def test_captcha_warning_on_non_server_storage(self): self.app.config['SESSION_TYPE'] = 'null' Session(self.app) with self.assertRaises(RuntimeWarning): FlaskSessionCaptcha(self.app) self.app.config['SESSION_TYPE'] = None Session(self.app) with self.assertRaises(RuntimeWarning): FlaskSessionCaptcha(self.app)
def test_mongodb_session(self): app = flask.Flask(__name__) app.testing = True app.config['SESSION_TYPE'] = 'mongodb' Session(app) @app.route('/set', methods=['POST']) def set(): flask.session['value'] = flask.request.form['value'] return 'value set' @app.route('/get') def get(): return flask.session['value'] @app.route('/delete', methods=['POST']) def delete(): del flask.session['value'] return 'value deleted' c = app.test_client() self.assertEqual( c.post('/set', data={ 'value': '42' }).data, b'value set') self.assertEqual(c.get('/get').data, b'42') c.post('/delete')
def test_flasksqlalchemy_session_with_signer(self): app = flask.Flask(__name__) app.debug = True app.secret_key = 'test_secret_key' app.config['SESSION_TYPE'] = 'sqlalchemy' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' app.config['SESSION_USE_SIGNER'] = True session = Session(app) @app.route('/set', methods=['POST']) def set(): flask.session['value'] = flask.request.form['value'] return 'value set' @app.route('/get') def get(): return flask.session['value'] @app.route('/delete', methods=['POST']) def delete(): del flask.session['value'] return 'value deleted' c = app.test_client() self.assertEqual( c.post('/set', data={ 'value': '42' }).data, b'value ' b'set') self.assertEqual(c.get('/get').data, b'42') c.post('/delete')
def test_filesystem_session(self): app = flask.Flask(__name__) app.config['SESSION_TYPE'] = 'filesystem' app.config['SESSION_FILE_DIR'] = tempfile.gettempdir() Session(app) @app.route('/set', methods=['POST']) def set(): flask.session['value'] = flask.request.form['value'] return 'value set' @app.route('/get') def get(): return flask.session['value'] @app.route('/delete', methods=['POST']) def delete(): del flask.session['value'] return 'value deleted' c = app.test_client() self.assertEqual( c.post('/set', data={ 'value': '42' }).data, b'value set') self.assertEqual(c.get('/get').data, b'42') c.post('/delete')
def test_dynamodb_session(self, session): app = flask.Flask(__name__) app.testing = True app.config['SESSION_TYPE'] = 'dynamodb' with patch('boto3.Session') as mockSession: mockSession.return_value = session Session(app) @app.route('/set', methods=['POST']) def set_val(): flask.session['value'] = flask.request.form['value'] return 'value set' @app.route('/get') def get(): return flask.session['value'] @app.route('/delete', methods=['POST']) def delete(): del flask.session['value'] return 'value deleted' c = app.test_client() self.assertEqual(c.post('/set', data={'value': '42'}).data, b'value set') self.assertEqual(c.get('/get').data, b'42') c.post('/delete')
def test_flasksqlalchemy_session(self): app = flask.Flask(__name__) app.debug = True app.config['SESSION_TYPE'] = 'sqlalchemy' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True session = Session(app) session.app.session_interface.db.create_all() @app.route('/set', methods=['POST']) def set_val(): flask.session['value'] = flask.request.form['value'] return 'value set' @app.route('/get') def get(): return flask.session['value'] @app.route('/delete', methods=['POST']) def delete(): del flask.session['value'] return 'value deleted' c = app.test_client() self.assertEqual(c.post('/set', data={'value': '42'}).data, b'value ' b'set') self.assertEqual(c.get('/get').data, b'42') c.post('/delete')
