def create_app():
"""Construct the core application."""
app = Flask(__name__, instance_relative_config=False)
app.config.from_object('config.Config')
app.config['SECRET_KEY'] = '5iRJN07WkpqmqyiSx5c9vsjFJD23YyB5'
#csrf.init_app(app)
csrf = CSRFProtect(app)
csrf.init_app(app)
###################can be replaced by another auth
def check_user_login(user):
""":param user: dict {'username': '******', 'password': '******'}"""
allowed = False
if user.get('username') == 'Rafal' and user.get('password') == 'rafal':
allowed = True
if user.get('username') == 'Guest' and user.get('password') == 'guest':
allowed = True
if user.get('username') == 'Admin' and user.get('password') == 'admin':
allowed = True
return allowed
SimpleLogin(app, check_user_login)
#######################################################
with app.app_context():
# Import main Blueprint
from . import routes
app.register_blueprint(routes.main_bp)
return app
def init_app(app):
site_admin.init_app(app)
site_admin.name = app.config["ADMIN_NAME"]
site_admin.template_mode = "bootstrap3"
site_admin.add_view(UserAdmin(User, db.session))
SimpleLogin(app, login_checker=verify_login)
def register_extensions(app):
db.init_app(app)
login_manager = SimpleLogin(app, login_checker=login_checker)
login_manager.config['login_url'] = '/app/login/'
login_manager.config['logout_url'] = '/app/logout/'
login_manager.config['home_url'] = '/app/'
login_manager.messages['login_failure'] = u'Credenciais inválidas!'
login_manager.messages['logout'] = u''
def configure_extensions(app):
messages = {
"login_success": "Welcome!",
"is_logged_in": Message("already logged in", "success"),
"logout": None,
}
SimpleLogin(app, login_checker=validate_login, messages=messages)
if not os.path.exists("users.json"):
with open("users.json", "a") as json_file:
# This just touch create a new dbfile
json.dump({"username": "", "password": ""}, json_file)
def app():
"""Flask Pytest uses it"""
myapp = Flask(__name__)
myapp.config['SECRET_KEY'] = 'secret-here'
SimpleLogin(myapp)
@myapp.route('/secret')
@login_required
def secret():
return "This is Safe"
return myapp
def app():
"""Flask Pytest uses it"""
myapp = Flask(__name__)
myapp.config["SECRET_KEY"] = "secret-here"
SimpleLogin(myapp)
@myapp.route("/secret")
@login_required
def secret():
return "This is Safe"
@myapp.route("/username_required")
@login_required(username=["user1", "user2"])
def username_required():
return "This is Safe"
@myapp.route("/api", methods=["POST"])
@login_required(basic=True)
def api():
return jsonify(data="You are logged in with basic auth")
def be_admin(username):
"""Validator to check if user has admin role"""
if username != "admin":
return "User does not have admin role"
def have_approval(username):
"""Validator: all users approved, return None"""
return
@myapp.route("/complex")
@login_required(must=[be_admin, have_approval])
def complexview():
return render_template("secret.html")
class ProtectedView(MethodView):
decorators = [login_required]
def get(self):
return "You are logged in as <b>{0}</b>".format(get_username())
myapp.add_url_rule("/protected",
view_func=ProtectedView.as_view("protected"))
return myapp
def app():
"""Flask Pytest uses it"""
myapp = Flask(__name__)
myapp.config['SECRET_KEY'] = 'secret-here'
SimpleLogin(myapp)
@myapp.route('/secret')
@login_required
def secret():
return "This is Safe"
@myapp.route('/username_required')
@login_required(username=['user1', 'user2'])
def username_required():
return "This is Safe"
@myapp.route('/api', methods=['POST'])
@login_required(basic=True)
def api():
return jsonify(data='You are logged in with basic auth')
def be_admin(username):
"""Validator to check if user has admin role"""
if username != 'admin':
return "User does not have admin role"
def have_approval(username):
"""Validator: all users approved, return None"""
return
@myapp.route('/complex')
@login_required(must=[be_admin, have_approval])
def complexview():
return render_template('secret.html')
class ProtectedView(MethodView):
decorators = [login_required]
def get(self):
return "You are logged in as <b>{0}</b>".format(get_username())
myapp.add_url_rule('/protected',
view_func=ProtectedView.as_view('protected'))
return myapp
def test_custom_messages():
app = Flask(__name__)
app.config["SECRET_KEY"] = "secret-here"
messages = {
"login_success":
Message("customized login message", category="login_success"),
"is_logged_in":
"all set",
"logout":
None,
}
sl = SimpleLogin(app, messages=messages)
assert sl.messages["login_success"] == messages["login_success"]
assert isinstance(sl.messages["is_logged_in"], Message)
assert sl.messages["logout"] is None
assert sl.messages["login_required"] == SimpleLogin.messages[
"login_required"]
def create_app(config_class=Config):
global app
app = FHApp(__name__, static_url_path='', static_folder='./Static', template_folder='./Templates')
app.config.from_object(config_class)
# t = threading.Thread(target=init_fh, args=(app,))
# t.start()
init_app(app)
# import the blueprints
from blueprints.live_view.routes import live_view
app.register_blueprint(live_view)
from blueprints.config_page.routes import config_page
app.register_blueprint(config_page)
from blueprints.persons_database.routes import persons_database
app.register_blueprint(persons_database)
from blueprints.person_edit.routes import person_edit
app.register_blueprint(person_edit)
from blueprints.actions.routes import actions
app.register_blueprint(actions)
from blueprints.errors.handlers import errors
app.register_blueprint(errors)
app.dnn_iter = 0
app.present = []
app.admin = Admin(app, name='recogneyez', template_mode='bootstrap3')
app.ticker = 0
SimpleLogin(app, login_checker=validate_login)
# cache_buster.register_cache_buster(app)
app.force_rescan = False
app.preview_image = cv2.imread("Static/empty_pic.png")
app.camera_thread = None
# app.ch.camera_start_processing()
return app
def create_app(test_config=None):
"""Create and configure an instance of the Flask application."""
