def init_login():
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
return db.session.query(User).get(user_id)
def create_app(config_filename=None):
app = Flask(__name__)
app.config.from_pyfile(config_filename or 'config.py')
if 'CERTIFICATOR_SETTINGS' in os.environ:
# Only try to load a config from it if set.
app.config.from_envvar('CERTIFICATOR_SETTINGS')
from .db import get_user_by_id, get_user
login_manager = LoginManager()
login_manager.user_loader(get_user_by_id)
login_manager.init_app(app)
browser_id = BrowserID()
browser_id.user_loader(get_user)
browser_id.init_app(app)
Bootstrap(app)
from .db import db as sqla
sqla.init_app(app)
sqla.app = app
sqla.create_all()
import stripe
stripe.api_key = app.config['STRIPE_SECRET_KEY']
from .views import root, quiz, dashboard, certificate
app.register_blueprint(root)
app.register_blueprint(quiz)
app.register_blueprint(dashboard)
app.register_blueprint(certificate)
return app
def setup_login_manager(app):
""" setup_login_manager::flask.Flask->None
Creates a login manager object and attaches an application
object to it.
Also sets up the login view function to redirect to, and
the user_loader function.
"""
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'facebook.login'
login_manager.login_message_category = 'warning'
@login_manager.user_loader
def load_user(user_id):
try:
# we need a request context for a valid db connection
with current_app.test_request_context('/'):
db = g.db
user = db.session.query(User).filter(User.UUID == user_id).one()
return user
except NoResultFound as e:
current_app.logger.debug(e)
return None
def init_app():
app = Flask(__name__, static_url_path="/static")
env = Environment(loader=FileSystemLoader("templates/"))
app.config.from_object("FLASKCONFIG")
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(id):
return User(int(id))
app.register_blueprint(auth_blueprint, url_prefix="")
app.register_blueprint(api_blueprint, url_prefix="/api/")
@app.route("/t/<int:id>", methods=["GET"])
@app.route("/register", methods=["GET"])
@app.route("/login", methods=["GET"])
@app.route("/create", methods=["GET"])
@app.route("/", methods=["GET"])
def index(id=0):
return render_template("index.html")
return app
def initialise(self):
"""
The application needs initialisation to load the database
connection etc. In previous versions this was done with the
initialisation of the class in the __init__ method. This is
now separated into this function.
"""
#: Check if the secret key is defined, if not raise an
#: exception since it is required
assert self.secret_key, 'Secret Key is not defined in config'
#: Load the cache
self.load_cache()
#: Initialise the CSRF handling
self.csrf_protection = CsrfProtect()
self.csrf_protection.init_app(self)
self.view_functions['static'] = self.send_static_file
# Backend initialisation
self.load_backend()
#: Initialise the login handler
login_manager = LoginManager()
login_manager.user_loader(self._pool.get('nereid.user').load_user)
login_manager.header_loader(
self._pool.get('nereid.user').load_user_from_header
)
login_manager.token_loader(
self._pool.get('nereid.user').load_user_from_token
)
login_manager.unauthorized_handler(
self._pool.get('nereid.user').unauthorized_handler
)
login_manager.login_view = "nereid.website.login"
login_manager.anonymous_user = self._pool.get('nereid.user.anonymous')
login_manager.init_app(self)
self.login_manager = login_manager
# Monkey patch the url_for method from flask-login to use
# the nereid specific url_for
flask.ext.login.url_for = url_for
self.template_context_processors[None].append(
self.get_context_processors()
)
# Add the additional template context processors
self.template_context_processors[None].append(
nereid_default_template_ctx_processor
)
# Add template_filters registered using decorator
for name, function in self.get_template_filters():
self.jinja_env.filters[name] = function
# Finally set the initialised attribute
self.initialised = True
def init_login(app):
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
return User.objects(id=user_id).first()
def __initLoginManager(self):
login_manager = LoginManager()
login_manager.anonymous_user = SupportUser.Anonymous
login_manager.login_view = '/login'
login_manager.login_message = ''
login_manager.user_loader(loadUserByID)
login_manager.init_app(self)
class MethodViewLoginTestCase(unittest.TestCase):
def setUp(self):
self.app = Flask(__name__)
self.login_manager = LoginManager()
self.login_manager.init_app(self.app)
self.login_manager._login_disabled = False
class SecretEndpoint(MethodView):
decorators = [
login_required,
fresh_login_required,
]
def options(self):
return u''
def get(self):
return u''
self.app.add_url_rule('/secret',
view_func=SecretEndpoint.as_view('secret'))
def test_options_call_exempt(self):
with self.app.test_client() as c:
result = c.open('/secret', method='OPTIONS')
self.assertEqual(result.status_code, 200)
def create_app(config):
app = Flask(__name__, static_url_path='', static_folder=STATIC_PATH)
init_app_config(app, config)
init_logger(app)
app.url_map.strict_slashes = False
lm = LoginManager()
lm.unauthorized_handler(basic_unauthorized)
lm.init_app(app)
lm.user_loader(load_user)
lm.session_protection = "strong"
# this patch needs because chrome will ignore cookies when using ip.
app.session_interface.get_cookie_domain = lambda _app: None
flex = FlexRestManager(db_base=Base, db_session_callback=global_session)
flex.init_app(app)
register_blueprints(app, BLUEPRINTS)
@app.after_request
def after_request(response):
dbs = global_session(create=False)
dbs and dbs.close()
return response
@app.route('/favicon.ico')
def favicon():
return app.send_static_file('images/favicon.ico')
return app
class LoginInSessionTestCase(unittest.TestCase):
''' Tests for login_user_in_session function '''
def setUp(self):
self.app = Flask(__name__)
self.app.config['SECRET_KEY'] = 'deterministic'
self.login_manager = LoginManager()
self.login_manager.init_app(self.app)
unittest.TestCase.setUp(self)
def test_login_user_in_session(self):
with self.app.test_request_context():
session = {}
login_user_in_session(session, notch)
self.assertTrue('user_id' in session)
self.assertTrue('_fresh' in session)
self.assertTrue('_id' in session)
self.assertTrue('remember' not in session)
def test_login_user_in_session_remember(self):
with self.app.test_request_context():
session = {}
login_user_in_session(session, notch, remember=True)
self.assertTrue('user_id' in session)
self.assertTrue('_fresh' in session)
self.assertTrue('_id' in session)
self.assertTrue(session['remember'])
class AuthenticationModule(SystemModule):
def __init__(self, *args, **kwargs):
super(AuthenticationModule, self).__init__(*args, **kwargs)
self.login_manager = LoginManager()
self.login_manager.login_message_category = "warning"
self.login_manager.user_loader(self.load_user)
self.logged_in_menu = DropdownMenu()
self.login_text = mydomain.lazy_gettext('Login...')