def test_flasksqlalchemy_session(self): app = flask.Flask(__name__) app.debug = True app.config['SESSION_TYPE'] = 'sqlalchemy' app.config['SQLALCHEMY_DATABASE_URI'] = '/tmp/minitwit.db' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True session = Session(app) session.app.session_interface.db.create_all()
def setup_sessions(app): session_type = os.environ.get("SESSION_TYPE", "None") app.logger.debug("Session Type {}".format(session_type)) if session_type not in VALID_SESSION_TYPE: message = "Invalid session type {}. Valid Options {}".format( session_type, VALID_SESSION_TYPE) app.logger.error(message) raise (InvalidSessionType(message)) if session_type == "None": app.session_interface = CustomSessionInterface() return from flask_sessionstore import Session app.config["SESSION_TYPE"] = session_type app.config["SESSION_KEY_PREFIX"] = os.environ.get("SESSION_KEY_PREFIX", "SESSION") app.logger.debug("SESSION_KEY_PREFIX: {}".format( app.config["SESSION_KEY_PREFIX"])) if session_type == "filesystem": app.config["SESSION_FILE_DIR"] = gettempdir() elif session_type == "redis": import redis redis_host = os.environ.get("REDIS_HOST", None) app.logger.debug("Using Redis Host {} for Sessions".format(redis_host)) app.config["SESSION_REDIS"] = redis.StrictRedis(redis_host) else: app.logger.debug("Using DynamoDB Session Table") app.config["SESSION_DYNAMODB_TABLE"] = os.environ.get( "SESSION_DYNAMODB_TABLE", "SessionTable") app.config["SESSION_DYNAMODB_REGION"] = os.environ.get( "SESSION_DYNAMODB_REGION", "us-east-1") app.config["SESSION_DYNAMODB_ENDPOINT_URL"] = os.environ.get( "SESSION_DYNAMODB_ENDPOINT_URL", None) app.logger.debug("SESSION_DYNAMODB_TABLE: {}".format( app.config["SESSION_DYNAMODB_TABLE"])) app.logger.debug("SESSION_DYNAMODB_REGION: {}".format( app.config["SESSION_DYNAMODB_REGION"])) app.logger.debug("SESSION_DYNAMODB_ENDPOINT_URL: {}".format( app.config["SESSION_DYNAMODB_ENDPOINT_URL"])) # Should Session Cookies Be Insecure? # This is bad, and should only be used in dev insecure_cookie = os.environ.get("SESSION_COOKIE_INSECURE", False) if not insecure_cookie: app.config["SESSION_COOKIE_SECURE"] = True else: app.logger.warning("You Are Using InSecure Session Cookies") app.config["SESSION_COOKIE_DOMAIN"] = os.environ.get( "SESSION_COOKIE_DOMAIN", None) app.logger.debug("Using Security Session Cookie: {}".format( app.config["SESSION_COOKIE_SECURE"])) app.logger.debug("Using Session Cookie Domain: {}".format( app.config["SESSION_COOKIE_DOMAIN"])) # override the fl app.logger.debug("Using Server Name: {}".format( app.config["SERVER_NAME"])) # override the fl Session(app)
def test_captcha_session_file_storage(self): self.app.config['SESSION_TYPE'] = 'filesystem' Session(self.app) captcha = FlaskSessionCaptcha(self.app) _default_routes(captcha, self.app) r = self.client.get("/") r = self.client.post("/", data={"s": "something", "captcha": r.data.decode('utf-8')}) assert r.data == b"ok"
def setUp(self): self.app = Flask(__name__) self.app.config['SECRET_KEY'] = 'aba' self.app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://' self.app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False self.app.config['SESSION_TYPE'] = 'sqlalchemy' self.app.config['CAPTCHA_ENABLE'] = True self.app.config['CAPTCHA_LENGTH'] = 5 self.app.testing = True Session(self.app) self.client = self.app.test_client()
