Re: [pylons-discuss] extending an API with nonces ?

[Michael Merickel]

View derivers are the answer to decorating views on a per view basis.  - Michael On Feb 22, 2025, at 20:06, Jonathan Vanasco <jvana...@gmail.com> wrote: I need to extend some API routes on a project with nonces. The general design I would like to accomplish is this: * Some routes will be a Provider - a nonce will be generated for the header * Some routes will be a Consumer - a valid nonce is required; they will generate a new nonce as well * Most routes will have nothing to do with any of this I am trying to figure out the best way to accomplish this. I was hoping to leverage the CSRF system, but I do not want to integrate "sessions" into this, and I need to keep the size of the nonce value quite small. Tweens would be easy to implement, but that would turn every route into a Provider; I don't want to do that. The best option I can think of right now is to just use python decorators to wrap select callables: @view_config(...) @nonced(policy=NoncePolicy.Provider) def a_view(request):    pass Does anyone have better ideas? -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/pylons-discuss/954f6f3b-1f0c-4a62-a39f-5f31ba51f49bn%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/pylons-discuss/4CDC39CB-C433-4077-B07A-71A4912B113C%40gmail.com.