def get_serializer(secret_key=None):
if secret_key is None:
secret_key = app.config["SECRET_KEY"]
return URLSafeSerializer(secret_key)
def get_serializer(secret_key=None):
if secret_key is None:
secret_key = app.secret_key
return URLSafeSerializer(secret_key)
def token(self):
return URLSafeSerializer(current_app.config['SECRET_KEY'],
salt='new_guest').dumps(str(self.id))
def order_serialize(user_order):
serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_ORDER)
token = serializer.dumps(user_order.id)
return token
def email_serialize(email):
serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_EMAIL)
token = serializer.dumps(email)
return token
import os
from enum import Enum
from flask import url_for
from flask_login import current_user
from itsdangerous import URLSafeSerializer
json_url = URLSafeSerializer(os.environ.get("SECRET_KEY", "secret_key"))
default_instructions = [
"Write your name and student number in the space provided",
"Make sure your mobile phone is switched off and place it at the front together with\
any bags, books, coats etc. Then find your seat.",
"Remember that talking is not allowed at any time in the exam hall.",
"Listen carefully to instructions. Students are required to comply with\
the instructions of invigilators at all times.",
"You are not permitted to share stationery, \
calculators or any other materials during the examination.",
"If you have a question or need more papers, raise your hand and a teacher\
will come to you. Teachers will not give hints or answers, so please do not ask for them.",
"Stop writing immediately when the teacher says it is the end of the exam.",
"Leave the exam hall quickly and quietly. Remember to take all your belongings with you.\
(Remember to collect all your belongings from holding rooms.)\
You must remain silent until after you have exited the building.",
"Remember! Any form of cheating is not allowed and action will be taken.",
]
class CognitiveEnum(Enum):
Knowledge = 1
Comprehension = 2
def email_deserialize(email_token):
serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_EMAIL)
email = serializer.loads(email_token)
return email
def get_activation_serializer(secret_key=None):
if secret_key is None:
secret_key = SECRET_KEY
return URLSafeSerializer(secret_key)
def get(self, *args, **kargs):
social_name = args[0]
dict_arguments = {k: self.request.arguments.get(k)[0].decode('utf-8') for k in self.request.arguments}
url_base = self.projectConfig['BACKEND'][self.app_name]['http_address']
if social_name == "google":
state = dict_arguments.get("state")
q_state = self.DALDatabase(
(self.DALDatabase.social_auth.social_name == "google") & (self.DALDatabase.social_auth.request_state == state)).select().first()
origin = None
if not q_state or q_state.used is True:
message = "The authentication request has already been used."
return self.write({
'status': 'Bad Request',
'code': 400,
'message': message,
'i18n': {
'message': self.T(message)
}
})
else:
self.phanterpwa_client_token = q_state.client_token
q_state.update_record(used=True)
origin = q_state.origin
self.DALDatabase.commit()
uri = "{0}{1}".format(url_base, self.request.uri)
client_id = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_id']
client_secret = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_secret']
redirect_uri = '{0}/api/oauth/redirect/{1}'.format(url_base, social_name)
scope = ['openid', 'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile']
oauth = OAuth2Session(client_id, redirect_uri=redirect_uri,
scope=scope)
try:
token = oauth.fetch_token(
'https://accounts.google.com/o/oauth2/token',
authorization_response=uri,
client_secret=client_secret)
except Exception as e:
self.logger_api.warning(e)
message = "There was a problem trying to authenticate using a google account."
return self.write({
'status': 'Bad Request',
'code': 400,
'uri': uri,
'message': message,
'i18n': {
'message': self.T(message)
}
})
else:
url_consult = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['remote_address']
googleapi = "{0}?access_token={1}".format(
url_consult, quote(token['access_token']))
try:
with urllib.request.urlopen(googleapi) as req:
googleapi_user = req.read()
googleapi_user = json.loads(googleapi_user)
except Exception as e:
self.logger_api.warning(e)
message = "There was a problem trying to load user information on google api."
