Ejemplo n.º 1
0
from ..models import User
from flask import g, make_response, request
from flask.ext.httpauth import HTTPBasicAuth

http_auth = HTTPBasicAuth()


@http_auth.error_handler
def unauthorized():
    response = make_response()
    response.status_code = 401
    response.headers['WWW-Authenticate'] = 'xBasic realm="{0}"'.format(
        'Authentication Required')
    return response


@http_auth.verify_password
def verify_password(username_or_token, password):
    if password == '':
        g.current_user = User.verify_auth_token(username_or_token)
        g.token_used = True
        return g.current_user != None
    user = User.query.filter_by(name=username_or_token).first()
    if not user:
        return False
    g.current_user = user
    g.token_used = False
    return user.verify_password(password)
Ejemplo n.º 2
0
    'is_admin': fields.Boolean,
    'is_deleted': fields.Boolean,
}

blueprint_fields = {
    'id': fields.String(attribute='id'),
    'maximum_lifetime': fields.Integer,
    'name': fields.String,
    'is_enabled': fields.Boolean,
    'plugin': fields.String,
    'config': fields.Raw,
    'schema': fields.Raw,
    'form': fields.Raw
}

auth = HTTPBasicAuth()
auth.authenticate_header = lambda: "Authentication Required"


@auth.verify_password
def verify_password(userid_or_token, password):
    g.user = User.verify_auth_token(userid_or_token, app.config['SECRET_KEY'])
    if not g.user:
        g.user = User.query.filter_by(email=userid_or_token).first()
        if not g.user:
            return False
        if not g.user.check_password(password):
            return False
    return True

Ejemplo n.º 3
0
from flask import Flask, url_for, jsonify, request, g, Blueprint, current_app
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.httpauth import HTTPBasicAuth
from utils import split_url

basedir = os.path.abspath(os.path.dirname(__file__))
db_path = os.path.join(basedir, '../data.sqlite')

app = Flask(__name__)
api = Blueprint('api', __name__)
app.config['SECRET_KEY'] = 'top-secret!'
app.config['SQLALCHEMY_DATABASE_URI'] = os.environ.get('DATABASE_URL') or \
                                        'sqlite:///' + db_path

db = SQLAlchemy(app)
auth = HTTPBasicAuth()
auth_token = HTTPBasicAuth()


class ValidationError(ValueError):
    pass


@app.errorhandler(ValidationError)
def bad_request(e):
    response = jsonify({
        'status': 400,
        'error': 'bad request',
        'message': e.args[0]
    })
    response.status_code = 400
Ejemplo n.º 4
0
cfg_file = open('server.cfg')
cfg = json.load(cfg_file)
cfg_file.close()

admin_datastore = AdminDatastore()
client_datastore = ClientDatastore()
iterated_client_datastore = IteratedClientDatastore()

from flask import Flask, jsonify, abort, request, make_response, url_for, render_template
from flask.ext.httpauth import HTTPBasicAuth

app = Flask(__name__, static_url_path="")
# Note: We don't need to call run() since our application is embedded within
# the App Engine WSGI application server.
auth = HTTPBasicAuth()
dashauth = HTTPBasicAuth()

#######################################################################################
#######################################################################################
#
# ADMINISTRATOR API
#
#######################################################################################
#######################################################################################

# # Upload a Json file that contains the complete experiment with participants and stimuli
# @app.route('/psycloud/admin/api/experiments/upload_all_data',
# 	methods=['POST'])
# @auth.login_required
# def upload_experiment_data():
Ejemplo n.º 5
0
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = 'My Realm'
        basic_custom_auth = HTTPBasicAuth()
        basic_verify_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = 'My Realm'

        @basic_auth.get_password
        def get_basic_password(username):
            if username == 'john':
                return 'hello'
            elif username == 'susan':
                return 'bye'
            else:
                return 'other'

        @basic_auth_my_realm.get_password
        def get_basic_password(username):
            if username == 'john':
                return 'johnhello'
            elif username == 'susan':
                return 'susanbye'
            else:
                return 'other'

        @basic_auth_my_realm.hash_password
        def basic_auth_my_realm_hash_password(username, password):
            return username + password

        @basic_auth_my_realm.error_handler
        def basic_auth_my_realm_error():
            return 'custom error'

        @basic_custom_auth.get_password
        def get_basic_custom_auth_get_password(username):
            if username == 'john':
                return md5('hello').hexdigest()
            elif username == 'susan':
                return md5('bye').hexdigest()
            else:
                return 'other'

        @basic_custom_auth.hash_password
        def basic_custom_auth_hash_password(password):
            return md5(password).hexdigest()

        @basic_verify_auth.verify_password
        def basic_verify_auth_verify_password(username, password):
            if username == 'john':
                return password == 'hello'
            elif username == 'susan':
                return password == 'bye'
            return False

        @digest_auth.get_password
        def get_digest_password(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
            else:
                return 'other'

        @digest_auth_my_realm.get_password
        def get_digest_password(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
            else:
                return 'other'

