within cherrypy, built-in tools offer a single interface to call the cherrypy library. the tools defined in cherrypy can be implemented in the following ways −
- from the configuration settings
- as a python decorator or via the special _cp_config attribute of a page handler
- as a python callable that can be applied from within any function
basic authentication tool
the purpose of this tool is to provide basic authentication to the application designed in the application.
arguments
this tool uses the following arguments −
name | default | description |
---|---|---|
realm | n/a | string defining the realm value. |
users | n/a | dictionary of the form − username:password or a python callable function returning such a dictionary. |
encrypt | none | python callable used to encrypt the password returned by the client and compare it with the encrypted password provided in the users dictionary. |
example
let us take an example to understand how it works −
import sha import cherrypy class root: @cherrypy.expose def index(self): return """ <html> <head></head> <body> <a href = "admin">admin </a> </body> </html> """ class admin: @cherrypy.expose def index(self): return "this is a private area" if __name__ == '__main__': def get_users(): # 'test': 'test' return {'test': 'b110ba61c4c0873d3101e10871082fbbfd3'} def encrypt_pwd(token): return sha.new(token).hexdigest() conf = {'/admin': {'tools.basic_auth.on': true, tools.basic_auth.realm': 'website name', 'tools.basic_auth.users': get_users, 'tools.basic_auth.encrypt': encrypt_pwd}} root = root() root.admin = admin() cherrypy.quickstart(root, '/', config=conf)
the get_users function returns a hard-coded dictionary but also fetches the values from a database or anywhere else. the class admin includes this function which makes use of an authentication built-in tool of cherrypy. the authentication encrypts the password and the user id.
the basic authentication tool is not really secure, as the password can be encoded and decoded by an intruder.
caching tool
the purpose of this tool is to provide memory caching of cherrypy generated content.
arguments
this tool uses the following arguments −
name | default | description |
---|---|---|
invalid_methods | ("post", "put", "delete") | tuples of strings of http methods not to be cached. these methods will also invalidate (delete) any cached copy of the resource. |
cache_class | memorycache | class object to be used for caching |
decoding tool
the purpose of this tool is to decode the incoming request parameters.
arguments
this tool uses the following arguments −
name | default | description |
---|---|---|
encoding | none | it looks for the content-type header |
default_encoding | "utf-8" | default encoding to be used when none is provided or found. |
example
let us take an example to understand how it works −
import cherrypy from cherrypy import tools class root: @cherrypy.expose def index(self): return """ <html> <head></head> <body> <form action = "hello.html" method = "post"> <input type = "text" name = "name" value = "" /> <input type = âsubmitâ name = "submit"/> </form> </body> </html> """ @cherrypy.expose @tools.decode(encoding='iso-88510-1') def hello(self, name): return "hello %s" % (name, ) if __name__ == '__main__': cherrypy.quickstart(root(), '/')
the above code takes a string from the user and it will redirect the user to "hello.html" page where it will be displayed as âhelloâ with the given name.
the output of the above code is as follows −

hello.html
