def init(argv=None):
app = web.Application(middlewares=[
JWTMiddleware(settings.SECRET_KEY,
auth_scheme='Token',
whitelist=[
r'/api/users',
])
])
app.router.add_routes(authentication_routes)
app.router.add_routes(profiles_routes)
app.router.add_routes(articles_routes)
# Configure default CORS settings.
cors = aiohttp_cors.setup(app,
defaults={
"*":
aiohttp_cors.ResourceOptions(
allow_credentials=True,
expose_headers="*",
allow_headers="*",
)
})
# Configure CORS on all routes.
for route in list(app.router.routes()):
cors.add(route)
app.on_shutdown.append(on_shutdown)
return app
async def init_app(config=None):
app = web.Application(middlewares=[
JWTMiddleware(config['JWT_SECRET'], whitelist=[
r'/public*',
])
])
app.update(config=config or load_config(), logger=log)
setup_routes(app)
# db_pool = await init_db(app)
app.on_startup.append(init_db)
# app.on_startup.append(setup_redis)
# redis_pool = await setup_redis(app)
# setup_session(app, RedisStorage(redis_pool))
# needs to be after session setup because of `current_user_ctx_processor`
# aiohttp_jinja2.setup(
# app,
# loader=jinja2.PackageLoader('app/templates'),
# # context_processors=[current_user_ctx_processor],
# )
# setup_security(
# app,
# SessionIdentityPolicy(),
# DBAuthorizationPolicy(db_pool)
# )
log.debug(app['config'])
return app
def setup_middleware(cls, app: web.Application, **kwargs):
auth_config = AppConfig.get("control_server.auth", {})
auth_config = update_recursive(auth_config, kwargs)
if "secret_or_pub_key" in auth_config:
log.debug("setting up JWT authentication middleware, config=%s",
auth_config,
flags=[logflags.SENSITIVE])
app.middlewares.append(JWTMiddleware(**auth_config))
def get_middlewares() -> tuple:
""" List of active middlewares. """
middlewares = (
version_middleware,
firewall_middleware,
remove_slash_middleware,
JWTMiddleware(SECRET_KEY, whitelist=WHITELIST_URLS),
)
return middlewares
def jwt_middleware_with_cors(*args, **kwargs):
mdlwr = JWTMiddleware(*args, **kwargs)
@wraps(mdlwr)
async def wrap(request: Request, handler):
if request.method == hdrs.METH_OPTIONS:
return await handler(request)
return await mdlwr(request, handler)
return wrap
def initApp():
app = web.Application(middlewares=[
JWTMiddleware(secret_or_pub_key=SHARABLE_SECRET,
token_getter=get_token,
request_property='user',
credentials_required=False,
whitelist=[r'/public*'])
])
fernet_key = fernet.Fernet.generate_key()
secret_key = base64.urlsafe_b64decode(fernet_key)
setup(app, EncryptedCookieStorage(secret_key))
aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader(TEMPLATE_PATH))
return app
async def init_app(argv=None) -> web.Application:
app = web.Application(middlewares=[JWTMiddleware(JWT_SECRET)])
app['storage_client'] = storage.Client()
app.on_startup.append(mq_connect)
app.on_cleanup.append(mq_close)
app.router.add_post('/', post)
app.router.add_put('/{content_id}', put)
app.router.add_delete('/{content_id}', delete)
return app
async def get_app():
await create_table()
app = web.Application(middlewares=[
JWTMiddleware(config.JWT_SECRET,
algorithms=config.JWT_ALGORITHM,
whitelist=[r'/api/user/login'])
])
app.cleanup_ctx.append(partial(register_connection_alchemy))
app.router.add_view('/api/user/{user_id:\d+}', UserView)
app.router.add_view('/api/user/login', UserView)
app.router.add_view('/api/post/{post_id:\d+}', PostView)
app.router.add_view('/api/post/', PostView)
app.router.add_view('/api/posts/', PostsView)
return app
def factory(routes, *args, **kwargs):
defaults = {'secret_or_pub_key': secret}