        @app.route('/')
        def index():
            return 'index'

        @app.route('/basic')
        @basic_auth.login_required
        def basic_auth_route():
            return 'basic_auth:' + basic_auth.username()

        @app.route('/basic-with-realm')
        @basic_auth_my_realm.login_required
        def basic_auth_my_realm_route():
            return 'basic_auth_my_realm:' + basic_auth_my_realm.username()

        @app.route('/basic-custom')
        @basic_custom_auth.login_required
        def basic_custom_auth_route():
            return 'basic_custom_auth:' + basic_custom_auth.username()

        @app.route('/basic-verify')
        @basic_verify_auth.login_required
        def basic_verify_auth_route():
            return 'basic_verify_auth:' + basic_verify_auth.username()

        @app.route('/digest')
        @digest_auth.login_required
        def digest_auth_route():
            return 'digest_auth:' + digest_auth.username()

        @app.route('/digest-with-realm')
        @digest_auth_my_realm.login_required
        def digest_auth_my_realm_route():
            return 'digest_auth_my_realm:' + digest_auth_my_realm.username()

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.basic_verify_auth = basic_verify_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
Ejemplo n.º 6
0
    def setUp(self):
        app = Flask(__name__)
        app.config["SECRET_KEY"] = "my secret"

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = "My Realm"
        basic_custom_auth = HTTPBasicAuth()
        basic_verify_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = "My Realm"

        @basic_auth.get_password
        def get_basic_password(username):
            if username == "john":
                return "hello"
            elif username == "susan":
                return "bye"
            else:
                return "other"

        @basic_auth_my_realm.get_password
        def get_basic_password(username):
            if username == "john":
                return "johnhello"
            elif username == "susan":
                return "susanbye"
            else:
                return "other"

        @basic_auth_my_realm.hash_password
        def basic_auth_my_realm_hash_password(username, password):
            return username + password

        @basic_auth_my_realm.error_handler
        def basic_auth_my_realm_error():
            return "custom error"

        @basic_custom_auth.get_password
        def get_basic_custom_auth_get_password(username):
            if username == "john":
                return md5("hello").hexdigest()
            elif username == "susan":
                return md5("bye").hexdigest()
            else:
                return "other"

        @basic_custom_auth.hash_password
        def basic_custom_auth_hash_password(password):
            return md5(password).hexdigest()

        @basic_verify_auth.verify_password
        def basic_verify_auth_verify_password(username, password):
            if username == "john":
                return password == "hello"
            elif username == "susan":
                return password == "bye"
            return False

        @digest_auth.get_password
        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
            else:
                return "other"

        @digest_auth_my_realm.get_password
        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
            else:
                return "other"

        @app.route("/")
        def index():
            return "index"

        @app.route("/basic")
        @basic_auth.login_required
        def basic_auth_route():
            return "basic_auth:" + basic_auth.username()

        @app.route("/basic-with-realm")
        @basic_auth_my_realm.login_required
        def basic_auth_my_realm_route():
            return "basic_auth_my_realm:" + basic_auth_my_realm.username()

        @app.route("/basic-custom")
        @basic_custom_auth.login_required
        def basic_custom_auth_route():
            return "basic_custom_auth:" + basic_custom_auth.username()

        @app.route("/basic-verify")
        @basic_verify_auth.login_required
        def basic_verify_auth_route():
            return "basic_verify_auth:" + basic_verify_auth.username()

        @app.route("/digest")
        @digest_auth.login_required
        def digest_auth_route():
            return "digest_auth:" + digest_auth.username()

        @app.route("/digest-with-realm")
        @digest_auth_my_realm.login_required
        def digest_auth_my_realm_route():
            return "digest_auth_my_realm:" + digest_auth_my_realm.username()

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.basic_verify_auth = basic_verify_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
Ejemplo n.º 7
0
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = 'My Realm'
        basic_custom_auth = HTTPBasicAuth()
        basic_verify_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = 'My Realm'

        @basic_auth.get_password
        def get_basic_password(username):
            if username == 'john':
                return 'hello'
            elif username == 'susan':
                return 'bye'
            else:
                return None

        @basic_auth_my_realm.get_password
        def get_basic_password_2(username):
            if username == 'john':
                return 'johnhello'
            elif username == 'susan':
                return 'susanbye'
            else:
                return None

        @basic_auth_my_realm.hash_password
        def basic_auth_my_realm_hash_password(username, password):
            return username + password

        @basic_auth_my_realm.error_handler
        def basic_auth_my_realm_error():
            return 'custom error'

        @basic_custom_auth.get_password
        def get_basic_custom_auth_get_password(username):
            if username == 'john':
                return md5('hello').hexdigest()
            elif username == 'susan':
                return md5('bye').hexdigest()
            else:
                return None

        @basic_custom_auth.hash_password
        def basic_custom_auth_hash_password(password):
            return md5(password).hexdigest()

