Beispiel #1
0
    def test_get_or_create_will_raise_error_when_file_has_invalid_content(
            self):
        with tempfile.NamedTemporaryFile() as mock_secret_key_file:
            mock_secret_key_file.write(b'dummy key data with incorrect size')
            mock_secret_key_file.flush()

            with mock.patch.object(secret_key, '_SECRET_KEY_FILE',
                                   mock_secret_key_file.name):
                with self.assertRaises(secret_key.InvalidSecretKeyError):
                    secret_key.get_or_create()
Beispiel #2
0
    def test_get_or_create_will_raise_error_when_file_has_invalid_perms(self):
        with tempfile.NamedTemporaryFile() as mock_secret_key_file:
            mock_secret_key_file.write(b'0' * 32)
            mock_secret_key_file.flush()
            os.chmod(mock_secret_key_file.name, 0o700)

            with mock.patch.object(secret_key, '_SECRET_KEY_FILE',
                                   mock_secret_key_file.name):
                with self.assertRaises(secret_key.InvalidSecretKeyError):
                    secret_key.get_or_create()
Beispiel #3
0
    def test_get_or_create_will_get_when_valid_file_exists(self):
        with tempfile.NamedTemporaryFile() as mock_secret_key_file:
            mock_secret_key_file.write(b'0' * 32)
            mock_secret_key_file.flush()

            with mock.patch.object(secret_key, '_SECRET_KEY_FILE',
                                   mock_secret_key_file.name):
                secret_key_value = secret_key.get_or_create()
                self.assertEqual(b'0' * 32, secret_key_value)
Beispiel #4
0
    def test_get_or_create_will_create_when_file_does_not_exist(self):
        with tempfile.TemporaryDirectory() as mock_secret_key_dir:
            mock_secret_key_file = os.path.join(mock_secret_key_dir,
                                                'secret-key-file')

            with mock.patch.object(secret_key, '_SECRET_KEY_FILE',
                                   mock_secret_key_file):
                self.assertFalse(os.path.exists(mock_secret_key_file))
                secret_key_value = secret_key.get_or_create()
                self.assertTrue(os.path.exists(mock_secret_key_file))
                file_perms = stat.S_IMODE(
                    os.stat(mock_secret_key_file).st_mode)
                self.assertEqual(0o600, file_perms)
                self.assertIs(bytes, type(secret_key_value))
                self.assertEqual(32, len(secret_key_value))
Beispiel #5
0
root_logger = log.create_root_logger(flask.logging.default_handler)
if debug:
    root_logger.setLevel(logging.DEBUG)
else:
    root_logger.setLevel(logging.INFO)
    # Socket.io logs are too chatty at INFO level.
    logging.getLogger('socketio').setLevel(logging.ERROR)
    logging.getLogger('engineio').setLevel(logging.ERROR)

logger = logging.getLogger(__name__)
logger.info('Starting app')

app = flask.Flask(__name__, static_url_path='')
app.config.update(
    SECRET_KEY=secret_key.get_or_create(),
    TEMPLATES_AUTO_RELOAD=True,
    WTF_CSRF_TIME_LIMIT=None,
)
app.config.from_envvar('APP_SETTINGS_FILE')

# Configure CSRF protection.
csrf = flask_wtf.csrf.CSRFProtect(app)

app.register_blueprint(api.api_blueprint)
app.register_blueprint(views.views_blueprint)


@app.errorhandler(flask_wtf.csrf.CSRFError)
def handle_csrf_error(error):
    return json_response.error(error), 403