self.logged_in_user_text = mydomain.lazy_gettext('User: '******'.' + view.__name__
return view
def register(self, app, *args, **kwargs):
super(AuthenticationModule, self).register(app, *args, **kwargs)
self.login_manager.init_app(app)
def login_url(self):
return login_url(self.login_manager.login_view,
request.url)
def logged_in_text(self):
return self.logged_in_user_text + ' ' + self.get_current_user_name()
def get_current_user_name(self):
return current_user.get_name()
def user_menu(self, text, group='', values={}):
def wrap(view):
name = self.name + '.' + view.__name__
entry = self.menu_entry_for_view(view, text, values=values)
self.logged_in_menu.add_entry(name, entry, group)
return view
return wrap
def get_anonymous_system_menu(self):
return MenuItem(text=self.login_text,
url=self.login_url())
def get_system_menu_item(self):
if current_user.is_anonymous():
return self.get_anonymous_system_menu()
else:
return MenuItem(text=self.logged_in_text(),
items=self.logged_in_menu.build_real_menu())
def handle_forbidden_endpoint(self):
if current_user.is_anonymous():
return self.login_manager.unauthorized()
else:
return self.forbidden()
def forbidden(self):
return abort(403)
def register_login(app): login_manager = LoginManager() login_manager.login_view = 'account.login' login_manager.init_app(app) @login_manager.user_loader def load_user(user_id): return Account.query.get(user_id)
def _get_login_manager(app):
lm = LoginManager()
lm.anonymous_user = AnonymousUser
lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app)
lm.user_loader(_user_loader)
lm.token_loader(_token_loader)
lm.init_app(app)
return lm
def configure_identity(app):
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "account.login"
@login_manager.user_loader
def load_user(userid):
return User.get_by_id(int(userid))
def init_login(app):
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
from app.models import User
return User.query.filter_by(id=user_id).first()
def init_login():
login_manager = LoginManager()
login_manager.init_app(app)
# Create user loader function
@login_manager.user_loader
def load_user(user_id):
from models import User
return db.session.query(User).filter(User.id == user_id).first()
def configure_login_manager(app):
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(userid):
return User.query.get(userid)
login_manager.login_view = "frontend.signin"
def init_login(app):
login_manager = LoginManager()
login_manager.session_protection = "strong"
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
return db.session.query(User).get(user_id)
def init_login(app):
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(userid):
return User()
return login_manager
def get_login_manager(app):
lm = LoginManager(app)
lm.session_protection = 'strong'
lm.anonymous_user = AnonymousUser
lm.login_view = '/login'
lm.user_loader(load_user)
lm.token_loader(load_token)
lm.init_app(app)
return lm
def init_login(app):
login_manager = LoginManager()
login_manager.login_view = 'bp.login'
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
from models import User
return User.query.get(int(user_id))
def init_login(app):
login_manager = LoginManager()
login_manager.init_app(app)
# Create user loader function
@login_manager.user_loader
def load_user(user_id):
from app.core.models import User
return db.session.query(User).get(user_id)
def setup_login(app):
from models import User
login_manager = LoginManager()
login_manager.login_view = 'Common.login'
login_manager.init_app(app)
@login_manager.user_loader
def load_user(userid):
return User.query.get(userid)
def init_login():
login_manager = LoginManager()
login_manager.login_view = "/login/"
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
from lightningwolf_smp.models import User
return db.session.query(User).get(user_id)
def configure_extensions(app):
from flask.ext.login import LoginManager
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(userid):
from webapp.api import User
return User(userid)
def test_static_loads_anonymous(self):
app = Flask(__name__)
app.static_url_path = '/static'
lm = LoginManager()
lm.init_app(app)
with app.test_client() as c:
c.get('/static/favicon.ico')
self.assertTrue(current_user.is_anonymous())
def init_login():
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'login'
# Create user loader function
@login_manager.user_loader
def load_user(user_id):
return db.session.query(User).get(user_id)
def init_login():
from . import models
from .apis import wraps
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
return wraps(models.User.query.get(user_id))
login_manager.login_view = 'user.login'
def _get_login_manager(app):
lm = LoginManager()
lm.anonymous_user = AnonymousUser
lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app)
lm.user_loader(_user_loader)
lm.token_loader(_token_loader)
lm.login_message, lm.login_message_category = cv('MSG_LOGIN', app=app)
lm.needs_refresh_message, lm.needs_refresh_message_category = cv('MSG_REFRESH', app=app)
lm.init_app(app)
return lm
def test_static_loads_anonymous(self):
app = Flask(__name__)
app.static_url_path = "/static"
app.secret_key = "this is a temp key"
lm = LoginManager()
lm.init_app(app)
with app.test_client() as c:
c.get("/static/favicon.ico")
self.assertTrue(current_user.is_anonymous())
def config_web(args):
from flask import Flask, request, json
from flask.ext.login import LoginManager
from flask.ext.oauth import (
OAuth, OAuthRemoteApp, OAuthException, get_etree
)
from werkzeug import url_decode, parse_options_header
import flask.ext.oauth as nasty_patch_to_oauth
global app
app = Flask('wikimetrics')
# note absolute_path does not change on the life of the application
app.absolute_path_to_app_root = get_absolute_path()
# TODO do we need this config to be created like an object instead of a dictionary?
web_config = create_object_from_text_config_file(args.web_config)
# if args.override_config:
# override_config = create_object_from_text_config_file(args.override_config)
# TODO override one obj with other, can we use dict?
app.config.from_object(web_config)
version, latest = get_wikimetrics_version()
app.config['WIKIMETRICS_LATEST'] = latest
app.config['WIKIMETRICS_VERSION'] = version
# configure logging
if not app.config['DEBUG']:
import logging
import sys
app.logger.addHandler(logging.StreamHandler(stream=sys.stderr))
global login_manager
login_manager = LoginManager()
login_manager.init_app(app)
# TODO, this does not need to be a
# global, could be stored in flask application context
global google
oauth = OAuth()
google = oauth.remote_app(
'google',
base_url=app.config['GOOGLE_BASE_URL'],
authorize_url=app.config['GOOGLE_AUTH_URI'],
request_token_url=None,
request_token_params={
'scope': app.config['GOOGLE_AUTH_SCOPE'],
'response_type': 'code',
},
access_token_url=app.config['GOOGLE_TOKEN_URI'],
access_token_method='POST',
access_token_params={
'grant_type':
'authorization_code'
},
consumer_key=app.config['GOOGLE_CLIENT_ID'],
consumer_secret=app.config['GOOGLE_CLIENT_SECRET'],
)
global mw_oauth_token
mw_oauth_token = ConsumerToken(
app.config['META_MW_CONSUMER_KEY'],
app.config['META_MW_CLIENT_SECRET'],
)
def test_init_app(self):
login_manager = LoginManager()
login_manager.init_app(self.app, add_context_processor=True)
self.assertIsInstance(login_manager, LoginManager)
def create_app():
app = flask.Flask(__name__)
app.debug = True
# Configurations set above in the ConfigClass ...
app.config.from_object(__name__ + '.ConfigClass')
#app.logger.debug(ssl.PROTOCOL_TLSv1)
# Initialize Flask extensions
db = SQLAlchemy(app) # Initialize Flask-SQLAlchemy
mail = Mail(app) # Initialize Flask-Mail ...
bcrypt = Bcrypt(app) # Inifialize Bcrypt ...
# Define the User data model. Make sure to add flask.ext.user UserMixin !!!
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
password = db.Column(db.String(255), nullable=False, server_default='')
#reset_password_token = db.Column(db.String(100), nullable=False, server_default='')
authenticate = db.Column(db.Boolean)
email = db.Column(db.String(255), nullable=False, unique=True)
confirmed_at = db.Column(db.DateTime())
is_enabled = db.Column(db.Boolean(), nullable=False, default=False)
active = db.Column('is_active',
db.Boolean(),
nullable=False,
server_default='0')
registered_on = db.Column('registered_on', db.DateTime)
chrome_hash = db.Column(db.String(500))
secure_token = db.Column(db.String(500))
def hash_password(self, password):
self.password = bcrypt.generate_password_hash(password)
def verify_password(self, password):
return bcrypt.check_password_hash(self.password, password)
def activate(self):
self.authenticate = True
def is_authenticated(self):
return True
def is_active(self):
return True
def is_anonymous(self):
return False
def get_id(self):
return unicode(self.id)
def set_chrome_hash(self):
self.chrome_hash = str(hashlib.sha224(self.email).hexdigest())
def set_secure_token(self):
secure_token = make_secure_token(self.email)
class Path(db.Model):
__tablename__ = 'paths'
id = db.Column(db.Integer, primary_key=True)
path = db.Column(db.String(50), nullable=False, unique=True)
url = db.Column(db.String(250), nullable=False)
creator_id = db.Column(db.Integer, nullable=True)
clicks = db.Column(db.Integer, default=0)
note = db.Column(db.String(300), default="No note.")
timestamp = db.Column(db.DateTime)
### INITIALIZE THE DB, USER MODEL, LOGIN MANAGER, ETC. ... ###
db.create_all() # Create all database tables if they don't exist ...
db_adapter = SQLAlchemyAdapter(db, User) # Register the User model
user_manager = UserManager(db_adapter, app) # Initialize Flask-User
login_manager = LoginManager() # Initialize the Login manager? ...