def test_null_session(self): app = flask.Flask(__name__) Session(app) def expect_exception(f, *args, **kwargs): try: f(*args, **kwargs) except RuntimeError as e: self.assertTrue(e.args and 'session is unavailable' in e.args[0]) else: self.assertTrue(False, 'expected exception') with app.test_request_context(): self.assertTrue(flask.session.get('missing_key') is None) expect_exception(flask.session.__setitem__, 'foo', 42) expect_exception(flask.session.pop, 'foo')
def create_app(info=None): app = Flask(__name__) app.config.from_object('config') Session(app) ckeditor = CKEditor(app) gravatar = Gravatar(app, size=100, rating='pg', default='identicon', force_default=False, force_lower=False, use_ssl=True, base_url=None) app.register_blueprint(error_pages) app.register_blueprint(nav) app.register_blueprint(menu) app.register_blueprint(user_view) app.register_blueprint(admin_view) app.register_blueprint(admin_forum_view) app.register_blueprint(forum_view) app.register_blueprint(warnings) app.register_blueprint(log_view) db.init_app(app) SqlAlchemySessionInterface(app, db, "sessions", "my_", permanent=False) migrate.init_app(app, db) login_manager.init_app(app) mail.init_app(app) cli.init_app(app) celery.conf.update(app.config) reset_user_warnings.apply_async(countdown=60) @app.before_request def set_online_status(): from flask import request from flask_login import current_user if current_user.is_authenticated(): current_user.lastactive = datetime.utcnow() rdb.setex(current_user.id, 600, current_user.display) db.session.commit() @app.shell_context_processor def shell_context(): return {'app': app, 'db': db} return app
def test_session_use_signer(self): app = flask.Flask(__name__) app.secret_key = 'test_secret_key' app.config['SESSION_TYPE'] = 'redis' app.config['SESSION_USE_SIGNER'] = True Session(app) @app.route('/set', methods=['POST']) def set_val(): flask.session['value'] = flask.request.form['value'] return 'value set' @app.route('/get') def get(): return flask.session['value'] c = app.test_client() self.assertEqual(c.post('/set', data={'value': '42'}).data, b'value set') self.assertEqual(c.get('/get').data, b'42')
def create_app(): """Construct the core application.""" app = Flask(__name__, instance_relative_config=False) app.register_blueprint(auth_bp, url_prefix='/auth') app.register_blueprint(errors_bp, url_prefix='/error') app.config.from_object('config.Config') db.init_app(app) store.bind(db) login_manager.init_app(app) Session(app) captcha = FlaskSessionCaptcha(app) captcha.init_app(app) with app.app_context(): from . import routes # Import routes db.create_all() # Create sql tables for our data models return app
def configure_saml(ssm_client, app): # Create a SQLalchemy db for session and permission storge. app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///acforge.db' app.config[ 'SQLALCHEMY_TRACK_MODIFICATIONS'] = False # suppress warning messages app.config['SESSION_TYPE'] = 'sqlalchemy' db = SQLAlchemy(app) session_store = Session(app) session_store.app.session_interface.db.create_all() # load permissions file # TODO think about whether we want to restrict based on environment tags or regions try: with open(path.join(path.dirname(__file__), 'permissions.json')) as json_data: app.json_perms = json.load(json_data) except Exception: log.error('could not open permissions.json; SAML auth will not work!') app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1) log.info('SAML auth configured') if getenv('SAML_METADATA_URL'): app.config['SAML_METADATA_URL'] = getenv('SAML_METADATA_URL') else: try: saml_protocol = ssm_client.get_parameter( Name='atl_forge_saml_metadata_protocol', WithDecryption=True) saml_url = ssm_client.get_parameter( Name='atl_forge_saml_metadata_url', WithDecryption=True) app.config[ 'SAML_METADATA_URL'] = f"{saml_protocol['Parameter']['Value']}://{saml_url['Parameter']['Value']}" except Exception: log.error( 'SAML is configured but there is no SAML metadata URL in the parameter store - exiting' ) sys.exit(1) flask_saml.FlaskSAML(app)
def create_app(): app = Flask(__name__) # sessionを使う際にSECRET_KEYを設定 app.config['SECRET_KEY'] = b'R\x1c`\x8d\xed_\xe5\xd6\x8d\xef\xc6\x19g- J' # ここから /// 画像アップロードの設定 # 画像のアップロード先のディレクトリ app.config["IMAGE_UPLOADS"] = 'flmapp/static/user_image' app.config["ORIGINAL_IMAGE_UPLOADS"] = 'flmapp/static/original_user_image' app.config["ITEM_IMAGE_UPLOADS"] = 'flmapp/static/item_image' app.config["ITEM_TEMP_IMAGE_UPLOADS"] = 'flmapp/static/item_temp_image' app.config[ "ORIGINAL_ITEM_IMAGE_UPLOADS"] = 'flmapp/static/original_item_image' # アップロードされる拡張子の制限 app.config["ALLOWED_IMAGE_EXTENSIONS"] = ["JPEG", "JPG", "PNG", "GIF"] # 画像サイズの制限 app.config["MAX_IMAGE_FILESIZE"] = 0.5 * 1024 * 1024 # ここまで /// 画像アップロードの設定 # ここから /// データベースの設定 # DBはSQLiteを使う #! パスを変えてください app.config['SQLALCHEMY_DATABASE_URI'] = \ 'sqlite:///' + "/Users/shimomuramei/Desktop/set_prefs/data.sqlite" app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['SQLALCHEMY_ECHO'] = False # ここまで /// データベースの設定 # ここから /// メール送信の設定 app.config['DEBUG'] = True # デバッグのサポート app.config['TESTING'] = False app.config['MAIL_SERVER'] = 'smtp.gmail.com' app.config['MAIL_PORT'] = 587 app.config['MAIL_USE_TLS'] = True app.config['MAIL_USE_SSL'] = False app.config['MAIL_USERNAME'] = '******' app.config['MAIL_PASSWORD'] = '******' app.config['MAIL_DEFAULT_SENDER'] = '*****@*****.**' app.config['MAIL_MAX_EMAILS'] = 5 #送信するメールの最大数 app.config['MAIL_SUPPRESS_SEND'] = False app.config['MAIL_ASCII_ATTACHHMENTS'] = False # ここまで /// メール送信の設定 # ここから /// キャプチャの設定 app.config['CAPTCHA_ENABLE'] = True app.config['CAPTCHA_LENGTH'] = 5 app.config['CAPTCHA_WIDTH'] = 160 app.config['CAPTCHA_HEIGHT'] = 100 app.config['SESSION_TYPE'] = 'sqlalchemy' # ここまで /// キャプチャの設定 db.init_app(app) migrate.init_app(app, db) login_manager.init_app(app) mail.init_app(app) Session(app) captcha = FlaskSessionCaptcha(app) CSRFProtect(app) # カスタムテンプレートフィルターの登録 app.add_template_filter(replace_newline) # 分割したblueprintを登録する from flmapp.views import (auth, mypage, route, sell, item, buy, transaction, ajax, user, history, search, todolist) app.register_blueprint(auth.bp) app.register_blueprint(mypage.bp) app.register_blueprint(route.bp) app.register_blueprint(sell.bp) app.register_blueprint(item.bp) app.register_blueprint(buy.bp) app.register_blueprint(transaction.bp) app.register_blueprint(ajax.bp) app.register_blueprint(user.bp) app.register_blueprint(history.bp) app.register_blueprint(search.bp) app.register_blueprint(todolist.bp) return app
import flask from flask_sessionstore import Session # from pfchar.settings import SECRET_KEY, DEBUG from pfchar.settings import DEBUG from pfchar.server.views import Views from pfchar.server.routes import Routes from pfchar.server.rest import RESt from pfchar.database.connection import redis_instance_sessions app = flask.Flask(__name__) SESSION_TYPE = 'redis' SESSION_REDIS = redis_instance_sessions app.config.from_object(__name__) Session(app) views = Views() rest = RESt() routes = Routes(app, views, rest)