self.set_status(400)
return self.write({
'status': 'Bad Request',
'code': 400,
'uri': googleapi,
'message': message,
'i18n': {
'message': self.T(message)
}
})
else:
email_verified = googleapi_user.get("email_verified", False)
if not email_verified:
self.logger_api.warning(
'LOGIN BY OAUTH METHOD (EMAIL NOT VERIFIED)\n\tsocial_login: {0}\n\tname: {1}\n\temail: {2}\n\temail_verified: {3}\n\tlocale: {4}'.format(
social_name,
googleapi_user.get("name", False),
googleapi_user.get("email", False),
googleapi_user.get("email_verified", False),
googleapi_user.get("locale", False),
)
)
message = "The google email has not been verified."
self.set_status(400)
return self.write({
'status': 'Bad Request',
'code': 400,
'message': message,
'google_api': googleapi_user,
'i18n': {
'message': self.T(message)
}
})
email = googleapi_user.get('email', None)
if email:
q_user = self.DALDatabase(self.DALDatabase.auth_user.email == email).select().first()
if q_user:
self.logger_api.info(
'LOGIN BY OAUTH METHOD\n\tsocial_login: {0}\n\tname: {1}\n\temail: {2}'.format(
social_name,
googleapi_user.get("name", False),
googleapi_user.get("email", False)
)
)
q_user.update_record(activated=True)
timeout_token_user = self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire_remember_me']
t_user = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
timeout_token_user
)
content = {
'id': str(q_user.id),
'email': email
}
token_user = t_user.dumps(content)
token_user = token_user.decode('utf-8')
q_role = self.DALDatabase(
(self.DALDatabase.auth_membership.auth_user == q_user.id)
& (self.DALDatabase.auth_group.id == self.DALDatabase.auth_membership.auth_group)
).select(self.DALDatabase.auth_group.role, orderby=self.DALDatabase.auth_group.grade)
roles = [x.role for x in q_role]
role = None
if roles:
role = roles[-1]
q_user.update_record(login_attempts=0)
t_client = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire']
)
t_url = URLSafeSerializer(
self.projectConfig['BACKEND'][self.app_name]["secret_key"],
salt="url_secret_key"
)
r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first()
if r_client:
r_client.delete_record()
id_client = self.DALDatabase.client.insert(auth_user=q_user.id, date_created=datetime.now())
q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first()
content = {
'id_user': str(q_user.id),
'id_client': str(id_client),
'user_agent': self.phanterpwa_user_agent,
'remote_addr': self.phanterpwa_remote_ip
}
token_url = t_url.dumps(content)
token_client = t_client.dumps(content)
token_client = token_client.decode('utf-8')
q_client.update_record(
token=token_client,
date_created=datetime.now(),
remember_me=True,
locked=False,
)
if not q_user.permit_mult_login:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == q_user.id)
& (self.DALDatabase.client.token != token_client)
).select()
if r_client:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == q_user.id)
& (self.DALDatabase.client.token != token_client)
).delete()
user_image = PhanterpwaGalleryUserImage(q_user.id, self.DALDatabase, self.projectConfig)
social_image = googleapi_user.get("picture", None)
redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format(
origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'],
social_name, state
)
q_state.update_record(user_credentials=json.dumps({
'authorization': token_user,
'client_token': token_client,
'url_token': token_url,
'auth_user': {
'id': str(q_user.id),
'first_name': E(q_user.first_name),
'last_name': E(q_user.last_name),
'email': email,
'remember_me': q_client.remember_me,
'roles': roles,
'role': role,
'activated': True,
'image': user_image.id_image,
'social_image': social_image,
'two_factor': False,
'multiple_login': q_user.permit_mult_login,
'social_login': social_name
}
}))
self.DALDatabase.commit()
self.set_status(200)
return self.write(
str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect))))))
else:
self.logger_api.warning(
'CREATING ACCOUNT AND LOGIN BY OAUTH METHOD\n\tsocial_login: {0}\n\tname: {1}\n\temail: {2}\n\temail_verified: {3}\n\tlocale: {4}'.format(
social_name,
googleapi_user.get("name", False),
googleapi_user.get("email", False),
googleapi_user.get("email_verified", False),
googleapi_user.get("locale", False),
)
)
new_password = os.urandom(3).hex()
password_hash = pbkdf2_sha512.hash("password{0}{1}".format(
new_password, self.projectConfig['BACKEND'][self.app_name]['secret_key']))
