def create_app(config_filename=None): app = Flask(__name__) app.config.from_pyfile(config_filename or 'config.py') if 'CERTIFICATOR_SETTINGS' in os.environ: # Only try to load a config from it if set. app.config.from_envvar('CERTIFICATOR_SETTINGS') from .db import get_user_by_id, get_user login_manager = LoginManager() login_manager.user_loader(get_user_by_id) login_manager.init_app(app) browser_id = BrowserID() browser_id.user_loader(get_user) browser_id.init_app(app) Bootstrap(app) from .db import db as sqla sqla.init_app(app) sqla.app = app sqla.create_all() import stripe stripe.api_key = app.config['STRIPE_SECRET_KEY'] from .views import root, quiz, dashboard, certificate app.register_blueprint(root) app.register_blueprint(quiz) app.register_blueprint(dashboard) app.register_blueprint(certificate) return app
def initialise(self): """ The application needs initialisation to load the database connection etc. In previous versions this was done with the initialisation of the class in the __init__ method. This is now separated into this function. """ #: Check if the secret key is defined, if not raise an #: exception since it is required assert self.secret_key, 'Secret Key is not defined in config' #: Load the cache self.load_cache() #: Initialise the CSRF handling self.csrf_protection = CsrfProtect() self.csrf_protection.init_app(self) self.view_functions['static'] = self.send_static_file # Backend initialisation self.load_backend() #: Initialise the login handler login_manager = LoginManager() login_manager.user_loader(self._pool.get('nereid.user').load_user) login_manager.header_loader( self._pool.get('nereid.user').load_user_from_header ) login_manager.token_loader( self._pool.get('nereid.user').load_user_from_token ) login_manager.unauthorized_handler( self._pool.get('nereid.user').unauthorized_handler ) login_manager.login_view = "nereid.website.login" login_manager.anonymous_user = self._pool.get('nereid.user.anonymous') login_manager.init_app(self) self.login_manager = login_manager # Monkey patch the url_for method from flask-login to use # the nereid specific url_for flask.ext.login.url_for = url_for self.template_context_processors[None].append( self.get_context_processors() ) # Add the additional template context processors self.template_context_processors[None].append( nereid_default_template_ctx_processor ) # Add template_filters registered using decorator for name, function in self.get_template_filters(): self.jinja_env.filters[name] = function # Finally set the initialised attribute self.initialised = True
def create_app(config): app = Flask(__name__, static_url_path='', static_folder=STATIC_PATH) init_app_config(app, config) init_logger(app) app.url_map.strict_slashes = False lm = LoginManager() lm.unauthorized_handler(basic_unauthorized) lm.init_app(app) lm.user_loader(load_user) lm.session_protection = "strong" # this patch needs because chrome will ignore cookies when using ip. app.session_interface.get_cookie_domain = lambda _app: None flex = FlexRestManager(db_base=Base, db_session_callback=global_session) flex.init_app(app) register_blueprints(app, BLUEPRINTS) @app.after_request def after_request(response): dbs = global_session(create=False) dbs and dbs.close() return response @app.route('/favicon.ico') def favicon(): return app.send_static_file('images/favicon.ico') return app
def app_factory(config): # create app app = Flask(__name__) app.config.from_object(config) # database db.init_app(app) whoosh_index(app, Post) # flask-login login_manager = LoginManager(app) login_manager.user_loader(load_user) # flask-wtf csrf protection CsrfProtect(app) # jinja2 config jinja.init_app(app) # blueprints from blog import blog app.register_blueprint(blog) from api import api app.register_blueprint(api, url_prefix='/api') return app
def __initLoginManager(self): login_manager = LoginManager() login_manager.anonymous_user = SupportUser.Anonymous login_manager.login_view = '/login' login_manager.login_message = '' login_manager.user_loader(loadUserByID) login_manager.init_app(self)
def create_app(testing=False): app = Flask(__name__) if os.environ.get('DRIP_ENV', '') == 'production': app.config.from_object('drip.config.Production') else: app.config.from_object('drip.config.Development') app.template_folder = os.path.join(PATH, 'templates') if not testing: # Monitoring. newrelic.agent.initialize(os.path.join(PATH, '..', 'newrelic-web.ini'), 'development') db = create_mongo(app) login_manager = LoginManager() login_manager.init_app(app) # noinspection PyTypeChecker login_manager.user_loader(get_user) login_manager.login_view = "user.login" # views with jinja templates app.register_blueprint(main) app.register_blueprint(shopify) app.register_blueprint(dashboard) return app
def init_app(app): login = LoginManager() login.init_app(app) login.login_view = "auth.signup" login.user_loader(load_user) app.context_processor(user_context) return app
class AuthenticationModule(SystemModule): def __init__(self, *args, **kwargs): super(AuthenticationModule, self).__init__(*args, **kwargs) self.login_manager = LoginManager() self.login_manager.login_message_category = "warning" self.login_manager.user_loader(self.load_user) self.logged_in_menu = DropdownMenu() self.login_text = mydomain.lazy_gettext('Login...') self.logged_in_user_text = mydomain.lazy_gettext('User: '******'.' + view.__name__ return view def register(self, app, *args, **kwargs): super(AuthenticationModule, self).register(app, *args, **kwargs) self.login_manager.init_app(app) def login_url(self): return login_url(self.login_manager.login_view, request.url) def logged_in_text(self): return self.logged_in_user_text + ' ' + self.get_current_user_name() def get_current_user_name(self): return current_user.get_name() def user_menu(self, text, group='', values={}): def wrap(view): name = self.name + '.' + view.__name__ entry = self.menu_entry_for_view(view, text, values=values) self.logged_in_menu.add_entry(name, entry, group) return view return wrap def get_anonymous_system_menu(self): return MenuItem(text=self.login_text, url=self.login_url()) def get_system_menu_item(self): if current_user.is_anonymous(): return self.get_anonymous_system_menu() else: return MenuItem(text=self.logged_in_text(), items=self.logged_in_menu.build_real_menu()) def handle_forbidden_endpoint(self): if current_user.is_anonymous(): return self.login_manager.unauthorized() else: return self.forbidden() def forbidden(self): return abort(403)
