1 web.py http web.py
2 Agenda Introduction to http URL, URI Method: GET, POST Response Code: 200, 400, 401 Introduction to web.py
3 HTTP HyperText Transport Protocol Language of the Web protocol used for communication between web browsers and web servers TCP port 80 (443 secure) RFC 2616 (ver 1.1)
4 Frames
5 URI,URN,URL Uniform Resource Identifier Information about a resource Uniform Resource Name The name of the resource with in a namespace Uniform Resource Locator How to find the resource, a URI that says how to find the resource
6 HTTP - methods Methods (cont.) PUT Used to transfer data from the client to the server HEAD requests URLs status header only used for conditional URL handling for performance enhancement schemes –retrieve URL only if not in local cache or date is more recent than cached copy
7 HTTP - URLs URL Uniform Resource Locator protocol (http, ftp, news) host name (name.domain name) port (usually 80 but many on 8080) directory path to the resource resource name
8 HTTP - methods Methods GET retrieve a URL from the server –simple page request –run a program –run a program with arguments attached to the URL POST preferred method for forms processing run a program parameterized data more secure and private
9 HTTP Request Packets Sent from client to server Consists of HTTP header header is hidden in browser environment contains: content type / mime type content length user agent - browser issuing request content types user agent can handle and a URL
10 HTTP Request Headers Precede HTTP Method requests headers are terminated by a blank line Header Fields: From Accept Accept-Encoding Accept Language
11 HTTP Request Headers (cont.) Referer Authorization Charge-To If-Modified-Since Pragma
12 Accept: List of schemes which will be accepted by client = Accept: * [, ] = *[; ] = = = q / mxs / mxb = Accept: text/html Accept: audio/basic q-1 if no Accept is found; plain/text is assumed may contain wildcards (*)
13 Accept-Encoding Like Accept but list is a list of acceptable encoding schemes Ex Accept-Encoding: x-compress;x-zip
14 User-Agent Software product used by original client = User-Agent: = [/ ] = Ex. User-Agent: IBM WebExplorer DLL /v960311
15 Referer For Server’s benefit, client lists URL od document (or document type) from which the URL in request was obtained. Allows server to generate back-links, logging, tracing of bad links… Ex. Referer:
16 Authorization: For Password and authentication schemes Ex. Authorization: user fred:mypassword Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
17 ChargeTo: Accounting information Accounting system dependent
18 Pragma: Same format as accept for servers should be passed through proxies, but used by proxy only pragma currently defined is no- cache; proxy should get document from owning server rather than cache
19 Modified-Since: Used with GET to make a conditional GET if requested document has not been modified since specified date a Modified 304 header is sent back to client instead of document client can then display cached version
Response Packets Sent by server to client browser in response to a Request Packet
Status Header “HTTP/1.0 sp code” Codes: 1xx - reserved for future use 2xx - successful, understood and accepted 3xx - further action needed to complete 4xx - bad syntax in client request 5xx - server can’t fulfill good request
HTTP Response Headers Sent by server to client browser Status Header Entities Content-Encoding: Content-Length: Content-Type: Expires: Last-Modified: extension-header Body – content (e.g., html)