table = self.DALDatabase.auth_user
social_image = googleapi_user.get("picture", None)
first_name = googleapi_user.get("given_name", "")
last_name = googleapi_user.get("family_name", "")
dict_arguments = {
"first_name": first_name,
"last_name": last_name,
"email": email,
"password_hash": password_hash,
"activated": True
}
result = FieldsDALValidateDictArgs(
dict_arguments,
*[table[x] for x in table.fields if x in [
"first_name", "last_name", "email", "password_hash"]]
)
r = result.validate_and_insert(self.DALDatabase.auth_user)
if r and r.id:
q_user = self.DALDatabase(self.DALDatabase.auth_user.id == r.id).select().first()
id_user = q_user.id
q_user.update_record(activated=True)
if r.id == 1:
role = "root"
id_role = self.DALDatabase(self.DALDatabase.auth_group.role == 'root').select().first()
if id_role:
self.DALDatabase.auth_membership.insert(
auth_user=1,
auth_group=id_role.id
)
else:
role = "user"
self.DALDatabase.auth_membership.insert(auth_user=r.id, auth_group=3)
t_user = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire']
)
content_user = {
'id': str(r.id),
'email': dict_arguments['email']
}
token_user = t_user.dumps(content_user)
token_user = token_user.decode('utf-8')
token_client = self.phanterpwa_client_token
id_client = self.DALDatabase.client.update_or_insert(auth_user=r.id)
t_client = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire']
)
t_url = URLSafeSerializer(
self.projectConfig['BACKEND'][self.app_name]["secret_key"],
salt="url_secret_key"
)
content_client = {
'id_user': str(r.id),
'id_client': str(id_client),
'user_agent': self.phanterpwa_user_agent,
'remote_addr': self.phanterpwa_remote_ip
}
token_url = t_url.dumps(content_client)
token_client = t_client.dumps(content_client)
token_client = token_client.decode('utf-8')
q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first()
q_client.update_record(
token=token_client,
date_created=datetime.now()
)
r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first()
if r_client:
r_client.delete_record()
if not q_user.permit_mult_login:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == id_user)
& (self.DALDatabase.client.token != self.phanterpwa_client_token)
).select()
if r_client:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == id_user)
& (self.DALDatabase.client.token != self.phanterpwa_client_token)
).remove()
user_image = PhanterpwaGalleryUserImage(r.id, self.DALDatabase, self.projectConfig)
self.set_status(201)
roles = ["user"]
role = "user"
redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format(
origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'],
social_name, state
)
q_state.update_record(user_credentials=json.dumps({
'authorization': token_user,
'client_token': token_client,
'url_token': token_url,
'auth_user': {
'id': str(q_user.id),
'first_name': E(q_user.first_name),
'last_name': E(q_user.last_name),
'email': email,
'remember_me': q_client.remember_me,
'roles': roles,
'role': role,
'activated': True,
'image': user_image.id_image,
'social_image': social_image,
'two_factor': False,
'multiple_login': q_user.permit_mult_login,
'social_login': social_name
}
}))
self.DALDatabase.commit()
return self.write(
str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect))))))
elif social_name == "facebook":
state = dict_arguments.get("state")
q_state = self.DALDatabase(
(self.DALDatabase.social_auth.social_name == "facebook") & (self.DALDatabase.social_auth.request_state == state)).select().first()
origin = None
if not q_state:
message = "The authentication request has already been used."
return self.write({
'status': 'Bad Request',
'code': 400,
'message': message,
'i18n': {
'message': self.T(message)
}
})
else:
self.phanterpwa_client_token = q_state.client_token
origin = q_state.origin
q_state.delete_record()
self.DALDatabase.commit()
uri = "{0}{1}".format(url_base, self.request.uri)
client_id = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_id']
client_secret = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_secret']
redirect_uri = '{0}/api/oauth/redirect/{1}'.format(url_base, social_name)
oauth = OAuth2Session(client_id, redirect_uri=redirect_uri, scope='email')
try:
token = oauth.fetch_token(
'https://graph.facebook.com/oauth/access_token',
authorization_response=uri,
client_secret=client_secret)
except Exception as e:
self.logger_api.warning(e)
message = "There was a problem trying to authenticate using a facebook account."
