def create_app(db_config, image_folder, log_folder=None, log_file_name=None): # set the project root directory as the static folder, you can set others. app = Flask(__name__, static_url_path='') # https://stackoverflow.com/questions/26980713/solve-cross-origin-resource-sharing-with-flask # pip install -U flask-cors CORS(app, resources={r"/*": {"origins": "*"}}) engine = create_engine('postgresql://{}:{}@{}:{}/{}'.format( db_config['username'], db_config['password'], db_config['ip'], db_config['port'], db_config['database_name'])) app.config['engine'] = engine app.config['image_folder'] = image_folder if log_folder is not None and log_file_name is not None: configure_logging(log_folder, log_file_name) logger = logging.getLogger(__name__) logger.info('Current database being used: {}'.format( db_config['database_name'])) logger.info('image_folder: {}'.format(app.config['image_folder'])) # Setup the Flask-JWT-Extended extension app.config[ 'JWT_SECRET_KEY'] = 's3label-completely-secret' # this should be kept secret! jwt = fje.JWTManager(app) # register the endpoints with this app app.register_blueprint(ebp) return app
def create_app(config): """ Create a Flask app with a registered API and namespaces """ flask_app = Flask('timezone_keeper') flask_app.config.from_object(FlaskCfgObject(config)) blueprint = Blueprint('api', __name__, url_prefix=API_PREFIX) flask_api.init_app(blueprint) flask_api.add_namespace(auth_ns) flask_api.add_namespace(user_ns) flask_api.add_namespace(role_ns) flask_api.add_namespace(timezone_ns) if 'api' not in flask_app.blueprints: flask_app.register_blueprint(blueprint) log.info('Database path: %s', config.SQLALCHEMY_DATABASE_URI) db.init_app(flask_app) jwt = flask_jwt_extended.JWTManager(flask_app) jwt.user_claims_loader(jwt_add_claims_to_access_token) jwt.user_identity_loader(jwt_user_identity_lookup) jwt.token_in_blacklist_loader(jwt_check_blacklisted) flask_app.after_request(add_cors_headers) return flask_app
def create_app(): app = Flask(FLASK_NAME, static_folder="../client/dist", template_folder="../client") app.secret_key = FLASK_SECRET_KEY # JWT jwt = flask_jwt_extended.JWTManager(app) return app
def __init__(self, app): super(JwtRequestLoader, self).__init__(app) self.jwt_manager = jwt_manager = flask_jwt_extended.JWTManager() jwt_manager.init_app(app) @jwt_manager.user_identity_loader def user_identity_loader(user): """ Serialize a user entity to the JWT token This method is the complement of `user_loader_callback_loader` """ return user.session_key @jwt_manager.user_loader_callback_loader def user_loader_callback_loader(session_key): """ Load a user entity from the JWT token This method is the complement of `user_identity_loader` Note, if user is not found or inactive, fail silently - user just won't get loaded """ return self.user_ent.get_by(session_key=session_key, is_active=True)
def create_app(config): app = Flask(__name__) app.config['PROPAGATE_EXCEPTIONS'] = True app.config['JWT_SECRET_KEY'] = config.JWT_SECRET app.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False from src.client.db import db as sqldb sqldb.init_app(app) from src.client.clients.dao.sql_dao import ClientSQLDAO api = Api(app) flask_jwt_extended.JWTManager(app) app_logger = create_logger(__name__) clients_dao = ClientSQLDAO() # Client manager resources api.add_resource(client_resources.ClientManager, '/api/clients', resource_class_kwargs={ 'logger': app_logger, 'clients_dao': clients_dao }) # List Client resources api.add_resource(client_resources.ClientList, '/api/listClients', resource_class_kwargs={ 'logger': app_logger, 'clients_dao': clients_dao }) return app
app = Flask(__name__) # Create Flask app app.config.update(get_config( app.config['ENV'], app.open_resource('config.yaml'))) CORS(app) # Cross-origin resource sharing api = Api(app, doc=False) api.add_namespace(games_api, path='/api/games') api.add_namespace(auth_api, path='/api/auth') assert ('JWT_SECRET_KEY' in app.config), 'Must set FLASK_JWT_SECRET_KEY env variable' if 'JWT_ACCESS_TOKEN_EXPIRES' not in app.config: app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 86400 # default is 1 day app.config['PROPAGATE_EXCEPTIONS'] = True # avoids server error w/bad JWTs in gunicorn jwt = JWT.JWTManager(app) # do this after config is set print('URL MAP', app.url_map) # useful for debugging @app.before_request def init_db(): '''Initialize db by creating the global db_session This runs on each request. ''' db_auth = create_engine(app.config['DB_AUTH']) g.auth_db = sessionmaker(db_auth)() db_usage = create_engine(app.config['DB_USAGE']) g.usage_db = sessionmaker(db_usage)()
