Ejemplo n.º 1
0
def init():
    global security

    app.config['SECURITY_CONFIRMABLE'] = not app.config['MAIL_SUPPRESS_SEND']
    app.config['SECURITY_CHANGEABLE'] = True
    app.config['SECURITY_SEND_PASSWORD_CHANGE_EMAIL'] = not app.config['MAIL_SUPPRESS_SEND']
    app.config['SECURITY_POST_CHANGE_VIEW'] = "profile.html"
    app.config['SECURITY_PASSWORD_HASH'] = "bcrypt"
    app.config['SECURITY_MSG_CONFIRMATION_REQUIRED'] = (
            flask.Markup('Email requires confirmation. <a href="/confirm">Resend confirmation instructions</a>.'),
            'error')
    # This comes from config: app.config['SECURITY_REGISTERABLE']

    # Update all salts with SECRET_KEY if they are not set
    secret_key = app.config['SECRET_KEY']
    for salt in ('SECURITY_PASSWORD_SALT', 'SECURITY_CONFIRM_SALT',
            'SECURITY_RESET_SALT', 'SECURITY_LOGIN_SALT',
            'SECURITY_REMEMBER_SALT'):
        app.config[salt] = app.config.get(salt, secret_key)

    app.config['SECURITY_EMAIL_SENDER'] = app.config['MAIL_DEFAULT_SENDER']

    app.config['SECURITY_POST_LOGIN_VIEW'] = "/"

    security = flask_security.Security(app, CustomUserDatastore(),
            login_form=CustomLoginForm,
            register_form=CustomRegisterForm,
            confirm_register_form=CustomRegisterForm)

    security.send_mail_task(send_security_mail)

    if app.config['SECURITY_CONFIRMABLE'] and app.config['NEW_USER_NOTIFICATION']:
        flask_security.signals.user_confirmed.connect(new_user_notification, app)
Ejemplo n.º 2
0
def security_app(app, db):
    sqlalchemy_datastore = flask_security.SQLAlchemyUserDatastore(
        db, db.User, db.Role)

    app.security = flask_security.Security(app, datastore=sqlalchemy_datastore)
    yield app
    app.security = None
    app.blueprints.pop('security')
Ejemplo n.º 3
0
def get_security(app: flask.Flask) -> flask_security.Security:
    global security
    if "security" not in globals():
        app.config["SECRET_KEY"] = os.getenv("SECRET_KEY")
        app.config["SECURITY_PASSWORD_SALT"] = os.getenv(
            "SECURITY_PASSWORD_SALT")

        app.config["SECURITY_REGISTERABLE"] = True
        app.config["SECURITY_SEND_REGISTER_EMAIL"] = False
        app.config["SECURITY_USER_IDENTITY_ATTRIBUTES"] = [{
            "Name": {
                "mapper": lambda x: bleach.clean(x, strip=True)
            }
        }]

        user_datastore = get_user_datastore()
        security = flask_security.Security(
            app,
            user_datastore,
            login_form=ExtendedLoginForm,
            register_form=ExtendedRegisterForm,
        )
    return security
Ejemplo n.º 4
0
            return False

        user_name = User.query.filter_by(username=self.username.data).first()
        if user_name is not None:
            self.username.errors.append('An account with this username already exists.')
            return False

        return validation


# Set the app configuration for Flask-Security
app_object.flask_app.config["SECURITY_USER_IDENTITY_ATTRIBUTES"] = "username"
app_object.flask_app.config["SECURITY_REGISTERABLE"] = True
app_object.flask_app.config["SECURITY_TRACKABLE"] = True
app_object.flask_app.config["SECURITY_CHANGEABLE"] = True
app_object.flask_app.config["SECURITY_PASSWORD_HASH"] = "sha512_crypt"
app_object.flask_app.config["SECURITY_PASSWORD_SALT"] = "salt"
app_object.flask_app.config["SECURITY_SEND_REGISTER_EMAIL"] = False
app_object.flask_app.config["SECURITY_SEND_PASSWORD_CHANGE_EMAIL"] = False
app_object.flask_app.config["SECURITY_SEND_PASSWORD_RESET_EMAIL"] = False
app_object.flask_app.config["SECURITY_SEND_PASSWORD_RESET_NOTICE_EMAIL"] = False

# Set the datastore for Flask-Security
user_datastore = flask_security.SQLAlchemyUserDatastore(db, User, Role)
# Actually declare the security object, but do not register it to the app yet
security = flask_security.Security(datastore=user_datastore, login_form=CustomLoginForm,
                                   register_form=CustomRegisterForm)

def init_app(app, **kwargs):
    security.init_app(app, user_datastore, login_form=CustomLoginForm, register_form=CustomRegisterForm, **kwargs)
Ejemplo n.º 5
0
# -*- coding: utf-8 -*-
"""Extensions for BEL Commons."""

import flasgger
import flask_bootstrap
import flask_mail
import flask_security

from bel_commons.core import FlaskBio2BEL, PyBELSQLAlchemy

__all__ = [
    'bootstrap',
    'mail',
    'security',
    'swagger',
    'bio2bel',
    'db',
]

bootstrap = flask_bootstrap.Bootstrap()

mail = flask_mail.Mail()

security = flask_security.Security()

swagger = flasgger.Swagger()

bio2bel = FlaskBio2BEL()

db = PyBELSQLAlchemy()
Ejemplo n.º 6
0
    def __repr__(self):
        return '<SurveyResponse {}>'.format(self.tx_id)

    def to_dict(self):
        return {c.name: getattr(self, c.name) for c in self.__table__.columns}


class LoginFormExtended(flask_security.forms.LoginForm):
    # Overriding LoginForm to remove remember me button
    remember = HiddenField('')


user_datastore = SQLAlchemySessionUserDatastore(db.session, FlaskUser, Role)
security = flask_security.Security(app,
                                   user_datastore,
                                   login_form=LoginFormExtended)

admin = Admin(app, template_mode='bootstrap3')
admin.add_view(UserAdmin(FlaskUser, db.session))
admin.add_view(RoleAdmin(Role, db.session))


def create_initial_users():
    logger.info("Creating initial roles and users")
    try:
        user_datastore.find_or_create_role(name='Admin',
                                           description='Edit Roles/Users')
        db.session.commit()

        user_datastore.find_or_create_role(
Ejemplo n.º 7
0
app.config.from_object(flask_config)

admin = flask_admin.Admin(app, 'Admin')


@app.teardown_request
def shutdown_session(exception=None):
    db.session.remove()


from fa_test.app.users import models as users_models
from fa_test.app.users import admin as users_admin
from fa_test.app.users import login as users_login
from fa_test.app.users import views as users_views

security = flask_security.Security(app, users_login.datastore)

admin.add_view(users_admin.SAUserAdmin(db.session))


@app.route('/')
def index():
    u = flask_security.current_user
    return "u is: %s" % flask.escape(str(u))


@app.route('/logout')
def logout():
    flask_security.logout_user()
    return redirect(url_for('/'))