app = Flask(__name__, instance_relative_config=True)
app.config.from_mapping(
# a default secret that should be overridden by instance config
SECRET_KEY='hard to guess string',
SIMPLELOGIN_USERNAME='******',
SIMPLELOGIN_PASSWORD='******')
if test_config is None:
# load the instance config, if it exists, when not testing
app.config.from_pyfile('web-application.cfg', silent=True)
else:
# load the test config if passed in
app.config.update(test_config)
# ensure the instance folder exists
try:
os.makedirs(app.instance_path)
except OSError:
pass
@app.route('/favicon.ico')
def favicon():
return send_from_directory(os.path.join(app.root_path, 'static'),
'favicon.ico',
mimetype='image/vnd.microsoft.icon')
# apply the blueprints to the app
from webUI import entryPoint
app.register_blueprint(entryPoint.bp)
# make url_for('index') == url_for('blog.index')
# in another app, you might define a separate main index here with
# app.route, while giving the blog blueprint a url_prefix, but for
# the tutorial the blog will be the main index
app.add_url_rule('/', endpoint='index')
bootstrap = Bootstrap(app)
SimpleLogin(app)
CSRFProtect(app)
return app
Take a look at encrypt_app.py and encrypt_cli.py
to see how to encrypt passwords
"""
user_data = my_users.get(user['username'])
if not user_data:
return False # <--- invalid credentials
elif user_data.get('password') == user['password']:
return True # <--- user is logged in!
return False # <--- invalid credentials
app = Flask(__name__)
app.config.from_object('settings')
SimpleLogin(app, login_checker=check_my_users)
@app.route('/')
def index():
return render_template('index.html')
@app.route('/secret')
@login_required(username=['chuck', 'mary'])
def secret():
return render_template('secret.html')
@app.route('/api', methods=['POST'])
@login_required(basic=True)
db.session.add(
models.Dashboard_EstadoNutricional(hospitais_id=k,
atendimento=str(i * 100),
erro='REAVALIACAO'))
for i in range(1, randint(2, 30)):
db.session.add(
models.Dashboard_EstadoNutricional(hospitais_id=k,
atendimento=str(i * 100),
erro='NOTIFICACAO'))
for i in range(1, randint(2, 30)):
db.session.add(
models.Dashboard_EstatisticasEnfermagem(
hospitais_id=k,
usuarios_id=1,
ano=2020,
mes=1,
erro='erro preenchimento-' + str(i * 100)))
for i in range(1, randint(2, 30)):
db.session.add(
models.DashBoard_EstatisticasNutricao(hospitais_id=k,
usuarios_id=1,
ano=2020,
mes=1,
erro='erro preenchimento-' +
str(i * 100)))
db.session.commit()
# ---------------- Efetuar Login:
SimpleLogin(app, login_checker=views.check_my_users)
%(pw)s@%(host)s:%(port)s/%(db)s' % POSTGRES
def validate_login(user):
#value retrived from simple-login page at /login
username = user['username']
password = user['password']
admin = Admin.query.get(0)
if admin.username != username:
return False
if check_password_hash(admin.password, password):
return True
return False
SimpleLogin(app, login_checker=validate_login)
db.init_app(app)
db.create_all(app=app)
@app.before_request
def init_user_password():
if Admin.query.get(0) is None:
username = '******'
password = generate_password_hash('admin', method='pbkdf2:sha256')
admin = Admin(idd=0, username=username, password=password)
db.session.add(admin)
db.session.commit()
#Le fichier json enegistrant le chemin de l'utilisateur dans sa session est enregistré
with open(json_path, 'w') as outfile:
json.dump(file, outfile, ensure_ascii=False, encoding='utf8')
return render_template("main.html")
# CLASSES
#Formulaire de saisie
#Création de campagne
class FormCampagne(Form):
nom = StringField('Nom de l\'expérience',
