"""
页面TOKEN权限管理
"""
from flask import g, abort
from flask_httpauth import HTTPTokenAuth
from app.code import Code
from app.util import make_result
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
from itsdangerous import SignatureExpired, BadSignature
SECRET_KEY = 'LXDJEOX,SOEFHISO13'
EXPIRATION_TIME = 3600
auth = HTTPTokenAuth(scheme="Token-")
tokens = {'this_is_token_1': 'xin'}
def generate_auth_token(user_id, expiration=EXPIRATION_TIME):
s = Serializer(SECRET_KEY, expires_in=expiration)
return s.dumps({'user_id': user_id})
@auth.verify_token
def verify_token(token):
s = Serializer(SECRET_KEY, expires_in=EXPIRATION_TIME)
try:
data = s.loads(token)
g.user_id = data['user_id']
return True
except SignatureExpired:
abort(make_result(code=Code.EXPIRED_TOKEN)) # valid token, but expired
from dbmodel import db, app, User, Poster, Director, Genre
from flask_httpauth import HTTPTokenAuth
import random
import string
import os
import json
from werkzeug.exceptions import UnsupportedMediaType
from oauth2client.client import flow_from_clientsecrets, FlowExchangeError
from flask import session
import httplib2
from flask import make_response
import requests
from PIL import Image
import logging
auth = HTTPTokenAuth('Token')
ALLOWED_EXTENSIONS = ['png', 'jpg', 'jpeg', 'gif']
APP_ROOT = os.path.dirname(os.path.abspath(__file__))
UPLOAD_FOLDER = os.path.join(APP_ROOT, 'static/img')
CLIENT_ID = \
json.loads(open('client_secrets.json', 'r').read())['web']['client_id']
# compression for site resources - method borrowed from here:
# https://damyanon.net/post/flask-series-optimizations/
COMPRESS_MIMETYPES = [
'text/html',
'text/css',
'text/xml',
'application/json',
'application/javascript']
COMPRESS_LEVEL = 6
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from flask import session, url_for, request, redirect, g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth
from model.model import Users
from flask_restful import Resource
__author__ = 'Zaaferani'
auth = HTTPBasicAuth()
auth2 = HTTPTokenAuth()
# noinspection PyBroadException
@auth.verify_password
def verify_password(username_or_token, password):
# first try to authenticate by token
user = Users.verify_auth_token(username_or_token)
if not user:
# try to authenticate with username/password
try:
user = Users.get(Users.username == username_or_token)
except:
user = None
if not user or not user.verify_password(password):
return False
g.user = user
return True
from flask_sqlalchemy import SQLAlchemy
from flask_migrate import Migrate
from flask_marshmallow import Marshmallow
from flask_uploads import UploadSet
from flask_httpauth import HTTPTokenAuth
from flask import jsonify
db = SQLAlchemy()
migrate = Migrate()
ma = Marshmallow()
photos = UploadSet('PHOTO')
auth = HTTPTokenAuth('token')
auth.error_handler(lambda: jsonify({
"code": 40100,
"data": None,
"message": "认证失败"
}))
import logging
from flask import current_app, g
from flask_httpauth import HTTPTokenAuth
import jwt
from jwt.exceptions import InvalidTokenError
from werkzeug.exceptions import Unauthorized
# TODO make logging global
logging.basicConfig(level=logging.DEBUG)
accessTokenAuth = HTTPTokenAuth(scheme="Bearer") # pylint: disable=invalid-name
# because this uses the current_app and global contexts it can only be usecd
# during a request
@accessTokenAuth.verify_token
def verify_access_token(access_token):
"""
verify an access token by checking it against the Authorization: Bearer header
"""
try:
# this method will throw an error if the access token has been tampered with
decoded = jwt.decode(access_token,
current_app.config['SECRET_KEY'],
algorithms='HS256')
g.current_user = decoded
return True
except InvalidTokenError as error:
logging.exception(error)
return False
from flask import g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth
from app.logic.user import User
from app.logic.tracking_device import TrackingDevice
from app.api.controllers.errors import error_response
from app.api import bp
from functools import wraps
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth('Bearer')
device_token_auth = HTTPTokenAuth('Bearer')
@basic_auth.verify_password
def verify_password(email, password):
user = User.query.filter_by(email=email).first()
