSON JSON! JavaScript Object Notation Data Types: I Numbers: 25, 167.6 I Strings: "firstname" I Boolean: true, false I List: [25, "firstname", true] I Dictionary with String keys: {"fst": 1, "snd": 2} I Empty Value: null Always wrap your JSON in a top-level dictionary I {"data": original_json} I JavaScript Bug allows top-level arrays to be hacked Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 22 / 25

JSON in Python The JSON standard library: import json json.dumps(obj) returns a JSON string of obj json.dump(obj, f_handle) writes the JSON to the file json.loads(s) returns a Python object from a JSON string json.load(f_handle) returns Python object from a file Flask has JSON: from flask import jsonify, json I use Flask s json.dumps()/loads() I return jsonify(d) sends a JSON response from a dict I Takes care of details like headers and encoding requests has JSON I r = request.get(...) I r.json() parses out a Python object Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 23 / 25

HTTPS SSL If your Web App contains sensitive data! Protect It Making users login is a good first step But... other people can listen in on HTTP requests HTTPS uses ssl (Secure Sockets Layer) I Fancy encryption for sending messages I Standard way to protect data on the Web Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 24 / 25

What Can Go Wrong More users are making requests than the server can handle I Solution: Have more than just a single computer as the server Attack that specifically tries to overload server (DDoS) I Solution: Detect illegitimate requests and ignore those IPs Bug in the server: I Infinite Loop I Arbitrary code execution Requests and data from the internet can be harmful I Don t assume your server is getting good data Harry Smith (University of Pennsylvania) CIS 192 March 29, 2016 25 / 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback