def configure(app: Flask): """Insere as views de login e logout na api. Para utilizar, importar modulo api_login e chamar configure(app) em uma aplicação Flask. """ api = Blueprint('/api', __name__) app.config['JWT_SECRET_KEY'] = SECRET app.config['JWT_BLACKLIST_ENABLED'] = True jwt = JWTManager(app) blacklist = set() @jwt.token_in_blacklist_loader def check_if_token_in_blacklist(decrypted_token): jti = decrypted_token['jti'] return jti in blacklist @api.route('/api/login', methods=['POST']) def login(): """Endpoint para efetuar login (obter token).""" if not request.json or not request.is_json: return jsonify({"msg": "JSON requerido"}), 400 username = request.json.get('username', None) password = request.json.get('password', None) if not username: return jsonify({"msg": "Parametro username requerido"}), 400 if not password: return jsonify({"msg": "Parametro password requerido"}), 400 user = verify_password(username, password) if user is None: return jsonify({"msg": "username ou password invalidos"}), 401 logger.info('Entrando com usuário %s' % username) access_token = create_access_token(identity=user.id) return jsonify(access_token=access_token), 200 @api.route('/api/login_certificado', methods=['GET', 'POST']) def login_certificado(): """View para efetuar login via certificado digital.""" s_dn = request.environ.get('HTTP_SSL_CLIENT_S_DN') logger.info('URL %s - s_dn %s' % (request.url, s_dn)) if s_dn: name = None names = dict([x.split('=') for x in s_dn.split(',')]) logger.info('name %s' % names) if names: name = names.get('CN').split(':')[-1] logger.info('%s ofereceu certificado digital' % name) if name: name = name.strip().lower() user = User.get(name) if user is None: return jsonify({ "msg": "Username invalido (usuário %s não cadastrado" % name }), 401 access_token = create_access_token(identity=user.id) return jsonify(access_token=access_token), 200 return jsonify( {"msg": "Cabeçalhos com info do certificado não encontrados"}), 401 @api.route('/api/logout', methods=['DELETE']) @jwt_required def logout(): jti = get_raw_jwt()['jti'] blacklist.add(jti) current_user = get_jwt_identity() logger.info('Usuário %s efetuou logout' % current_user) return jsonify({"msg": "Logout efetuado"}), 200 @api.route('/api/test') @jwt_required def get_resource(): current_user = get_jwt_identity() return jsonify({'user.id': current_user}), 200 def make_log(): path = None method = None ip = None try: current_user = get_jwt_identity() except Exception as err: logger.info(str(err), exc_info=True) current_user = '******' + str(err) logger.info('Usuário %s' % current_user) try: path = request.path method = request.method ip = request.environ.get('HTTP_X_REAL_IP', request.remote_addr) finally: logger.info('API LOG url: %s %s IP:%s User: %s' % (path, method, ip, current_user)) # @app.before_request # def before_request_callback(): # make_log() @app.after_request def after_request_callback(response): make_log() return response def verify_password(username, password): username = mongo_sanitizar(username) # Não aceitar senha vazia!! password = mongo_sanitizar(password) user = authenticate(username, password) if user is not None: logger.info('Usuário %s %s autenticou via API' % (user.id, user.name)) return user app.register_blueprint(api) return api
def init_app(app: Flask): JWTManager(app)
from flask import Flask from config import Config from flask_sqlalchemy import SQLAlchemy from flask_migrate import Migrate from flask_restplus import Api from flask_jwt_extended import JWTManager app = Flask(__name__) app.config.from_object(Config) db = SQLAlchemy(app) migrate = Migrate(app, db) jwt = JWTManager(app) api = Api(app) from LMS.controller.user import API as user_ns from LMS.controller.signup import API as signup_ns from LMS.controller.login import api as login_ns api.add_namespace(user_ns, path='/user') api.add_namespace(signup_ns, path='/signup') api.add_namespace(login_ns, path='/login') from LMS.controller import routes from LMS.model import models
app.config['CSRF_SECRET_KEY'] = b'***REMOVED***' app.config['JWT_TOKEN_LOCATION'] = ['cookies'] app.config['JWT_COOKIE_CSRF_PROTECT'] = False app.config['JWT_CSRF_CHECK_FORM'] = False app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 600 # Create the SqlAlchemy db instance db = SQLAlchemy(app) boto_client = boto3.client( 'rekognition', aws_access_key_id=app.config['aws_access_key_id'], aws_secret_access_key=app.config['aws_secret_access_key'], region_name='us-east-1') # Initialize Marshmallow ma = Marshmallow(app) # Tokens for auth jwtM = JWTManager(app) def _fk_pragma_on_connect(dbapi_con, con_record): # noqa dbapi_con.execute('pragma foreign_keys=ON') with app.app_context(): from sqlalchemy import event event.listen(db.engine, 'connect', _fk_pragma_on_connect)
from celery import Celery from flasgger import Swagger from flask_caching import Cache from flask_cors import CORS from flask_jwt_extended import JWTManager from flask_migrate import Migrate from flask_redis import FlaskRedis from flask_sqlalchemy import SQLAlchemy redis_store = FlaskRedis() cors = CORS() migrate = Migrate() jwt_manager = JWTManager() db = SQLAlchemy() celery = Celery('flask_cc_api', include=['flask_cc_api.proj.tasks']) cache = Cache(config={'CACHE_TYPE': 'redis'}) template = { 'swagger': '2.0', 'info': { 'title': 'API文档', 'version': '0.0.1', }, 'securityDefinitions': { 'Token': {
def set_auth(app): jwt = JWTManager(app) # JWT auth tokens @jwt.token_in_blacklist_loader def check_if_token_is_revoked(decrypted_token): return auth_tokens_store.is_revoked(decrypted_token)
from flask import Flask from config import Config from flask_sqlalchemy import SQLAlchemy from flask_restful import Api from flask_marshmallow import Marshmallow from flask_migrate import Migrate from flask_bcrypt import Bcrypt from flask_cors import CORS from flask_jwt_extended import JWTManager # Setup App tempus_app = Flask(__name__) tempus_app.config.from_object(Config) # Setup JWT jwt = JWTManager(tempus_app) # Setup API api = Api(tempus_app) # Setup DB db = SQLAlchemy() db.init_app(tempus_app) migrate = Migrate(tempus_app, db) # Setup BCrypt bcrypt = Bcrypt(tempus_app) # Setup Marshmallow ma = Marshmallow(tempus_app)
def test_default_user_loader_callback(self): m = JWTManager(self.app) self.assertEqual(m._user_loader_callback, None)
APP.config['SQLALCHEMY_DATABASE_URI']) DB: SQLAlchemy DB = SQLAlchemy(APP, metadata=MetaData( naming_convention={ 'pk': 'pk_%(table_name)s', 'fk': 'fk_%(table_name)s_%(column_0_name)s', 'ix': 'ix_%(table_name)s_%(column_0_name)s', 'uq': 'uq_%(table_name)s_%(column_0_name)s', 'ck': 'ck_%(table_name)s_%(column_0_name)s', })) MIGRATE: Migrate = Migrate(APP, DB) # Setup JWT JWT: JWTManager = JWTManager(APP) # Setup Headers CORS(APP) PROFILE_ADAPTER = load_profile_adapter( abspath(APP.config["PROFILE_ADAPTER_PLUGIN"])) if APP.config[ "REGISTRATION_VERIFY_EMAILS"] and not PROFILE_ADAPTER.is_email_verification_supported( ): raise ValueError( 'E-Mail Verification is turned on but not supported by the adapter!') if APP.config['ALLOW_PASSWORD_RESET_BY_SYSTEM'] and APP.config[ 'LDAP_ANONYMOUS_BIND']:
def test_class_init(self): jwt_manager = JWTManager(self.app) self.assertIsInstance(jwt_manager, JWTManager)
def test_default_user_identity_callback(self): identity = 'foobar' m = JWTManager(self.app) self.assertEqual(m._user_identity_callback(identity), identity)
def test_init_app(self): jwt_manager = JWTManager() jwt_manager.init_app(self.app) self.assertIsInstance(jwt_manager, JWTManager)
def test_default_has_user_loader(self): m = JWTManager(self.app) self.assertEqual(m.has_user_loader(), False)