def create_app(config): app = Flask(__name__) app.config['PROPAGATE_EXCEPTIONS'] = True app.config['JWT_SECRET_KEY'] = config.JWT_SECRET app.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False from .db import db as sqldb sqldb.init_app(app) from .books.dao.sql_dao import BooksSQLDAO from .users.dao.sql_dao import UsersSQLDAO api = Api(app) flask_jwt_extended.JWTManager(app) app_logger = utils.create_logger(__name__) books_dao = BooksSQLDAO() users_dao = UsersSQLDAO() # public Book resources api.add_resource(book_resources.PublicBookList, '/books', resource_class_kwargs={ 'logger': app_logger, 'books_dao': books_dao }) api.add_resource(book_resources.PublicBook, '/books/<string:book_id>', resource_class_kwargs={ 'logger': app_logger, 'books_dao': books_dao }) # Books resources owned by Users api.add_resource(book_resources.UserBookList, '/users/books', resource_class_kwargs={ 'logger': app_logger, 'books_dao': books_dao, 'users_dao': users_dao, }) api.add_resource(book_resources.UserBook, '/users/books/<string:book_id>', resource_class_kwargs={ 'logger': app_logger, 'books_dao': books_dao }) # Authentication resource api.add_resource(user_resources.UserAuthentication, '/auth', resource_class_kwargs={ 'logger': app_logger, 'users_dao': users_dao }) return app
) #CORS(app) CORS(app, resources={r'/*': {'origins': '*'}}) api = Api(app, prefix="/api") #api = Api(app) print('App config:\n ', '\n '.join([f'{k}: {v}' for k,v in sorted(app.config.items())])) if 'JWT_SECRET_KEY' not in app.config: app.config['JWT_SECRET_KEY'] = 'very secret' if 'JWT_ACCESS_TOKEN_EXPIRES' not in app.config: app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 3600 jwt = JWT.JWTManager(app) #routes before auth, no discover @api.route('/user') class UsersResource(Resource): def post(self): '''Registers a new user''' #grabs fields to create user d = api.payload if d is None: return {'msg': 'No change submitted'} #need #user_id, name, creation_date, email, email_confirmation user = User() #creates new user object auth = Auth() #creates new authentication object
modelTicks = btctaiModels.Ticks # markets = Markets() app = flask.Flask(__name__) if 'AIMAI_JWT_SECRET_KEY' not in os.environ: print('''Required environment variables not defined. export AIMAI_JWT_SECRET_KEY="Your_Secret_Key" ''') exit() app.config['JWT_SECRET_KEY'] = os.environ['AIMAI_JWT_SECRET_KEY'] app.config['JWT_EXPIRATION_DELTA'] = datetime.timedelta(days=14) jwt = flask_jwt.JWTManager(app) @jwt.user_claims_loader def makeJWTClaims(account): obj = account.toDict() return {'username': obj['username']} @jwt.user_identity_loader def userIdentityLoader(account): obj = account.toDict() return obj['_id'] #jwt.payload_handler = makeJWTPayload
from models import users, settlements, names # general logging #utils.basic_logging() # create the flask app with settings/utils info application = Flask(__name__) application.config.update( DEBUG=settings.get("server", "DEBUG"), TESTING=settings.get("server", "DEBUG"), ) application.logger.addHandler(utils.get_logger(log_name="server")) application.config['SECRET_KEY'] = settings.get("api", "secret_key", "private") # Javascript Web Token! DO NOT import jwt (i.e. pyjwt) here! jwt = flask_jwt_extended.JWTManager(application) # # Routes start here! Settings object initialized above... # # default route - landing page, vanity URL stuff @application.route("/") def index(): return send_file("html/index.html") # static css and js routes @application.route('/static/<sub_dir>/<path:path>') def route_to_static(path, sub_dir):