login_manager.init_app(
app) # this needs a secret key, set above in the Config class
@login_manager.user_loader
def load_user(id):
return User.query.get(int(id))
######################################################################
# #
# CONFIRMATION EMAILS #
# #
######################################################################
def get_serializer(secret_key=None):
app.logger.debug("in get_serializer")
if secret_key is None:
secret_key = app.secret_key
return URLSafeSerializer(secret_key)
@app.route('/users/activate/<payload>')
def activate_user(payload):
app.logger.debug("in activate_user")
s = get_serializer()
try:
user_id = s.loads(payload)
except BadSignature:
abort(404)
user = User.query.get_or_404(user_id)
user.authenticate = True
db.session.commit()
flash('User activated')
return flask.redirect(home_url)
def get_activation_link(user):
app.logger.debug("in get_activation_link")
s = get_serializer()
payload = s.dumps(user.id)
return url_for('activate_user', payload=payload)
def send_confirmation_email(user):
link = get_activation_link(user)
msg = Message("Hello", sender="*****@*****.**")
msg.add_recipient(user.email)
msg.body = "people.ischool.berkeley.edu/~brian.carlo/server" + link
mail.send(msg)
######################################################################
# #
# REGISTRATION AND LOGIN #
# #
######################################################################
@app.route('/login.html', methods=["GET", "POST"])
def login():
if request.method == 'GET':
return render_template('login.html')
email = request.form['email']
password = request.form['password']
registered_user = User.query.filter_by(email=email).first()
if registered_user.verify_password(password):
login_user(registered_user)
flash('Logged in successfully')
return flask.redirect(dashboard_url)
else:
flash('Username or Password is invalid', 'error')
return render_template('login.html')
@app.route('/register.html', methods=['GET', 'POST'])
def register():
if request.method == 'GET':
return render_template('register.html')
try:
user = User(email=request.form['email'])
user.hash_password(request.form['password'])
db.session.add(user)
db.session.commit()
registered_user = User.query.filter_by(email=user.email).first()
send_confirmation_email(registered_user)
registered_user.set_chrome_hash()
app.logger.debug(registered_user.chrome_hash)
db.session.commit()
response = make_response(flask.redirect(home_url))
response.set_cookie('chrome_id',
value=registered_user.chrome_hash,
max_age=2592000)
return response
except:
flash(
"That e-mail address is already Nerping for real. Maybe Nerp a different e-mail?"
)
return render_template('register.html')
######################################################################
# #
# POSTING PATHS! #
# #
######################################################################
@app.before_request
def validate(): # runs before any app.route()
""" Helper validates URLs and handles errors for CHROME_PUT(), SHORTS_PUT(). """
if request.path == '/shorts': # if the server request is to '/shorts' ...
shortpath = str(
request.form.get('shortpath')).strip() # grab the shortpath
if shortpath == "":
pass # if there's no path, no worries
else:
if Path.query.filter_by(path=shortpath).first():
app.logger.debug("made it here")
flash("already taken!")
inputURL = str(
request.form.get('url')).lower().strip() # grab the URL
if inputURL == None or inputURL == "": # if it's not there ...
abort(412) # throw the 412
def insert_path_for_user_or_not(path, inputURL):
""" HELPER FOR CHROME_PUT(), SHORTS_PUT() """
try:
new_path = Path(path=path,
url=inputURL,
creator_id=current_user.id,
timestamp=datetime.utcnow())
app.logger.debug("UID!")
except:
app.logger.debug("NOID!")
new_path = Path(path=path,
url=inputURL,
creator_id=None,
timestamp=datetime.utcnow())
db.session.add(new_path)
db.session.commit()
def make_random_path():
""" HELPER FOR CHROME_PUT(), SHORTS_PUT() """
myPath = ""
for i in range(7):
myPath = myPath + chr(random.choice(possible))
return myPath
def format_url(inputURL):
""" HELPER FOR CHROME_PUT(), SHORTS_PUT() """
parsed = urlparse(inputURL)
if parsed.scheme == "":
inputURL = "http://" + inputURL
h = httplib2.Http()
try:
response = h.request(inputURL, 'HEAD')
inputURL = response[0]['content-location']
return inputURL
except:
return False
def insert_note(path):
added_path = Path.query.filter_by(path=path).first()
added_path.note = str(request.form.get('note', ''))
@app.route('/chrome', methods=['PUT', 'POST'])
def chrome_put():
if 'chrome_id' not in request.cookies:
user_id = 0
else:
chrome_hash = request.cookies.get('chrome_id')
user = User.query.filter_by(chrome_hash=chrome_hash).first()
user_id = user.id
inputURL = str(request.form.get('url', '')).lower()
inputURL = format_url(inputURL)
if not inputURL:
response = make_response("Broken URL. Try another")
return response
shortpath = str(request.form.get('shortpath', ''))
if not shortpath:
myPath = make_random_path()
while Path.query.filter_by(path=myPath).first():
myPath = make_random_path()
insert_path_for_user_or_not(myPath, inputURL)
insert_note(myPath)
else:
insert_path_for_user_or_not(shortpath, inputURL)
insert_note(shortpath)
return flask.redirect(
'http://people.ischool.berkeley.edu/~brian.carlo/server/chrome.html'
)
@app.route('/shorts', methods=['PUT', 'POST'])
def shorts_put():
try:
inputURL = str(request.form.get('url', '')).lower()
inputURL = format_url(inputURL)
if not inputURL:
response = make_response("Broken URL. Try another")
return response
shortpath = str(request.form.get('shortpath', ''))
app.logger.debug(inputURL + "," + shortpath)
if not shortpath:
myPath = make_random_path()
while Path.query.filter_by(path=myPath).first():
myPath = make_random_path()
insert_path_for_user_or_not(myPath, inputURL)
path = myPath
else:
insert_path_for_user_or_not(shortpath, inputURL)
path = shortpath
try:
if current_user.id:
return flask.redirect(dashboard_url)
except:
flash("nerp.me/" + path)
return render_template('promo.html')
except:
abort(405)
@app.route('/delete', methods=['POST', 'PUT'])
@login_required
def delete_nerp():
nerp_id = str(request.form.get('nerp_id',
'')) # REMEMBER TO CHANGE "NERP-ID"
death_row_nerp = Path.query.filter_by(id=nerp_id).first()
db.session.delete(death_row_nerp)
db.session.commit()
######################################################################
# #
# GET METHODS! #
# #
######################################################################
@app.route('/shorts/<shortpath>', methods=['GET'])
def shorts_shortpath(shortpath):
try:
path = Path.query.filter_by(path=shortpath).first()
url = path.url
path.clicks = path.clicks + 1
db.session.commit()
return flask.redirect(url)
except:
abort(404)
@app.route('/chrome.html', methods=['GET'])
def chrome_dash():
return render_template('chrome.html')
@app.route('/home.html', methods=['GET'])
def root():
return render_template('promo.html')
@app.route('/dashboard.html', methods=['GET'])
@login_required
def dashboard():
items = Path.query.filter_by(creator_id=current_user.id).order_by(
Path.timestamp.desc()).all()
top_nerps = Path.query.order_by(Path.clicks.desc()).limit(10)
return render_template('dashboard.html',
items=items,
top_nerps=top_nerps)
@app.route('/logout', methods=['GET'])
def logout():
logout_user()
return flask.redirect(home_url)
######################################################################
# #
# ERROR HANDLERS! #
# #
######################################################################
@app.errorhandler(412)
def precondition_failed(e):
flash("put in a url, dumbass")
try:
if current_user.is_authenticated:
return flask.redirect(dashboard_url)
except:
return render_template('promo.html')
@app.errorhandler(404)
def page_not_found(e):
return render_template('404.html'), 404
@app.errorhandler(405)
def method_not_allowed(e):
return render_template('promo.html'), 405
@app.errorhandler(409)
def conflict(e):
return render_template(
'final_temp_3.html',
code=409,
message="Short path already exists. Please choose a different path."
), 409
return app
class App(Flask):
def __init__(self):
super(App, self).__init__(__name__)
self.config.from_object('entropealabs.config')
logging.info("SERVER_NAME: {}".format(self.config['SERVER_NAME']))
self.before_request(self.init_dbs)
try:
self.init_session()
self.init_login()
self.init_blueprints()
self.init_pjax()
self.init_templates()
except Exception as e:
logging.exception(e)
def load_user(self, id):
try:
logging.info("Loading User: {}".format(id))
a = Admin(id=id)
return a
except Exception as e:
logging.exception(e)
return None
def init_templates(self):
self.jinja_env.filters['slugify'] = slugify
def init_dbs(self):
g.ES = db.init_elasticsearch()
g.INFLUX = db.init_influxdb()
g.MONGO = db.init_mongodb()
humongolus.settings(logging, g.MONGO)
def init_session(self):
self.config['SESSION_MONGODB'] = db.init_mongodb()
self.config['SESSION_MONGODB_DB'] = "app_sessions"
self.config['SESSION_MONGODB_COLLECT'] = "sessions"
Session(self)
def init_login(self):
self.login_manager = LoginManager()
self.login_manager.init_app(self)
self.login_manager.user_callback = self.load_user
self.login_manager.login_view = "auth.login"
def user_logged_in(self):
logging.info(request.path)
if not current_user.is_authenticated():
return redirect(url_for("auth.login", next=request.path, _external=True))
def init_pjax(self):
PJAX(self)
def init_blueprints(self):
from controllers.dashboard import dashboard
from controllers.auth import auth
from controllers.auth.facebook import facebook
from controllers.auth.google import google
from controllers.healthcheck import hc
from controllers.homepage import homepage
dashboard.before_request(self.user_logged_in)
self.register_blueprint(dashboard)
self.register_blueprint(auth)
self.register_blueprint(facebook)
self.register_blueprint(google)
self.register_blueprint(hc)
self.register_blueprint(homepage)
class LoginTestCase(unittest.TestCase):
''' Tests for results of the login_user function '''
def setUp(self):
self.app = Flask(__name__)
self.app.config['SECRET_KEY'] = 'deterministic'
self.app.config['SESSION_PROTECTION'] = None
self.app.config['TESTING'] = True
self.remember_cookie_name = 'remember'
self.app.config['REMEMBER_COOKIE_NAME'] = self.remember_cookie_name
self.login_manager = LoginManager()
self.login_manager.init_app(self.app)
self.login_manager._login_disabled = False
@self.app.route('/')
def index():
return u'Welcome!'