app.config['SQLALCHEMY_DATABASE_URI'] = ('sqlite:///data.db' ) # os.environ.get ('DATABASE_URL', app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['PROPAGATE_EXCEPTIONS'] = True app.config['JWT_BLACKLIST_ENABLED'] = True app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = ['access', 'refresh'] app.secret_key = 'oved' #app.config['JWT_SECRET_KEY'] api = Api(app) @app.before_first_request def create_tables(): db.create_all() jwt = JWTManager(app) # /auth @jwt.user_claims_loader def add_claims_to_jwt(identity): if identity == 1: return {'is_admin': True} return {'is_admin': False} @jwt.token_in_blacklist_loader def check_if_token_in_blacklist(decrypted_token): return decrypted_token['jti'] in BLACKLIST @jwt.expired_token_loader
app = Flask(__name__) app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///data.db' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['PROPAGATE_EXCEPTIONS'] = True app.config['JWT_BLACKLIST_ENABLED'] = True app.config['JWT_BLACKLIST_TOKEN_CHECKS'] = ['access', 'refresh'] app.secret_key = 'yasu' api = Api(app) @app.before_first_request def create_tables(): db.create_all() jwt = JWTManager(app) # not creating /auth @jwt.user_claims_loader def add_claims_to_jwt(identity): # Instead of hard-coding, you should read from a config file or a database. if identity == 1: return {'is_admin': True} return {'is_admin': False} @jwt.token_in_blacklist_loader def check_if_token_in_blacklist(decrypted_token): return decrypted_token['jti'] in BLACKLIST
from flask import Flask from flask_marshmallow import Marshmallow from flask_sqlalchemy import SQLAlchemy from flask_migrate import Migrate from .config import Development from flask_jwt_extended import JWTManager from flask_mail import Mail, Message from itsdangerous import URLSafeTimedSerializer app = Flask(__name__) app.config.from_object(Development) db = SQLAlchemy(app) migrate = Migrate(app, db) jwt_manager = JWTManager(app) mail = Mail(app=None) mail.init_app(app) ts = URLSafeTimedSerializer(app.config["SECRET_KEY"]) ma = Marshmallow(app) @app.route('/') def home(): return {'message': 'hello'} from directory.apps.users_app import users app.register_blueprint(users)
from flask import Flask, jsonify from flask_restful import Api from resources.hotel import Hoteis, Hotel #chamando class hotel em pasta resource e arquivo hotel from resources.usuario import User, UserRegister, UserLogin, UserLogout from flask_jwt_extended import JWTManager from blacklist import BLACKLIST app = Flask(__name__) app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///banco.db' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['JWT_SECRET_KEY'] = 'DontTellAnyone' app.config['JWT_BLACKLIST_ENABLED'] = True api = Api(app) #faz o gerenciamento jwt = JWTManager(app) #instancia JWT e passa app pra ele @app.before_first_request def cria_banco(): banco.create_all() @jwt.token_in_blacklist_loader def verifica_blacklist(token): return token['jti'] in BLACKLIST @jwt.revoked_token_loader def token_de_acesso_invalidado(): return jsonify({'message': 'You have been logged out.'}), 401
def create_auth(app): jwt = JWTManager(app) auth_bp = Blueprint('login', __name__) def credentials_to_dict(credentials): return { 'token': credentials.token, 'refresh_token': credentials.refresh_token, 'token_uri': credentials.token_uri, 'client_id': credentials.client_id, 'client_secret': credentials.client_secret, 'scopes': credentials.scopes } @auth_bp.errorhandler(UsersError) def handle_invalid_usage(error): response = jsonify(error.to_dict()) response.status_code = error.status_code return response @auth_bp.route('/callback') def callback(): code = request.args.get('code') state = request.args.get('state') return redirect('{}?code={}&state={}'.format( config['oauth']['front_callback'], code, state)) @auth_bp.route('/login') def login(): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( config['oauth']['google_config'], scopes=SCOPES) flow.redirect_uri = config['oauth']['callback'] authorization_url, state = flow.authorization_url( access_type='offline', prompt='consent', include_granted_scopes='true') return jsonify({'url': authorization_url}) @auth_bp.route('/authorize') def authorize(): code = request.args.get('code') state = request.args.get('state') flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( config['oauth']['google_config'], scopes=SCOPES, state=state) flow.redirect_uri = config['oauth']['callback'] flow.fetch_token(code=code) credentials = flow.credentials user_info_service = googleapiclient.discovery.build( "oauth2", "v2", credentials=credentials, cache_discovery=False) user_info = user_info_service.userinfo().get().execute() email = user_info.get('email') if email.split('@')[-1] not in AUTHORIZED_DOMAINS: raise UserNotHelloFresh try: user = users.get_by_mail(email) except UserNotExisting: user = users.add_user(email, user_info.get('given_name'), user_info.get('family_name')) user.add_credentials(credentials_to_dict(credentials)) access_token = create_access_token(identity=user.get_data()) return jsonify(access_token=access_token), 200 app.register_blueprint(auth_bp, url_prefix="/auth")
def create_app(test_config=None): # create and configure the app environment = os.environ['FLASK_ENV'] cookie_prod = os.environ['COOKIE_PROD'] mongo_uri = os.getenv("MONGO_URI", None) if environment == "production": app = Flask(__name__, static_folder='../../client/build', instance_relative_config=True) sentry_sdk.init(integrations=[FlaskIntegration()], traces_sample_rate=1.0) else: app = Flask(__name__, instance_relative_config=True) if test_config is None: app.config.from_pyfile('config.py', silent=True) else: app.config.from_mapping(test_config) app.config['SECRET_KEY'] = '11152020bOBrOSsScYbEriTY' app.config["JWT_SECRET_KEY"] = "BAfASFBasf9bblkjnGYAGIfa@&b332" app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(days=1) app.config['JWT_TOKEN_LOCATION'] = ['cookies'] if os.environ['COOKIE_PROD'] == "production": app.config['JWT_COOKIE_SECURE'] = True else: app.config['JWT_COOKIE_SECURE'] = False app.config['JWT_ACCESS_COOKIE_PATH'] = '/api/' app.config['JWT_COOKIE_CSRF_PROTECT'] = True app.config['JWT_CSRF_IN_COOKIES'] = True JWTManager(app) if not mongo_uri: mongo_uri = "mongodb://*****:*****@cyberity.com', "role": "Employee", "department": "R&D" }) else: id = employee['_id'] # Check if this threat already exists in the DB threat = mongo.db.userThreats.find_one({ "user_id": user, "detectionDate": start_date + timedelta(hours=hour) }) if not threat: mongo.db.userThreats.insert({ "user_id": id, "detectionDate": start_date + timedelta(hours=hour), "status": "active" }) @app.route('/api/processLogs', methods=['POST']) def processLogs(): Thread(target=start_processLogs).start() return "Started Data Log Processing", 200 @app.route('/', defaults={'path': ''}) @app.route('/<path:path>') def serve(path): if path != "" and os.path.exists(app.static_folder + '/' + path): return send_from_directory(app.static_folder, path) else: return send_from_directory(app.static_folder, 'index.html') return app
#apps import main, auth, board, vote, search, admin, analysis import error application = Flask(__name__, instance_relative_config=True) application.config['MAX_CONTENT_LENGTH'] = 200 * 1024 * 1024 cors = CORS(application) #Debug or Release application.config.update( DEBUG = True, JWT_SECRET_KEY = 'secret string', MAX_CONTENT_LENGTH = 200 * 1024 * 1024, ) jwt = JWTManager(application) def main_app(test_config = None): #DB초기화 init_db() #백그라운드 작업 schedule_init() #페이지들 application.register_blueprint(main.BP) application.register_blueprint(auth.BP) application.register_blueprint(board.BP) application.register_blueprint(vote.BP) application.register_blueprint(search.BP) application.register_blueprint(admin.BP) application.register_blueprint(analysis.BP) application.register_blueprint(error.BP)
def initialize_jwt(app): jwt = JWTManager(app) return jwt