def __init__(self, app, user_repository): self.user_repository = user_repository login_manager = LoginManager() login_manager.user_loader(self.user_repository.get_by_username) login_manager.setup_app(app) self.login_manager = login_manager
def _get_login_manager(app): lm = LoginManager() lm.anonymous_user = AnonymousUser lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app) lm.user_loader(_user_loader) lm.token_loader(_token_loader) lm.init_app(app) return lm
def setup_interactive(app): lm = LoginManager() lm.login_view = "login" lm.user_loader(get_user) @lm.unauthorized_handler def unauth(): return "UNAUTHORIZED!" lm.setup_app(app)
def initialise(self): """ The application needs initialisation to load the database connection etc. In previous versions this was done with the initialisation of the class in the __init__ method. This is now separated into this function. """ #: Check if the secret key is defined, if not raise an #: exception since it is required assert self.secret_key, 'Secret Key is not defined in config' #: Load the cache self.load_cache() #: Initialise the CSRF handling self.csrf_protection = NereidCsrfProtect() self.csrf_protection.init_app(self) self.view_functions['static'] = self.send_static_file # Backend initialisation self.load_backend() #: Initialise the login handler login_manager = LoginManager() login_manager.user_loader(self._pool.get('nereid.user').load_user) login_manager.header_loader( self._pool.get('nereid.user').load_user_from_header) login_manager.token_loader( self._pool.get('nereid.user').load_user_from_token) login_manager.unauthorized_handler( self._pool.get('nereid.user').unauthorized_handler) login_manager.login_view = "nereid.website.login" login_manager.anonymous_user = self._pool.get('nereid.user.anonymous') login_manager.init_app(self) self.login_manager = login_manager # Monkey patch the url_for method from flask-login to use # the nereid specific url_for flask.ext.login.url_for = url_for self.template_context_processors[None].append( self.get_context_processors()) # Add the additional template context processors self.template_context_processors[None].append( nereid_default_template_ctx_processor) # Add template_filters registered using decorator for name, function in self.get_template_filters(): self.jinja_env.filters[name] = function # Initialize Babel Babel(self) # Finally set the initialised attribute self.initialised = True
def get_login_manager(app): lm = LoginManager(app) lm.session_protection = 'strong' lm.anonymous_user = AnonymousUser lm.login_view = '/login' lm.user_loader(load_user) lm.token_loader(load_token) lm.init_app(app) return lm
def started(self): """Register mapping url to web server""" template_folder = os.path.join(self.module_path, 'templates') app = Blueprint('Auth', __name__, url_prefix='/auth', template_folder=template_folder) # url mapping app.add_url_rule('/', 'index', view_func=self._index) app.add_url_rule('/login', 'login', view_func=self._login, methods=['GET', 'POST']) app.add_url_rule('/logout', 'logout', view_func=self._logout) app.add_url_rule('/users', 'users', view_func=self._users) app.add_url_rule('/user', 'new_user', view_func=self._user, methods=['GET', 'POST']) app.add_url_rule('/user/<user_name>', 'user', view_func=self._user, methods=['GET', 'POST']) # register to flask module = ModuleManager.get('web') if not module: self.add_critical('no module name "web"') raise FileNotFoundError module.add_blueprint(app) login_manager = LoginManager() login_manager.login_view = '%s.login' % app.name login_manager.init_app(module.flask) login_manager.user_loader(auth.load) # set url to login required exclude_login_required_url = [ 'static', login_manager.login_view ] + DataFileManager.load(self.name, 'exclude_login_required_url', []) def filter_app(get_apps_handler): def inner(): return [ app for app in get_apps_handler() if current_user.can_access(app['name']) ] return inner for endpoint, view_func in module.flask.view_functions.copy().items(): if endpoint not in exclude_login_required_url: module.flask.view_functions[endpoint] = login_required( view_func) module.get_apps = filter_app(module.get_apps)
def _get_login_manager(app): lm = LoginManager() lm.anonymous_user = AnonymousUser lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app) lm.user_loader(_user_loader) lm.login_message = None lm.needs_refresh_message = None lm.unauthorized_callback = lambda: abort(401) lm.init_app(app) return lm
def _get_login_manager(app): lm = LoginManager() lm.anonymous_user = AnonymousUser lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app) lm.user_loader(_user_loader) lm.token_loader(_token_loader) lm.login_message, lm.login_message_category = cv('MSG_LOGIN', app=app) lm.needs_refresh_message, lm.needs_refresh_message_category = cv('MSG_REFRESH', app=app) lm.init_app(app) return lm
def _get_login_manager(app): lm = LoginManager() lm.anonymous_user = AnonymousUser lm.login_view = '%s.login' % cv('BLUEPRINT_NAME', app=app) lm.user_loader(_user_loader) lm.token_loader(_token_loader) lm.login_message, lm.login_message_category = cv('MSG_LOGIN', app=app) lm.needs_refresh_message, lm.needs_refresh_message_category = cv( 'MSG_REFRESH', app=app) lm.init_app(app) return lm
def logging_in(app): lm = LoginManager() lm.login_view = "login" lm.user_loader(get_user) lm.setup_app(app) app.preprocess_request() assert not current_user.is_authenticated() assert current_user.is_anonymous() with assert_fired(user_logged_in): login_user(notch) assert current_user.name == u"Notch" assert session["user_id"] == u"1"