if user is None:
return False
g.current_user = user
return user.check_password(password)
@basic_auth.error_handler
def basic_auth_error():
return error_response(401)
@token_auth.verify_token
def verify_token(token):
g.current_user = User.check_token(token) if token else None
return g.current_user is not None
import jwt
import datetime
import time
from . import api
from flask import jsonify, current_app as app, request, g
from .. import response as res, db
from ..models import User, Role
from flask_httpauth import HTTPTokenAuth
from .errors import unauthorized
auth = HTTPTokenAuth(scheme='JWT')
@api.route('/login', methods=['POST'])
def login():
openid = request.form['openid']
session_key = request.form['session_key']
user = User.query.filter_by(openid=openid).first()
if user is None:
user = User(openid=openid, session_key=session_key)
db.session.add(user)
db.session.commit()
token = User.encode_auth_token(openid, session_key)
return jsonify(res.success('got token', {'token': token.decode()}))
@auth.verify_token
def verify_token(token):
from medallion.log import default_request_formatter
from werkzeug.security import check_password_hash
from .exceptions import BackendError, ProcessingError
from .version import __version__ # noqa
from .views import MEDIA_TYPE_TAXII_V20
# Console Handler for medallion messages
ch = logging.StreamHandler()
ch.setFormatter(default_request_formatter())
# Module-level logger
log = logging.getLogger(__name__)
log.addHandler(ch)
jwt_auth = HTTPTokenAuth(scheme='JWT')
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(None)
def set_multi_auth_config(main_auth, *additional_auth):
type_to_app = {'jwt': jwt_auth, 'api_key': token_auth, 'basic': basic_auth}
auth.main_auth = type_to_app[main_auth]
additional_auth = [a for a in additional_auth if a != main_auth]
auth.additional_auth = tuple(
type_to_app[a] for a in tuple(OrderedDict.fromkeys(additional_auth)))
def set_auth_config(flask_application_instance, config_info):
from flask import Blueprint, g
from flask_httpauth import HTTPTokenAuth
from app.models.user import User
api_v1 = Blueprint('v1', __name__)
auth_v1 = HTTPTokenAuth(scheme='Token')
@auth_v1.verify_token
def verify_token(token):
user = User.verify_auth_token(token)
if user:
g.user = user
g.token = token
return True
return False
from . import auth, father, son, errors
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os
key = 'ELO_PASS'
from flask import Flask
from flask_httpauth import HTTPTokenAuth
app = Flask(__name__)
auth = HTTPTokenAuth("Token")
@auth.verify_token
def verify_token(token):
return token == os.getenv(key)
@app.route("/")
@auth.login_required
def main_route():
return "devops test server flying!!"
if __name__ == '__main__':
app.run("0.0.0.0", port=80)
# -*- coding: utf-8 -*- from flask import Flask from flask_cors import CORS, cross_origin from flask_restful import Api from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth from flask_sqlalchemy import SQLAlchemy from app.config import DATABASE_URI, TOKEN_SCHEME # API SERVER APPLICATION app = Flask(__name__) CORS(app) api = Api(app) # DATABASE app.config['SQLALCHEMY_ECHO'] = False app.config['SQLALCHEMY_DATABASE_URI'] = DATABASE_URI app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True db = SQLAlchemy(app) # TOKEN AUTH AUTHENTICATION token_auth = HTTPTokenAuth(scheme=TOKEN_SCHEME) # make routes..for gunicorn from app import routes
from flask import jsonify, request, abort, render_template
from flask_httpauth import HTTPTokenAuth
from marshmallow import ValidationError
from match_tracks import app
from match_tracks.models import Device, DeviceSchema, SessionSchema, FieldSchema
device_schema = DeviceSchema()
auth = HTTPTokenAuth(scheme='APIKey')
tokens = {"hi-bob": "bob"}
# token verification method
@auth.verify_token
def verify_token(token):
if token in tokens:
# g.current_user = tokens[token]
return True
return False
@app.route('/')
@app.route('/index/')
def index():
user = {'username': '******'}
return render_template('index.html', title='Home', user=user)
# READ all devices
@app.route('/devices/', methods=['GET'])
api = Api(app)
# 关于flask SQLAlchemy实现ORM框架操作的一些基础配置
app.config['SECRET_KEY'] = 'dqwecf29vbneuirjnf2i3n0f2i302n'