return self.write({
'status': 'Bad Request',
'code': 400,
'uri': uri,
'message': message,
'i18n': {
'message': self.T(message)
}
})
else:
try:
facebook_user = oauth.get(
'https://graph.facebook.com/me?fields=name,first_name,last_name,email,picture')
facebookapi_user = json.loads(facebook_user.content)
except Exception as e:
self.logger_api.warning(e)
message = "There was a problem trying to load user information on facebook api."
self.set_status(400)
return self.write({
'status': 'Bad Request',
'code': 400,
'message': message,
'i18n': {
'message': self.T(message)
}
})
else:
email = facebookapi_user.get('email', None)
social_image = None
try:
social_image = facebookapi_user["picture"]["data"]["url"]
except Exception as e:
self.logger_api.warning(e)
if email:
q_user = self.DALDatabase(self.DALDatabase.auth_user.email == email).select().first()
if q_user:
q_user.update_record(activated=True)
timeout_token_user = self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire_remember_me']
t_user = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
timeout_token_user
)
content = {
'id': str(q_user.id),
'email': email
}
token_user = t_user.dumps(content)
token_user = token_user.decode('utf-8')
q_role = self.DALDatabase(
(self.DALDatabase.auth_membership.auth_user == q_user.id) &
(self.DALDatabase.auth_group.id == self.DALDatabase.auth_membership.auth_group)
).select(self.DALDatabase.auth_group.role, orderby=self.DALDatabase.auth_group.grade)
roles = [x.role for x in q_role]
role = None
if roles:
role = roles[-1]
q_user.update_record(login_attempts=0)
t_client = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire']
)
t_url = URLSafeSerializer(
self.projectConfig['BACKEND'][self.app_name]["secret_key"],
salt="url_secret_key"
)
r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first()
if r_client:
r_client.delete_record()
id_client = self.DALDatabase.client.insert(auth_user=q_user.id, date_created=datetime.now())
q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first()
content = {
'id_user': str(q_user.id),
'id_client': str(id_client),
'user_agent': self.phanterpwa_user_agent,
'remote_addr': self.phanterpwa_remote_ip
}
token_url = t_url.dumps(content)
token_client = t_client.dumps(content)
token_client = token_client.decode('utf-8')
q_client.update_record(
token=token_client,
date_created=datetime.now(),
remember_me=True,
locked=False,
)
if not q_user.permit_mult_login:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == q_user.id) &
(self.DALDatabase.client.token != token_client)
).select()
if r_client:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == q_user.id) &
(self.DALDatabase.client.token != token_client)
).delete()
user_image = PhanterpwaGalleryUserImage(q_user.id, self.DALDatabase, self.projectConfig)
redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format(
origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'],
social_name, state
)
q_state.update_record(user_credentials=json.dumps({
'authorization': token_user,
'client_token': token_client,
'url_token': token_url,
'auth_user': {
'id': str(q_user.id),
'first_name': E(q_user.first_name),
'last_name': E(q_user.last_name),
'email': email,
'remember_me': q_client.remember_me,
'roles': roles,
'role': role,
'activated': True,
'image': user_image.id_image,
'social_image': social_image,
'two_factor': False,
'multiple_login': q_user.permit_mult_login,
'social_login': social_name
}
}))
self.DALDatabase.commit()
self.set_status(200)
return self.write(
str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect))))))
else:
new_password = os.urandom(3).hex()
password_hash = pbkdf2_sha512.hash("password{0}{1}".format(
new_password, self.projectConfig['BACKEND'][self.app_name]['secret_key']))
table = self.DALDatabase.auth_user
social_image = googleapi_user.get("picture", None)
first_name = googleapi_user.get("given_name", "")
last_name = googleapi_user.get("family_name", "")
dict_arguments = {
"first_name": first_name,
"last_name": last_name,
"email": email,
"password_hash": password_hash,
"activated": True
}
result = FieldsDALValidateDictArgs(
dict_arguments,
*[table[x] for x in table.fields if x in [
"first_name", "last_name", "email", "password_hash"]]
)
r = result.validate_and_insert(self.DALDatabase.auth_user)
if r and r.id:
q_user = self.DALDatabase(self.DALDatabase.auth_user.id == r.id).select().first()
id_user = q_user.id
q_user.update_record(activated=True)
if r.id == 1:
role = "root"
id_role = self.DALDatabase(self.DALDatabase.auth_group.role == 'root').select().first()
if id_role:
self.DALDatabase.auth_membership.insert(auth_user=1,
auth_group=id_role.id)
else:
role = "user"
self.DALDatabase.auth_membership.insert(auth_user=r.id, auth_group=3)
t_user = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire']
)
content_user = {
'id': str(r.id),
'email': dict_arguments['email']
}
token_user = t_user.dumps(content_user)
token_user = token_user.decode('utf-8')
token_client = self.phanterpwa_client_token
id_client = self.DALDatabase.client.update_or_insert(auth_user=r.id)
t_client = Serialize(
self.projectConfig['BACKEND'][self.app_name]['secret_key'],
self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire']
)
t_url = URLSafeSerializer(
self.projectConfig['BACKEND'][self.app_name]["secret_key"],
salt="url_secret_key"
)
content_client = {
'id_user': str(r.id),
'id_client': str(id_client),
'user_agent': self.phanterpwa_user_agent,
'remote_addr': self.phanterpwa_remote_ip
}
token_url = t_url.dumps(content_client)
token_client = t_client.dumps(content_client)
token_client = token_client.decode('utf-8')
q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first()
q_client.update_record(
token=token_client,
date_created=datetime.now()
)
r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first()
if r_client:
r_client.delete_record()
if not q_user.permit_mult_login:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == id_user) &
(self.DALDatabase.client.token != self.phanterpwa_client_token)
).select()
if r_client:
r_client = self.DALDatabase(
(self.DALDatabase.client.auth_user == id_user) &
(self.DALDatabase.client.token != self.phanterpwa_client_token)
).remove()
user_image = PhanterpwaGalleryUserImage(r.id, self.DALDatabase, self.projectConfig)
self.set_status(201)
roles = ["user"]
role = "user"
redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format(
origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'],
social_name, state
)
q_state.update_record(user_credentials=json.dumps({
'authorization': token_user,
'client_token': token_client,
'url_token': token_url,
'auth_user': {
'id': str(q_user.id),
'first_name': E(q_user.first_name),
'last_name': E(q_user.last_name),
'email': email,
'remember_me': q_client.remember_me,
'roles': roles,
'role': role,
'activated': True,
'image': user_image.id_image,
'social_image': social_image,
'two_factor': False,
'multiple_login': q_user.permit_mult_login,
'social_login': social_name
}
}))
self.DALDatabase.commit()
return self.write(
str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect))))))
message = "An error occurred while trying to authenticate."
self.set_status(400)
return self.write({
'status': 'Bad Request',
'code': 400,
'message': message,
'i18n': {
'message': self.T(message)
}
})
def __create_token() -> str:
return URLSafeSerializer(app.config[SECRET_KEY]).dumps(TEST_EMAIL)
def send_tag_alert_emails(tag):
"""
Sends emails to every tag.alert_email
:param tag SmartTagChannel:
:returns: True if sending process was successful, False otherwise
"""
if not tag.alert_can_be_sent:
return False
# to prevent sending several emails by different processes
# we sent alert_last_sent_at to current time
# it is changed back if sending was unsuccesful
previous_sent_time = tag.alert_last_sent_at
tag.alert_last_sent_at = datetime.now()
tag.save()
# noinspection PyBroadException
try:
tag_edit_url = '{}/configure#/tags/edit/{}'.format(
get_var('HOST_DOMAIN'), str(tag.id))
for user_email in tag.alert_emails:
s = URLSafeSerializer(get_var('UNSUBSCRIBE_KEY'),
get_var('UNSUBSCRIBE_SALT'))
email_tag_id = s.dumps((user_email, str(tag.id)))
tag_unsubscribe_url = '{}/unsubscribe/tag/{}'.format(
get_var('HOST_DOMAIN'), email_tag_id)
tag_view_url = '{}/inbound#?tag={}&channel={}'.format(
get_var('HOST_DOMAIN'), str(tag.id), str(tag.parent_channel))
msg = Message(subject="Geneys Social Analytics Alert - Smart Tag",
sender=_get_sender(),
recipients=[user_email])
try:
user = User.objects.get(email=user_email)
except User.DoesNotExist:
user = None
msg.html = render_template(
"mail/smarttag_alert.html",
user_name=user.first_name if user else None,
tag_title=tag.title,
tag_edit_url=tag_edit_url,
tag_unsubscribe_url=tag_unsubscribe_url,
tag_view_url=tag_view_url)
# get_var('ON_TEST') since when running tests
# get_app_mode() returns 'dev' in pool_worker thread
try:
app_mode = get_app_mode()
