Add support for making an idempotent POST. This allows retrying a POST that was interrupted. It involves creating a post once only (poe) url /rest/data/<class>/@poe/<random_token>. This url acts the same as a post to /rest/data/<class>. However once the @poe url is used, it can't be used for a second POST. To make these changes: 1) Take the body of post_collection into a new post_collection_inner function. Have post_collection call post_collection_inner. 2) Add a handler for POST to rest/data/class/@poe. This will return a unique POE url. By default the url expires after 30 minutes. The POE random token is only good for a specific user and is stored in the session db. 3) Add a handler for POST to rest/data/<class>/@poe/<random token>. The random token generated in 2 is validated for proper class (if token is not generic) and proper user and must not have expired. If everything is valid, call post_collection_inner to process the input and generate the new entry. To make recognition of 2 stable (so it's not confused with rest/data/<:class_name>/<:item_id>), removed @ from Routing::url_to_regex. The current Routing.execute method stops on the first regular expression to match the URL. Since item_id doesn't accept a POST, I was getting 405 bad method sometimes. My guess is the order of the regular expressions is not stable, so sometime I would get the right regexp for /data/<class>/@poe and sometime I would get the one for /data/<class>/<item_id>. By removing the @ from the url_to_regexp, there was no way for the item_id case to match @poe. There are alternate fixes we may need to look at. If a regexp matches but the method does not, return to the regexp matching loop in execute() looking for another match. Only once every possible match has failed should the code return a 405 method failure. Another fix is to implement a more sophisticated mechanism so that @Routing.route("/data/<:class_name>/<:item_id>/<:attr_name>", 'PATCH') has different regexps for matching <:class_name> <:item_id> and <:attr_name>. Currently the regexp specified by url_to_regex is used for every component. Other fixes: Made failure to find any props in props_from_args return an empty dict rather than throwing an unhandled error. Make __init__ for SimulateFieldStorageFromJson handle an empty json doc. Useful for POSTing to rest/data/class/@poe with an empty document. Testing: added testPostPOE to test/rest_common.py that I think covers all the code that was added. Documentation: Add doc to rest.txt in the "Client API" section titled: Safely Re-sending POST". Move existing section "Adding new rest endpoints" in "Client API" to a new second level section called "Programming the REST API". Also a minor change to the simple rest client moving the header setting to continuation lines rather than showing one long line.

try:
    from secrets import choice, randbelow, token_bytes
    def seed(v = None):
        pass

    is_weak = False
except ImportError:
    import os as _os
    import random as _random

    # prefer to use SystemRandom if it is available
    if hasattr(_random, 'SystemRandom'):
        def seed(v = None):
            pass

        _r = _random.SystemRandom()
        is_weak = False
    else:
        # don't completely throw away the existing state, but add some
        # more random state to the existing state
        def seed(v = None):
            import os, time
            _r.seed((_r.getstate(),
                     v,
                     hasattr(os, 'getpid') and os.getpid(),
                     time.time()))

        # create our own instance so we don't mess with the global
        # random number generator
        _r = _random.Random()
        seed()
        is_weak = True

    choice = _r.choice

    def randbelow(i):
        return _r.randint(0, i - 1)

    if hasattr(_os, 'urandom'):
        def token_bytes(l):
            return _os.urandom(l)
    else:
        def token_bytes(l):
            _bchr = chr if str == bytes else lambda x: bytes((x,))
            return b''.join([_bchr(_r.getrandbits(8)) for i in range(l)])