def setup_login_manager(app): """ Configure the LoginManager for the provided app. """ login_manager = LoginManager() login_manager.login_view = 'auth.login_user' login_manager.login_message = 'Resource access not authorized.' login_manager.login_message_category = 'error' login_manager.anonymous_user = AnonymousUser login_manager.init_app(app) login_manager.user_loader(load_user) user_logged_in.connect(on_login, app)
def _get_login_manager(app): lm = LoginManager() lm.anonymous_user = AnonymousUser lm.login_view = "%s.login" % cv("BLUEPRINT_NAME", app=app) lm.user_loader(_user_loader) lm.token_loader(_token_loader) if cv("FLASH_MESSAGES", app=app): lm.login_message, lm.login_message_category = cv("MSG_LOGIN", app=app) lm.needs_refresh_message, lm.needs_refresh_message_category = cv("MSG_REFRESH", app=app) else: lm.login_message = None lm.needs_refresh_message = None lm.init_app(app) return lm
def record_login_manager(state): login_manager = LoginManager() login_manager.login_view = 'FoodTruck.login' login_manager.user_loader(load_user) if state.app.config['SECRET_KEY'] == 'temp-key': def _handler(): from flask import render_template return render_template('error.html', error="No secret key has been set!") logger.debug("No secret key found, disabling website login.") login_manager.unauthorized_handler(_handler) login_manager.login_view = None login_manager.init_app(state.app)
def started(self): """Register mapping url to web server""" template_folder = os.path.join(self.module_path, 'templates') app = Blueprint('Auth', __name__, url_prefix='/auth', template_folder=template_folder) # url mapping app.add_url_rule('/', 'index', view_func=self._index) app.add_url_rule('/login', 'login', view_func=self._login, methods=['GET', 'POST']) app.add_url_rule('/logout', 'logout', view_func=self._logout) app.add_url_rule('/users', 'users', view_func=self._users) app.add_url_rule('/user', 'new_user', view_func=self._user, methods=['GET', 'POST']) app.add_url_rule('/user/<user_name>', 'user', view_func=self._user, methods=['GET', 'POST']) # register to flask module = ModuleManager.get('web') if not module: self.add_critical('no module name "web"') raise FileNotFoundError module.add_blueprint(app) login_manager = LoginManager() login_manager.login_view = '%s.login' % app.name login_manager.init_app(module.flask) login_manager.user_loader(auth.load) # set url to login required exclude_login_required_url = [ 'static', login_manager.login_view ] + DataFileManager.load(self.name, 'exclude_login_required_url', []) def filter_app(get_apps_handler): def inner(): return [app for app in get_apps_handler() if current_user.can_access(app['name'])] return inner for endpoint, view_func in module.flask.view_functions.copy().items(): if endpoint not in exclude_login_required_url: module.flask.view_functions[endpoint] = login_required(view_func) module.get_apps = filter_app(module.get_apps)
def generate_app(): app = flask.Flask(__name__) app.config['BROWSERID_LOGIN_URL'] = "/login" app.config['BROWSERID_LOGOUT_URL'] = "/logout" app.config['SECRET_KEY'] = "deterministic" app.config['TESTING'] = True login_manager = LoginManager() login_manager.user_loader(get_user_by_id) login_manager.init_app(app) browserid = BrowserID() browserid.user_loader(get_user) browserid.init_app(app) app.route('/')(index) return app
def _init_flask(self, app): """ Initialize the Flask application. Override *_create_flask_app()* to use another class. """ self.logger.info("Initializing Flask application ...") app.wok = self app.logger_name = "web" app.teardown_request(self._teardown_request) login_manager = LoginManager() login_manager.init_app(self.app) login_manager.user_loader(self._load_user) login_manager.login_message = "Please sign in to access this page." #self.login_manager.anonymous_user = ... app.register_blueprint(core.bp, url_prefix="/core")
def _generate_app(self): app = Flask(__name__) app.config['PROPAGATE_EXCEPTIONS'] = True app.config['SQLALCHEMY_DATABASE_URI'] = 'postgres:///ealgis' app.config['BROWSERID_LOGIN_URL'] = "/api/0.1/login" app.config['BROWSERID_LOGOUT_URL'] = "/api/0.1/logout" with open('/etc/ealgis/secret_key') as secret_fd: secret_key = secret_fd.read().rstrip() app.config['SECRET_KEY'] = secret_key app.config['TESTING'] = True login_manager = LoginManager() login_manager.user_loader(self.get_user_by_id) login_manager.init_app(app) browserid = BrowserID() browserid.user_loader(self.browserid_get_user) browserid.init_app(app) return app
def _generate_app(self): app = Flask(__name__) app.wsgi_app = ReverseProxied(app.wsgi_app) app.config['PROPAGATE_EXCEPTIONS'] = True app.config['SQLALCHEMY_DATABASE_URI'] = self._connection_string() app.config['BROWSERID_LOGIN_URL'] = "/api/0.1/login" app.config['BROWSERID_LOGOUT_URL'] = "/api/0.1/logout" with open('/data/secret_key') as secret_fd: secret_key = secret_fd.read().rstrip() app.config['SECRET_KEY'] = secret_key # Warning: this *disables* authentication on the API # app.config['TESTING'] = True login_manager = LoginManager() login_manager.user_loader(self.get_user_by_id) login_manager.init_app(app) browserid = BrowserID() browserid.user_loader(self.browserid_get_user) browserid.init_app(app) return app