        @basic_verify_auth.verify_password
        def basic_verify_auth_verify_password(username, password):
            if username == 'john':
                return password == 'hello'
            elif username == 'susan':
                return password == 'bye'
            return False

        @digest_auth.get_password
        def get_digest_password(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
            else:
                return None

        @digest_auth_my_realm.get_password
        def get_digest_password_2(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
            else:
                return None

        @app.route('/')
        def index():
            return 'index'

        @app.route('/basic')
        @basic_auth.login_required
        def basic_auth_route():
            return 'basic_auth:' + basic_auth.username()

        @app.route('/basic-with-realm')
        @basic_auth_my_realm.login_required
        def basic_auth_my_realm_route():
            return 'basic_auth_my_realm:' + basic_auth_my_realm.username()

        @app.route('/basic-custom')
        @basic_custom_auth.login_required
        def basic_custom_auth_route():
            return 'basic_custom_auth:' + basic_custom_auth.username()

        @app.route('/basic-verify')
        @basic_verify_auth.login_required
        def basic_verify_auth_route():
            return 'basic_verify_auth:' + basic_verify_auth.username()

        @app.route('/digest')
        @digest_auth.login_required
        def digest_auth_route():
            return 'digest_auth:' + digest_auth.username()

        @app.route('/digest-with-realm')
        @digest_auth_my_realm.login_required
        def digest_auth_my_realm_route():
            return 'digest_auth_my_realm:' + digest_auth_my_realm.username()

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.basic_verify_auth = basic_verify_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
Ejemplo n.º 8
0
from datetime import datetime
import json
from flask import render_template, redirect, url_for, abort, flash, request,\
    current_app, make_response, jsonify
from flask.ext.sqlalchemy import get_debug_queries
from flask.ext.httpauth import HTTPBasicAuth
from . import main
from .forms import TodoForm
from .. import db
from ..models import Todo
from app.exceptions import ValidationError

# will be used for restfull authentication
auth = HTTPBasicAuth()
@main.route('/', methods=['GET'])
@main.route('/todos/', methods=['GET'])
def index():
    ''' index is the home page of the Todo Application '''
    todos = Todo.query.order_by(Todo.publication_date.desc()).all()
    return render_template('index.html', todos=todos)

@main.route('/todos/<int:todo_id>', methods = ['GET' , 'POST'])
def show_or_update(todo_id):
    '''
     as the name indicates, it either shows or updates the todo item.
     :param todo_id: the identifer
    '''
    todo_item = Todo.query.get_or_404(todo_id)
    # if it is GET, so we only need to redirect to the todo page
    if request.method == 'GET':
Ejemplo n.º 9
0
from flask import Flask, jsonify, request, make_response
from flask.ext.httpauth import HTTPBasicAuth


# init
# ----
config = {
    'auth': False,
    'debug': True,
    'port': 9999,
    'users': {
        'user': '******'
    }
}
app = Flask(__name__, static_url_path="")
auth = HTTPBasicAuth()

# disable authentication (if specified)
if not config['auth']:
    auth.login_required = lambda x: x


# authentication
# --------------
@auth.get_password
def get_password(username):
    """
    Basic authentication. Uses `user` map in config dictionary
    to check passwords.

    :param username: Username to authenticate on.
Ejemplo n.º 10
0
# coding: utf-8

from flask import make_response, jsonify, g
from flask.ext import login
from flask.ext.httpauth import HTTPBasicAuth

from db import db
from model import User

__author__ = 'StasEvseev'


auth = HTTPBasicAuth()
auth_admin = HTTPBasicAuth()

login_manager = login.LoginManager()


@login_manager.user_loader
def load_user(user_id):
    return db.session.query(User).get(user_id)


def unauthorized():
    return make_response(
        jsonify({'error': 'Unauthorized access'}), 401,
        [('WWW-Authenticate', 'error')])


def access_denied():
    return make_response(
Ejemplo n.º 11
0
from flask.ext.httpauth import HTTPBasicAuth
from flask import g

from app.models import User
from app.rest import make_response, CODES

from datetime import datetime, timedelta

auth = HTTPBasicAuth()
login = HTTPBasicAuth()
refresh = HTTPBasicAuth()


@login.verify_password
def verify_password(email, password):
    user = User.query.filter_by(email=email).first()
    if not user or not user.verify_password(password):
        return False
    g.user = user
    return True


@auth.verify_password
def verify_token(token, passw=None):
    user = User.verify_auth_token(token)
    if not user:
        return False
    g.user = user
    return True

Ejemplo n.º 12
0
from flask import (
    Blueprint,
    g,
)
from flask.ext.httpauth import HTTPBasicAuth

from .models import User
from .errors import unauthorized
from .decorators import no_cache, json

token = Blueprint('token', __name__)
token_auth = HTTPBasicAuth()


@token_auth.verify_password
def verify_password(username_or_token, password):
    g.user = User.query.filter_by(username=username_or_token).first()
    if not g.user:
        return False
    return g.user.verify_password(password)


@token_auth.error_handler
def unauthorized_error():
    return unauthorized('Please authenticate to access this API')


