class JSONSerializerWithPickleFallback(object):
def __init__(self):
self.json = JSONSerializer()
self.pickle = PickleSerializer()
def dumps(self, value):
return self.json.dumps(value)
def loads(self, value):
try:
return self.json.loads(value)
except ValueError:
return self.pickle.loads(value)
def includeme(config):
"""Set up the app's Pyramid session."""
# ``secure=True`` is recommended by the Pyramid docs (see
# https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html)
# but is inconvenient in development environments, so use insecure cookies
# in dev for convenience but use secure (HTTPS-only) cookies otherwise.
secure = not config.registry.settings.get("debug", False)
config.set_session_factory(
SignedCookieSessionFactory(
secret=config.registry.settings["session_cookie_secret"],
secure=secure,
# ``httponly=True`` is recommended by the Pyramid docs to protect
# the cookie from cross-site scripting vulnerabilities, see:
# https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html
httponly=True,
# This is the timeout and reissue time recommended in the Pyramid
# docs for auto-expiring cookies. See:
# https://docs.pylonsproject.org/projects/pyramid/en/latest/api/session.html
timeout=1200,
reissue_time=120,
# The Pyramid docs recommend JSONSerializer instead of the default
# serializer for security reasons. See:
# https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html
serializer=JSONSerializer(),
))
class JSONSerializerWithPickleFallback(object):
def __init__(self):
self.json = JSONSerializer()
self.pickle = PickleSerializer()
def dumps(self, value):
# maybe catch serialization errors here and keep using pickle
# while finding spots in your app that are not storing
# JSON-serializable objects, falling back to pickle
return self.json.dumps(value)
def loads(self, value):
try:
return self.json.loads(value)
except ValueError:
return self.pickle.loads(value)
def main(global_config, **settings):
my_session_factory = SignedCookieSessionFactory(
"supersecret", serializer=JSONSerializer(), httponly=True
)
config = Configurator(settings=settings, session_factory=my_session_factory)
config.include("pyramid_chameleon")
config.add_route("home", "/")
config.add_route("hello", "/howdy")
config.scan(".views")
return config.make_wsgi_app()
def includeme(config):
settings = config.registry.settings
# By default, derive_key generates a 64-byte (512 bit) secret, which is the
# correct length for SHA512-based HMAC as specified by the `hashalg`.
factory = SignedCookieSessionFactory(
secret=derive_key(settings["secret_key"], settings["secret_salt"],
b"h.session.cookie_secret"),
hashalg="sha512",
httponly=True,
timeout=3600,
serializer=JSONSerializer(),
)
config.set_session_factory(factory)
config.set_csrf_storage_policy(SessionCSRFStoragePolicy())
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
with Configurator(settings=settings,
root_factory='.resources.Root') as config:
config.include('.models')
config.include('pyramid_jinja2')
config.include('.routes')
config.include('.security')
config.scan(ignore=['.tests', '.migration_tests'])
config.set_default_permission('view')
hex_secret = config.get_settings()['session_secret'].strip()
secret = binascii.unhexlify(hex_secret)
factory = EncryptedCookieSessionFactory(secret=secret,
serializer=JSONSerializer(),
timeout=86400)
config.set_session_factory(factory)
return config.make_wsgi_app()
def make_app(global_settings: dict, **settings: Any) -> Router:
settings = {**BASE_SETTINGS, **settings}
session_factory = SignedCookieSessionFactory(
secret=settings["zam.session_secret"],
serializer=JSONSerializer(),
secure=asbool(settings["zam.auth_cookie_secure"]),
httponly=True,
)
with Configurator(
settings=settings, root_factory=Root, session_factory=session_factory
) as config:
config.include("zam_repondeur.errors")
setup_database(config, settings)
config.include("zam_repondeur.menu")
config.include("zam_repondeur.auth")
config.include("zam_repondeur.templating")
config.include("pyramid_default_cors")
config.include("pyramid_retry")
config.add_route("error", "/error")
config.include("zam_repondeur.assets")
config.include("zam_repondeur.tasks")
config.include("zam_repondeur.services.data")
config.include("zam_repondeur.services.users")
config.include("zam_repondeur.services.progress")
config.include("zam_repondeur.services.amendements")
config.include("zam_repondeur.services.fetch.http")
load_version(config)
config.scan()
app = config.make_wsgi_app()
return app
def make_app(global_settings: dict, **settings: Any) -> Router:
settings = {**BASE_SETTINGS, **settings}
session_factory = SignedCookieSessionFactory(
secret=settings["zam.session_secret"], serializer=JSONSerializer())
with Configurator(settings=settings,
root_factory=Root,
session_factory=session_factory) as config:
rollbar_settings = extract_settings(settings, prefix="rollbar.")
if "access_token" in rollbar_settings and "environment" in rollbar_settings:
setup_rollbar_log_handler(rollbar_settings)
setup_database(config, settings)
config.include("zam_repondeur.auth")
config.include("pyramid_default_cors")
config.include("pyramid_jinja2")
config.add_jinja2_renderer(".html")
config.add_jinja2_search_path("zam_repondeur:templates", name=".html")
config.add_route("choices_lectures", "/choices/dossiers/{uid}/")
config.add_route("error", "/error")
config.include("zam_repondeur.assets")
init_huey(settings)
config.include("zam_repondeur.data")
config.include("zam_repondeur.users")
config.include("zam_repondeur.amendements")
load_version(config)
config.scan()
app = config.make_wsgi_app()
return app
def __init__(self):
self.json = JSONSerializer()
self.pickle = PickleSerializer()
def main(global_config, **settings):
""" This function returns a Pyramid WSGI application.