# app.permanent_session_lifetime = timedelta(minutes=5) # Custom filter app.jinja_env.filters["usd"] = usd # Configure session to use filesystem (instead of signed cookies) # app.config["SESSION_FILE_DIR"] = mkdtemp() # app.config["SESSION_PERMANENT"] = True # app.config["SESSION_TYPE"] = "filesystem" # Session(app) # Configure session to use sqlalchemy (instead of signed cookies) app.config['SESSION_TYPE'] = 'sqlalchemy' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///' app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True session1 = Session(app) session1.app.session_interface.db.create_all() # Configure CS50 Library to use SQLite database if os.environ.get("ENVIRONMENT") == "DEV": db = SQL("sqlite:///finance-dev.db") elif os.environ.get("ENVIRONMENT") == "PROD": db = SQL("sqlite:///finance.db") else: raise RuntimeError("ENVIRONMENT not set") # Make sure API key is set if not os.environ.get("API_KEY"): raise RuntimeError("API_KEY not set")
import config IMAGE_NAME = "./static/very_good_security.png" MAX_COOKIE_SIZE = 100 from werkzeug.debug import DebuggedApplication app = Flask(__name__) app.secret_key = config.SECRET_KEY app.config['SESSION_TYPE'] = 'filesystem' app.config['ENV'] = 'development' app.config['TESTING'] = True app.wsgi_app = DebuggedApplication(app.wsgi_app, True) app.debug = True sess = Session() sess.init_app(app) if __name__ == "__main__": app.run(host='0.0.0.0:5000') @app.route('/', methods=('GET', 'POST')) def index(): if request.method == 'GET': return initiate_page() if request.method == 'POST': return prepare_pixel_payload() def initiate_page(): # Download the image and get an RGB pixel array
login_manager.init_app(flask_app) # flask_app.config['SESSION_TYPE'] = 'redis' #print("CONFIG", flask_app.config) #flask_app.config.from_object(Config) #SESSION_TYPE = 'redis' #flask_app.config.from_object(__name__) #sess = Session() #sess.init_app(flask_app) flask_app.config.update(config) Session(flask_app) # Flask-Login helper to retrieve a user from our db @login_manager.user_loader def load_user(user_id): app = App(request.host) # print("load user", app, user_id) try: return User.get(app, user_id) except UserNotFound: return None # OAuth 2 client setup # client = WebApplicationClient(GOOGLE_CLIENT_ID)
# def __init__(self , loggeduser , lastlogintime, lastlogouttime,): # self.loggeduser = loggeduser # self.lastlogintime = lastlogintime # self.lastlogouttime = lastlogouttime # def __init__(self , loggeduser , lastlogintime, lastlogouttime): # self.loggeduser = loggeduser # self.lastlogintime = lastlogintime # self.lastlogouttime = lastlogouttime #users = db.relationship(users) #WTF_CSRF_ENABLED = True # cache = Cache(app, config={'CACHE_TYPE': 'simple'}) sess = Session(app) csrf = CSRFProtect(app) csrf.init_app(app) #sess.init_app(app) #@app.route('/robots.txt', methods=['POST', 'GET']) #def static_from_root(): # return send_from_directory(app.static_folder, request.path[1:]) @app.route('/register', methods=['POST', 'GET']) def register(): if request.method == 'POST': checkuserspecial = request.form['username'] if not (regex.search(checkuserspecial) == None): flash('Username has special Characters bro, try again.') return redirect(url_for('register'))
from flask_migrate import Migrate, MigrateCommand if db.engine.url.drivername == 'sqlite': migrate = Migrate(app, db, compare_type=True, render_as_batch=True) else: migrate = Migrate(app, db, compare_type=True) manager = Manager(app) manager.add_command('db', MigrateCommand) # Captcha captcha = None if app.config.get('CAPTCHA', 1) == 1: try: from flask_sessionstore import Session, SqlAlchemySessionInterface from captchas import MyFlaskSessionCaptcha as FlaskSessionCaptcha app.config['SESSION_TYPE'] = 'sqlalchemy' session = Session(app) SqlAlchemySessionInterface(app, db, "sessions", "sess_") # session.app.session_interface.db.create_all() app.config['CAPTCHA_ENABLE'] = True app.config['CAPTCHA_LENGTH'] = 5 app.config['CAPTCHA_WIDTH'] = 320 app.config['CAPTCHA_HEIGHT'] = 50 captcha = FlaskSessionCaptcha(app) except: app.logger.info("flask_sessionstore non fonctionnel") app.config['CAPTCHA'] = 0 # Connexion avec Flask_mail try: from flask_mail import Mail mail = Mail(app)