app = web.Application(
middlewares=[
JWTMiddleware(
*args,
**{
**defaults,
**kwargs
},
),
],
)
for path, handler in routes:
app.router.add_get(path, handler)
return app
def make_app(conf, initialize_db):
api = web.Application(
middlewares=[
JWTMiddleware(
secret_or_pub_key=conf.sharable_secret,
request_property='user',
credentials_required=False,
),
]
)
api['config'] = conf
api.add_routes(api_routes)
api.cleanup_ctx.append(initialize_db)
app = web.Application()
app.add_routes(routes)
app.add_subapp('/api/v1', api)
return app
async def create_application(self):
app = web.Application(middlewares=[
JWTMiddleware(self.config["settings"]["secret"],
whitelist=[r"/public*"]),
])
log.info("Create app")
app["pool"] = await asyncpg.create_pool(
user=self.config['database']['username'],
password=self.config['database']['password'],
database=self.config['database']['dbname'],
host=self.config['database']['host'],
port=self.config['database']['port'])
log.info("Create pool")
auth = Auth(self.config)
app = await auth.create_routes(app)
await self.create_routes(app)
return app
def factory(routes=tuple(), views=tuple(), *args, **kwargs):
defaults = {'secret_or_pub_key': secret}
init_middleware = kwargs.pop('init_middleware', True)
middlewares = []
if init_middleware:
middlewares.append(JWTMiddleware(
*args,
**{
**defaults,
**kwargs
},
))
app = web.Application(middlewares=middlewares)
for path, handler in routes:
app.router.add_get(path, handler)
for path, view in views:
app.router.add_view(path, view)
return app
def __init__(self):
self.routes = {}
self.private_routes = {}
self.app = web.Application(middlewares=[])
# CORS middleware allows CORS from localhost
self.app.middlewares.append(
cors_middleware(origins=[re.compile(r"^https?\:\/\/localhost.*")]))
self.app.middlewares.append(
JWTMiddleware(
config.JWT_SECRET,
request_property="user",
credentials_required=False,
))
self.app.router.add_routes(login_routes)
self.app.router.add_routes(quote_routes)
self.app.router.add_route('*', '/public/{name}', self.public_handler)
self.app.router.add_route('*', '/{name}', self.private_handler)
self.handler = self.app.make_handler()
return web.Response(
text=
"You sent an invalid type parameter. Valid types: feminino, masculino, acessorio, all",
status=406)
except Exception as e:
print(str(e))
return web.Response(text="Something went wrong. Please try later",
status=500)
return web.json_response(body=data)
async def handleWelcome(request):
return web.Response(text="This is not a web page")
##APP SETUP
my_secret = os.environ.get('APP_JWT_SECRET')
app = web.Application(middlewares=[
JWTMiddleware(secret_or_pub_key=my_secret,
algorithms="HS256",
request_property='user')
])
app.add_routes([web.get('/produto', handleGet), web.get('', handleWelcome)])
if __name__ == '__main__':
web.run_app(app, port=os.environ.get('PORT'), host='0.0.0.0')
from aiohttp_jwt import JWTMiddleware, check_permissions, match_any
sharable_secret = "secret"
async def get_token(request):
return jwt.encode({
"username": "******",
"scopes": ["username:johndoe"]
}, sharable_secret)
jwt_middleware = JWTMiddleware(
sharable_secret,
token_getter=get_token,
request_property="user",
credentials_required=False,
whitelist=[r"/public*"],
)
async def public_handler(request):
return web.json_response({
"username":
request["user"].get("username") if "user" in request else "anonymous"
})
@check_permissions(["app/user:admin", "username:johndoe"],
comparison=match_any)
async def protected_handler(request):
'''
Serve file.