@token.route('/request-token')
@no_cache
@token_auth.login_required
@json
Ejemplo n.º 13
0
from flask.ext.httpauth import HTTPBasicAuth

from goalboost.model.auth_models import User
from flask.ext.login import current_user, login_user

httpBasicAuth = HTTPBasicAuth()


@httpBasicAuth.verify_password
def verify_password(username, password):
    global current_user
    user = User.verify_auth_token(password)
    if not user:
        return False
    # The next two lines set the current user correctly for the token case, on a
    # per-request basis,  Tthe user still needs to re-authenticate with each
    # request, so the RESTful statelessness is implemented correctly.
    user.authenticated = True
    login_user(user, remember=True)
    return True
Ejemplo n.º 14
0
import Queue
from flask import Flask
from flask.ext import restful
from flask.ext.httpauth import HTTPBasicAuth

flaskapp = Flask(__name__)
flaskapi = restful.Api(flaskapp)
flaskauth = HTTPBasicAuth()

ANSIBLE_QUEUE = Queue.Queue()
Ejemplo n.º 15
0
    def run(self):
        db = util.connect_to_db(flags='SQLITE_OPEN_READONLY')
        app = flask.Flask(__name__)
        auth = HTTPBasicAuth()

        @auth.get_password
        def get_pw(username):
            if username == config.RPC_USER:
                return config.RPC_PASSWORD
            return None        

        ######################
        #READ API

        # Generate dynamically get_{table} methods
        def generate_get_method(table):
            def get_method(**kwargs):
                return get_rows(db, table=table, **kwargs)
            return get_method

        for table in API_TABLES:
            new_method = generate_get_method(table)
            new_method.__name__ = 'get_{}'.format(table)
            dispatcher.add_method(new_method)

        @dispatcher.add_method
        def sql(query, bindings=[]):
            return db_query(db, query, tuple(bindings))


        ######################
        #WRITE/ACTION API

        # Generate dynamically create_{transaction} and do_{transaction} methods
        def generate_create_method(transaction):

            def split_params(**kwargs):
                transaction_args = {}
                common_args = {}
                private_key_wif = None
                for key in kwargs:
                    if key in COMMONS_ARGS:
                        common_args[key] = kwargs[key]
                    elif key == 'privkey':
                        private_key_wif = kwargs[key]
                    else:
                        transaction_args[key] = kwargs[key]
                return transaction_args, common_args, private_key_wif

            def create_method(**kwargs):
                transaction_args, common_args, private_key_wif = split_params(**kwargs)
                return compose_transaction(db, name=transaction, params=transaction_args, **common_args)

            def do_method(**kwargs):
                transaction_args, common_args, private_key_wif = split_params(**kwargs)
                return do_transaction(db, name=transaction, params=transaction_args, private_key_wif=private_key_wif, **common_args)

            return create_method, do_method

        for transaction in API_TRANSACTIONS:
            create_method, do_method = generate_create_method(transaction)
            create_method.__name__ = 'create_{}'.format(transaction)
            do_method.__name__ = 'do_{}'.format(transaction)
            dispatcher.add_method(create_method)
            dispatcher.add_method(do_method)

        @dispatcher.add_method
        def sign_tx(unsigned_tx_hex, privkey=None):
            return sign_transaction(unsigned_tx_hex, private_key_wif=privkey)

        @dispatcher.add_method
        def broadcast_tx(signed_tx_hex):
            return broadcast_transaction(signed_tx_hex)

        @dispatcher.add_method
        def get_messages(block_index):
            if not isinstance(block_index, int):
                raise Exception("block_index must be an integer.")

            cursor = db.cursor()
            cursor.execute('select * from messages where block_index = ? order by message_index asc', (block_index,))
            messages = cursor.fetchall()
            cursor.close()
            return messages

        @dispatcher.add_method
        def get_messages_by_index(message_indexes):
            """Get specific messages from the feed, based on the message_index.

            @param message_index: A single index, or a list of one or more message indexes to retrieve.
            """
            if not isinstance(message_indexes, list):
                message_indexes = [message_indexes,]
            for idx in message_indexes:  #make sure the data is clean
                if not isinstance(idx, int):
                    raise Exception("All items in message_indexes are not integers")

            cursor = db.cursor()
            cursor.execute('SELECT * FROM messages WHERE message_index IN (%s) ORDER BY message_index ASC'
                % (','.join([str(x) for x in message_indexes]),))
            messages = cursor.fetchall()
            cursor.close()
            return messages

        @dispatcher.add_method
        def get_xpt_supply():
            return util.xpt_supply(db)

        @dispatcher.add_method
        def get_asset_info(assets):
            if not isinstance(assets, list):
                raise Exception("assets must be a list of asset names, even if it just contains one entry")
            assetsInfo = []
            for asset in assets:

                # LTC and XPT.
                if asset in [config.LTC, config.XPT]:
                    if asset == config.LTC:
                        supply = litecoin.get_ltc_supply(normalize=False)
                    else:
                        supply = util.xpt_supply(db)

                    assetsInfo.append({
                        'asset': asset,
                        'owner': None,
                        'divisible': True,
                        'locked': False,
                        'supply': supply,
                        'callable': False,
                        'call_date': None,
                        'call_price': None,
                        'description': '',
                        'issuer': None
                    })
                    continue

                # User‐created asset.
                cursor = db.cursor()
                issuances = list(cursor.execute('''SELECT * FROM issuances WHERE (status = ? AND asset = ?) ORDER BY block_index ASC''', ('valid', asset)))
                cursor.close()
                if not issuances: break #asset not found, most likely
                else: last_issuance = issuances[-1]
                supply = 0
                locked = False
                for e in issuances:
                    if e['locked']: locked = True
                    supply += e['quantity']
                assetsInfo.append({
                    'asset': asset,
                    'owner': last_issuance['issuer'],
                    'divisible': bool(last_issuance['divisible']),
                    'locked': locked,
                    'supply': supply,
                    'callable': bool(last_issuance['callable']),
                    'call_date': last_issuance['call_date'],
                    'call_price': last_issuance['call_price'],
                    'description': last_issuance['description'],
                    'issuer': last_issuance['issuer']})
            return assetsInfo

        @dispatcher.add_method
        def get_block_info(block_index):
            assert isinstance(block_index, int)
            cursor = db.cursor()
            cursor.execute('''SELECT * FROM blocks WHERE block_index = ?''', (block_index,))
            blocks = list(cursor)
            if len(blocks) == 1:
                block = blocks[0]
            elif len(blocks) == 0:
                raise exceptions.DatabaseError('No blocks found.')
            else:
                assert False
            cursor.close()
            return block
        
        @dispatcher.add_method
        def get_blocks(block_indexes):
            """fetches block info and messages for the specified block indexes"""
            if not isinstance(block_indexes, (list, tuple)):
                raise Exception("block_indexes must be a list of integers.")
            if len(block_indexes) >= 250:
                raise Exception("can only specify up to 250 indexes at a time.")

            block_indexes_str = ','.join([str(x) for x in block_indexes])
            cursor = db.cursor()
            
            cursor.execute('SELECT * FROM blocks WHERE block_index IN (%s) ORDER BY block_index ASC'
                % (block_indexes_str,))
            blocks = cursor.fetchall()
                
            cursor.execute('SELECT * FROM messages WHERE block_index IN (%s) ORDER BY block_index ASC, message_index ASC'
                % (block_indexes_str,))
            messages = collections.deque(cursor.fetchall())
            
            for block in blocks:
                messages_in_block = []
                block['_messages'] = []
                while len(messages) and messages[0]['block_index'] == block['block_index']:
                    block['_messages'].append(messages.popleft())
            assert not len(messages) #should have been cleared out
            
            cursor.close()
            return blocks

        @dispatcher.add_method
        def get_running_info():
            latestBlockIndex = litecoin.get_block_count()

            try:
                util.database_check(db, latestBlockIndex)
            except exceptions.DatabaseError as e:
                caught_up = False
            else:
                caught_up = True

            try:
                last_block = util.last_block(db)
            except:
                last_block = {'block_index': None, 'block_hash': None, 'block_time': None}

            try:
                last_message = util.last_message(db)
            except:
                last_message = None

            return {
                'db_caught_up': caught_up,
                'litecoin_block_count': latestBlockIndex,
                'last_block': last_block,
                'last_message_index': last_message['message_index'] if last_message else -1,
                'running_testnet': config.TESTNET,
                'running_testcoin': config.TESTCOIN,
                'version_major': config.VERSION_MAJOR,
                'version_minor': config.VERSION_MINOR,
                'version_revision': config.VERSION_REVISION
            }

        @dispatcher.add_method
        def get_element_counts():
            counts = {}
            cursor = db.cursor()
            for element in ['transactions', 'blocks', 'debits', 'credits', 'balances', 'sends', 'orders',
                'order_matches', 'ltcpays', 'issuances', 'broadcasts', 'bets', 'bet_matches', 'dividends',
                'burns', 'cancels', 'callbacks', 'order_expirations', 'bet_expirations', 'order_match_expirations',
                'bet_match_expirations', 'messages']:
                cursor.execute("SELECT COUNT(*) AS count FROM %s" % element)
                count_list = cursor.fetchall()
                assert len(count_list) == 1
                counts[element] = count_list[0]['count']
            cursor.close()
            return counts

        @dispatcher.add_method
        def get_asset_names():
            cursor = db.cursor()
            names = [row['asset'] for row in cursor.execute("SELECT DISTINCT asset FROM issuances WHERE status = 'valid' ORDER BY asset ASC")]
            cursor.close()
            return names