except RuntimeError:
app_mode = 'dev'
if app_mode != 'dev' or get_var('ON_TEST'):
send_mail(msg)
else:
LOGGER.info(msg.html)
tag.alert_last_sent_at = datetime.now()
tag.save()
return True
except:
if previous_sent_time:
tag.alert_last_sent_at = previous_sent_time
tag.save()
return False
from parameterized import parameterized
from airflow import DAG
from airflow.api_connexion.exceptions import EXCEPTIONS_LINK_MAP
from airflow.configuration import conf
from airflow.models import DagBag, DagModel
from airflow.models.serialized_dag import SerializedDagModel
from airflow.operators.dummy import DummyOperator
from airflow.security import permissions
from airflow.utils.session import provide_session
from airflow.www import app
from tests.test_utils.api_connexion_utils import assert_401, create_user, delete_user
from tests.test_utils.config import conf_vars
from tests.test_utils.db import clear_db_dags, clear_db_runs, clear_db_serialized_dags
SERIALIZER = URLSafeSerializer(conf.get('webserver', 'secret_key'))
FILE_TOKEN = SERIALIZER.dumps(__file__)
class TestDagEndpoint(unittest.TestCase):
dag_id = "test_dag"
task_id = "op1"
dag2_id = "test_dag2"
dag3_id = "test_dag3"
@staticmethod
def clean_db():
clear_db_runs()
clear_db_dags()
clear_db_serialized_dags()
def encrypt_cookie(content):
s = URLSafeSerializer(current_app.secret_key, salt='cookie')
return s.dumps(content)
def init_app(app):
global url_serializer, url_timed_serializer
url_serializer = URLSafeSerializer(app.config['SECRET_KEY'])
url_timed_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
def remove_token(self, token):
s = URLSafeSerializer(self.secret_key)
return s.loads(token)
from itsdangerous import URLSafeSerializer
auth_s = URLSafeSerializer("secret key", "auth")
token = auth_s.dumps({"id": 1, "name": "name"})
print(token)
data = auth_s.loads(token)
print(data["name"])
import json
from flask import g
from find_restaurant.member.views import dbsession
from find_restaurant.member.models import User
from oauth2client import client
from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth
from itsdangerous import URLSafeSerializer
from config import SECRET_KEY, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET
auth = HTTPTokenAuth()
s = URLSafeSerializer(SECRET_KEY)
def verify_token(token):
user_id = User.verify_auth_token(token)
if user_id:
user = dbsession.query(User).filter_by(id=user_id).one()
if not user:
return False
g.user = user
return True
def google_login(auth_code):
try:
oauth_flow = client.OAuth2WebServerFlow(
client_id=GOOGLE_CLIENT_ID,
client_secret=GOOGLE_CLIENT_SECRET,
scope='profile email',
redirect_uri='http://localhost:5000/dashboard')
oauth_flow.redirect_uri = 'postmessage'
def index():
uid = current_user.id
s = URLSafeSerializer('')
s.dumps({'uid': uid})
return request.args.get('i')
def _serializer(self):
return URLSafeSerializer(SECRET_KEY, salt=self.salt)
#encoding:utf8
#url安全序列化
#防篡改
#明文加密传输
#更多相关知识请看https://itsdangerous.readthedocs.io/en/latest/
from itsdangerous import URLSafeSerializer
s = URLSafeSerializer('secret-key')
print(s.dumps([1, 2, 3, 4]))
#WzEsMiwzLDRd.wSPHqC0gR7VUqivlSukJ0IeTDgo
print(s.loads('WzEsMiwzLDRd.wSPHqC0gR7VUqivlSukJ0IeTDgo'))
def order_product_deserialize_old(order_product_token):
serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_ORDER_PRODUCT)
order_product_id = serializer.loads(order_product_token)
order_product = OrderProduct.query.filter_by(id=order_product_id).one()
return order_product
def make_tokenizer(salt):
""" Instantiate a tokenizer for the given salt. """
signer = URLSafeSerializer(get_secret(), salt=salt)
return signer.dumps
def order_deserialize(order_token):
serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_ORDER)
order_id = serializer.loads(order_token)
user_order = Order.query.filter_by(id=order_id).one()
return user_order
super(SQLAlchemy, self).apply_pool_defaults(app, options)
options["pool_pre_ping"] = True
# Creating and Initializing db object of SQLAlchemy class
db = SQLAlchemy(app)
db.init_app(app)
migrate = Migrate(app, db, render_as_batch=True)
with app.app_context():
if db.engine.url.drivername == 'sqlite':
migrate.init_app(app, db, render_as_batch=True)
else:
migrate.init_app(app, db)
manager = Manager(app)
manager.add_command('db', MigrateCommand)
# Creating serializer object of URLSafeSerializer class for serializing session_token
serializer = URLSafeSerializer(app.secret_key)
