def connect():
global serializer, fernet
crypto_info = settings.load()['database']['crypto']
mongo_host = settings.load()['database']['mongo'].get('host', '127.0.0.1')
mongo_port = settings.load()['database']['mongo'].get('port', '27017')
serializer = URLSafeSerializer(crypto_info['key'])
fernet = Fernet(crypto_info['fernet'])
mongoengine.connect(name, host=mongo_host, port=mongo_port, tz_aware=True)
def scraper():
last_send = 0
while True:
sett = settings.load()
scraped = filter_cars(scrape())
old, to_send = storage.load()
merged, new = merge(old, scraped)
to_send = to_send + new
# print('Cars to save: ' + str(len(merged)))
# print('New cars: ' + str(len(new)))
# for avto in new:
# print(avto)
if time() - last_send > sett['send_interval']:
mail.send(to_send)
to_send = []
last_send = time()
storage.save(merged[0:1000], to_send)
sleep(sett['scrape_interval'])
def run_server(debug=False):
global flask_app
config = settings.load()
attack.attack_url = config['links']['attack']
attack.proxies = config['links']['proxies']
interface = config['server']['interface']
port = config['server']['port']
threaded = True if debug else not app.async_wrapper.enable_async()
flask_logger = configure_flask_logger()
connect_to_database()
# if not threaded and not debug:
ssl_context = {}
https = config['server']['https']
if https['enabled']:
ssl_context['certfile'] = https['certfile']
ssl_context['keyfile'] = https['keyfile']
flask_app.debug = debug
print('Running CASCADE via WSGIServer on {url}'.format(
url=config['server']['url']))
wsgi = WSGIServer((interface, port),
flask_app,
log=flask_logger,
handler_class=WebSocketHandler,
**ssl_context)
wsgi.serve_forever()
def send_reset_email(self):
expires = datetime.datetime.now() + reset_password_timeout
url = self.generate_reset_link()
body = ("A password reset for {} has been requested.\r\n".format(
self.username), "Navigate to {} to complete reset.".format(url),
"Expires on {}".format(expires.isoformat()))
message = MIMEText('\r\n'.join(body))
message['Subject'] = "Password Reset Link for CASCADE on {}".format(
settings.load()['server']['hostname'])
message['From'] = 'cascade@' + settings.load()['server']['hostname']
message['To'] = self.email
server = smtplib.SMTP(settings.load()['links']['smtp'])
server.set_debuglevel(1)
server.sendmail(message['From'], [self.email], message.as_string())
server.quit()
def set_password(self, value):
password_config = settings.load().get('password', None)
if password_config and password_config.get('enforce'):
regex = password_config['regex']
rules = password_config.get('rules', [])
if re.match(regex, value) is None:
raise PasswordPolicyError(regex, rules)
self.sha256_hash = sha256_crypt.encrypt(value)
def create_user():
if not settings.load()['config'].get('allow_account_creation', False):
return JSONResponse(status=HTTPStatus.FORBIDDEN)
""" This API route is used by the create new account template to add a new user into Mongo """
if isinstance(request.json, dict):
args = request.json
if args.get('username') and args.get('password'):
try:
user = users.create_user(args['username'], args['password'], args.get('email'), args.get('full_name'))
except users.PasswordPolicyError as error:
regex, rules = error.args
return JSONResponse({'violation': {'regex': regex, 'rules': rules}}, HTTPStatus.BAD_REQUEST)
if user is not None:
response = Response(status=HTTPStatus.CREATED)
response.set_cookie('user-token', user.generate_token(), max_age=datetime.timedelta(days=7))
return response
else:
return JSONResponse({'message': 'Username already exists!'}, status=HTTPStatus.BAD_REQUEST)
return JSONResponse({'message': 'Username, email and password are required'}, status=HTTPStatus.BAD_REQUEST)
def pymongo():
mongo_host = settings.load()['database']['mongo'].get('host', '127.0.0.1')
mongo_port = settings.load()['database']['mongo'].get('port', '27017')
return MongoClient(host=mongo_host, port=mongo_port)[name]
def get_serializer():
global serializer
if serializer is None:
serializer = URLSafeTimedSerializer(
settings.load()['database']['crypto']['key'])
return serializer
def generate_reset_link(self):
base_url = settings.load()['server']['url']
url = "{}/#/reset-password?token={}".format(
base_url, self.generate_reset_token())
return url