@self.app.route('/secret')
def secret():
return self.login_manager.unauthorized()
@self.app.route('/login-notch')
def login_notch():
return unicode(login_user(notch))
@self.app.route('/login-notch-remember')
def login_notch_remember():
return unicode(login_user(notch, remember=True))
@self.app.route('/login-notch-permanent')
def login_notch_permanent():
session.permanent = True
return unicode(login_user(notch))
@self.app.route('/needs-refresh')
def needs_refresh():
return self.login_manager.needs_refresh()
@self.app.route('/confirm-login')
def _confirm_login():
confirm_login()
return u''
@self.app.route('/username')
def username():
if current_user.is_authenticated():
return current_user.name
return u'Anonymous'
@self.app.route('/is-fresh')
def is_fresh():
return unicode(login_fresh())
@self.app.route('/logout')
def logout():
return unicode(logout_user())
@self.login_manager.user_loader
def load_user(user_id):
return USERS[int(user_id)]
@self.login_manager.header_loader
def load_user_from_header(header_value):
if header_value.startswith('Basic '):
header_value = header_value.replace('Basic ', '', 1)
try:
user_id = base64.b64decode(header_value)
except TypeError:
pass
return USERS.get(int(user_id))
@self.login_manager.request_loader
def load_user_from_request(request):
user_id = request.args.get('user_id')
try:
user_id = int(float(user_id))
except TypeError:
pass
return USERS.get(user_id)
@self.app.route('/empty_session')
def empty_session():
return unicode(u'modified=%s' % session.modified)
# This will help us with the possibility of typoes in the tests. Now
# we shouldn't have to check each response to help us set up state
# (such as login pages) to make sure it worked: we will always
# get an exception raised (rather than return a 404 response)
@self.app.errorhandler(404)
def handle_404(e):
raise e
unittest.TestCase.setUp(self)
def _get_remember_cookie(self, test_client):
our_cookies = test_client.cookie_jar._cookies['localhost.local']['/']
return our_cookies[self.remember_cookie_name]
def _delete_session(self, c):
# Helper method to cause the session to be deleted
# as if the browser was closed. This will remove
# the session regardless of the permament flag
# on the session!
with c.session_transaction() as sess:
sess.clear()
#
# Login
#
def test_test_request_context_users_are_anonymous(self):
with self.app.test_request_context():
self.assertTrue(current_user.is_anonymous())
def test_defaults_anonymous(self):
with self.app.test_client() as c:
result = c.get('/username')
self.assertEqual(u'Anonymous', result.data.decode('utf-8'))
def test_login_user(self):
with self.app.test_request_context():
result = login_user(notch)
self.assertTrue(result)
self.assertEqual(current_user.name, u'Notch')
def test_login_user_emits_signal(self):
with self.app.test_request_context():
with listen_to(user_logged_in) as listener:
login_user(notch)
listener.assert_heard_one(self.app, user=notch)
def test_login_inactive_user(self):
with self.app.test_request_context():
result = login_user(creeper)
self.assertTrue(current_user.is_anonymous())
self.assertFalse(result)
def test_login_inactive_user_forced(self):
with self.app.test_request_context():
login_user(creeper, force=True)
self.assertEqual(current_user.name, u'Creeper')
def test_login_user_with_header(self):
user_id = 2
user_name = USERS[user_id].name
self.login_manager.request_callback = None
with self.app.test_client() as c:
basic_fmt = 'Basic {0}'
decoded = bytes.decode(base64.b64encode(str.encode(str(user_id))))
headers = [('Authorization', basic_fmt.format(decoded))]
result = c.get('/username', headers=headers)
self.assertEqual(user_name, result.data.decode('utf-8'))
def test_login_invalid_user_with_header(self):
user_id = 4
user_name = u'Anonymous'
self.login_manager.request_callback = None
with self.app.test_client() as c:
basic_fmt = 'Basic {0}'
decoded = bytes.decode(base64.b64encode(str.encode(str(user_id))))
headers = [('Authorization', basic_fmt.format(decoded))]
result = c.get('/username', headers=headers)
self.assertEqual(user_name, result.data.decode('utf-8'))
def test_login_user_with_request(self):
user_id = 2
user_name = USERS[user_id].name
with self.app.test_client() as c:
url = '/username?user_id={user_id}'.format(user_id=user_id)
result = c.get(url)
self.assertEqual(user_name, result.data.decode('utf-8'))
def test_login_invalid_user_with_request(self):
user_id = 4
user_name = u'Anonymous'
with self.app.test_client() as c:
url = '/username?user_id={user_id}'.format(user_id=user_id)
result = c.get(url)
self.assertEqual(user_name, result.data.decode('utf-8'))
#
# Logout
#
def test_logout_logs_out_current_user(self):
with self.app.test_request_context():
login_user(notch)
logout_user()
self.assertTrue(current_user.is_anonymous())
def test_logout_emits_signal(self):
with self.app.test_request_context():
login_user(notch)
with listen_to(user_logged_out) as listener:
logout_user()
listener.assert_heard_one(self.app, user=notch)
def test_logout_without_current_user(self):
with self.app.test_request_context():
login_user(notch)
del session['user_id']
with listen_to(user_logged_out) as listener:
logout_user()
listener.assert_heard_one(self.app, user=ANY)
#
# Unauthorized
#
def test_unauthorized_fires_unauthorized_signal(self):
with self.app.test_client() as c:
with listen_to(user_unauthorized) as listener:
c.get('/secret')
listener.assert_heard_one(self.app)
def test_unauthorized_flashes_message_with_login_view(self):
self.login_manager.login_view = '/login'
expected_message = self.login_manager.login_message = u'Log in!'
expected_category = self.login_manager.login_message_category = 'login'
with self.app.test_client() as c:
c.get('/secret')
msgs = get_flashed_messages(category_filter=[expected_category])
self.assertEqual([expected_message], msgs)
def test_unauthorized_flash_message_localized(self):
def _gettext(msg):
if msg == u'Log in!':
return u'Einloggen'
self.login_manager.login_view = '/login'
self.login_manager.localize_callback = _gettext
self.login_manager.login_message = u'Log in!'
expected_message = u'Einloggen'
expected_category = self.login_manager.login_message_category = 'login'
with self.app.test_client() as c:
c.get('/secret')
msgs = get_flashed_messages(category_filter=[expected_category])
self.assertEqual([expected_message], msgs)
self.login_manager.localize_callback = None
def test_unauthorized_uses_authorized_handler(self):
@self.login_manager.unauthorized_handler
def _callback():
return Response('This is secret!', 401)
with self.app.test_client() as c:
result = c.get('/secret')
self.assertEqual(result.status_code, 401)
self.assertEqual(u'This is secret!', result.data.decode('utf-8'))
def test_unauthorized_aborts_with_401(self):
with self.app.test_client() as c:
result = c.get('/secret')
self.assertEqual(result.status_code, 401)
def test_unauthorized_redirects_to_login_view(self):
self.login_manager.login_view = 'login'
@self.app.route('/login')
def login():
return 'Login Form Goes Here!'
with self.app.test_client() as c:
result = c.get('/secret')
self.assertEqual(result.status_code, 302)
self.assertEqual(result.location,
'http://localhost/login?next=%2Fsecret')
def test_unauthorized_uses_blueprint_login_view(self):
with self.app.app_context():
first = Blueprint('first', 'first')
second = Blueprint('second', 'second')
@self.app.route('/app_login')
def app_login():
return 'Login Form Goes Here!'