[validators.Length(min=4, max=25)])
countdown = StringField('Durée de l\'expérience')
form1 = StringField('Formulaire 1')
form2 = StringField('Formulaire 2')
# MAIN
if __name__ == '__main__':
SimpleLogin(app)
#Initialisation de la base de donnée
req.init()
#Connexion de l'application au port 8080
app.run(host='0.0.0.0', port=8080)
# no user of that username
__log__.debug(f"login on nonexistant user: {user['username']}")
return False
if db_user.password == user["password"]:
__log__.debug(f"logged in user: {user['username']}")
return True
else:
# wrong password
__log__.debug(f"invalid password for user: {user['username']}")
return False
# See SRS: S.9.R.1
# See SRS: S.9.R.2
# See SRS: S.9.R.3
SL_APP = SimpleLogin(APP, login_checker=validate_login)
#################################
# Database Connection definitions
# See SRS: S.7.R.3
#################################
class trade(db.Model):
trade_id = db.Column(db.Integer(),
primary_key=True) # autoincrement defined by server
session_id = db.Column(db.Integer())
trade_type = db.Column(db.String(80))
price = db.Column(db.Float())
volume = db.Column(db.Integer())
time_stamp = db.Column(db.DateTime())
import os from flask import Flask, jsonify from flask_bootstrap import Bootstrap from flask_simplelogin import SimpleLogin from app import users app = Flask(__name__) app.config['SECRET_KEY'] = os.environ['SECRET_KEY'] app.config['NEO4J_USER'] = os.environ['NEO4J_USER'] app.config['NEO4J_PASSWORD'] = os.environ['NEO4J_PASSWORD'] app.jinja_env.trim_blocks = True app.jinja_env.lstrip_blocks = True app.config['JSON_AS_ASCII'] = False SimpleLogin(app, login_checker=users.is_valid_user) bootstrap = Bootstrap(app) from app import routes
def configure(app):
"""Inicializa o Flask Simple Login"""
SimpleLogin(app, login_checker=login_checker)
app.db.create_user = create_user
def init_app(app):
SimpleLogin(app, login_checker=verify_login)
""":param user: dict {'username': '******', 'password': '******'}"""
username = user.get('username')
pwd_provided = user.get('password')
if username in user_login_dict:
if pwd_provided == user_login_dict[username]:
return True # <--- Allowed
return False # <--- Denied
secret_key, user_login_dict = load_configs()
#print('User login dict: ' + str(user_login_dict))
app = Flask(__name__)
app.config['SECRET_KEY'] = secret_key
app.config['SIMPLELOGIN_HOME_URL'] = '/en/'
SimpleLogin(app, login_checker=only_jimjams_users_login)
bootstrap = Bootstrap(app)
# ---------------------------------------------
# ---------- Routes Start ---------------------
# ---------------------------------------------
# ---------------------------------------------
@app.route('/')
def index():
return render_template('index.html')
@app.route('/en/')
def home():
from flask import Flask, render_template
from flask_simplelogin import SimpleLogin, login_required
import config
app = Flask(__name__, template_folder="templates")
app.config["SECRET_KEY"] = config.secret
SimpleLogin(app, login_checker=config.login_checker)
@app.route('/')
def index():
return render_template("index.html")
@app.route('/page')
def creatures():
return render_template("page.html")
@app.route('/table')
def table():
return render_template("table.html")
@app.route('/protected')
@login_required()
def protected():
return render_template("protected.html")
@app.route('/ocr')
def ocr():
return render_template("ocr.html")
@app.route('/media')
def media():
print(result.password)
if result.password == hash:
return True # Allowed
return False # Denied
class User(Base):
"""Sqlalchemy listing model."""