class Auth: GHOST = 0 USER = 1 ADMIN = 2 SUPER_ADMIN = 3 class Anonymous(AnonymousUserMixin): def __init__(self): self._id = None def get_id(self): return unicode('') def __init__(self): self.__login_manager = LoginManager() self.config = {} def init_app(self, app, config): print 'Attaching LoginManager to app.' self.__login_manager.init_app(app) self.__login_manager.anonymous_user = Auth.Anonymous self.config = config def load_user(user_id): if user_id == '': return None Users = Database['Users'] try: return Users.User.find_one({'_id': ObjectId(user_id)}) except: return None def unauthorized(): return jsonify(error='Unauthorized'), HTTP_401_UNAUTHORIZED self.__login_manager.user_loader(load_user) self.__login_manager.unauthorized_handler(unauthorized) self.__bcrypt = Bcrypt(app) def login_manager(self): return self.__login_manager def require(self, user_level): def login_required(f): @wraps(f) def decorated_function(*args, **kwargs): if current_user.is_authenticated( ) and current_user.get_access_level() >= user_level: return f(*args, **kwargs) return self.__login_manager.unauthorized() return decorated_function return login_required def login(self, user_object, password): if user_object is not None: if self.__bcrypt.check_password_hash(user_object['password'], password): if not login_user(user_object): return resource_strings["USER_NOT_ACTIVATED"] else: return 'Invalid password' else: return 'Invalid email' return None def login_social(self, login_type, token): user_object = None try: user_object = SocialSignin.verify(login_type, token) except SocialSignin.Invalid as e: return str(e) login_user(user_object) def logout(self): logout_user() def hash_password(self, password): return self.__bcrypt.generate_password_hash(password) # decorator that protects other users from PUT/POST/DELETE on you stuff # user_id _must_ be passed in as 'user_id' def only_me(self, function): @wraps(function) def inner(*args, **kwargs): if kwargs['user_id'] != 'me': return '{}', HTTP_401_UNAUTHORIZED return function(*args, **kwargs) return inner
class AuthLoginManager(object): """ Auth login manager """ manager = None app = None user_cls = None token_cls = None db = None req_tok_type = None def __init__(self, app, db, user_cls, token_cls): """ Constructor """ self.db = db self.user_cls = user_cls self.token_cls = token_cls self.app = app self.req_tok_type = ( app.config.get( 'AUTH_TOKEN_TYPE', REQ_TOK_TYPES['header'] ) ) self.manager = LoginManager() self.manager.request_loader(self._load_user_from_request) self.manager.user_loader(self._load_user) self.manager.token_loader(self._user_from_token) self.manager.unauthorized_handler(self.unauthorized) self.manager.init_app(self.app) return None def get_manager(self): """ Get login manager """ return self.manager def _load_user_from_request(self, request): """ Callback to load a user from a Flask request object See: https://flask-login.readthedocs.org /en/latest/#custom-login-using-request-loader """ req_token = ( request_helpers .get_request_token( self.req_tok_type, request ) ) if req_token is None: return None auth_token = self.token_cls.query.filter_by(token=req_token).first() if auth_token is None: return None session['is_authenticated'] = True session['auth_token'] = auth_token.token return auth_token.user def _load_user(self, user_id): """ Load a user from a user id """ return self.user_cls.get(user_id) def _user_from_token(self, token): """ Gets a user from a token """ auth_token = self.token_cls.query.filter_by(token=token).first() if auth_token is None: return None return auth_token.user def unauthorized(self): """ Unauthorized handler """ headers = {} headers['Content-Type'] = "application/json" payload = { 'msg': "Not authorized", 'code': 'not_authorized' } return Response(json.dumps(payload), 401, headers)
from timeout import timeout from flask import jsonify, request, Response import anyjson import helpers import csv_export from datetime import date, datetime, timedelta from filters import * import re from db_helpers import get_count, get_obj from sqlalchemy import func, not_, and_, or_ import pytz # Initialize login login_manager = LoginManager() login_manager.user_loader(get_user_by_id) login_manager.init_app(app) browser_id = BrowserID() browser_id.user_loader(get_user) browser_id.init_app(app) @app.route("/login", methods=["GET", "POST"]) def login(email=None, password=None): if request.method == 'POST': email = request.form['email'] password = request.form['password'] user_to_login = authenticate_login(email, password) if user_to_login: login_user(user_to_login)
class MainApp(object): def __init__(self, name, cmds, config='app.cfg', host='127.0.0.1', port=5000, script_url=SCRIPT_URL, not_public=False): self.name = name self.cmds = OrderedDict([(c.name, c) for c in cmds]) self.app = Flask(__name__) self.config = os.path.abspath(config) self.app.config.from_object('formcreator.DefaultConfig') self.app.config.from_pyfile(self.config, silent=True) # Directories with contents displayed in the page self.dirs = [] self.host = host self.port = port if not_public: self.not_public = True # Create de database self.db = db self.app.test_request_context().push() self.db.init_app(self.app) self.db.create_all() # Create admin user if doesn't exist admin_user = User.query.get(1) if not admin_user: admin_user = User("admin", "admin", is_admin=True) self.db.session.add(admin_user) self.db.session.commit() # Create hte LoginManager self.login_manager = LoginManager() self.login_manager.init_app(self.app) self.login_manager.login_view = "login" self.login_manager.user_loader(self.load_user) # Create the url_rules for the Forms for i, cmd in enumerate(self.cmds.values()): if not_public: url_function = partial(login_required(self.form), cmd.name) else: url_function = partial(self.form, cmd.name) self.app.add_url_rule(SCRIPT_URL + (cmd.name if i > 0 else ''), cmd.name, url_function, methods=['GET', 'POST']) # Create the url_rules for serving Form's files directories for c in cmds: for d in c.dirs: self.app.add_url_rule("{}{}/<path:filename>".format( SCRIPT_URL, d), "{}-{}".format(cmd.name, d), partial(self.serve_files, d), methods=['GET']) self.dirs.append(DirContents(d)) if not_public: self.app.add_url_rule("/login", "login", self.login, methods=['POST', 'GET']) self.app.add_url_rule("/logout", "logout", self.logout, methods=['POST', 'GET']) def logout(self): logout_user() return redirect("/") def login(self): login_form = wtforms.form.BaseForm(()) login_form['username'] = wtforms.TextField("Username") login_form['password'] = wtforms.PasswordField("Password") login_form['username'].data = '' if request.method == 'POST': login_form.process(request.form) if login_form.validate(): # login