import os import config from flask import Flask from models.base_model import db from flask_wtf.csrf import CSRFProtect from flask_jwt_extended import JWTManager web_dir = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'instagram_web') app = Flask('NEXTAGRAM', root_path=web_dir) csrf = CSRFProtect(app) JWTManager(app) if os.getenv('FLASK_ENV') == 'production': app.config.from_object("config.ProductionConfig") else: app.config.from_object("config.DevelopmentConfig") @app.before_request def before_request(): db.connect() @app.teardown_request def _db_close(exc): if not db.is_closed(): print(db)
def create_app(): from .db import db # Models from .providers.models import Provider from .medicines.models import Medicine from .customers.models import Customer from .accounts.models import User # Views from .accounts.views import user_blueprint, auth_blueprint from .medicines.views import medicine_blueprint, upload_blueprint from .providers.views import provider_blueprint from .customers.views import customer_blueprint # Common from .common.exceptions import InvalidUsage from .common.handlers import bad_request_handler, unauthorized_handler from .accounts.utils import jwt_identity, identity_loader, DecimalJSONEncoder app = Flask(__name__) app.json_encoder = DecimalJSONEncoder app.config.from_object(environ.get("FLASK_SETTINGS_MODULE")) # database and migrations db.init_app(app) Migrate(app, db) # marshmallow ma = Marshmallow(app) ma.init_app(app) # jwt extended jwt = JWTManager(app) jwt.init_app(app) jwt.user_identity_loader(identity_loader) jwt.user_loader_callback_loader(jwt_identity) # bcrypt bcrypt = Bcrypt() bcrypt.init_app(app) # CORs cors = CORS() cors.init_app(app) # Minio storage = Minio(app) storage.init_app(app) # Swagger swagger = Swagger() swagger.init_app(app) # error handlers app.register_error_handler(InvalidUsage, bad_request_handler) app.register_error_handler(HTTPStatus.BAD_REQUEST, bad_request_handler) app.register_error_handler(HTTPStatus.UNAUTHORIZED, unauthorized_handler) # blueprints app.register_blueprint(auth_blueprint) # Authentication app.register_blueprint(provider_blueprint) # Provider app.register_blueprint(user_blueprint) # Users app.register_blueprint(customer_blueprint) # Customers app.register_blueprint(medicine_blueprint) # Medicines app.register_blueprint(upload_blueprint) # Medicines upload return app
from flask_restful import Api from flask_sqlalchemy import SQLAlchemy from flask_bcrypt import Bcrypt from flask_login import LoginManager from flask_admin import Admin from flask_jwt_extended import JWTManager from .settings import config_by_name from app.main.utils.LogSetup import LogSetup logs = LogSetup() db = SQLAlchemy() admin = Admin() flask_bcrypt = Bcrypt() login_manager = LoginManager() flask_jwt_manager = JWTManager() api_blueprint = Blueprint('api', __name__) api = Api(api_blueprint) def create_app(config_name): """ creates the Flask object Args: config_name (str): string to define the environment settings the Flask object will be configured with Returns: object: Flask object configured with the configuration parameters from settings based on the environment name specified """ app = Flask(__name__)
def app(): app = Flask(__name__) JWTManager(app) return app
def create_app(version, run_path): global app, token_blacklist, socketio app = Flask(__name__) app.config["version"] = version app.config["run_path"] = run_path config = Configuration() if config.getWebInterface().lower() == "full": app.config["WebInterface"] = False else: app.config["WebInterface"] = True app.config["MONGO_DBNAME"] = config.getMongoDB() app.config["SECRET_KEY"] = str(random.getrandbits(256)) app.config["JWT_SECRET_KEY"] = str(random.getrandbits(256)) app.config["JWT_ACCESS_TOKEN_EXPIRES"] = ACCESS_EXPIRES app.config["JWT_REFRESH_TOKEN_EXPIRES"] = REFRESH_EXPIRES app.config["JWT_BLACKLIST_ENABLED"] = True