from flask_socketio import SocketIO, send, emit import flask_jwt_extended as fj import jwt as jt # see FIXME below import peewee from playhouse.fields import PasswordField from chappy.config import Config from chappy.models import User, Channel, ChannelUser, Message, init_db from adapters.embedly_adapter import get_video_metadata, get_img_metadata from adapters.twilio_adapter import message_user app = Flask(__name__) app.config.from_object(Config) jwt = fj.JWTManager(app) socketio = SocketIO(app) ################### # JWT SESSION SETUP ################### # FIXME: fj.get_jwt_identity appears to be borked; I wrote my own: def decode_identity(): algorithm = fj.config.__dict__['ALGORITHM'] secret = app.config.get('SECRET_KEY') token = request.headers.get('AUTHORIZATION').split(' ')[1] identity = jt.decode(token, secret, algorithm) return identity['identity']
convergence-server A REStful API service that helps you find the ideal place to meet. """ import logging import flask_jwt_extended from flask import Flask from flask_cors import CORS from convergence.data import convergence_db app = Flask(__name__, instance_relative_config=True, static_url_path="/static") app.config.from_object("config") app.config.from_pyfile("config.py") CORS(app, supports_credentials=True) jwt = flask_jwt_extended.JWTManager(app) db_url = app.config["DB_URL"] db = convergence_db.ConvergenceDB(db_url) logging.basicConfig(filename="logs/Convergence.log", level=logging.INFO) from convergence.endpoints import user_bp, events_bp, suggestions_bp, \ friends_bp from convergence.utils import error_handling app.register_blueprint(user_bp) app.register_blueprint(events_bp) app.register_blueprint(suggestions_bp) app.register_blueprint(friends_bp)
API.config.from_object(config.Config) API.config.from_pyfile('secret.py') # import the settings module and add it from app import assets, utils from app.utils import settings from app.utils import crossdomain # fiddle the loggers; remove the default to avoid handle conflicts API.logger.removeHandler(flask.logging.default_handler) API.logger = utils.get_logger(log_name="server") API.settings = settings # Javascript Web Token! DO NOT import jwt (i.e. pyjwt) here! JWT = flask_jwt_extended.JWTManager(API) # HTTP basic auth, which we use for the admin panel: API.basicAuth = HTTPBasicAuth() @API.basicAuth.verify_password def verify_password(username, password): """ cf. the methods in routes.py that use the @basicAuth decorator. This is what happens when those routes try to verify their user. """ flask.request.User = assets.users.authenticate(username, password) if flask.request.User is None: return False if flask.request.User.user.get("admin", None) is None:
"""This module implements all authorization functions used by :py:mod:`psef`. :license: AGPLv3, see LICENSE for details. """ import typing as t from functools import wraps import oauth2 import flask_jwt_extended as flask_jwt from mypy_extensions import NoReturn import psef from psef.errors import APICodes, APIException jwt = flask_jwt.JWTManager() # pylint: disable=invalid-name def init_app(app: t.Any) -> None: """Initialize the app by initializing our jwt manager. :param app: The flask app to initialize. """ jwt.init_app(app) class PermissionException(APIException): """The exception used when a permission check fails. """ pass
import functools from datetime import timedelta import flask import flask_jwt_extended as jwt from flask_httpauth import HTTPBasicAuth from flaskel.flaskel import cap, httpcode from flaskel.utils.datastruct import ObjectDict from .sqlalchemy import db from .sqlalchemy.mixins import StandardMixin jwtm = jwt.JWTManager() basic_auth = HTTPBasicAuth() @basic_auth.verify_password def simple_basic_auth(username, password): if ( username == cap.config.BASIC_AUTH_USERNAME and password == cap.config.BASIC_AUTH_PASSWORD ): return dict(username=username, password=password) return None @jwtm.invalid_token_loader def invalid_token_loader(mess): return dict(message=mess), httpcode.UNAUTHORIZED # pragma: no cover
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. import datetime import logging import flask_jwt_extended from flask_jwt_extended import exceptions as jwt_exc from cnapps import exceptions LOGGER = logging.getLogger(__name__) JWT_MANAGER = flask_jwt_extended.JWTManager() def setup(app): """Setup JWT Args: app ([flask.Flask]): the main application """ JWT_MANAGER.init_app(app) app.config['JWT_SECRET_KEY'] = "my-secret" app.config['JWT_TOKEN_LOCATION'] = ['headers'] app.config['JWT_ACCESS_TOKEN_EXPIRES'] = datetime.timedelta(hours=1)