and validate the user... password = hashlib.sha256( login_form['password'].data.encode('utf8')).hexdigest() u = User.query.filter( User.username == login_form['username'].data, User.password == password).all() if u: login_user(u[0]) flash("Logged in successfully.") return redirect(request.args.get("next") or "/") else: flash("Username or password incorrect, try again.") return redirect("/login") return render_template("login.html", form=login_form, app=self) def load_user(self, userid): return User.query.get(userid) def run(self, *args, **kwargs): self.app.run(debug=True, *args, **kwargs) def serve_files(self, dir, filename): file_path = os.path.abspath(os.path.join(os.getcwd(), '{}')).format(dir) return send_from_directory(file_path, filename) def form(self, cmd_name): f = self.cmds[cmd_name] self.active = cmd_name f.stdout = '' if request.method == 'POST': f.process(request.form) if f.form.validate(): f.run() return render_template('form.html', form=f.fields_list(), desc=Markup(f.desc), dirs=self.dirs, output_type=f.output_type, output=f.stdout, inline=f.inline, app=self)
app.before_request(load_user_in_g) def get_user(userid): ''' Get or create user document in local db, using info in LDAP ''' try: return User.objects.get(id=userid) except User.DoesNotExist: user_info = plugldap.user_info(userid) if user_info: (user, created) = User.objects.get_or_create(id=user_info['uid'], defaults=user_info) return user else: return None login_manager.user_loader(get_user) def seed_users(invited_coordinators): """ Helper function to import initial list of coordinators """ for uid, country in invited_coordinators: user = get_user(uid) user.country = country if not user.token: user.token = str(uuid.uuid4()) user.save() @auth.route('/login', methods=['GET', 'POST']) def login(): form = LoginForm()
class DefaultConfig(object): SECRET_KEY = 'Isthisthereallife?Isthisjustfantasy?Caughtinalandslide' # SQLALCHEMY_DATABASE_URI = 'sqlite:///./trombone.db' SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://dialogando:senha@localhost/dialogando' PROPAGATE_EXCEPTIONS = True app = Flask(__name__) #app.config.from_object('trombone.DefaultConfig') app.config.from_pyfile('settings.cfg', silent=True) # Configure the login manager login_manager = LoginManager() login_manager.init_app(app) login_manager.login_view = ".user.login" login_manager.user_loader(user.load_user) app.test_request_context().push() db.init_app(app) db.create_all() # Create admin user if doesn't exist admin_user = User.query.get(1) if not admin_user: admin_user = User("admin", "admin", is_admin=True) db.session.add(admin_user) db.session.commit() # Create admin interface admin.init_app(app)
def load_user_by_user_id(user_id): from yelandur.models import User return User.get(user_id) def load_user_by_browserid(browserid_data): from yelandur.models import User return User.get_or_create_by_email(browserid_data.get('email')) # Create the actual blueprint auth = Blueprint('auth', __name__) # Create the login manager login_manager = LoginManager() login_manager.user_loader(load_user_by_user_id) # Create the BrowserID manager browser_id = BrowserID() browser_id.user_loader(load_user_by_browserid) # Add the after-request CORS-adding function browser_id.views.after_request(add_cors_headers) @cors() def debug_login(): from yelandur.models import User try: user_id = request.args['id'] u = User.get(user_id)
import skwele.views as views from skwele.request import Request from skwele.resources.user import user_loader, User, UserList from skwele.resources.org import Org, OrgList from skwele.resources.dataset import Dataset, DatasetList app = Flask(__name__) app.request_class = Request api = Api(app) app.secret_key = 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(user_loader) # # Flask-RESTful routing # api.add_resource(UserList, '/users') api.add_resource(User, '/users/<id>', endpoint='user') api.add_resource(OrgList, '/orgs') api.add_resource(Org, '/orgs/<id>', endpoint='org') api.add_resource(DatasetList, '/datasets') api.add_resource(Dataset, '/datasets/<id>', endpoint='dataset') # # Flask routing # app.route('/')(views.index)
def _init_login(app): """Setup for Flask-Login.""" login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(User.get) login_manager.login_view = '/signin'
def _init_login(app): login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(User.get) login_manager.login_view = "/signin"
class BaseApp(Flask, RulesMixin, EnvMixin, InitMixin): login_anonymous = AnonymousUser login_view = 'user_login' login_refresh_view = 'user_login' login_message = 'Please log in to access this page.' settings = settings def __init__(self, *args, **kw): kw['static_folder'] = 'static/media' kw['static_url_path'] = '/media' super(BaseApp, self).__init__(*args, **kw) self.configure() def configure_envars(self): self.from_env('SECRET_KEY') self.from_env('SESSION_SALT') self.from_env('SQLALCHEMY_DATABASE_URI', name='DATABASE_URL') self.from_env('WHITELIST', type=lambda s: s.split('|')) self.from_env('BLACKLIST', type=lambda s: s.split('|')) def configure_app(self): salt = self.config.get('SESSION_SALT') self.session_interface = ItsdangerousSessionInterface(salt=salt) def configure_wsgi(self): self.configure_wsgi_static() self.configure_wsgi_restrict() def configure_wsgi_static(self): self.wsgi_app = SharedDataMiddleware(self.wsgi_app, {'/': ('pooldin', 'static')}) def configure_wsgi_restrict(self): whitelist = self.config.get('WHITELIST') blacklist = self.config.get('BLACKLIST') if not whitelist and not blacklist: return self.wsgi_app = RestrictMiddleware(self.wsgi_app, whitelist=whitelist, blacklist=blacklist) def init_extensions(self): db.init_app(self) self.assets = Environment(self) self.assets.directory = os.path.join(path, 'assets') self.assets.url = '/media' self.login = LoginManager() self.login.anonymous_user = self.login_anonymous self.login.login_view = self.login_view self.login.login_message = self.login_message self.login.refresh_view = self.login_refresh_view self.login.init_app(self) self.login.user_loader(self.load_user) self.login.init_app(self) self.gravatar = Gravatar( self, size=350, # Default to header profile image size default='mm', # Options available at gravatar.com force_default=False, force_lower=False) def load_user(self, id): return User.query.filter_by(id=id).first()