__tablename__ = "users"
job_id = Column(Integer, primary_key=True)
username = Column('username', String, nullable=False)
password = Column('password', String, nullable=False)
salt = Column('salt', String, nullable=False)
app = Flask(__name__)
SimpleLogin(app, login_checker=website_login)
@app.route('/', methods=["GET", "POST"])
def register():
form = RegistrationForm(request.form)
if request.method == 'POST' and form.validate():
engine = db_connect()
Session = sessionmaker(bind=engine)
session = Session()
ALPHABET = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
chars=[]
salt = ''.join(random.choice(ALPHABET) for i in range(16))
hash = hashlib.md5( (salt + form.password.data).encode('utf-8') ).hexdigest()
user = User(username = form.username.data,
password = hash,
salt = salt)
import config
from bot_handlers import bot
from data_providers.bot_users_provider import BotUsersProvider
from data_providers.question_count_report_provider import QuestionCountReportProvider
from data_providers.questions_queue_info_provider import QuestionQueueInfoProvider
from tools.questions_queue_item_deleter import QuestionQueueItemDeleter
from repositories.bot_users_repository import BotUsersRepository
from repositories.question_queue_repository import QuestionQueueRepository
from repositories.post_archive_repository import PostsArchiveRepository
server = flask.Flask(__name__, template_folder='templates')
server.config['SECRET_KEY'] = config.SECRET
server.config['SIMPLELOGIN_USERNAME'] = config.ADMIN_USERNAME
server.config['SIMPLELOGIN_PASSWORD'] = config.ADMIN_PASSWORD
SimpleLogin(server)
@server.route('/' + config.TOKEN, methods=['POST'])
def get_message():
bot.process_new_updates(
[types.Update.de_json(flask.request.stream.read().decode('utf-8'))])
return '!', 200
@server.route('/', methods=['GET'])
def index():
bot.remove_webhook()
bot.set_webhook(url='https://{}.herokuapp.com/{}'.format(
config.APP_NAME, config.TOKEN))
return 'Hello from Lapochka!', 200
def configure(app):
"""Adds login control"""
SimpleLogin(app, login_checker=login_checker)
def configure_extensions(app):
SimpleLogin(app, login_checker=validate_login)
if not os.path.exists('users.json'):
with open('users.json', 'a') as json_file:
json.dump({'username': '', 'password': ''}, json_file)
def create_simple_login(settings):
app = Flask(__name__)
app.config["SECRET_KEY"] = "secret-here"
app.config.from_object(settings)
return SimpleLogin(app)
def configure(app):
if app.config.get('ADMIN_REQUIRES_LOGIN') is True:
SimpleLogin(app, login_checker=validate_login)
f"secmon_web", user['username'], "success",
f"User {user['username']} has attempted to log in. Authentication success.",
request.remote_addr)
return True
else:
writeAuthLog(
f"secmon_web", user['username'], "failed",
f"User {user['username']} has attempted to log in. Authentication failed: bad username or password.",
request.remote_addr)
return False
app = Flask(__name__)
app.secret_key = getSecretKey()
app.jinja_env.globals.update(returnUsername=returnUsername)
SimpleLogin(app, login_checker=secmon_auth, messages=messages)
@app.before_request
def make_session_permanent():
session.permanent = True
app.permanent_session_lifetime = timedelta(minutes=15)
@app.route('/login/<unauthorizedressource>')
@login_required
def redirectUnloggedUser(unauthorizedressource):
return render_template('login.html')
@app.route('/home')
loginurl = 'https://' + VisionIP + '/mgmt/system/user/login'
loginArgs = {'username': username, 'password': password}
r = s.post(loginurl, verify=False, json=loginArgs)
response = r.json()
print(response)
if 'Exception' in response:
logging.warning('%s attempted to login', username)
return False
logging.warning('%s logged in successfully', username)
return True
except:
flash(u'ups! Vision does not respond, make sure your Vision is alive.',
'danger')
SimpleLogin(app, login_checker=visionLogin)
####################
#### blueprints ####
####################
from app.views import blacklist_blueprint, policies_blueprint, ajax_blueprint, whitelist_blueprint
# register the blueprints
app.register_blueprint(blacklist_blueprint)
app.register_blueprint(policies_blueprint)
app.register_blueprint(ajax_blueprint)
app.register_blueprint(whitelist_blueprint)
# ROUTES
app = Flask(__name__)
app.config["SECRET_KEY"] = SECRET_KEY
messages = {
"login_success": "Login Successful",
"login_failure":
"Something went wrong. Dismiss this banner to learn more.",
"is_logged_in": "You're already logged in!",
"logout": "Logout Successful",
"login_required": "You need to sign in to use this feature.",
"access_denied": "Access Denied",
"auth_error": "{0}",
}
# Account management
SimpleLogin(app, login_checker=check_login, messages=messages)
def check_if_admin():
"""Check if a given user has admin access.
Returns:
bool -- Whether or not the user has admin access.
"""
return bool(is_logged_in()
and 'admin' in get_current_access(get_username()))
app.jinja_env.globals.update(check_if_admin=check_if_admin)
# __ __ _
def init_app(app):
app.config['SECRET_KEY'] = secrets.token_hex(32)
jwt.init_app(app)
SimpleLogin(app, login_checker=verify_login)