@self.app.route('/first_login')
def first_login():
return 'Login Form Goes Here!'
@self.app.route('/second_login')
def second_login():
return 'Login Form Goes Here!'
@self.app.route('/protected')
@login_required
def protected():
return u'Access Granted'
@first.route('/protected')
@login_required
def first_protected():
return u'Access Granted'
@second.route('/protected')
@login_required
def second_protected():
return u'Access Granted'
self.app.register_blueprint(first, url_prefix='/first')
self.app.register_blueprint(second, url_prefix='/second')
set_login_view('app_login')
set_login_view('first_login', blueprint=first)
set_login_view('second_login', blueprint=second)
with self.app.test_client() as c:
result = c.get('/protected')
self.assertEqual(result.status_code, 302)
expected = ('http://localhost/' 'app_login?next=%2Fprotected')
self.assertEqual(result.location, expected)
result = c.get('/first/protected')
self.assertEqual(result.status_code, 302)
expected = ('http://localhost/'
'first_login?next=%2Ffirst%2Fprotected')
self.assertEqual(result.location, expected)
result = c.get('/second/protected')
self.assertEqual(result.status_code, 302)
expected = ('http://localhost/'
'second_login?next=%2Fsecond%2Fprotected')
self.assertEqual(result.location, expected)
def test_set_login_view_without_blueprints(self):
with self.app.app_context():
@self.app.route('/app_login')
def app_login():
return 'Login Form Goes Here!'
@self.app.route('/protected')
@login_required
def protected():
return u'Access Granted'
set_login_view('app_login')
with self.app.test_client() as c:
result = c.get('/protected')
self.assertEqual(result.status_code, 302)
expected = 'http://localhost/app_login?next=%2Fprotected'
self.assertEqual(result.location, expected)
#
# Session Persistence/Freshness
#
def test_login_persists(self):
with self.app.test_client() as c:
c.get('/login-notch')
result = c.get('/username')
self.assertEqual(u'Notch', result.data.decode('utf-8'))
def test_logout_persists(self):
with self.app.test_client() as c:
c.get('/login-notch')
c.get('/logout')
result = c.get('/username')
self.assertEqual(result.data.decode('utf-8'), u'Anonymous')
def test_incorrect_id_logs_out(self):
# Ensure that any attempt to reload the user by the ID
# will seem as if the user is no longer valid
@self.login_manager.user_loader
def new_user_loader(user_id):
return
with self.app.test_client() as c:
# Successfully logs in
c.get('/login-notch')
result = c.get('/username')
self.assertEqual(u'Anonymous', result.data.decode('utf-8'))
def test_authentication_is_fresh(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
result = c.get('/is-fresh')
self.assertEqual(u'True', result.data.decode('utf-8'))
def test_remember_me(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
result = c.get('/username')
self.assertEqual(u'Notch', result.data.decode('utf-8'))
def test_remember_me_uses_custom_cookie_parameters(self):
name = self.app.config['REMEMBER_COOKIE_NAME'] = 'myname'
duration = self.app.config['REMEMBER_COOKIE_DURATION'] = \
timedelta(days=2)
domain = self.app.config['REMEMBER_COOKIE_DOMAIN'] = '.localhost.local'
with self.app.test_client() as c:
c.get('/login-notch-remember')
# TODO: Is there a better way to test this?
self.assertTrue(domain in c.cookie_jar._cookies,
'Custom domain not found as cookie domain')
domain_cookie = c.cookie_jar._cookies[domain]
self.assertTrue(name in domain_cookie['/'],
'Custom name not found as cookie name')
cookie = domain_cookie['/'][name]
expiration_date = datetime.fromtimestamp(cookie.expires)
expected_date = datetime.now() + duration
difference = expected_date - expiration_date
fail_msg = 'The expiration date {0} was far from the expected {1}'
fail_msg = fail_msg.format(expiration_date, expected_date)
self.assertLess(difference, timedelta(seconds=10), fail_msg)
self.assertGreater(difference, timedelta(seconds=-10), fail_msg)
def test_remember_me_is_unfresh(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
self.assertEqual(u'False', c.get('/is-fresh').data.decode('utf-8'))
def test_user_loaded_from_cookie_fired(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
with listen_to(user_loaded_from_cookie) as listener:
c.get('/username')
listener.assert_heard_one(self.app, user=notch)
def test_user_loaded_from_header_fired(self):
user_id = 1
user_name = USERS[user_id].name
self.login_manager.request_callback = None
with self.app.test_client() as c:
with listen_to(user_loaded_from_header) as listener:
headers = [(
'Authorization',
'Basic %s' %
(bytes.decode(base64.b64encode(str.encode(str(user_id))))),
)]
result = c.get('/username', headers=headers)
self.assertEqual(user_name, result.data.decode('utf-8'))
listener.assert_heard_one(self.app, user=USERS[user_id])
def test_user_loaded_from_request_fired(self):
user_id = 1
user_name = USERS[user_id].name
with self.app.test_client() as c:
with listen_to(user_loaded_from_request) as listener:
url = '/username?user_id={user_id}'.format(user_id=user_id)
result = c.get(url)
self.assertEqual(user_name, result.data.decode('utf-8'))
listener.assert_heard_one(self.app, user=USERS[user_id])
def test_logout_stays_logged_out_with_remember_me(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
c.get('/logout')
result = c.get('/username')
self.assertEqual(result.data.decode('utf-8'), u'Anonymous')
def test_needs_refresh_uses_handler(self):
@self.login_manager.needs_refresh_handler
def _on_refresh():
return u'Needs Refresh!'
with self.app.test_client() as c:
c.get('/login-notch-remember')
result = c.get('/needs-refresh')
self.assertEqual(u'Needs Refresh!', result.data.decode('utf-8'))
def test_needs_refresh_fires_needs_refresh_signal(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
with listen_to(user_needs_refresh) as listener:
c.get('/needs-refresh')
listener.assert_heard_one(self.app)
def test_needs_refresh_fires_flash_when_redirect_to_refresh_view(self):
self.login_manager.refresh_view = '/refresh_view'
self.login_manager.needs_refresh_message = u'Refresh'
self.login_manager.needs_refresh_message_category = 'refresh'
category_filter = [self.login_manager.needs_refresh_message_category]
with self.app.test_client() as c:
c.get('/login-notch-remember')
c.get('/needs-refresh')
msgs = get_flashed_messages(category_filter=category_filter)
self.assertIn(self.login_manager.needs_refresh_message, msgs)
def test_needs_refresh_flash_message_localized(self):
def _gettext(msg):
if msg == u'Refresh':
return u'Aktualisieren'
self.login_manager.refresh_view = '/refresh_view'
self.login_manager.localize_callback = _gettext
self.login_manager.needs_refresh_message = u'Refresh'
self.login_manager.needs_refresh_message_category = 'refresh'
category_filter = [self.login_manager.needs_refresh_message_category]
with self.app.test_client() as c:
c.get('/login-notch-remember')
c.get('/needs-refresh')
msgs = get_flashed_messages(category_filter=category_filter)
self.assertIn(u'Aktualisieren', msgs)
self.login_manager.localize_callback = None
def test_needs_refresh_aborts_403(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
result = c.get('/needs-refresh')
self.assertEqual(result.status_code, 403)
def test_redirects_to_refresh_view(self):
@self.app.route('/refresh-view')
def refresh_view():
return ''
self.login_manager.refresh_view = 'refresh_view'
with self.app.test_client() as c:
c.get('/login-notch-remember')
result = c.get('/needs-refresh')
self.assertEqual(result.status_code, 302)
expected = 'http://localhost/refresh-view?next=%2Fneeds-refresh'
self.assertEqual(result.location, expected)
def test_confirm_login(self):
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
self.assertEqual(u'False', c.get('/is-fresh').data.decode('utf-8'))
c.get('/confirm-login')
self.assertEqual(u'True', c.get('/is-fresh').data.decode('utf-8'))
def test_user_login_confirmed_signal_fired(self):
with self.app.test_client() as c:
with listen_to(user_login_confirmed) as listener:
c.get('/confirm-login')
listener.assert_heard_one(self.app)
def test_session_not_modified(self):
with self.app.test_client() as c:
# Within the request we think we didn't modify the session.
self.assertEquals(u'modified=False',
c.get('/empty_session').data.decode('utf-8'))