# 数据库连接信息配置
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///db.sqlite'
# 是否自动提交sql执行
app.config['SQLALCHEMY_COMMIT_ON_TEARDOWN'] = True
# 是否显示修改回执
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
# SQLAlchemy实例化
db = SQLAlchemy(app)
# 引入基础认证、token认证模块
auth = HTTPBasicAuth()
token_m = HTTPTokenAuth()
class User(db.Model):
# 表名
__tablename__ = 'users'
# 表字段名对应赋值属性
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(32), index=True)
password_hash = db.Column(db.String(64))
# print(id, username, password_hash)
# def __init__(self, username, password_hash):
# self.username = username
# self.password_hash = password_hash
# http authentication in restful api
from flask_httpauth import HTTPTokenAuth
from flask import abort
from ..model import LoggedUser
auth = HTTPTokenAuth(scheme='Token', realm='Need a token')
@auth.verify_token
def verify_token(token):
logged_user = LoggedUser.objects(token=token).first()
if logged_user is None:
return False
return True
@auth.error_handler
def auth_error():
abort(403)
def get_user_by_token(token):
user = LoggedUser.objects(token=token).first()
return user.user
import os
from flask import Flask
from flask_httpauth import HTTPTokenAuth
from flask_sqlalchemy import SQLAlchemy
from flask_restplus import Api
from .config import app_config
# initialize sql-alchemy
db = SQLAlchemy()
# initialize HTTP auth
authentication = HTTPTokenAuth(scheme='Token')
def create_app(config_name):
app = Flask(__name__)
app.config.from_object(app_config[config_name])
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
db.init_app(app)
from bucketlist.auth import auth as auth_blueprint
api = Api(auth_blueprint)
app.register_blueprint(auth_blueprint, url_prefix='/api/v1.0')
from bucketlist.auth.views import CreateUser, LogUserIn
api.add_resource(CreateUser, '/auth/register/')
api.add_resource(LogUserIn, '/auth/login/')
from bucketlist.bucketlists import bucketlists as bucketlists_blueprint
api = Api(bucketlists_blueprint)
app.register_blueprint(bucketlists_blueprint, url_prefix='/api/v1.0')
import MySQLdb
import os
import random
import requests
import smtplib
import string
import sys
import timestring
import zerorpc
# custom files - rsappapi.py uses these files
import constants
import stripe_process
auth = HTTPBasicAuth()
tokenauth = HTTPTokenAuth("Bearer")
multiauth = MultiAuth(auth, tokenauth)
app = Flask(__name__)
CORS(app)
# Lines above are copied from the file (from rsappapi.py
# for the example below) that has the function to test.
# https://docs.python.org/2/library/unittest.html - for more info
import unittest
# RSAPPAPI_IMPORTS - import function to test.
from rsappapiFunc import get_scan_alerts
# RSAPPAPI_IMPORTS
OK200 = "[200 OK]"
NF404 = "[404 Not Found]"
from flask import jsonify, g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth
from .models import User
auth = HTTPBasicAuth()
auth_token = HTTPTokenAuth()
@auth.verify_password
def verify_password(username, password):
g.user = User.query.filter_by(username=username).first()
if g.user is None:
return False
return g.user.verify_password(password)
@auth.error_handler
def unauthorized():
response = jsonify({'status': 401, 'error': 'unauthorized', 'message': 'please authenticate'})
response.status_code = 401
return response
@auth_token.verify_token
def verify_auth_token(token):
g.user = User.verify_auth_token(token)
return g.user is not None
@auth_token.error_handler
def unauthorized_token():
response = jsonify({'status': 401, 'error': 'unauthorized', 'message': 'please send your authentication token'})
response.status_code = 401
return response
import json
from loguru import logger
from flask import g
from flask_httpauth import HTTPTokenAuth
from config import SESSION, REDIS
from database.migrations.models import User
GW_AUTH = HTTPTokenAuth(scheme="Bearer")
USER_AUTH = HTTPTokenAuth(scheme="Bearer")
class GatewayAuth:
@staticmethod
@GW_AUTH.verify_token
def verify_token(token):
gateway_dict = json.loads(REDIS.get("gateways"))
if token not in gateway_dict:
logger.error(f"[GW OAUTH Failed] token: {token}")
g.error_message = "Access Denied"
return False
g.gateway_name = gateway_dict[token]
logger.info(f"[GW OAUTH Success] GW: {g.gateway_name}")
return True
@staticmethod