import config # Set this up before touching handlers, since app is used in decorators. # Simiarly db for models. app = Flask(__name__) app.config['SQLALCHEMY_DATABASE_URI'] = config.database db = SQLAlchemy(app) login_manager = LoginManager() login_manager.init_app(app) # Now we can import the rest from admin import * from handlers import * from models import * login_manager.user_loader(User.get_by_username) login_manager.unauthorized = lambda: redirect('/login') if __name__ == '__main__': db.create_all() Organisation.query.delete() User.query.delete() db.session.commit() o1 = Organisation(name='The Big Issue') o2 = Organisation(name='Helping Hands') u1 = User(username='******', organisation=o1) u1.set_password('potato') u2 = User(username='******', organisation=o2) u2.set_password('helloworld')
from flask import Markup import pytz import prefs from database import db, create_flask_app app = create_flask_app() babel = Babel(app) login_manager = LoginManager() login_manager.init_app(app) from controllers import threads, posts, users, applicants login_manager.token_loader(users.token_loader) login_manager.user_loader(users.user_loader) login_manager.login_view = 'login' login_manager.session_protection = 'strong' @babel.localeselector def get_locale(): return 'en' #request.accept_languages.best_match(prefs.Config.LANG_SUPPORT) @app.route("/", defaults={'page': 1}, methods=['POST', 'GET']) @app.route("/<int:page>", methods=['POST', 'GET']) @login_required def thread_list_view(page): if request.method == 'GET': prospective_applicants = applicants.get_prospective_applicants(
except NoResultFound: return None def get_admin(kwargs): try: admin = AdministratorModel.query.filter_by(email=kwargs['email']).first() return admin except NoResultFound: return None app = Flask(__name__) app.config['SECRET_KEY'] = "deterministic" login_manager = LoginManager() login_manager.user_loader(get_admin_by_id) login_manager.init_app(app) browser_id = BrowserID() browser_id.user_loader(get_admin) browser_id.redirect_url = 'admin' browser_id.init_app(app) @app.route('/init') def first_run(): import first_run first_run.init() return redirect(url_for("index")) @app.route('/addCategory', methods=['GET', 'POST']) def add_category(): # categories = category_controller.list()
from flask import render_template from flask.ext.login import LoginManager from flask.ext.browserid import BrowserID #from formencode import Invalid from grano.core import app from grano.model import User from grano.views.sessions import blueprint as sessions from grano.views.users import blueprint as users from grano.views.projects import blueprint as projects login_manager = LoginManager() login_manager.user_loader(User.by_email) login_manager.init_app(app) browser_id = BrowserID() browser_id.user_loader(User.from_browserid) browser_id.init_app(app) app.register_blueprint(sessions, url_prefix='/api/1') app.register_blueprint(users, url_prefix='/api/1') app.register_blueprint(projects, url_prefix='/api/1') def angular_templates(): #if app.config.get('ASSETS_DEBUG'): # return partials_dir = os.path.join(app.static_folder, 'templates')
def __init__(self, uid, pwd): self.id = uid self.password = pwd def load_user(user_id): admin_id = g.config.get('security/username') if admin_id == user_id: admin_pwd = g.config.get('security/password') return User(admin_id, admin_pwd) return None login_manager = LoginManager() login_manager.login_view = 'login' login_manager.user_loader(load_user) def record_login_manager(state): if state.app.secret_key == 'temp-key': def _handler(): raise FoodTruckConfigNotFoundError() logger.debug("No secret key found, disabling website login.") login_manager.unauthorized_handler(_handler) login_manager.login_view = None # Setup Bcrypt. from foodtruck.bcryptfallback import Bcrypt bcrypt_ext = Bcrypt()
class BaseApp(Flask, RulesMixin, EnvMixin, InitMixin): login_anonymous = AnonymousUser login_view = 'user_login' login_refresh_view = 'user_login' login_message = 'Please log in to access this page.' settings = settings def __init__(self, *args, **kw): kw['static_folder'] = 'static/media' kw['static_url_path'] = '/media' super(BaseApp, self).__init__(*args, **kw) self.configure() def configure_envars(self): self.from_env('SECRET_KEY') self.from_env('SESSION_SALT') self.from_env('SQLALCHEMY_DATABASE_URI', name='DATABASE_URL') self.from_env('WHITELIST', type=lambda s: s.split('|')) self.from_env('BLACKLIST', type=lambda s: s.split('|')) def configure_app(self): salt = self.config.get('SESSION_SALT') self.session_interface = ItsdangerousSessionInterface(salt=salt) def configure_wsgi(self): self.configure_wsgi_static() self.configure_wsgi_restrict() def configure_wsgi_static(self): self.wsgi_app = SharedDataMiddleware(self.wsgi_app, { '/': ('pooldin', 'static') }) def configure_wsgi_restrict(self): whitelist = self.config.get('WHITELIST') blacklist = self.config.get('BLACKLIST') if not whitelist and not blacklist: return self.wsgi_app = RestrictMiddleware(self.wsgi_app, whitelist=whitelist, blacklist=blacklist) def init_extensions(self): db.init_app(self) self.assets = Environment(self) self.assets.directory = os.path.join(path, 'assets') self.assets.url = '/media' self.login = LoginManager() self.login.anonymous_user = self.login_anonymous self.login.login_view = self.login_view self.login.login_message = self.login_message self.login.refresh_view = self.login_refresh_view self.login.init_app(self) self.login.user_loader(self.load_user) self.login.init_app(self) self.gravatar = Gravatar(self, size=350, # Default to header profile image size default='mm', # Options available at gravatar.com force_default=False, force_lower=False) def load_user(self, id): return User.query.filter_by(id=id).first()