# But after the request, the session could be modified by the
# "after_request" handlers that call _update_remember_cookie.
# Ensure that if nothing changed the session is not modified.
self.assertFalse(session.modified)
#
# Session Protection
#
def test_session_protection_basic_passes_successive_requests(self):
self.app.config['SESSION_PROTECTION'] = 'basic'
with self.app.test_client() as c:
c.get('/login-notch-remember')
username_result = c.get('/username')
self.assertEqual(u'Notch', username_result.data.decode('utf-8'))
fresh_result = c.get('/is-fresh')
self.assertEqual(u'True', fresh_result.data.decode('utf-8'))
def test_session_protection_strong_passes_successive_requests(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-remember')
username_result = c.get('/username')
self.assertEqual(u'Notch', username_result.data.decode('utf-8'))
fresh_result = c.get('/is-fresh')
self.assertEqual(u'True', fresh_result.data.decode('utf-8'))
def test_session_protection_basic_marks_session_unfresh(self):
self.app.config['SESSION_PROTECTION'] = 'basic'
with self.app.test_client() as c:
c.get('/login-notch-remember')
username_result = c.get('/username',
headers=[('User-Agent', 'different')])
self.assertEqual(u'Notch', username_result.data.decode('utf-8'))
fresh_result = c.get('/is-fresh')
self.assertEqual(u'False', fresh_result.data.decode('utf-8'))
def test_session_protection_basic_fires_signal(self):
self.app.config['SESSION_PROTECTION'] = 'basic'
with self.app.test_client() as c:
c.get('/login-notch-remember')
with listen_to(session_protected) as listener:
c.get('/username', headers=[('User-Agent', 'different')])
listener.assert_heard_one(self.app)
def test_session_protection_basic_skips_when_remember_me(self):
self.app.config['SESSION_PROTECTION'] = 'basic'
with self.app.test_client() as c:
c.get('/login-notch-remember')
# clear session to force remember me (and remove old session id)
self._delete_session(c)
# should not trigger protection because "sess" is empty
with listen_to(session_protected) as listener:
c.get('/username')
listener.assert_heard_none(self.app)
def test_session_protection_strong_skips_when_remember_me(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-remember')
# clear session to force remember me (and remove old session id)
self._delete_session(c)
# should not trigger protection because "sess" is empty
with listen_to(session_protected) as listener:
c.get('/username')
listener.assert_heard_none(self.app)
def test_permanent_strong_session_protection_marks_session_unfresh(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-permanent')
username_result = c.get('/username',
headers=[('User-Agent', 'different')])
self.assertEqual(u'Notch', username_result.data.decode('utf-8'))
fresh_result = c.get('/is-fresh')
self.assertEqual(u'False', fresh_result.data.decode('utf-8'))
def test_permanent_strong_session_protection_fires_signal(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-permanent')
with listen_to(session_protected) as listener:
c.get('/username', headers=[('User-Agent', 'different')])
listener.assert_heard_one(self.app)
def test_session_protection_strong_deletes_session(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-remember')
username_result = c.get('/username',
headers=[('User-Agent', 'different')])
self.assertEqual(u'Anonymous',
username_result.data.decode('utf-8'))
def test_session_protection_strong_fires_signal_user_agent(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-remember')
with listen_to(session_protected) as listener:
c.get('/username', headers=[('User-Agent', 'different')])
listener.assert_heard_one(self.app)
def test_session_protection_strong_fires_signal_x_forwarded_for(self):
self.app.config['SESSION_PROTECTION'] = 'strong'
with self.app.test_client() as c:
c.get('/login-notch-remember',
headers=[('X-Forwarded-For', '10.1.1.1')])
with listen_to(session_protected) as listener:
c.get('/username', headers=[('X-Forwarded-For', '10.1.1.2')])
listener.assert_heard_one(self.app)
def test_session_protection_skip_when_off_and_anonymous(self):
with self.app.test_client() as c:
# no user access
with listen_to(user_accessed) as user_listener:
results = c.get('/')
user_listener.assert_heard_none(self.app)
# access user with no session data
with listen_to(session_protected) as session_listener:
results = c.get('/username')
self.assertEqual(results.data.decode('utf-8'), u'Anonymous')
session_listener.assert_heard_none(self.app)
# verify no session data has been set
self.assertFalse(session)
def test_session_protection_skip_when_basic_and_anonymous(self):
self.app.config['SESSION_PROTECTION'] = 'basic'
with self.app.test_client() as c:
# no user access
with listen_to(user_accessed) as user_listener:
results = c.get('/')
user_listener.assert_heard_none(self.app)
# access user with no session data
with listen_to(session_protected) as session_listener:
results = c.get('/username')
self.assertEqual(results.data.decode('utf-8'), u'Anonymous')
session_listener.assert_heard_none(self.app)
# verify no session data has been set other than '_id'
self.assertIsNotNone(session.get('_id'))
self.assertTrue(len(session) == 1)
#
# Custom Token Loader
#
def test_custom_token_loader(self):
@self.login_manager.token_loader
def load_token(token):
return USER_TOKENS.get(token)
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
# Test that remember me functionality still works
self.assertEqual(u'Notch', c.get('/username').data.decode('utf-8'))
# Test that we used the custom authentication token
remember_cookie = self._get_remember_cookie(c)
expected_value = make_secure_token(u'Notch', key='deterministic')
self.assertEqual(expected_value, remember_cookie.value)
def test_change_api_key_with_token_loader(self):
@self.login_manager.token_loader
def load_token(token):
return USER_TOKENS.get(token)
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
self.app.config['SECRET_KEY'] = 'ima change this now'
result = c.get('/username')
self.assertEqual(result.data.decode('utf-8'), u'Notch')
def test_custom_token_loader_with_no_user(self):
@self.login_manager.token_loader
def load_token(token):
return
with self.app.test_client() as c:
c.get('/login-notch-remember')
self._delete_session(c)
result = c.get('/username')
self.assertEqual(result.data.decode('utf-8'), u'Anonymous')
#
# Lazy Access User
#
def test_requests_without_accessing_session(self):
with self.app.test_client() as c:
c.get('/login-notch')
# no session access
with listen_to(user_accessed) as listener:
c.get('/')
listener.assert_heard_none(self.app)
# should have a session access
with listen_to(user_accessed) as listener:
result = c.get('/username')
listener.assert_heard_one(self.app)
self.assertEqual(result.data.decode('utf-8'), u'Notch')
#
# View Decorators
#
def test_login_required_decorator(self):
@self.app.route('/protected')
@login_required
def protected():
return u'Access Granted'
with self.app.test_client() as c:
result = c.get('/protected')
self.assertEqual(result.status_code, 401)
c.get('/login-notch')
result2 = c.get('/protected')
self.assertIn(u'Access Granted', result2.data.decode('utf-8'))
def test_decorators_are_disabled(self):
@self.app.route('/protected')
@login_required
@fresh_login_required
def protected():
return u'Access Granted'
self.app.login_manager._login_disabled = True
with self.app.test_client() as c:
result = c.get('/protected')
self.assertIn(u'Access Granted', result.data.decode('utf-8'))
def test_fresh_login_required_decorator(self):
@self.app.route('/very-protected')
@fresh_login_required
def very_protected():
return 'Access Granted'
with self.app.test_client() as c:
result = c.get('/very-protected')
self.assertEqual(result.status_code, 401)
c.get('/login-notch-remember')
logged_in_result = c.get('/very-protected')
self.assertEqual(u'Access Granted',
logged_in_result.data.decode('utf-8'))
self._delete_session(c)
stale_result = c.get('/very-protected')
self.assertEqual(stale_result.status_code, 403)
c.get('/confirm-login')
refreshed_result = c.get('/very-protected')
self.assertEqual(u'Access Granted',
refreshed_result.data.decode('utf-8'))
#
# Misc
#
@unittest.skipIf(werkzeug_version.startswith("0.9"),
"wait for upstream implementing RFC 5987")
def test_chinese_user_agent(self):
with self.app.test_client() as c:
result = c.get('/', headers=[('User-Agent', u'中文')])
self.assertEqual(u'Welcome!', result.data.decode('utf-8'))
@unittest.skipIf(werkzeug_version.startswith("0.9"),
"wait for upstream implementing RFC 5987")
def test_russian_cp1251_user_agent(self):
with self.app.test_client() as c:
headers = [('User-Agent', u'ЯЙЮя'.encode('cp1251'))]
response = c.get('/', headers=headers)
self.assertEqual(response.data.decode('utf-8'), u'Welcome!')