"""
config = Configurator(settings=settings)
config.include('pyramid_jinja2')
# Insecure Session
# https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html#sessions-chapter
my_session_factory = SignedCookieSessionFactory(
'insecure-but-digitally-signed-382746', serializer=JSONSerializer())
config.set_session_factory(my_session_factory)
# Cache busting of static assets
# See https://docs.pylonsproject.org/projects/pyramid/en/1.10-branch/narr/assets.html#cache-busting
config.add_static_view('static', 'static', cache_max_age=3600)
config.add_cache_buster(
'arscca:static/',
QueryStringConstantCacheBuster(str(int(time.time()))))
config.add_route('admin_clear_run_groups', '/admin/run_groups/clear')
config.add_route('admin_generate_run_groups', '/admin/run_groups/generate')
config.add_route('admin_run_groups', '/admin/run_groups')
config.add_route('calendar', '/calendar')
config.add_route('calendar_slash', '/calendar/')
config.add_route('calendar_plain', '/calendar/plain')
config.add_route('exception', '/exception')
config.add_route('help_index', '/help')
config.add_route('help_index_slash', '/help/')
config.add_route('help_show', '/help/{document_name}')
config.add_route('opinion_index', '/opinion')
config.add_route('opinion_index_slash', '/opinion/')
config.add_route('opinion_show', '/opinion/{document_name}')
config.add_route('driver', '/drivers/{slug}')
config.add_route('drivers', '/drivers')
config.add_route('drivers_slash', '/drivers/')
config.add_route('event', '/events/{date}')
config.add_route('events', '/events') # redirects to home
config.add_route('events_slash',
'/events/') # redirects to home (slash is distinct)
config.add_route('index', '/')
config.add_route('javascript_errors', '/javascript_errors')
config.add_route('joomla_test__home_page_photos',
'/joomla_test/home_page_photos')
config.add_route('joomla_test__home_page_calendar',
'/joomla_test/home_page_calendar')
config.add_route('live_event', '/live')
config.add_route('live_event_drivers', '/live/drivers')
config.add_route('live_event_raw', '/live/raw')
config.add_route('live_event_revision', '/live/revision')
config.add_route('live_event_update_redis', '/live/update_redis')
config.add_route('msreg', '/msreg')
config.add_route('msreg_upload', '/msreg/upload', request_method='POST')
config.add_route('msreg_download',
'/msreg/{download_filename}',
request_method='GET')
config.add_route('national_event', '/national_events/{year}')
config.add_route('photo_upload_create',
'/photos/upload',
request_method='POST')
config.add_route('photo_upload_new',
'/photos/upload',
request_method='GET')
config.add_route('photos', '/photos')
config.add_route('photos_slash', '/photos/')
config.add_route('photos__teaser', '/photos/teaser')
config.add_route('report', '/standings')
config.add_route('run_groups', '/run_groups')
config.scan()
config.include('pyramid_exclog')
return config.make_wsgi_app()
def get_session_factory(med_config):
return SignedCookieSessionFactory(med_config["session_factory"],
serializer=JSONSerializer())
def main(global_config, test_settings=None, **settings):
if test_settings is None:
engine = engine_from_config(settings, 'sqlalchemy.')
dbsession.configure(bind=engine)
Base.metadata.bind = engine
config = Configurator(settings=settings)
session_factory = SignedCookieSessionFactory(
secret=settings['session.secret'],
domain=settings['hostname'],
secure=True,
httponly=True,
samesite='strict',
reissue_time=900,
max_age=900,
serializer=JSONSerializer()
)
else:
engine = engine_from_config(test_settings, 'sqlalchemy.')
dbsession.configure(bind=engine)
Base.metadata.bind = engine
config = Configurator(settings=test_settings)
session_factory = SignedCookieSessionFactory(
secret=test_settings['session.secret'],
domain=test_settings['hostname'],
secure=True,
httponly=True,
samesite='strict',
reissue_time=900,
max_age=900,
serializer=JSONSerializer()
)
config.add_renderer('json', JSON(indent=4))
config.set_session_factory(session_factory)
config.add_forbidden_view(forbidden)
config.include('pyramid_jinja2')
def page_controller(page):
if page == 'adminpage':
return True
if page == 'login':
return False
return False
def check_sort(unsorted):
return unsorted
def img(imgtype):
if imgtype == 'img':
return True
return False
def pdf(imgtype):
if imgtype == 'pdf':
return True
return False
def setup_jinja2_env():
jinja_environment = config.get_jinja2_environment()
tests = {
'page_controller': page_controller,
'check_sort': check_sort,
'img': img,
'pdf': pdf
}
for key,val in tests.items():
jinja_environment.tests[key] = val
config.action(None, setup_jinja2_env, order=999)
config.include('.models')
config.include('.routes')
config.include('.security')
config.scan('bigwebsite')
return config.make_wsgi_app()
