class TestFileStore(unittest.TestCase, SimpleUrlKVTest): def setUp(self): self.tmpdir = tempfile.mkdtemp() self.store = FilesystemStore(self.tmpdir) def tearDown(self): shutil.rmtree(self.tmpdir) @unittest.skipUnless(os.name == 'posix', 'Not supported outside posix.') def test_correct_file_uri(self): expected = 'file://' + self.tmpdir + '/somekey' self.assertEqual(expected, self.store.url_for('somekey')) def test_file_uri(self): data = 'Hello, World?!\n' tmpfile = tempfile.NamedTemporaryFile(delete=False) try: tmpfile.write(data) tmpfile.close() key = self.store.put_file('testkey', tmpfile.name) url = self.store.url_for(key) self.assertTrue(url.startswith('file://')) parts = urlparse(url) ndata = open(parts.path, 'rb').read() self.assertEqual(ndata, data) finally: if os.path.exists(tmpfile.name): os.unlink(tmpfile.name)
def test_concurrent_mkdir(self, tmpdir, mocker): # Concurrent instantiation of the store in two threads could lead to # the situation where both threads see that the directory does not # exists. For one, the call to mkdir succeeds, for the other it fails. # This is ok for us as long as the directory exists afterwards. makedirs = mocker.patch('os.makedirs') makedirs.side_effect = OSError("Failure") mocker.patch('os.path.isdir') store = FilesystemStore(os.path.join(tmpdir, 'test')) # We have mocked os.makedirs, so this won't work. But it should # pass beyond the OS error and simply fail on writing the file itself. if PY2: with pytest.raises(IOError): store.put('test', b'test') else: with pytest.raises(FileNotFoundError): store.put('test', b'test')
def geoposition(text): """ Use Google Maps API to geocode string """ store = FilesystemStore('./cache') url = "https://maps.googleapis.com/maps/api/geocode/json?address=%s&sensor=false&language=sv" % text cache_key = md5.new(text.encode('utf-8')).hexdigest() try: result = store.get(cache_key) if loads(result): return loads(result) else: raise GeoCodingError except KeyError: print "no cache for %s" % text.encode('utf-8') sleep(2) # Sleep to avoid being blocked by Google Maps API result = requests.get(url).json() if len(result["results"]): store.put(cache_key, dumps(result["results"][0])) return result["results"][0] else: # print "empty reply when geocoding %s" % text store.put(cache_key, dumps(None)) raise GeoCodingError
def setUp(self): self.tmpdir = tempfile.mkdtemp() self.store = FilesystemStore(self.tmpdir)
def store(self, tmpdir): return FilesystemStore(tmpdir)
def create_app(db_connection_string=None, testing=None): app = Flask(__name__) try: secret_key = faraday.server.config.faraday_server.secret_key except Exception: # Now when the config file does not exist it doesn't enter in this # condition, but it could happen in the future. TODO check save_new_secret_key(app) else: if secret_key is None: # This is what happens now when the config file doesn't exist. # TODO check save_new_secret_key(app) else: app.config['SECRET_KEY'] = secret_key if faraday.server.config.faraday_server.agent_token is None: save_new_agent_creation_token() login_failed_message = ("Invalid username or password", 'error') app.config.update({ 'SECURITY_PASSWORD_SINGLE_HASH': True, 'WTF_CSRF_ENABLED': False, 'SECURITY_USER_IDENTITY_ATTRIBUTES': ['username'], 'SECURITY_POST_LOGIN_VIEW': '/_api/session', 'SECURITY_POST_LOGOUT_VIEW': '/_api/login', 'SECURITY_POST_CHANGE_VIEW': '/_api/change', 'SECURITY_CHANGEABLE': True, 'SECURITY_SEND_PASSWORD_CHANGE_EMAIL': False, 'SECURITY_MSG_USER_DOES_NOT_EXIST': login_failed_message, 'SECURITY_TOKEN_AUTHENTICATION_HEADER': 'Authorization', # The line bellow should not be necessary because of the # CustomLoginForm, but i'll include it anyway. 'SECURITY_MSG_INVALID_PASSWORD': login_failed_message, 'SESSION_TYPE': 'filesystem', 'SESSION_FILE_DIR': faraday.server.config.FARADAY_SERVER_SESSIONS_DIR, 'SQLALCHEMY_TRACK_MODIFICATIONS': False, 'SQLALCHEMY_RECORD_QUERIES': True, # app.config['SQLALCHEMY_ECHO'] = True 'SECURITY_PASSWORD_SCHEMES': [ 'bcrypt', # This should be the default value # 'des_crypt', 'pbkdf2_sha1', # Used by CouchDB passwords # 'pbkdf2_sha256', # 'pbkdf2_sha512', # 'sha256_crypt', # 'sha512_crypt', 'plaintext', # TODO: remove it ], 'PERMANENT_SESSION_LIFETIME': datetime.timedelta(hours=12), 'SESSION_COOKIE_NAME': 'faraday_session_2', 'SESSION_COOKIE_SAMESITE': 'Lax', }) store = FilesystemStore(app.config['SESSION_FILE_DIR']) prefixed_store = PrefixDecorator('sessions_', store) KVSessionExtension(prefixed_store, app) user_logged_in.connect(user_logged_in_succesfull, app) user_logged_out.connect(expire_session, app) storage_path = faraday.server.config.storage.path if not