import PIL from brother_ql.conversion import convert from brother_ql.backends.helpers import send from brother_ql.raster import BrotherQLRaster # unit: pixels PRINT_WIDTH=696 # app setup app = Flask(__name__) app.config.from_object(__name__) app.secret_key = os.urandom(24) app.config['SESSION_TYPE'] = 'filesystem' Session(app) #server side storage config # return css static files @app.route('/Semantic-UI-CSS/<path:path>') def send_js(path): return send_from_directory('Semantic-UI-CSS', path) # return a label svg template from collection @app.route('/svgtemplate/<path:path>') def send_label(path): is_recent = path.startswith('recent') path = os.path.join('templates', 'labels', path) cached_png = path.replace('.svg', '.png') if not os.path.exists(cached_png) or os.path.getmtime(path) > os.path.getmtime(cached_png):
#DATABASE = '/tmp/minitwit.db' PER_PAGE = 30 DEBUG = True SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/' # create our little application :) app = Flask('minitwit') app.config.from_object(__name__) # No longer needed to have unique settings after Session DB reconfigure # app.config.from_envvar('MINITWIT_SETTINGS', silent=True) # Session DB config.. #app.config['SESSION_TYPE'] = 'sqlalchemy' app.config['SESSION_TYPE'] = 'redis' #app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:////tmp/minitwit.db' #app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = 'True' session_app = Session(app) api_basic_auth = ApiBasicAuth(app) mongo = PyMongo(app) #def init_db(): # Added for Session DB # We can consider migrating this to MongoDB as well via http://flask.pocoo.org/snippets/110/ # session_app.app.session_interface.db.create_all() #@app.cli.command('initdb') #def initdb_command(): # """Creates the database tables.""" # init_db() # print('Initialized the database.')
PER_PAGE = 30 DEBUG = False SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/' # create our little application :) app = Flask('minitwit') app.config.from_object(__name__) client = MongoClient('localhost') mongo = PyMongo(app) # MONGO CODE app.config.update(dict(DEBUG=True, SECRET_KEY='development key')) REDIS_URL = os.getenv('REDISTOGO_URL', 'redis://*****:*****@app.route('/set', methods=['POST']) # def set_val(): # flask.session['value'] = flask.request.form['value'] # return 'value set' # # @app.route('/get') # def get():
from flask_sqlalchemy import SQLAlchemy from flask_uploads import configure_uploads, patch_request_class from flask_wtf.csrf import CSRFProtect from redis import Redis from werkzeug.exceptions import default_exceptions # DEBUG ONLY # from flask_cors import CORS api = Api() db = SQLAlchemy() csrf = CSRFProtect() mail = Mail() security = Security() sess = Session() socketio = SocketIO(manage_session=False) redisInstance = Redis() def create_app(): """Create Onitools aplication.""" app = Flask(__name__) # App configuration app.config.from_object('onitools.app.default_settings') app.config.from_envvar('ONITOOLS_SETTINGS') from .models import user_datastore