@GW_AUTH.error_handler
def unauthorized():
return {"error": g.error_message}, 401
from flask_httpauth import HTTPTokenAuth
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker
from itsdangerous import TimedJSONWebSignatureSerializer as JWT
from itsdangerous import BadSignature, SignatureExpired
import random
import string
from oauth2client import client, file
import httplib2
from googleapiclient.discovery import build
import json
from database_setup import Base, User, Category, LearningItem, Resource
from ui_classes import ItemUI
app = Flask(__name__)
auth = HTTPTokenAuth(scheme="Bearer")
# secret_key for API token generation
# validity one hour
# "".join(random.choice(string.ascii_uppercase + string.digits)
# for x in range(32))
secret_key = "3K78ONCNMYYNGSSFKZMIA1T76Y99WTT6"
VALIDITY = 3600
jwt = JWT(secret_key, expires_in=VALIDITY)
engine = create_engine("sqlite:///tolearn.db")
Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
session = DBSession()
CORS(app, supports_credentials=True)
app.config['JSON_AS_ASCII'] = False
app.config['SECRET_KEY'] = os.environ['SECRET_KEY']
app.config[
'SQLALCHEMY_DATABASE_URI'] = '{}+{}://{}:{}@{}:{}/{}?charset=utf8mb4'.format(
os.environ['DIALECT'], os.environ['DRIVER'],
os.environ['MYSQL_USER_NAME'], os.environ['MYSQL_USER_PASSWORD'],
os.environ['MYSQL_HOST_NAME'], os.environ['MYSQL_PORT'],
os.environ['MYSQL_DB'])
app.config['SQLALCHEMY_COMMIT_ON_TEARDOWN'] = True
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
# extensions
db = SQLAlchemy(app)
password_auth = HTTPBasicAuth()
# token_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='jwt')
class User(db.Model):
__tablename__ = 'users'
id = db.Column(db.Integer, primary_key=True)
APP_ID = db.Column(db.String(32), index=True)
APP_SECRET_hash = db.Column(db.String(128))
def hash_password(self, APP_SECRET):
self.APP_SECRET_hash = generate_password_hash(APP_SECRET)
def verify_password(self, APP_SECRET):
return check_password_hash(self.APP_SECRET_hash, APP_SECRET)
def generate_auth_token(self, expires_in=600):
# Celery config
app.config['CELERY_BROKER_URL'] = config.CELERY_BROKER_URL
app.config['CELERY_RESULT_BACKEND'] = config.CELERY_RESULT_BACKEND
app.config['CELERY_ACCEPT_CONTENT'] = config.CELERY_ACCEPT_CONTENT
app.config.update(accept_content=['json', 'pickle'])
# Initialize Celery
celery = Celery(app.name, broker=app.config['CELERY_BROKER_URL'])
celery.conf.update(app.config)
# Config mail
mail = Mail(app)
# auth
auth = HTTPTokenAuth('Bearer')
# mailgun_api_key
mailgun_api_key = config.MAILGUN_API_KEY
@auth.verify_token
def verify_token(token):
g.user = None
try:
data = token_serializer.loads(token)
except Exception:
return False
if 'username' in data:
g.user = data['username']
g.user_id = data['user_id']
from flask import g, jsonify
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth
from flask_login import current_user
from apps.main import main
from apps.models import User
auth = HTTPTokenAuth(scheme='pixellot')
@main.before_request
@auth.login_required
def before_request():
if list(g) == []:
return jsonify({'token': 'false'})
if (not g.current_user) or g.token_used:
return jsonify({'token': 'false'})
@auth.verify_token
def verify_token(username_or_token):
if username_or_token == '':
return False
g.current_user = User.verify_auth_token(username_or_token)
g.token_used = False
return g.current_user is not None
import os
import requests
import json
import simplejson
from flask import Flask, render_template, request, redirect, jsonify, url_for, session, g
from sqlalchemy import create_engine
from sqlalchemy.orm import scoped_session, sessionmaker
from flask_session import Session
from flask_httpauth import HTTPTokenAuth
app = Flask(__name__)
auth = HTTPTokenAuth(scheme='Bearer')
app.config["SESSION_PERMANENT"] = False
app.config["SESSION_TYPE"] = "filesystem"
Session(app)
# create db engine to allow python to communicate with db
engine = create_engine(os.getenv("DATABASE_URL"))
db = scoped_session(sessionmaker(bind=engine))
tokens = {"secret-token-1": "greg", "secret-token-2": "shweta"}
@auth.verify_token
def verify_token(token):
if token in tokens:
return tokens[token]
@app.route("/")
"""
Authentication functions for the iffSamples RESTful API.