'''
from aiohttp import web
from aiohttp_jwt import JWTMiddleware
from chunked_app import handle as chunked_handle
from standard_app import handle as standard_handle
from settings import jwt_secret
app = web.Application(middlewares=[
JWTMiddleware(jwt_secret, auth_scheme='JWT', algorithms='HS256')
])
app.add_routes([
web.get('/chunked', chunked_handle),
web.get('/standard', standard_handle)
])
web.run_app(app)
await conn.execute("commit")
engine.close()
return json_response({'result': 'True'})
except BaseException as e:
request.app['app_logger'].error(f'Error in app: {str(e)}')
return json_response({'result': False})
async def ping(request):
return web.Response(body='Pong')
app = web.Application(middlewares=[
JWTMiddleware(
secret_or_pub_key=JWT_SECRET,
request_property='user',
credentials_required=False,
whitelist=['/api/auth/*', '/api/ws/*'],
algorithms=[JWT_ALGORITHM]
)
])
jwt_logger = logging.getLogger('aiohttp_jwt.middleware')
jwt_logger.addHandler(logging.NullHandler())
app.add_routes([web.get('/api/auth/ping', ping),
web.post('/api/auth/obtain_token', obtaint),
web.post('/api/auth/refresh_token', refresht),
web.post('/api/get_user_list', get_user_list),
web.post('/api/update_user', update_user)])
app.add_routes(maintenance.MaintenanceRoutes)
logger = logging.getLogger(__name__)
secret = "your secret"
async def get_token(request):
return jwt.encode({
"username": "******",
"scopes": ["user:admin"]
}, secret)
jwt_middleware = JWTMiddleware(
secret,
request_property="user",
token_getter=get_token,
credentials_required=False,
whitelist=[r"/(foo|bar)"],
)
async def foo_handler(request):
return json_response({"status": "OK"})
@check_permissions(["user:admin", "johndoe"], comparison=match_any)
async def protected_handler(request):
payload = request.get("user", {})
return json_response({"status": "OK", "username": payload.get("username")})
@middleware
async def error_middleware(request: Request, handler) -> Response:
catch_codes = {500}
try:
response: Response = await handler(request)
if response.status not in catch_codes:
return response
message = response.text
status = response.status
except JSONDecodeError as exc:
message = f"JSON isn't passed or invalid: {exc}"
status = 400
except HTTPException as exc:
if exc.status not in catch_codes:
raise
message = exc.reason
status = exc.status
except InvalidSignatureError as exc:
message = str(exc)
status = 400
return json_response({"error": message}, status=status)
jwt_middleware = JWTMiddleware(
get_secret_key(),
request_property=Fields.USER,
credentials_required=False,
)
from main.routes import setup_routes
setup_routes(app)
if settings.DEBUG:
setup_swagger(app, swagger_url='/docs')
# enable debugtoolbar
aiohttp_debugtoolbar.setup(app)
async def close_app(app):
pass
if __name__ == '__main__':
app = web.Application(
middlewares=[
settings.DB,
JWTMiddleware(settings.SHARED_SECRET_KEY, credentials_required=False)
]
)
app['settings'] = settings
app.on_startup.append(init_app)
app.on_cleanup.append(close_app)
settings.DB.init_app(app, config=settings.DATABASE)
web.run_app(app, host=settings.HOST, port=settings.PORT)
def create_jwt_middleware():
return JWTMiddleware(secret_or_pub_key=Config.JWT_PUBLIC_KEY,
request_property='token_data',
credentials_required=True,
whitelist=SECURITY_WHITELIST)
'status': 'OK',
'username': payload.get('username'),
})
async def get_token(request):
return jwt.encode({
'username': '******',
'scopes': [
'user:admin',
],
}, secret)
return None
app = web.Application(middlewares=[
JWTMiddleware(
secret=secret,
request_property='user',
token_getter=get_token,
credentials_required=False,
whitelist=[r'/(foo|bar)'],
),
])
app.router.add_get('/foo', foo_handler)
app.router.add_get('/protected', protected_handler)
if __name__ == '__main__':
web.run_app(app)
from aiohttp_jwt import JWTMiddleware
from settings import JWT_SECRET_KEY
async def handle_http_error(request, e, status):
return web.json_response(
{
'message': f'{type(e).__name__}: {str(e)}'
},
status=status
)
jwt_middleware = JWTMiddleware(
secret_or_pub_key=JWT_SECRET_KEY,
request_property='user',
algorithms=['HS256'],
credentials_required=False
)
@middleware
async def error_middleware(request, handler):
try:
return await handler(request)
except web.HTTPException as e:
return await handle_http_error(request, e, status=e.status)
except (BadRequest, JSONDecodeError, ValidationError) as e:
return await handle_http_error(request, e, status=400)
except RecordNotFound as e:
return await handle_http_error(request, e, status=404)
except Exception as e:
from aiohttp_jwt import JWTMiddleware
JWT_SECRET_KEY = 'secret'
REDIS_URL = 'redis://localhost'
REDIS_KEY_EXPIRE_SECONDS = 86400
MIDDLEWARES = [
JWTMiddleware(
secret_or_pub_key=JWT_SECRET_KEY,
auth_scheme='JWT',
)
]
async def public_handler(request):
return web.json_response({"username": "******"})
async def protected_handler(request):
return web.json_response({"username": request["user"].get("username", "anonymous")})
async def get_token(request):
return jwt.encode({"username": "******"}, sharable_secret)
app = web.Application(
middlewares=[
JWTMiddleware(
secret_or_pub_key=sharable_secret,
token_getter=get_token,
request_property="user",
whitelist=[r"/public*"],
)
]
)
app.router.add_get("/public", public_handler)
app.router.add_get("/protected", protected_handler)
if __name__ == "__main__":
web.run_app(app)
def test_throw_on_invalid_secret():
with pytest.raises(RuntimeError):
JWTMiddleware(secret_or_pub_key='')
from aiohttp import web
from aiohttp_jwt import JWTMiddleware
from routes import setup_routes
from aiohttp_swagger import *
from settings import SWAGGER_PARAMS, APP_PORT, JWT_SECRET, JWT_ALGORITHMS
from dotenv import load_dotenv
from src.middlewares import json_response
from src.service.db import Database
load_dotenv()
app = web.Application(middlewares=[
JWTMiddleware(
JWT_SECRET,
algorithms=JWT_ALGORITHMS,
credentials_required=False,
request_property='payload',
),
json_response,
],
debug=True)
setup_routes(app)
setup_swagger(app, **SWAGGER_PARAMS)
app.on_startup.append(Database.init_pg)
app.on_cleanup.append(Database.close_pg)
web.run_app(app, port=APP_PORT)
import jwt
from aiohttp import web
from aiohttp_jwt import JWTMiddleware
secret = 'secret'
middlewares = [JWTMiddleware(secret)]
app = web.Application(middlewares=middlewares)
run_configurations = {'host': '127.0.0.1', 'port': 9090}
from async_rest_api.async_app import routers
return web.json_response({
'username': request['user'].get('username', 'anonymous'),
})
async def get_token(request):
return jwt.encode({
'username': '******',
}, sharable_secret)
app = web.Application(
middlewares=[
JWTMiddleware(
secret_or_pub_key=sharable_secret,
token_getter=get_token,
request_property='user',
whitelist=[
r'/public*'
]
)
]
)
app.router.add_get('/public', public_handler)
app.router.add_get('/protected', protected_handler)
if __name__ == '__main__':
web.run_app(app)
async def init(loop):
"""Cheap and dirty protected API example"""
app = Application(middlewares=[
JWTMiddleware(
secret_or_pub_key=publickey,
algorithms=algorithms,
auth_scheme="Bearer",
request_property="user",
credentials_required=False,
whitelist=[r"/(public|bar)"],
audience=audience,
issuer=issuer,
)
])
# Configure default CORS settings.
cors = aiohttp_cors.setup(
app,
defaults={
"*":
aiohttp_cors.ResourceOptions(allow_credentials=True,
expose_headers="*",
allow_headers="*"),
"http://localhost":
aiohttp_cors.ResourceOptions(allow_credentials=True,
expose_headers="*",
allow_headers="*"),
"http://127.0.0.0":
aiohttp_cors.ResourceOptions(allow_credentials=True,
expose_headers="*",
allow_headers="*"),
},
)
############
# API Views
############
# TODO move to views
async def public_handler(request):
return json_response({"Access": "Public"})
@login_required
async def protected_handler(request):
return json_response({"Access": "Protected"})
@check_permissions(["openid"],
comparison=match_any,
permissions_property="scope")
async def profile_handler(request):
"""
This handler retrieves the user data from the
auth0 userinfo endpoint.
The scope openid is required for this.
See: https://auth0.com/docs/api/authentication#get-user-info
"""
# pdb.set_trace()
payload = request.get("user", {})
session = aiohttp.ClientSession()
userinfo = {}
async with session.get(
issuer + "userinfo",
headers={"Authorization": request.headers["Authorization"]},
) as r:
userinfo = await r.json()
return json_response({
"name": userinfo.get("name"),
"email": userinfo.get("email")
})
cors.add(app.router.add_get("/", public_handler))
cors.add(app.router.add_get("/public", public_handler))
cors.add(app.router.add_get("/protected", protected_handler))
cors.add(app.router.add_get("/profile", profile_handler))
# Routes
# Config
setup_swagger(app,
swagger_url="/api/v1/doc",
swagger_from_file="swagger.yaml")
logger.info("Starting server at %s:%s", IP, PORT)
srv = await loop.create_server(app.make_handler(), IP, PORT)
return srv