Status Codes 200 OK 201 created 202 accepted 204 no content 301 moved perm. 302 moved temp 304 not modified 400 bad request 401 unauthorized 403 forbidden 404 not found 500 int. server error 501 not impl. 502 bad gateway 503 svc not avail
Statelessness Because of the Connect, Request, Response, Disconnect nature of HTTP it is said to be a stateless protocol i.e. from one web page to the next there is nothing in the protocol that allows a web program to maintain program “state” (like a desktop program). “state” can be maintained by “witchery” or “trickery” if it is needed
Maintaining program “state” Hidden variables ( Sessions Special header tags interpreted by the server Used by ASP, PHP, JSP –Implemented at the language api level
26 Agenda Introduction to http Introduction to web.py mvc model controller view CRUD
27 web.py MVC Controller: URI handler accept http request process http request using model generate http response using view return http response
28 web.py MVC Model manage python and database objects View http response
29 web.py Todo Demo /schema.sql /templates: /templates/base.html /templates/index.html /model.py /todo.py
30 web.py Todo Demo /schema.sql (Backend) /templates: (VIEW) /templates/base.html (static) /templates/index.html (dynamic) /model.py (MODEL) /todo.py (CONTROLLER)
31 database schema.sql CREATE TABLE todo ( id INT AUTO_INCREMENT, title TEXT, primary key (id) );
32 database model.py import web db = web.database(dbn='mysql', db='test', user='')
33 Model model.py import web db = web.database(dbn='mysql', db='test', user='') def get_todos(): return db.select('todo', order='id') def new_todo(text): db.insert('todo', title=text) def del_todo(id): db.delete('todo', where="id=$id", vars=locals())
34 View templates/base.html $def with (page) Todo list $:page
35 View templates/index.html $def with (todos, form) $for todo in todos: $todo.id $todo.title
36 View templates/index.html $def with (todos, form) … $:form.render()
37 Controller: url mapping todo.py import web import model urls = ( '/', 'Index', '/(\d+)', 'Index', '/del/(\d+)', 'Delete' )
38 Controller: handling GET / todo.py ### Templates render = web.template.render('templates', base='base') class Index: form = web.form.Form( web.form.Textbox('title', web.form.notnull, description="I need to:"), web.form.Button('Add todo'), ) def GET(self): """ Show page """ todos = model.get_todos() form = self.form() return render.index(todos, form)
39 Controller: handling POST / todo.py class Index: def POST(self): """ Add new entry """ form = self.form() if not form.validates(): todos = model.get_todos() return render.index(todos, form) model.new_todo(form.d.title) raise web.seeother('/')
40 Controller: handling POST /del todo.py class Delete: def POST(self, id): """ Delete based on ID """ id = int(id) model.del_todo(id) raise web.seeother('/')
41 MVC: GET / flow Client GET Server Index::GET (controller, todo.py) model.get_todos (model.py) render http response (view) –templates/base.html –templates/index.html return http response
42 MVC: GET / flow curl -v -X GET * Connected to localhost ( ) port 8080 (#0) > GET / HTTP/1.1 > User-Agent: curl/ (x86_64-apple-darwin12.0) libcurl/ OpenSSL/0.9.8y zlib/1.2.5 > Host: localhost:8080 > Accept: */* >
43 MVC: GET / flow curl -v -X GET < HTTP/ OK < Content-Type: text/html; charset=utf-8 < Transfer-Encoding: chunked < Date: Fri, 13 Feb :30:34 GMT < Server: localhost Todo list...