        @dispatcher.add_method
        def get_holder_count(asset):
            holders = util.holders(db, asset)
            addresses = []
            for holder in holders:
                addresses.append(holder['address'])
            return { asset: len(set(addresses)) }

        def _set_cors_headers(response):
            if config.RPC_ALLOW_CORS:
                response.headers['Access-Control-Allow-Origin'] = '*'
                response.headers['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'
                response.headers['Access-Control-Allow-Headers'] = 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
    
        @app.route('/', methods=["OPTIONS",])
        @app.route('/api/', methods=["OPTIONS",])
        def handle_options():
            response = flask.Response('', 204)
            _set_cors_headers(response)
            return response

        @app.route('/', methods=["POST",])
        @app.route('/api/', methods=["POST",])
        @auth.login_required
        def handle_post():
            try:
                request_json = flask.request.get_data().decode('utf-8')
                request_data = json.loads(request_json)
                assert 'id' in request_data and request_data['jsonrpc'] == "2.0" and request_data['method']
                # params may be omitted 
            except:
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(data="Invalid JSON-RPC 2.0 request format")
                return flask.Response(obj_error.json.encode(), 200, mimetype='application/json')
            
            #only arguments passed as a dict are supported
            if request_data.get('params', None) and not isinstance(request_data['params'], dict):
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(
                    data='Arguments must be passed as a JSON object (list of unnamed arguments not supported)')
                return flask.Response(obj_error.json.encode(), 200, mimetype='application/json')
            
            #return an error if API fails checks
            if not config.FORCE and current_api_status_code:
                return flask.Response(current_api_status_response_json, 200, mimetype='application/json')

            jsonrpc_response = jsonrpc.JSONRPCResponseManager.handle(request_json, dispatcher)
            response = flask.Response(jsonrpc_response.json.encode(), 200, mimetype='application/json')
            _set_cors_headers(response)
            return response

        init_api_access_log()

        http_server = HTTPServer(WSGIContainer(app), xheaders=True)
        try:
            http_server.listen(config.RPC_PORT, address=config.RPC_HOST)
            self.is_ready = True
            IOLoop.instance().start()        
        except OSError:
            raise Exception("Cannot start the API subsystem. Is {} already running, or is something else listening on port {}?".format(config.XPT_CLIENT, config.RPC_PORT))
Ejemplo n.º 16
0
from models import Base, User, Bagel
from flask import Flask, jsonify, request, url_for, abort, g
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import relationship, sessionmaker
from sqlalchemy import create_engine
from flask.ext.httpauth import HTTPBasicAuth
import pdb
authb = HTTPBasicAuth()

engine = create_engine('sqlite:///bagelShop.db')

Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
session = DBSession()
app = Flask(__name__)


#ADD @auth.verify_password here
@authb.verify_password
def verify_password(username, password):
    print("Looking for user {0} with password {1}".format(username, password))
    user = session.query(User).filter_by(username=username).first()

    if not user or not user.verify_password(password):
        return False

    g.user = user
    return True


#ADD a /users route here
Ejemplo n.º 17
0
from pymongo import MongoClient
from pylab import *
from matplotlib import pyplot as plt
from matplotlib import mlab

ELECTRODES = [
    'AF3', 'AF4', 'AF7', 'AF8', 'AFz', 'C1', 'C2', 'C3', 'C4', 'C5', 'C6',
    'CP1', 'CP2', 'CP3', 'CP4', 'CP5', 'CP6', 'CPz', 'Cz', 'F1', 'F2', 'F3',
    'F4', 'F5', 'F6', 'F7', 'F8', 'FC1', 'FC2', 'FC3', 'FC4', 'FC5', 'FC6',
    'FCz', 'FP1', 'FP2', 'Fpz', 'FT7', 'FT8', 'Fz', 'Iz', 'Nz', 'P1', 'P2',
    'P3', 'P4', 'P5', 'P6', 'P7', 'P8', 'PO3', 'PO4', 'PO7', 'PO8', 'POz',
    'Pz', 'O1', 'O2', 'Oz', 'T7', 'T8', 'T9', 'T10', 'TP7', 'TP8', 'TP9',
    'TP10'
]

auth = HTTPBasicAuth()

client = MongoClient()
db = client.testeegdb
recordings_collection = db.recordings
users_collection = db.users

UPLOAD_FOLDER = 'uploaded_recordings'
ALLOWED_EXTENSIONS = set(['bz2'])
app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
app.config['MAX_CONTENT_LENGTH'] = 20 * 1024 * 1024

rec1 = {
    'timestamp': [1428262635, 1428262636, 1428262637, 1428262638, 1428262639],
    'device': 'emotiv',
Ejemplo n.º 18
0
from homerun.app import app, db
import homerun.models as m
import flask
from flask.ext.httpauth import HTTPBasicAuth
from flask.ext.restless import APIManager
import md5

auth = HTTPBasicAuth()


@auth.get_password
def get_pw(username):
    user = db.session.query(m.User).filter_by(username=username).first()
    return user.password if user else None


def hash_password(password):
    return md5.md5(password).hexdigest()


auth.hash_password(hash_password)