def test_make_secure_token_default_key(self):
with self.app.test_request_context():
self.assertEqual(make_secure_token('foo'),
'0f05743a2b617b2625362ab667c0dbdf4c9ec13a')
def test_user_context_processor(self):
with self.app.test_request_context():
_ucp = self.app.context_processor(_user_context_processor)
self.assertIsInstance(_ucp()['current_user'], AnonymousUserMixin)
import pylibmc
def pylibmc_cache(app, config, args, kwargs):
return pylibmc.Client(servers=app.config['CACHE_MEMCACHED_SERVERS'],
binary=True)
cache = Cache(app, config={'CACHE_TYPE': pylibmc_cache})
cache.init_app(app)
# DB
db = SQLAlchemy(app)
# Login manager
lm = LoginManager()
lm.init_app(app)
# Assets
import assets
assets_env = Environment(app)
assets_loader = PythonAssetsLoader(assets)
for name, bundle in assets_loader.load_bundles().iteritems():
assets_env.register(name, bundle)
# Script manager
manager = Manager(app)
mail = Mail()
# Mail manager
mail.init_app(app)
'''
rtp.site.flask_app
author | Immanuel Washington
Functions
---------
monitor_app | creates flask app for monitor db
monitor_lm | creates login manager for monitor db
monitor_db | creates monitor db from sqlalchemy
'''
from flask import Flask
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.login import LoginManager
monitor_app = Flask(__name__, static_folder='monitor/static', template_folder='monitor/templates')
monitor_app.config.from_pyfile('monitor/settings.py')
monitor_lm = LoginManager()
monitor_lm.init_app(monitor_app)
monitor_db = SQLAlchemy(monitor_app)
from flask import Flask
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.login import LoginManager
gen_app = Flask(__name__)
gen_app.config.from_object('config')
login_manager = LoginManager()
login_manager.init_app(gen_app)
login_manager.login_view = "login"
login_manager.login_message = u"Please log in to view this page"
login_manager.login_message_category = "info"
db = SQLAlchemy(gen_app)
from gen import views, models
class App(Flask):
def __init__(self):
super(App, self).__init__(__name__)
self.config.from_object('lablog.config')
logging.info("SERVER_NAME: {}".format(self.config['SERVER_NAME']))
self.before_request(self.init_dbs)
self.teardown_request(self.teardown)
self.after_request(self.teardown)
try:
self.init_session()
self.init_login()
self.init_pjax()
self.init_templates()
except Exception as e:
logging.exception(e)
def load_user(self, id):
try:
logging.info("Loading User: {}".format(id))
a = Admin(id=id)
return a
except Exception as e:
logging.exception(e)
return None
def init_templates(self):
self.jinja_env.filters['slugify'] = slugify
def teardown(self, exception):
db = getattr(g, 'MONGO', None)
if db is not None:
db.close()
if self.config.get('SESSION_MONGODB'):
self.config['SESSION_MONGODB'].close()
db = getattr(g, 'MQ', None)
if db is not None:
db.release()
return exception
def configure_dbs(self):
es = db.init_elasticsearch()
db.create_index(es)
influx = db.init_influxdb()
db.create_shards(influx)
def init_dbs(self):
g.ES = db.init_elasticsearch()
g.INFLUX = db.init_influxdb()
g.MONGO = db.init_mongodb()
g.MQ = db.init_mq()
humongolus.settings(logging, g.MONGO)
def init_session(self):
self.config['SESSION_MONGODB'] = db.init_mongodb()
self.config['SESSION_MONGODB_DB'] = "app_sessions"
self.config['SESSION_MONGODB_COLLECT'] = "sessions"
self.config['SESSION_MONGODB']['app_sessions']['sessions'].create_index('id')
Session(self)
def init_login(self):
self.login_manager = LoginManager()
self.login_manager.init_app(self)
self.login_manager.user_callback = self.load_user
self.login_manager.login_view = "auth.login"
def user_logged_in(self):
logging.info(request.path)
if not current_user.is_authenticated():
return redirect(url_for("auth.login", next=request.path, _external=True, _scheme="https"))
def init_pjax(self):
PJAX(self)
class UnicodeCookieUserIDTestCase(unittest.TestCase):
def setUp(self):
self.app = Flask(__name__)
self.app.config['SECRET_KEY'] = 'deterministic'
self.app.config['SESSION_PROTECTION'] = None
self.app.config['TESTING'] = True
self.remember_cookie_name = 'remember'
self.app.config['REMEMBER_COOKIE_NAME'] = self.remember_cookie_name
self.login_manager = LoginManager()
self.login_manager.init_app(self.app)
self.login_manager._login_disabled = False
@self.app.route('/')
def index():
return u'Welcome!'
@self.app.route('/login-germanjapanese-remember')
def login_germanjapanese_remember():
return unicode(login_user(germanjapanese, remember=True))
@self.app.route('/username')
def username():
if current_user.is_authenticated:
return current_user.name
return u'Anonymous'
@self.app.route('/userid')
def user_id():
if current_user.is_authenticated:
return current_user.id
return u'wrong_id'
@self.login_manager.user_loader
def load_user(user_id):
return USERS[unicode(user_id)]
# This will help us with the possibility of typoes in the tests. Now
# we shouldn't have to check each response to help us set up state
# (such as login pages) to make sure it worked: we will always
# get an exception raised (rather than return a 404 response)
@self.app.errorhandler(404)
def handle_404(e):
raise e
unittest.TestCase.setUp(self)
def _delete_session(self, c):
# Helper method to cause the session to be deleted
# as if the browser was closed. This will remove
# the session regardless of the permament flag
# on the session!
with c.session_transaction() as sess:
sess.clear()
def test_remember_me_username(self):
with self.app.test_client() as c:
c.get('/login-germanjapanese-remember')
self._delete_session(c)
result = c.get('/username')
self.assertEqual(u'Müller', result.data.decode('utf-8'))
def test_remember_me_user_id(self):
with self.app.test_client() as c:
c.get('/login-germanjapanese-remember')
self._delete_session(c)
result = c.get('/userid')
self.assertEqual(u'佐藤', result.data.decode('utf-8'))
config = get_config()
web = Flask(__name__)
web.register_blueprint(api)
web.register_blueprint(reports)
web.secret_key = get_config_value(config, "secret_key")