app.config["JWT_BLACKLIST_TOKEN_CHECKS"] = ["access", "refresh"] token_blacklist = config.getRedisTokenConnection() app.config["RESTX_MASK_SWAGGER"] = False socketio = SocketIO(app) Breadcrumbs(app=app) Bootstrap(app) jwt = JWTManager(app) @jwt.user_claims_loader def add_claims_to_access_token(identity): return {"user": identity} @jwt.token_in_blacklist_loader def check_if_token_is_revoked(decrypted_token): jti = decrypted_token["jti"] entry = token_blacklist.get(jti) if entry == "true": return True return False login_manager.init_app(app) login_manager.login_message = "You must be logged in to access this page!!!" login_manager.login_view = "auth.login" @login_manager.user_loader def load_user(id): return User.get(id, auth_handler) from .home import home as home_blueprint app.register_blueprint(home_blueprint) from .plugins import plugins as plugins_blueprint app.register_blueprint(plugins_blueprint, url_prefix="/plugin") if not app.config["WebInterface"]: from .auth import auth as auth_blueprint app.register_blueprint(auth_blueprint) from .admin import admin as admin_blueprint app.register_blueprint(admin_blueprint, url_prefix="/admin") from .restapi import blueprint as api app.register_blueprint(api) from .restapidocs import docs as docs_blueprint app.register_blueprint(docs_blueprint) @app.context_processor def version(): def get_version(): return app.config["version"] return dict(get_version=get_version) @app.context_processor def db_schema(): def db_schema(): sc = SchemaChecker() try: return sc.validate_schema() except DatabaseSchemaError as err: return err return dict(db_schema=db_schema) @app.context_processor def WebInterface(): def get_WebInterface(): return app.config["WebInterface"] return dict(get_WebInterface=get_WebInterface) @app.context_processor def JSON2HTMLTable(): # Doublequote, because we have to |safe the content for the tags def doublequote(data): return urllib.parse.quote_plus(urllib.parse.quote_plus(data)) def JSON2HTMLTableFilter(data, stack=None): _return = "" if type(stack) == str: stack = [stack] if type(data) == list: if len(data) == 1: _return += JSON2HTMLTableFilter(data[0], stack) else: _return += '<ul class="via4">' for item in data: _return += "<li>%s</li>" % JSON2HTMLTableFilter( item, stack) _return += "</ul>" elif type(data) == dict: _return += '<table class="invisiTable">' for key, val in sorted(data.items()): _return += "<tr><td><b>%s</b></td><td>%s</td></tr>" % ( key, JSON2HTMLTableFilter(val, stack + [key]), ) _return += "</table>" elif type(data) == str: if stack: _return += ("<a href='/link/" + doublequote(".".join(stack)) + "/" + doublequote(data) + "'>") # link opening _return += "<i class='fas fa-link' aria-hidden='true'></i> </a>" _return += ("<a target='_blank' href='%s'>%s</a>" % (data, data) if isURL(data) else data) _return += "" return _return return dict(JSON2HTMLTable=JSON2HTMLTableFilter) @app.template_filter("htmlEncode") def htmlEncode(string): return urllib.parse.quote_plus(string).lower() @app.template_filter("htmlDecode") def htmlDecode(string): return urllib.parse.unquote_plus(string) @app.template_filter("sortIntLikeStr") def sortIntLikeStr(datalist): return sorted(datalist, key=lambda k: int(k)) @app.errorhandler(404) def page_not_found(error): return ( render_template("404.html", ), 404, ) return app, socketio
""" Main file for this project. python app.py """ from flask import Flask from flask_restful import Api from flask_jwt_extended import JWTManager from resources.account_authentication import AccountAuthentication from resources.oauth_authentication import OAuthAuthentication from resources.protected import Protected APP = Flask(__name__) API = Api(APP) APP.secret_key = 'SECRET' # Setup the Flask-JWT-Extended extension JWTManager(APP) # Add API resources. API.add_resource(AccountAuthentication, '/auth') API.add_resource(OAuthAuthentication, '/oauth') API.add_resource(Protected, '/protected') if __name__ == '__main__': APP.run(debug=True)