def create_app(): logging.configure() werkzeug_log = std_logging.getLogger('werkzeug') werkzeug_log.setLevel(std_logging.ERROR) app = flask.Flask(__name__, instance_relative_config=True) # FIXME: Add production config and keys app.config['SECRET_KEY'] = 'dev' app.config['JWT_SECRET_KEY'] = 'dev' app.config['JWT_TOKEN_LOCATION'] = ('headers', 'cookies') app.config['JWT_COOKIE_SECURE'] = False app.config['JWT_COOKIE_CSRF_PROTECT'] = False app.config['JWT_ACCESS_TOKEN_EXPIRES'] = dt.timedelta(hours=12) app.config['db_pool'] = psql.pool.SimpleConnectionPool(1, 20, '') flask_jwt.JWTManager(app) from . import auth app.register_blueprint(auth.bp) from . import users app.register_blueprint(users.bp) from . import teams app.register_blueprint(teams.bp) from . import hubs app.register_blueprint(hubs.bp) from . import datasets app.register_blueprint(datasets.bp) from . import versions app.register_blueprint(versions.bp) from . import partitions app.register_blueprint(partitions.bp) from . import connections app.register_blueprint(connections.bp) app.jinja_env.filters['datetime'] = format_datetime app.jinja_env.filters['tooltip'] = format_tooltip @app.before_request def before_request_logger(): flask.g.start_time = time.time() logging.init(request_id=uuid.uuid4()) logging.info('start_request', method=flask.request.method, host=flask.request.host_url, path=flask.request.path, endpoint=getattr(flask.request.url_rule, 'endpoint', '')) exclude_authorization = [ 'auth.login_html', 'auth.login_json', 'redirect_index', 'static', 'users.new_json', ] @app.before_request def before_request_authorization(): endpoint = getattr(flask.request.url_rule, 'endpoint', '') if flask.request.path == '/favicon.ico' or endpoint in exclude_authorization: return try: flask_jwt.verify_jwt_in_request() except (flask_jwt.exceptions.JWTExtendedException, jwt.ExpiredSignature): if flask.request.url.endswith('html'): return flask.redirect(flask.url_for('auth.login_html')) return flask.jsonify({'error': 'missing access token'}), 401 @app.after_request def after_request_logger(response): log = structlog.get_logger() log.info('stop_request', code=response.status_code, time=round((time.time() - flask.g.start_time) * 1000, ndigits=4), method=flask.request.method, host=flask.request.host_url, path=flask.request.path, endpoint=getattr(flask.request.url_rule, 'endpoint', '')) return response @app.teardown_appcontext def close_db_pool(e): db = flask.g.pop('db', None) if db is not None: app.config['db_pool'].putconn(db) @app.errorhandler(DbException) def handle_db_exception(error): if flask.request.url.endswith('html'): return flask.render_template('error.html.j2', error=str(error)), 500 return flask.jsonify({'error': str(error)}), 500 @app.errorhandler(AssertionFailure) def handle_assertion_failure(error): if flask.request.url.endswith('html'): return flask.render_template('error.html.j2', error=str(error)), error.status_code return flask.jsonify({'error': str(error)}), error.status_code @app.route('/', methods=['GET']) def redirect_index(): return flask.redirect(flask.url_for('hubs.index_html')) return app
def init_jwt(app): user_store.UserStore.set_users(env_singleton.env.get_auth_users()) _ = flask_jwt_extended.JWTManager(app) logger.debug("Initialized JWT with secret key that started with " + app.config["JWT_SECRET_KEY"][:4])
import os import flask import flask_jwt_extended as jwt from database.seeders import reset_database from routes import blueprints # init app = flask.Flask(__name__) app.url_map.strict_slashes = False app.config['JWT_SECRET_KEY'] = os.urandom(256) jwt.JWTManager(app) # CLI @app.cli.command() def resetdb(): reset_database() # index route @app.route('/', defaults={'path': ''}) @app.route('/<path:path>') def index(path): return flask.send_file('./static/index.html') # route for storage, TODO: use nginx instead @app.route('/api/image/<path:path>') def get_file_from_storage(path): path = '/storage/image_posts/{}'.format(path)