# Here we set session_token as our user_loader.
from bookstore.client.views import client
# from bookstore.admin.views import admin
app.register_blueprint(client)
# app.register_blueprint(myadmin, url_prefix='/admin')
import logging
from flask import abort, redirect, render_template, request, url_for
from itsdangerous import URLSafeSerializer, BadSignature
from structlog import wrap_logger
from frontstage import app
from frontstage.views.passwords import reset_password
from frontstage.models import ForgotPasswordForm
from frontstage.views.passwords import passwords_bp
logger = wrap_logger(logging.getLogger(__name__))
BAD_AUTH_ERROR = 'Unauthorized user credentials'
url_safe_serializer = URLSafeSerializer(app.config['SECRET_KEY'])
@passwords_bp.route('/forgot-password', methods=['GET'])
def get_forgot_password():
form = ForgotPasswordForm(request.form)
return render_template('passwords/forgot-password.html', form=form)
@passwords_bp.route('/forgot-password', methods=['POST'])
def post_forgot_password():
form = ForgotPasswordForm(request.form)
email = form.data.get('email_address').strip()
if form.validate():
return reset_password.request_password_change(email)
def generate_token(self, email):
s = URLSafeSerializer(self.secret_key)
token = s.dumps(email)
return token
from app import db, login, app
from flask_login import UserMixin
from werkzeug.security import generate_password_hash, check_password_hash
from itsdangerous import URLSafeSerializer
import datetime
login_serializer = URLSafeSerializer(app.config['SECRET_KEY'])
@login.user_loader
def load_user(session_token):
return User.query.filter_by(session_token=session_token).first()
class User(UserMixin, db.Model):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.VARCHAR(256), index=True, unique=True)
email = db.Column(db.VARCHAR(256), index=True, unique=True)
password = db.Column(db.VARCHAR(256))
session_token = db.Column(db.VARCHAR(256))
active = db.Column(db.BOOLEAN(), default=1)
first_login = db.Column(db.BOOLEAN(), default=1)
admin = db.Column(db.BOOLEAN(), default=0)
cards = db.relationship('Card',
secondary='user_card_lookup',
lazy='dynamic')
preferences = db.relationship('UserPreference',
backref='user',
lazy='dynamic')
def __repr__(self):
def confirm_token(self, token):
s = URLSafeSerializer(self.secret_key)
result = s.loads(token)
return result
import re
from datetime import datetime, time
from enum import Enum
from io import BytesIO
from flask import current_app, render_template, send_file
from itsdangerous import BadData, Signer, URLSafeSerializer, URLSafeTimedSerializer
from werkzeug.local import LocalProxy
DATE_FORMAT = '%Y-%m-%d'
DATETIME_FORMAT = '%Y-%m-%dT%H:%M'
secure_serializer = LocalProxy(
lambda: URLSafeSerializer(current_app.config['SECRET_KEY'], b'newdle'))
secure_timed_serializer = LocalProxy(lambda: URLSafeTimedSerializer(
current_app.config['SECRET_KEY'], b'newdle'))
class AutoNameEnum(Enum):
def _generate_next_value_(name, start, count, last_values):
return name
def parse_dt(text):
return datetime.strptime(text, DATETIME_FORMAT)
def format_dt(dt):
return dt.strftime(DATETIME_FORMAT)
def encrypt(text):
secret_key = current_app.config.get('SECRET_KEY', 'never')
s = URLSafeSerializer(secret_key)
return s.dumps(text)