@app.route("/")
@auth.login_required
def index():
    return app.send_static_file("index.html")


def person_created(result, **kwargs):
    default_docs = ["NDA", "Option Grant", "Offer Letter", "Computer Safety Checklist"]
Ejemplo n.º 19
0
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = "My Realm"
        basic_custom_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = "My Realm"
        
        @basic_auth.get_password
        def get_basic_password(username):
            if username == "john":
                return "hello"
            elif username == "susan":
                return "bye"
            else:
                return "other"

        @basic_auth_my_realm.get_password
        def get_basic_password(username):
            if username == "john":
                return "hello"
            elif username == "susan":
                return "bye"
            else:
                return "other"

        @basic_auth_my_realm.error_handler
        def basic_auth_my_realm_error():
            return "custom error"

        @basic_custom_auth.get_password
        def get_basic_custom_auth_get_password(username):
            if username == "john":
                return md5("hello").hexdigest()
            elif username == "susan":
                return md5("bye").hexdigest()
            else:
                return "other"

        @basic_custom_auth.hash_password
        def custom_authenticate(password):
            return md5(password).hexdigest()

        @digest_auth.get_password
        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
            else:
                return "other"
        
        @digest_auth_my_realm.get_password
        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
            else:
                return "other"
                
        @app.route('/')
        def index():
            return "index"
            
        @app.route('/basic')
        @basic_auth.login_required
        def basic_auth_route():
            return "basic_auth"
            
        @app.route('/basic-with-realm')
        @basic_auth_my_realm.login_required
        def basic_auth_my_realm_route():
            return "basic_auth_my_realm"

        @app.route('/basic-custom')
        @basic_custom_auth.login_required
        def basic_custom_auth_route():
            return "basic_custom_auth"

        @app.route('/digest')
        @digest_auth.login_required
        def digest_auth_route():
            return "digest_auth"
        
        @app.route('/digest-with-realm')
        @digest_auth_my_realm.login_required
        def digest_auth_my_realm_route():
            return "digest_auth_my_realm"

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
Ejemplo n.º 20
0
Use the following decorators to apply authentication to any route:

- `@password_auth.login_required` for password auth (only use to GET a token).
- `@token_auth.login_required` for token (for all other authenticated routes).

Copyright 2016 AURA/LSST.
Copyright 2014 Miguel Grinberg.
"""

from functools import wraps
from flask import jsonify, g, current_app
from flask.ext.httpauth import HTTPBasicAuth
from .models import User

# User+Password-based auth (only allowed for getting a token)
password_auth = HTTPBasicAuth()

# Token-based auth (used for all requests)
token_auth = HTTPBasicAuth()


@password_auth.verify_password
def verify_password(username, password):
    g.user = User.query.filter_by(username=username).first()
    if g.user is None:
        return False
    return g.user.verify_password(password)


@password_auth.error_handler
def unauthorized():
Ejemplo n.º 21
0
    def _run(self, payment_handler):
        app = flask.Flask(__name__)
        auth = HTTPBasicAuth()
        
        @dispatcher.add_method
        def is_ready(): 
            try: 
                payment_handler.checkBlockchainService() 
                payment_handler.checkPriceInfo() 
            except: return False 
            return True
            
        @dispatcher.add_method
        def create_order(amount, currency=config.DEFAULT_CURRENCY, item_number=None, order_id=None, gen_new = config.GEN_NEW, qr_code = False):
            ret = payment_handler.createOrder(amount, currency, item_number, order_id, gen_new)
            if ret.get('error'): 
                return ret
            ret.update({'qr_image': (qr.bitcoinqr(ret['receiving_address']) if qr_code else None)})
            return ret
            
        @dispatcher.add_method
        def check_order_status(order_id=None, special_digits=None, timestamp=None, payment_address=None):  
            return payment_handler.CheckPaymentsFor(order_id=order_id, special_digits=special_digits, payment_address=payment_address, timestamp=timestamp)
        
        @dispatcher.add_method
        def get_payments(bindings= (),): 
            return payment_handler.db.getPayments(bindings)
        @dispatcher.add_method
        def poll_payments(bindings = (),):
            return payment_handler.pollPayments(bindings)
        @dispatcher.add_method
        def get_invalids(bindings= (),): 
            return payment_handler.db.getInvalids(bindings)
        @dispatcher.add_method
        def get_orders(bindings= (),): 
            return payment_handler.db.getOrders(bindings)
        @dispatcher.add_method
        def get_address(bindings= (), ):
            return payment_handler.db.getAddresses(bindings)
        @dispatcher.add_method
        def get_unfilled_orders(timestamp=config.ORDER_LIFE): 
            statement = "select * from orders where filled = 0 and timestamp > %s" %(time.time() - config.ORDER_LIFE)
            return payment_handler.db.rquery(statement)
        @dispatcher.add_method
        def get_filled_orders(timestamp=config.ORDER_LIFE): 
            statement = "select * from orders where filled != 0 and timestamp > %s" %(time.time() - config.ORDER_LIFE)
            return payment_handler.db.rquery(statement)
        @dispatcher.add_method
        def query(statement, bindings=()):
            return payment_handler.db.rquery(statement, bindings)