# Allows us to include blocks in templates without Jinja parsing them, this is
# useful when we want to pass the template unmodified to the frontend so
# handlebars.js can handle it instead.
web.jinja_env.globals['include_raw'] = lambda f:\
Markup(web.jinja_loader.get_source(web.jinja_env, f)[0])
login_manager = LoginManager()
login_manager.init_app(web)
login_manager.login_view = "login"
# Context Processors
@web.context_processor
def inject_unread_messages():
unread_messages = LogMessage.query.filter(LogMessage.read == False).count()
return dict(unread_messages=unread_messages)
@login_manager.user_loader
def load_user(user_id):
return User.query.get(int(user_id))
import languageprocess1.tokenizer
import sys
import os
from datetime import datetime
usernametemp = "default"
login = Flask(__name__)
#alternative to config.py
DEBUG = True
SECRET_KEY = 'development key'
USERNAME = '******'
PASSWORD = '******'
SECRET_KEY = "hashmein"
#config over
login.config.from_object(__name__)
login_manager = LoginManager()
login_manager.init_app(login)
def redis_connect():
return redis.Redis("localhost")
@login.route('/')
def load_page():
return render_template("init.html")
@login.route('/register', methods=['GET', 'POST'])
def register():
name = request.form["name"]
email = request.form["email"]
import os import sys import config from flask import Flask, render_template from flask.ext.login import LoginManager from flask.ext.sqlalchemy import SQLAlchemy from flask.ext.bcrypt import Bcrypt server = Flask(__name__) server.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI server.config['SECRET_KEY'] = config.SECRET_KEY server.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True db = SQLAlchemy(server) bcrypt = Bcrypt(server) login_manager = LoginManager() login_manager.init_app(server) from runnershigh.auth.views import mod as AuthModule server.register_blueprint(AuthModule) from runnershigh.path.views import mod as PathModule server.register_blueprint(PathModule) from runnershigh.user.views import mod as UserModule server.register_blueprint(UserModule)
from __init__ import __version__
from healthcheck import run_test_resource
from init import DB
from enums import RESOURCE_TYPES
from models import Resource, Run, User
from util import render_template2, send_email
import views
APP = Flask(__name__)
BABEL = Babel(APP)
APP.config.from_pyfile('config_main.py')
APP.config.from_pyfile('../instance/config_site.py')
APP.secret_key = APP.config['SECRET_KEY']
LOGIN_MANAGER = LoginManager()
LOGIN_MANAGER.init_app(APP)
GHC_SITE_URL = APP.config['GHC_SITE_URL'].rstrip('/')
LANGUAGES = (('en', 'English'), ('fr', 'Français'), ('de', 'German'),
('de_DE', 'German (Germany)'))
@APP.before_request
def before_request():
g.user = current_user
if request.args and 'lang' in request.args and request.args['lang'] != '':
g.current_lang = request.args['lang']
if not hasattr(g, 'current_lang'):
g.current_lang = 'en'
def init(config):
global app
global babel
global login_manager
global db
# Main application object
app = Flask(__name__)
if config is None:
app.config.from_pyfile('config.cfg')
else:
for key in config:
app.config[key] = config[key]
# Load any environment-specific configuration file
if os.environ.get('ONOC_CONFIG') is not None:
app.config.from_envvar('ONOC_CONFIG')
# Logging
logfile = app.config.get('LOGGING', None)
if logfile is not None:
import logging
handler = logging.FileHandler(logfile)
handler.level = logging.DEBUG
app.logger.addHandler(handler)
# SQLAlchemy
db = SQLAlchemy(app)
# Babel
babel = Babel(app)
@babel.localeselector
def babel_locateselector():
# Fall back to configuration
return None
@babel.timezoneselector
def babel_timezoneselector():
#Fall back to configuration
return None
# Livestatus connector
if app.config.get('LIVESTATUS_SOCKET', None) is not None:
livestatus.set_server_address(app.config['LIVESTATUS_SOCKET'])
else:
livestatus.set_server_address((app.config.get('LIVESTATUS_HOST', '127.0.0.1'),
int(app.config.get('LIVESTATUS_PORT', 50000))))
# Security session manager
login_manager = LoginManager()
login_manager.init_app(app, add_context_processor=True)
login_manager.login_message = gettext('Please log in to access this page')
login_manager.login_view = 'login'
# A useful route converter that filters a URL using a regular expression
# It can be used like this in a rule : blah/<regex([a-z]):data>
class RegexConverter(BaseConverter):
def __init__(self, map, *items):
super(RegexConverter, self).__init__(map)
self.regex = items[0]
app.url_map.converters['regex'] = RegexConverter
# Assets manager
#assets = Environment(app)
#register_all(app, assets)
# Include views
import user # User management (incl. login)
import grapher # Graph screens (logical & physical)
import dashboard # Dashboard page
import widgetsloader # Dashboard widgets tools
import structureservice
import graphiteservice # Graphites services
import livestatusservice # Livestatus services
import predictservice # predictation tools
import reports # logs screens
#Starting point
@app.route('/')
@login_required
def index():
return render_template('main.html')
init_db(user.User)
import os
from flask import Flask
from app import config
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.login import LoginManager
from pycloudinary import Cloudinary
application = Flask(__name__)
application.config.from_object(config)
db = SQLAlchemy(application)
lm = LoginManager()
lm.init_app(application)
lm.login_view = 'login'
cloudinaryDB = Cloudinary(application)
if not application.debug and os.environ.get('HEROKU') is None:
import logging
from logging.handlers import RotatingFileHandler
file_handler = RotatingFileHandler('app/tmp/tol.log', 'a', 1 * 1024 * 1024,
10)
file_handler.setLevel(logging.INFO)
file_handler.setFormatter(
logging.Formatter(
'%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]'
))
application.logger.addHandler(file_handler)
application.logger.setLevel(logging.INFO)
application.logger.info('Token Of Love local startup')
if os.environ.get('HEROKU') is not None:
import logging
import os
from flask import Flask
from flask.ext.login import LoginManager
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.openid import OpenID
from config import basedir
rondo = Flask(__name__)
rondo.config.from_object('config')
db = SQLAlchemy(rondo)
lm = LoginManager()
lm.init_app(rondo)
lm.login_view = 'login'
oid = OpenID(rondo, os.path.join(basedir, 'tmp'))
from rondo import views, models
if not rondo.debug:
import logging
from logging.handlers import RotatingFileHandler
file_handler = RotatingFileHandler('tmp/rondo.log', 'a', 1 * 1024 * 1024,
10)
file_handler.setFormatter(
logging.Formatter(
'%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]'
))
rondo.logger.setLevel(logging.INFO)
file_handler.setLevel(logging.INFO)
rondo.logger.addHandler(file_handler)
rondo.logger.info('rondo event manager')
g.db = database
g.db.connect()
@application.after_request
def after_request(response):
g.db.close()
return response
# LOGIN MANAGER
from flask.ext.login import LoginManager
from models import *
login_manager = LoginManager()
login_manager.init_app(application)
@login_manager.user_loader
def load_user(user_id):
try:
user = User.get(email=user_id)
except DoesNotExist:
print "Current user no longer exists!"
current_user = None
return
return user
# VIEWS
import hiuni_reports.views
"""Utility functions and objects for the auacm server."""
from flask import send_from_directory, jsonify
from flask.ext.login import LoginManager, current_user
from flask.ext.bcrypt import Bcrypt
from app import app
from app.database import session, Base
from app.modules.user_manager.models import User
from functools import wraps
# bcrypt setup
bcrypt = Bcrypt(app)
# login session setup
login_manager = LoginManager()
login_manager.init_app(app)
@login_manager.user_loader
def load_user(user_id):
"""Log a user into the app."""
return session.query(User).filter(User.username == user_id).first()
def admin_required(function):
@wraps(function)
def wrap(*args, **kwargs):
if current_user.is_anonymous or current_user.admin == 0:
return serve_error('You need to be an admin to do that.',
response_code=401)
else:
def init(config):
global app
global babel
global login_manager
global db
global cache
# Main application object
app = Flask(__name__)
if config is None:
parser = ConfigParser.ConfigParser()
parser.readfp(open('/etc/hokuto.cfg'))
conf = parser.items('config')
userconfig = {}
for c in conf:
val = c[1]
if (c[1] == 'True' or c[1] == 'False'):
val = bool(val)
userconfig[c[0].upper().rstrip()] = val
app.config.update(userconfig)
else:
for key in config:
app.config[key] = config[key]
# Load any environment-specific configuration file
if os.environ.get('ONOC_CONFIG') is not None:
app.config.from_envvar('ONOC_CONFIG')
# Logging
logfile = app.config.get('LOGGER_FILE', None)
if logfile is not None:
handler = logging.FileHandler(logfile)
handler.setFormatter(
logging.Formatter('%(asctime)s [%(levelname)s] %(message)s'))
loglevel = parse_logger_level(app.config.get('LOGGER_LEVEL'))
if loglevel is not None:
app.logger.setLevel(loglevel)
handler.level = loglevel
app.logger.addHandler(handler)
app.logger.info('Hokuto is initializing...')
# Caching
# A little bit simplistic for now, we could improve that
cache = SimpleCache()
# SQLAlchemy
db = SQLAlchemy(app)
# Babel
babel = Babel(app)
@babel.localeselector
def babel_locateselector():
# Fall back to configuration
return None
@babel.timezoneselector
def babel_timezoneselector():
#Fall back to configuration
return None
# Livestatus connector
if app.config.get('LIVESTATUS_SOCKET', None) is not None:
livestatus.set_server_address(app.config['LIVESTATUS_SOCKET'])
else:
livestatus.set_server_address(
(app.config.get('LIVESTATUS_HOST', '127.0.0.1'),
int(app.config.get('LIVESTATUS_PORT', 50000))))
# Security session manager
login_manager = LoginManager()
login_manager.init_app(app, add_context_processor=True)
login_manager.login_message = gettext('Please log in to access this page')
login_manager.login_view = 'login'
# A useful route converter that filters a URL using a regular expression
# It can be used like this in a rule : blah/<regex([a-z]):data>
class RegexConverter(BaseConverter):
def __init__(self, map, *items):
super(RegexConverter, self).__init__(map)
self.regex = items[0]
app.url_map.converters['regex'] = RegexConverter
# Assets manager
#assets = Environment(app)
#register_all(app, assets)
# Include views
import user # User management (incl. login)
import grapher # Graph screens (logical & physical)
import dashboard # Dashboard page
import widgetsloader # Dashboard widgets tools
import structureservice
import graphiteservice # Graphites services
import livestatusservice # Livestatus services
import predictservice # predictation tools
import reports # logs screens
import configservice # Shinken configuration web services
#Starting point
@app.route('/')
@login_required
def index():
return render_template('main.html')
init_db(user.User)
app.logger.debug('Initialization successful!')
return app