app = Flask(__name__) app.config.from_object(config) if not app.config["FILE_TREE_FOLDER"]: # Default file_trees are included in Python package: use root_path app.config["FILE_TREE_FOLDER"] = os.path.join(app.root_path, 'file_trees') if not app.config["PREVIEW_FOLDER"]: app.config["PREVIEW_FOLDER"] = os.path.join(app.instance_path, 'previews') db = SQLAlchemy(app) migrate = Migrate(app, db) # DB schema migration features app.secret_key = app.config["SECRET_KEY"] jwt = JWTManager(app) # JWT auth tokens Principal(app) # Permissions cache.cache.init_app(app) # Function caching flask_fs.init_app(app) # To save files in object storage mail = Mail() mail.init_app(app) # To send emails # Hack required during development, because Flask SocketIO changes the default # Flask CLI. if config.DEBUG: from flask_socketio import SocketIO SocketIO(app, async_mode="threading") @app.teardown_appcontext def shutdown_session(exception=None):
get_jwt_claims) from rq import exceptions as RqExceptions from rq import cancel_job from redis import Redis from util.redis_killer import KillQueue, KillWorker, KillJob from util.job_methods import sleep_and_count from rq import cancel_job # Allow logging to app.logger logger = LocalProxy(lambda: current_app.logger) # object name (<decor_name> , <import_name>) api_v1_blueprint = Blueprint('api_v1_blueprint', __name__) jwt = JWTManager() # TODO: Choose storage solution backend job_logs_dir = os.path.join('/app/job_logs') @api_v1_blueprint.route('/version') def index(): return {"API Version": "v1"}, status.HTTP_200_OK # --------------------------------------------- # STATIONS UTILITY FUNC: BEGIN # --------------------------------------------- def load_stations(): """Read stations from storage
def create_app(**config_overrides): app = Flask(__name__) app.config.update(GetConfig.configure('postgres')) CORS(app) api = Api(app) # # Configure application to store JWTs in cookies. Whenever you make # # a request to a protected endpoint, you will need to send in the # # access or refresh JWT via a cookie. # app.config['JWT_TOKEN_LOCATION'] = ['cookies'] # # # Set the cookie paths, so that you are only sending your access token # # cookie to the access endpoints, and only sending your refresh token # # to the refresh endpoint. Technically this is optional, but it is in # # your best interest to not send additional cookies in the request if # # they aren't needed. # app.config['JWT_ACCESS_COOKIE_PATH'] = '/login' # app.config['JWT_REFRESH_COOKIE_PATH'] = '/refreshToken' # # # Disable CSRF protection for this example. In almost every case, # # this is a bad idea. See examples/csrf_protection_with_cookies.py # # for how safely store JWTs in cookies # app.config['JWT_COOKIE_CSRF_PROTECT'] = True app.config.update(GetConfig.configure('jwt_auth')) if config_overrides: app.config.update(config_overrides) db.init_app(app) db.app = app jwt = JWTManager(app) @jwt.token_in_blacklist_loader def check_if_token_in_blacklist(decrypted_token: dict) -> bool: """ Query revoked tokens table for presence of decrypted_token argument :param decrypted_token: Decrypted version of a user's JWT :type decrypted_token: string :return: Whether the decrypted token is present in revoked tokens table :rtype: bool """ jti = decrypted_token['jti'] return RevokedTokens.is_jti_blacklisted(jti) @jwt.user_claims_loader def add_claims_to_access_token(user: db.Model) -> dict: """ Add admin claim to access token :param user: Users model :type user: Users instance :return: Admin claim to be added to access JWT :rtype: JSON """ return {'admin': user.admin} @jwt.user_identity_loader def user_identity_lookup(user: db.Model) -> str: """ Define identity claim within JWT token :param user: Users model :type user: Users instance :return: Identifier for a JWT :rtype: str """ return user.email