        @auth.get_password
        def get_pw(username):
            if username == config.RPC_USER:
                return config.RPC_PASSWORD
            return None
        @app.route('/', methods = ["POST",])
        @app.route('/api', methods = ["POST",])
        def handle_post():
            # Dispatcher is a dictionary {<method_name>: callable}
            try:
                request_json = flask.request.get_data().decode('utf-8')
                request_data = json.loads(request_json)
                assert('id' in request_data and request_data['jsonrpc'] == "2.0" and request_data['method'])
            except:
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(data="Invalid JSON-RPC 2.0 request format")
                return flask.Response(obj_error.json.encode(), 200, mimetype='application/json')
            jsonrpc_response = jsonrpc.JSONRPCResponseManager.handle(request_json, dispatcher)
            response = flask.Response(jsonrpc_response.json.encode(), 200, mimetype='application/json')
            return response

        if config.AUTH_REQUIRED: 
            auth.login_required(handle_post) 
        d = wsgiserver.WSGIPathInfoDispatcher({'/': app.wsgi_app})
        self.server = wsgiserver.CherryPyWSGIServer((config.RPC_HOST, config.RPC_PORT), d) 
        logging.info("API Started on %s" %(  config.RPC_HOST + ':' +  str(config.RPC_PORT)))
        self.server.start()
Ejemplo n.º 22
0
    def _run(self, payment_handler):
        app = flask.Flask(__name__)
        auth = HTTPBasicAuth()

        @dispatcher.add_method
        def is_ready():
            try:
                payment_handler.checkBlockchainService()
                payment_handler.checkPriceInfo()
            except:
                return False
            return True

        @dispatcher.add_method
        def create_order(amount,
                         currency=config.DEFAULT_CURRENCY,
                         item_number=None,
                         order_id=None,
                         gen_new=None,
                         qr_code=False):
            if gen_new is None:
                gen_new = config.GEN_NEW
            ret = payment_handler.createOrder(amount, currency, item_number,
                                              order_id, gen_new)
            if ret.get('error'):
                return ret
            ret.update({
                'qr_image':
                (qr.bitcoinqr(ret['receiving_address']) if qr_code else None)
            })
            return ret

        # @dispatcher.add_method
        # def check_order_status(order_id=None, special_digits=None, timestamp=None, payment_address=None):
        #     return payment_handler.CheckPaymentsFor(order_id=order_id, special_digits=special_digits, payment_address=payment_address, timestamp=timestamp)

        @dispatcher.add_method
        def get_payments(bindings={}):
            return payment_handler.db.getPayments(bindings)

        @dispatcher.add_method
        def poll_payments(bindings={}):
            return payment_handler.pollPayments(bindings)

        @dispatcher.add_method
        def get_orders(bindings={}):
            return payment_handler.db.getOrders(bindings)

        @dispatcher.add_method
        def get_address(bindings={}):
            return payment_handler.db.getAddresses(bindings)

        @dispatcher.add_method
        def get_unfilled_orders(timestamp=None):
            statement = "select * from orders where filled = 0 and created_at > ?"
            return payment_handler.db.rquery(statement, (timestamp or 0, ))

        @dispatcher.add_method
        def get_filled_orders(timestamp=None):
            statement = "select * from orders where filled != 0 and created_at > ?"
            return payment_handler.db.rquery(statement, (timestamp or 0, ))

        @dispatcher.add_method
        def query(statement, bindings=()):
            return payment_handler.db.rquery(statement, bindings)

        @auth.get_password
        def get_pw(username):
            if username == config.RPC_USER:
                return config.RPC_PASSWORD
            return None

        @app.route('/', methods=[
            "POST",
        ])
        @app.route('/api', methods=[
            "POST",
        ])
        def handle_post():
            # Dispatcher is a dictionary {<method_name>: callable}
            try:
                request_json = flask.request.get_data().decode('utf-8')
                request_data = json.loads(request_json)
                assert ('id' in request_data
                        and request_data['jsonrpc'] == "2.0"
                        and request_data['method'])
            except:
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(
                    data="Invalid JSON-RPC 2.0 request format")
                return flask.Response(obj_error.json.encode(),
                                      200,
                                      mimetype='application/json')
            jsonrpc_response = jsonrpc.JSONRPCResponseManager.handle(
                request_json, dispatcher)
            response = flask.Response(jsonrpc_response.json.encode(),
                                      200,
                                      mimetype='application/json')
            return response

        if config.AUTH_REQUIRED:
            auth.login_required(handle_post)
        d = wsgiserver.WSGIPathInfoDispatcher({'/': app.wsgi_app})
        self.server = wsgiserver.CherryPyWSGIServer(
            (config.RPC_HOST, config.RPC_PORT), d)
        logging.info("API Started on %s" %
                     (config.RPC_HOST + ':' + str(config.RPC_PORT)))
        self.server.start()