storage_path: logger.warn( 'No storage section or path in the .faraday/config/server.ini. Setting the default value to .faraday/storage' ) storage_path = setup_storage_path() if not DepotManager.get('default'): if testing: DepotManager.configure('default', {'depot.storage_path': '/tmp'}) else: DepotManager.configure('default', {'depot.storage_path': storage_path}) check_testing_configuration(testing, app) try: app.config[ 'SQLALCHEMY_DATABASE_URI'] = db_connection_string or faraday.server.config.database.connection_string.strip( "'") except AttributeError: logger.info( 'Missing [database] section on server.ini. Please configure the database before running the server.' ) except NoOptionError: logger.info( 'Missing connection_string on [database] section on server.ini. Please configure the database before running the server.' ) from faraday.server.models import db # pylint:disable=import-outside-toplevel db.init_app(app) #Session(app) # Setup Flask-Security app.user_datastore = SQLAlchemyUserDatastore( db, user_model=User, role_model=None) # We won't use flask security roles feature Security(app, app.user_datastore, login_form=CustomLoginForm) # Make API endpoints require a login user by default. Based on # https://stackoverflow.com/questions/13428708/best-way-to-make-flask-logins-login-required-the-default app.view_functions['security.login'].is_public = True app.view_functions['security.logout'].is_public = True app.debug = faraday.server.config.is_debug_mode() minify_json_output(app) for handler in LOGGING_HANDLERS: app.logger.addHandler(handler) app.logger.propagate = False register_blueprints(app) register_handlers(app) app.view_functions['agent_api.AgentCreationView:post'].is_public = True return app
def store(self, tmpdir, perms): return FilesystemStore(tmpdir, perm=perms)
def _create_store_fs(type, params): if params['create_if_missing'] and not os.path.exists(params['path']): os.makedirs(params['path']) return FilesystemStore(params['path'])
from sqltools import * #For wallets and session store you can switch between disk and the database #Set to 1 to use local storage/file system, Set to 0 to use database LOCALDEVBYPASSDB = 0 ACCOUNT_CREATION_DIFFICULTY = '0400' LOGIN_DIFFICULTY = '0400' SERVER_SECRET = 'SoSecret!' SESSION_SECRET = 'SuperSecretSessionStuff' data_dir_root = os.environ.get('DATADIR') store_dir = data_dir_root + '/sessions/' session_store = FilesystemStore( store_dir ) # TODO: Need to roll this into a SessionInterface so multiple services can hit it easily email_domain = socket.gethostname() email_from = "noreply@" + str(email_domain) app = Flask(__name__) app.debug = True @app.route('/challenge') def challenge(): validate_uuid = UUID(request.args.get('uuid')) uuid = str(validate_uuid) session = ws.hashlib.sha256(SESSION_SECRET + uuid).hexdigest() salt = ws.hashlib.sha256(SERVER_SECRET + uuid).hexdigest()
from flask import Flask, session, redirect, url_for, escape, request, send_from_directory from flask_kvsession import KVSessionExtension from simplekv.fs import FilesystemStore from PIL import Image, ImageDraw, ImageFont import hashlib import random import re, os app = Flask(__name__) app.secret_key = 'A0Zr98j/3yX R~XHH!jmN]LWX/,lol' app.debug = False app.flag = "flag{silkroad4ever}" KVSessionExtension(FilesystemStore('./sessions'), app) def get_bank_points(username): return int(open('accounts/' + username).read()) def set_bank_points(username, points): f = open('accounts/' + username, 'w') f.write(str(points)) f.close() def render_template(template, keys={}): contents = open('templates/' + template).read() for key in keys: contents = contents.replace('%' + key + '%', str(keys[key])) return contents
import os from flask import Flask from simplekv.fs import FilesystemStore from flask.ext.kvsession import KVSessionExtension from sqlalchemy import create_engine from sqlalchemy.ext.declarative import declarative_base from flask.ext.sqlalchemy import SQLAlchemy from os.path import join, expanduser # initialize server KV session store if not os.path.exists('./sessiondata'): os.makedirs('./sessiondata') session_store = FilesystemStore('./sessiondata') # instantiate flask app app = Flask(__name__, static_folder='static', template_folder='templates', static_url_path='/static') # get configuration from a non-repo file specified # in this envvar try: app.config.from_envvar('MAPROULETTE_SETTINGS') except Exception: # alternate config file location for local development app.config.from_pyfile(join(expanduser('~'), '.maproulette/config.py')) # set up the ORM engine and database object engine = create_engine(app.config['SQLALCHEMY_DATABASE_URI'],