"""
import flask
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
from sampledb.logic.authentication import login, login_via_api_token
from sampledb.logic.object_permissions import Permissions
from sampledb.utils import object_permissions_required as object_permissions_required_generic
__author__ = 'Florian Rhiem <*****@*****.**>'
http_basic_auth = HTTPBasicAuth()
http_token_auth = HTTPTokenAuth(scheme='Bearer')
multi_auth = MultiAuth(http_basic_auth, http_token_auth)
@http_token_auth.verify_token
def verify_token(api_token):
if not api_token:
return None
flask.g.user = login_via_api_token(api_token)
return flask.g.user
@http_basic_auth.verify_password
def verify_password(username, password):
if not username:
return None
from flask import g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth, MultiAuth
import models
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth(scheme='Token')
auth = MultiAuth(basic_auth, token_auth)
@basic_auth.verify_password
def verify_password(email_or_username, password):
if g.user in models.User.select():
return True
else:
try:
user = models.User.get((models.User.email == email_or_username) | (
models.User.username == email_or_username))
if not user.verify_password(password):
return False
except models.User.DoesNotExist:
return False
else:
g.user = user
return True
@token_auth.verify_token
def verify_token(token):
user = models.User.verify_auth_token(token)
if user is not None:
"""Common authentication functions.
This module contains functions to generate and verify JWT tokens.
"""
from datetime import datetime, timedelta
from cachetools.func import ttl_cache
from etcd import EtcdKeyNotFound
from flask import current_app, g, jsonify
from flask_httpauth import HTTPTokenAuth
import jwt
from lockoncrm_common.etcd import etcd_client
token_auth = HTTPTokenAuth('Bearer')
token_optional_auth = HTTPTokenAuth('Bearer')
def generate_token(user_id, expires_in=3600):
"""Generate a JWT token.
:param user_id the user that will own the token
:param expires_on expiration time in seconds
"""
secret_key = current_app.config['JWT_SECRET_KEY']
return jwt.encode(
{
'user_id': user_id,
'exp': datetime.utcnow() + timedelta(seconds=expires_in)
},
secret_key,
# -*- coding: utf-8 -*-
from sqlalchemy import create_engine, Column, Integer, String
from sqlalchemy.orm import sessionmaker, scoped_session
from sqlalchemy.ext.declarative import declarative_base
from flask import Flask, g
from flask_restful import reqparse, Api, Resource
from flask_httpauth import HTTPTokenAuth
from basic_.flask_ import FResponse as fresp
# Flask 相关变量
app = Flask(__name__)
api = Api(app)
# 认证相关
auth = HTTPTokenAuth(scheme="token")
TOKENS = {"fejiasdfhu", "fejiuufjeh"}
@auth.verify_token
def verify_token(token):
if token in TOKENS:
g.current_user = token
return True
return False
# 数据库相关变量声明
engine = create_engine("mysql+pymysql://{}:{}@192.168.122.110/backend".format(
"bkadmin", "admin@123"),
# 添加到用户登录历史,以后分析使用。
insert('loginhistory', {
'username': username,
'createdate': createdate
})
return True
except Exception as e:
return str(e)
except Exception as e:
return str(e)
# 基本认证
auth = HTTPBasicAuth()
authtoken = HTTPTokenAuth()
authmulti = MultiAuth(auth, authtoken)
@auth.verify_password
def verify_pw(username, pwd):
haveauser = findeuser("users", {'username': username}, 'username', 'pwd')
if haveauser[-1]['len'] != 0:
if verify_password(pwd, haveauser[0]['pwd']):
return True
return None
@authtoken.verify_token
def verify_token(token):
if userverify_token(token):
from flask import g
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth
from app.models import User
from app.api.errors import error_response
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth()
@basic_auth.verify_password
def verify_password(username, password):
user = User.query.filter_by(username=username).first()
if user is None:
return False
g.current_user = user
return user.check_password(password)
@basic_auth.error_handler
def basic_auth_error():
return error_response(401)
@token_auth.verify_token
def verfy_token(token):
g.current_user = User.check_token(token) if token else None
return g.current_user is not None
@token_auth.error_handler
def token_auth_error():
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from flask import g
from flask import jsonify
from flask_httpauth import HTTPBasicAuth
from flask_httpauth import HTTPTokenAuth
from . import db
from .models import User
from .utils import abort
# Authentication objects for username/password auth, token auth, and
# a token optional auth that is used for open endpoints.
basic_auth = HTTPBasicAuth()
token_auth = HTTPTokenAuth("Bearer")
token_optional_auth = HTTPTokenAuth("Bearer")
# no authentication (useful for debug)
no_auth = HTTPBasicAuth()
@no_auth.verify_password
def no_verify_password(name, password_raw):
return False
@no_auth.error_handler
def no_password_error():
abort(401, "authentication required")