db.create_all() migrate = Migrate(app, db) api.add_resource(Analytics, '/analytics') api.add_resource(RequestForData, '/data') # current /data endpoint api.add_resource(PredictionStatus, '/pred_status') # login Endpoints api.add_resource(Register, '/register') api.add_resource(Login, '/login') api.add_resource(TokenRefresh, '/refreshToken') api.add_resource(UserLogoutAccess, '/revokeAccess') api.add_resource(UserLogoutRefresh, '/revokeRefresh') api.add_resource(SecretResource, '/secret') api.add_resource(ForgotPassword, '/forgot_password') # Widget Endpoints api.add_resource(Widgets, '/widgets/create_widget') api.add_resource(CreateWidgetLayout, '/widgets/create_layout') api.add_resource(GetWidgets, '/widgets/load_widgets') api.add_resource(DeleteWidgets, '/widgets/delete_widget') api.add_resource(GetWidgetLayout, '/widgets/get_layout') api.add_resource(GetLayouts, '/widgets/get_layouts') api.add_resource(SaveWidgetLayout, '/widgets/save_layouts') # Admin Endpoints api.add_resource(CreateNewUser, '/admin/create_new_user') api.add_resource(GetUserByEmail, '/admin/get_user_by_email') api.add_resource(UserPermissions, '/admin/set_user_permissions') api.add_resource(UsersList, '/admin/list_users') api.add_resource(ChangeUserName, '/admin/change_user_fullname') api.add_resource(ChangeUserPassword, '/admin/change_user_password') api.add_resource(DeleteUser, '/admin/delete_user') api.add_resource(EditUser, '/admin/edit_user') # Unit Endpoints api.add_resource(AddUnitOfMeasurement, '/admin/units/add') api.add_resource(DeleteUnitOfMeasurement, '/admin/units/delete') api.add_resource(GetUnitOfMeasure, '/admin/units/get') api.add_resource(GetAllUnitsOfMeasure, '/admin/units/get_all') api.add_resource(UpdateUnitOfMeasure, '/admin/units/update') # Theme Endpoints api.add_resource(AddTheme, '/admin/themes/add_theme') api.add_resource(RenameTheme, '/admin/themes/rename_theme') api.add_resource(DeleteTheme, '/admin/themes/delete_theme') api.add_resource(GetThemes, '/admin/themes/get_themes') api.add_resource(GetThemeTree, '/admin/themes/get_tree') # Sub Theme Endpoints api.add_resource(AddSubTheme, '/admin/themes/add_subtheme') api.add_resource(RenameSubTheme, '/admin/themes/rename_subtheme') api.add_resource(DeleteSubTheme, '/admin/themes/delete_subtheme') api.add_resource(GetSubThemes, '/admin/themes/get_subthemes') # Attribute Alias Endpoints api.add_resource(AttributeAlias, '/admin/attributes/alias') api.add_resource(GetAttributes, '/admin/attributes/get_attributes') api.add_resource(DeleteAttributeAlias, '/admin/attributes/delete_alias') api.add_resource(UpdateAttributeSubTheme, '/admin/attributes/add_to_subtheme') api.add_resource(ExportData, '/export_data') api.add_resource(ImportStatus, '/importer_status') api.add_resource(ImportRetry, '/importer_retry') api.add_resource(CreateTracker, '/moving/add_tracker') api.add_resource(DeleteTracker, '/moving/delete_tracker') api.add_resource(UpdateTracker, '/moving/update_tracker') api.add_resource(GetTracker, '/moving/get_tracker') api.add_resource(AddNewLocationData, '/moving/add_new_data') api.add_resource(DeleteLocationData, '/moving/delete_location_data') api.add_resource(GetLocationData, '/moving/get_loc_data') api.add_resource(WindowLocationData, '/moving/window_data') api.add_resource(ExportToKML, '/moving/export_kml') api.add_resource(GetDummyData, '/moving/fetch_dummy_data') api.add_resource(TestKeyValidity, "/sendgrid/test_key_validity") api.add_resource(ReplaceKey, "/sendgrid/replace_key") # Alert Enpoints api.add_resource(CreateAlert, '/alert/create_alert') api.add_resource(CheckAlerts, '/alert/check_alerts') api.add_resource(GetAlerts, '/alert/get_alerts') api.add_resource(DeleteAlerts, '/alert/delete_alerts') api.add_resource(PushAlert, '/alert/triggered') api.add_resource(UpdateAlert, '/alert/update_alert') # HealthCheck Endpoints api.add_resource(HealthCheck, '/') return app