utils
Functions
|
If |
|
Fetch a model instance from a parsed reference. Resolution goes through |
|
Pack everything the template tag controls -- the handler name, the object, |
|
Verify and unpack a signed token. Raises |
|
Return the verified contents of the signed |
|
Return the |
|
Return |
parse_model_ref
- parse_model_ref(value)
If
valueis a serialized model-instance reference (model_instance__<app>__<model>__<pk>), return(app_label, model_name, pk); otherwise returnNone. Uses a length-based slice (notstr.replace) so a pk/label that happens to contain the prefix can’t be mangled.
resolve_model_ref
- resolve_model_ref(app_label, model_name, pk, queryset=None)
Fetch a model instance from a parsed reference. Resolution goes through
querysetwhen one is supplied (the object-scoping seam – seeBaseHxRequest.get_queryset); otherwise it falls back to the model’s_default_manager.The default manager (not
_base_manager) is deliberate: any scoping expressed on the default manager is respected automatically, so an object the default manager hides cannot be resolved unless a handler explicitly widens the queryset. Raises the model’sDoesNotExistwhen the pk is absent from the resolved queryset.
sign_hx_payload
- sign_hx_payload(hx_request_name, obj=None, bind_path=None, **kwargs)
Pack everything the template tag controls – the handler name, the object, and the extra kwargs – into a single HMAC-signed token. The client can read the token (it is base64-encoded JSON) but cannot forge it without
SECRET_KEY, which closes the object/kwarg/name tampering vectors.When
bind_pathis given, it is packed into the token too, binding the token to that URL path (seeget_url()andbind_to_path).
unsign_hx_payload
- unsign_hx_payload(token)
Verify and unpack a signed token. Raises
signing.BadSignature(a base class covering tampered/truncated/hand-crafted tokens) on any failure.
get_hx_payload
- get_hx_payload(request)
Return the verified contents of the signed
hxtoken onrequestas{"name": ..., "object": ..., "kwargs": ...}, orNoneif the request carries no token or the signature is invalid.This is the supported way for view code to introspect an inbound hx-requests request (detect it, read its name/object/kwargs) without going through
HtmxViewMixindispatch. Theobjectandkwargsvalues are still in serialized form – pass them throughdeserialize()/deserialize_kwargs()to get live values.
get_hx_request_name
- get_hx_request_name(request)
Return the
HxRequestname from the signedhxtoken, orNoneif the request isn’t a (valid) hx-requests request.Replaces reading
request.GET["hx_request_name"]directly, which no longer exists on the query string now that routing data is signed.
is_hx_request
- is_hx_request(request)
Return
Trueifrequestis an hx-requests request – i.e. it carries a valid signedhxtoken bound for a registered handler.This is distinct from
is_htmx_request(), which only checks theHX-Requestheader (any htmx request). Use it to tell a plain htmx request (sort / filter / paginate) apart from one routed to anHxRequest:if is_htmx_request(request) and not is_hx_request(request): ... # plain htmx -- let the underlying view handle it