def get_crypt(password, salt): crypt = "%s-%s" % (salt, password) for i in range(101): crypt = "%s-%s-%s" % (crypt, salt, crypt) crypt = hashlib.sha1(crypt).hexdigest() return crypt def login_user(username, password): user = get_user(username) if not user: return None return get_crypt(password, user['salt']) == user['pass'] and user login_manager.user_loader(get_user) @auth.route('/login', methods=['GET', 'POST']) def login(): form = LoginForm() if form.validate_on_submit(): username, password = request.form['username'], request.form['password'] user = login_user(username, password) if user: flask_login.login_user(user) flash('Logged in successfully as %s %s (%s).' % (user['first_name'], user['last_name'], user['_id'])) user['last_login'] = datetime.datetime.utcnow() mongo().db.user.save(user) resp = redirect(request.args.get("next") or url_for('hip.home'))
from flask.ext.login import LoginManager from flask.ext.browserid import BrowserID import time app = Flask(__name__) app.version = "0.1a" # Secret key can change with each new version this forces all old logins to expire :) app.config['SECRET_KEY'] = '\xad\xdb\xe9o\x84\x03S\xa93\xc2X\x0ejlq\xad\xcd1\xb0Ub' # Import here so database it can reach the app object. from database.login import get_user, get_user_by_id # Set up the authentication realm login_manager = LoginManager() # Point it to the function that retrieves active users login_manager.user_loader(get_user_by_id) login_manager.init_app(app) # Now the actual login system browser_id = BrowserID() browser_id.user_loader(get_user) browser_id.init_app(app) @app.route("/servertime") def time_at_server(): """Generic default testy route. Handy for debugging.""" return time.asctime() @app.route("/persona/test") def index(): """Obsolete test for persona login."""
class SecurityManager(object): session = None auth_type = 1 auth_role_admin = "" auth_role_public = "" lm = None oid = None def __init__(self, app, session): """ SecurityManager contructor param app: The Flask app object param session: the database session for security tables, passed to BaseApp """ self.session = session self.auth_type = self._get_auth_type(app) self.auth_role_admin = self._get_auth_role_admin(app) self.auth_role_public = self._get_auth_role_public(app) self.lm = LoginManager(app) self.lm.login_view = 'login' self.oid = OpenID(app) self.lm.user_loader(self.load_user) self.init_db() def register_views(self, baseapp): baseapp.add_view_no_menu(ResetPasswordView()) baseapp.add_view_no_menu(ResetMyPasswordView()) if self._get_auth_type(baseapp.app) == AUTH_DB: user_view = baseapp._init_view_session(UserDBGeneralView) auth_view = AuthDBView() else: user_view = baseapp._init_view_session(UserOIDGeneralView) auth_view = AuthOIDView() self.oid.after_login_func = auth_view.after_login baseapp.add_view_no_menu(auth_view) baseapp.add_view(user_view, "List Users" ,"/users/list","user", "Security") role_view = baseapp._init_view_session(RoleGeneralView) baseapp.add_view(role_view, "List Roles","/roles/list","tags","Security") role_view.related_views = [user_view] baseapp.menu.add_separator("Security") baseapp.add_view(baseapp._init_view_session(PermissionViewGeneralView), "Base Permissions","/permissions/list","lock","Security") baseapp.add_view(baseapp._init_view_session(ViewMenuGeneralView), "Views/Menus","/viewmenus/list","list-alt","Security") baseapp.add_view(baseapp._init_view_session(PermissionGeneralView), "Permission on Views/Menus","/permissionviews/list","lock","Security") def load_user(self, pk): return self.get_user_by_id(int(pk)) def before_request(self): g.user = current_user def migrate_get_new_obj(self, old_obj, new_obj): for col in old_obj.keys(): setattr(new_obj,col,getattr(old_obj,col)) return new_obj def migrate_obj(self, old_table, new_class): old_objs = self.session.query(old_table).all() for old_obj in old_objs: new_obj = self.migrate_get_new_obj(old_obj, new_class()) self.session.add(new_obj) self.session.commit() def quick_mapper(self, table): Base = declarative_base() class GenericMapper(Base): __table__ = table return GenericMapper def migrate_db(self): """ Migrate security tables from Flask-AppBuilder 0.2.X to 0.3.X """ engine = self.session.get_bind(mapper=None, clause=None) inspector = Inspector.from_engine(engine) if 'user' in inspector.get_table_names() and 'role' in inspector.get_table_names() and 'permission' in inspector.get_table_names(): print "Found previous security tables, migrating..." metadata = MetaData(engine) old_user = Table('user', metadata, autoload=True) old_role = Table('role', metadata, autoload=True) old_permission = Table('permission', metadata, autoload=True) old_permission_view = Table('permission_view', metadata, autoload=True) old_view_menu = Table('view_menu', metadata, autoload=True) old_permission_view_role = Table('permission_view_role', metadata, autoload=True) print "Migrating Views and Menus" self.migrate_obj(old_view_menu, ViewMenu) print "Migrating Permissions" self.migrate_obj(old_permission, Permission) print "Migrating Permissions on Views" self.migrate_obj(old_permission_view, PermissionView) print "Migrating Roles" self.migrate_obj(old_role, Role) print "Migrating Roles to Permissions on Views" self.migrate_obj(old_permission_view_role, self.quick_mapper(assoc_permissionview_role)) print "Migrating Users" self.migrate_obj(old_user, User) def init_db(self): engine = self.session.get_bind(mapper=None, clause=None) inspector = Inspector.from_engine(engine) if 'ab_user' not in inspector.get_table_names(): print "Security DB not found Creating..." Base.metadata.create_all(engine) print "Security DB Created" self.migrate_db() if self.session.query(Role).filter_by(name = self.auth_role_admin).first() is None: role = Role() role.name = self.auth_role_admin self.session.add(role) self.session.commit() print "Inserted Role for public access", self.auth_role_admin