def create_app(*args, **kwargs) -> flask.Flask: """Create a Flask app with secure default behaviours. :return: A Flask application. :rtype: Flask """ app = flask.Flask(*args, **kwargs) configure_app(app) # Both these extensions can be used as view decorators. Bit worried that # this circular reference will cause memory leaks. talisman_kwargs = get_talisman_config(app.config) app.talisman = flask_talisman.Talisman(app, **talisman_kwargs) app.csrf = flask_seasurf.SeaSurf(app) return app
def configure_app(app: Flask) -> None: """ The configuration is read from the filename in the "FLASK_SETTINGS_FILENAME" environment variable (if it exists) and some other important settings Additional settings such as SECRET_KEY and other settings should be added accordingly. :param Flask app: The Flask app that requires configuring. :return: None """ app.config.from_envvar("FLASK_SETTINGS_FILENAME", silent=True) app.csrf = flask_seasurf.SeaSurf(app) marshmallow = Marshmallow(app) marshmallow.init_app(app) from .routes import routes routes(app)
Assembly: request """ import inspect import flask_cors import flask_seasurf from flask import request as f_request from .assembly import app_context from . import utils # CSRF # :decorator # - csrf.exempt # @request.csrf_exempt # https://flask-seasurf.readthedocs.io/en/latest/ csrf = flask_seasurf.SeaSurf() app_context(csrf.init_app) class RequestProxy(object): """ A request proxy, that attaches some special attributes to the Flask request object """ # CSRF csrf = csrf @property def IS_GET(self): return f_request.method == "GET"
def init_app(app): flask_seasurf.SeaSurf(app)