44 MVC: POST / flow Client POST Server Index::POST (controller, todo.py) validate input if input invalid, render http response (view) –templates/base.html –templates/index.html return http response
45 MVC: POST / flow Client POST Server Index::POST (controller, todo.py) validate input if input valid –model.new_todo (model.py) seeother /
46 MVC: POST / flow curl -v -d 'title=cleaningxx' -X POST localhost:8080 Connected to localhost ( ) port 8080 (#0) > POST / HTTP/1.1 > User-Agent: curl/ (x86_64-apple-darwin12.0) libcurl/ OpenSSL/0.9.8y zlib/1.2.5 > Host: localhost:8080 > Accept: */* > Content-Length: 16 > Content-Type: application/x-www-form-urlencoded > * upload completely sent off: 16 out of 16 bytes
47 MVC: POST / flow curl -v -d 'title=cleaningxx' -X POST localhost:8080 < HTTP/ See Other < Content-Type: text/html < Location: < Transfer-Encoding: chunked < Date: Fri, 13 Feb :41:35 GMT < Server: localhost < * Connection #0 to host localhost left intact * Closing connection #0
48 MVC: POST /del Client POST Server Delete::POST (controller, todo.py) model.delete_todo (model.py) seeother /
49 MVC: POST /del flow $ curl -v -X POST localhost:8080/del/1 * Connected to localhost ( ) port 8080 (#0) > POST /del/1 HTTP/1.1 > User-Agent: curl/ (x86_64-apple-darwin12.0) libcurl/ OpenSSL/0.9.8y zlib/1.2.5 > Host: localhost:8080 > Accept: */* >
50 MVC: POST /del flow $ curl -v -X POST localhost:8080/del/1 < HTTP/ See Other < Content-Type: text/html < Location: < Transfer-Encoding: chunked < Date: Fri, 13 Feb :39:14 GMT < Server: localhost < * Connection #0 to host localhost left intact * Closing connection #0
51 MVC: DELETE / Browser form limitation: only GET and POST ### Url mappings urls = ( '/', 'Index', '/(\d+)', 'Index', '/del/(\d+)', 'Delete' ) class Index: def DELETE(self, id): """ Delete based on ID """ id = int(id) model.del_todo(id) raise web.seeother('/')
52 MVC: DELETE / Browser form limitation: only GET and POST $ curl -v -X DELETE localhost:8080/3 * Connected to localhost ( ) port 8080 (#0) > DELETE /3 HTTP/1.1 > User-Agent: curl/ (x86_64-apple-darwin12.0) libcurl/ OpenSSL/0.9.8y zlib/1.2.5 > Host: localhost:8080 > Accept: */* >
53 MVC: DELETE / $ curl -v -X DELETE localhost:8080/3 < HTTP/ See Other < Content-Type: text/html < Location: < Transfer-Encoding: chunked < Date: Fri, 13 Feb :15:52 GMT < Server: localhost <
54 User inputs Form demo /schema.sql /templates: /templates/formtest.html /templates/index.html /form.py
55 User inputs Form demo Database create table form (id int auto_increment primary key, boe char(20), bax int, moe char(20), curly boolean, french char(20), joindate timestamp);
56 User inputs Form demo import web from web import form myform = form.Form( form.Textbox("boe"), form.Textbox("bax", form.notnull, form.regexp('\d+', 'Must be a digit'), form.Validator('Must be more than 5', lambda x:int(x)>5)), form.Textarea('moe'), form.Checkbox('curly'), form.Dropdown('french', ['mustard', 'fries', 'wine']))
57 User inputs Form demo Extract inputs def POST(self): form = myform() if not form.validates(): return render.formtest(form) else: db.insert('form', boe=form.d.boe,bax=form['bax'].value,moe=form.d.moe, curly=form.d.curly, french=form.d.french, joindate=web.SQLLiteral("NOW()"))
58 Database update Blog demo model.py db = web.database(dbn='mysql', user='', pw='', db='test') def update_post(id, title, text): db.update('entries', where="id=$id", vars=locals(), title=title, content=text)
59 Ordering Blog demo model.py db = web.database(dbn='mysql', user='', pw='', db='test') def get_posts(): return db.select('entries', order='id DESC')
60 Datetime import datetime from datetime import timedelta db.insert('entries', title=title, content=text, posted_on=datetime.datetime.utcnow()) db.insert('items', category=category, title=title, price=price, open=True, end_date=datetime.datetime.utcnow()+timedelta(days=7 ))
61 Embed Python in HTML $def with (form, items, category, title, price, open, end_date) $for item in items: $item.id $if category: $item.category $if title: $item.title $if price: $item.price $if open: $item.open $if end_date: $item.end_date View
62 Cookie urls = ('/bid', 'Bid', '/bid/(\d+)', 'Bid' ) class Bid: def GET(self, id): web.setcookie('id', item.id) return render.bid(item, bid) def POST(self): id = web.cookies().get('id') model.new_bid(id, bid.d.buyer, bid.d.price); raise web.seeother('/view/' + id)