if not self.session.query(Role).filter_by(name = self.auth_role_public).first(): role = Role() role.name = self.auth_role_public self.session.add(role) self.session.commit() print "Inserted Role for public access", self.auth_role_public if not self.session.query(User).all(): user = User() user.first_name = 'Admin' user.last_name = 'User' user.username = '******' user.password = '******' user.active = True user.role = self.session.query(Role).filter_by(name = self.auth_role_admin).first() self.session.add(user) self.session.commit() print "Inserted initial Admin user" print "Login using Admin/general" def auth_user_db(self, username, password): if username is None or username == "": return None user = self.session.query(User).filter_by(username = username, password = password).first() if user is None or (not user.is_active()): return None else: return user def auth_user_oid(self, email): user = self.session.query(User).filter_by(email = email).first() if user is None or (not user.is_active()): return None else: return user def reset_password(self, userid, password): user = self.get_user_by_id(userid) user.password = password self.session.commit() def get_user_by_id(self, pk): return self.session.query(User).get(pk) def _get_auth_type(self, app): if 'AUTH_TYPE' in app.config: return app.config['AUTH_TYPE'] else: return AUTH_DB def _get_auth_role_admin(self, app): if 'AUTH_ROLE_ADMIN' in app.config: return app.config['AUTH_ROLE_ADMIN'] else: return 'Admin' def _get_auth_role_public(self, app): """ To retrive the name of the public role """ if 'AUTH_ROLE_PUBLIC' in app.config: return app.config['AUTH_ROLE_PUBLIC'] else: return 'Public' def is_menu_public(self, item): """ Check if menu item has public permissions param item: menu item """ role = self.session.query(Role).filter_by(name = self.auth_role_public).first() lst = role.permissions if lst: for i in lst: if item == i.view_menu.name: return True return False else: return False def is_item_public(self, permission_name, view_name): """ Check if view has public permissions param permission_name: the permission: can_show, can_edit... param view_name: the name of the class view (child of BaseView) """ role = self.session.query(Role).filter_by(name = self.auth_role_public).first() lst = role.permissions if lst: for i in lst: if (view_name == i.view_menu.name) and (permission_name == i.permission.name): return True return False else: return False def has_menu_access(self, user, menu_name): lst = user.role.permissions if lst: for i in lst: if menu_name == i.view_menu.name: return True return False else: return False def has_permission_on_view(self, user, permission_name, view_name): lst = user.role.permissions if lst: for i in lst: if (view_name == i.view_menu.name) and (permission_name == i.permission.name): return True return False else: return False def _add_permission(self, name): """ Adds a permission to the backend param name: name of the permission to add: 'can_add','can_edit' etc... """ perm = self.session.query(Permission).filter_by(name = name).first() if perm == None: perm = Permission() perm.name = name self.session.add(perm) self.session.commit() return perm return perm def _add_view_menu(self, name): """ Adds a view menu to the backend param name: name of the view menu to add """ view_menu = self.session.query(ViewMenu).filter_by(name = name).first() if view_menu == None: view_menu = ViewMenu() view_menu.name = name self.session.add(view_menu) self.session.commit() return view_menu return view_menu def _add_permission_view_menu(self, permission_name, view_menu_name): """ Adds a permission on a view menu to the backend param permission_name: name of the permission to add: 'can_add','can_edit' etc... param view_menu_name: name of the view menu to add """ vm = self._add_view_menu(view_menu_name) perm = self._add_permission(permission_name) pv = PermissionView() pv.view_menu_id, pv.permission_id = vm.id, perm.id self.session.add(pv) self.session.commit() print "Added Permission View" , str(pv) return pv def _find_permission(self, lst, item): for i in lst: if i.permission.name == item: return True return False def add_permissions_view(self, base_permissions, view_menu): """ Adds a permission on a view menu to the backend param base_permissions: list of permissions from view (all exposed methods): 'can_add','can_edit' etc... param view_menu: name of the view or menu to add """ view_menu_db = self.session.query(ViewMenu).filter_by(name = view_menu).first() if view_menu_db == None: view_menu_db = self._add_view_menu(view_menu) lst = self.session.query(PermissionView).filter_by(view_menu_id = view_menu_db.id).all() # No permissions for this view if lst == []: for permission in base_permissions: pv = self._add_permission_view_menu(permission, view_menu) role_admin = self.session.query(Role).filter_by(name = self.auth_role_admin).first() self.add_permission_role(role_admin, pv) else: for permission in base_permissions: if not self._find_permission(lst, permission): pv = self._add_permission_view_menu(permission, view_menu) role_admin = self.session.query(Role).filter_by(name = self.auth_role_admin).first() self.add_permission_role(role_admin, pv) for item in lst: if item.permission.name not in base_permissions: # perm to delete pass def add_permissions_menu(self, view_menu): view_menu_db = self.session.query(ViewMenu).filter_by(name = view_menu).first() if view_menu_db == None: view_menu_db = self._add_view_menu(view_menu) lst = self.session.query(PermissionView).filter_by(view_menu_id = view_menu_db.id).all() if lst == []: pv = self._add_permission_view_menu('menu_access', view_menu) role_admin = self.session.query(Role).filter_by(name = self.auth_role_admin).first() self.add_permission_role(role_admin, pv) def add_permission_role(self, role, perm_view): if perm_view not in role.permissions: role.permissions.append(perm_view) self.session.merge(role) self.session.commit() print "Added Permission" , str(perm_view) , " to Role " , role.name