def make_app(build_dir: str = None, demo_db: Optional[DemoDatabase] = None) -> Flask: if build_dir is None: build_dir = os.path.join(DEMO_DIR, 'build') if not os.path.exists(build_dir): logger.error("app directory %s does not exist, aborting", build_dir) sys.exit(-1) app = Flask(__name__) # pylint: disable=invalid-name start_time = datetime.now(pytz.utc) start_time_str = start_time.strftime("%Y-%m-%d %H:%M:%S %Z") app.predictors = {} app.wsgi_app = ProxyFix( app.wsgi_app) # sets the requester IP with the X-Forwarded-For header try: cache_size = int(CACHE_SIZE) # type: ignore except ValueError: logger.warning("unable to parse cache size %s as int, disabling cache", CACHE_SIZE) cache_size = 0 @app.errorhandler(ServerError) def handle_invalid_usage(error: ServerError) -> Response: # pylint: disable=unused-variable response = jsonify(error.to_dict()) response.status_code = error.status_code return response @lru_cache(maxsize=cache_size) def _caching_prediction(model: Predictor, data: str) -> JsonDict: """ Just a wrapper around ``model.predict_json`` that allows us to use a cache decorator. """ return model.predict_json(json.loads(data)) @app.route('/') def index() -> Response: # pylint: disable=unused-variable return send_file(os.path.join(build_dir, 'index.html')) @app.route('/permadata', methods=['POST', 'OPTIONS']) def permadata() -> Response: # pylint: disable=unused-variable """ If the user requests a permalink, the front end will POST here with the payload { slug: slug } which we convert to an integer id and use to retrieve saved results from the database. """ # This is just CORS boilerplate. if request.method == "OPTIONS": return Response(response="", status=200) # If we don't have a database configured, there are no permalinks. if demo_db is None: raise ServerError('Permalinks are not enabled', 400) # Convert the provided slug to an integer id. slug = request.get_json()["slug"] perma_id = slug_to_int(slug) if perma_id is None: # Malformed slug raise ServerError("Unrecognized permalink: {}".format(slug), 400) # Fetch the results from the database. try: permadata = demo_db.get_result(perma_id) except psycopg2.Error: logger.exception( "Unable to get results from database: perma_id %s", perma_id) raise ServerError('Database trouble', 500) if permadata is None: # No data found, invalid id? raise ServerError("Unrecognized permalink: {}".format(slug), 400) return jsonify({ "modelName": permadata.model_name, "requestData": permadata.request_data, "responseData": permadata.response_data }) @app.route('/predict/<model_name>', methods=['POST', 'OPTIONS']) def predict(model_name: str) -> Response: # pylint: disable=unused-variable """make a prediction using the specified model and return the results""" if request.method == "OPTIONS": return Response(response="", status=200) # Do log if no argument is specified record_to_database = request.args.get("record", "true").lower() != "false" # Do use the cache if no argument is specified use_cache = request.args.get("cache", "true").lower() != "false" model = app.predictors.get(model_name.lower()) if model is None: raise ServerError("unknown model: {}".format(model_name), status_code=400) data = request.get_json() log_blob = { "model": model_name, "inputs": data, "cached": False, "outputs": {} } # Record the number of cache hits before we hit the cache so we can tell whether we hit or not. # In theory this could result in false positives. pre_hits = _caching_prediction.cache_info().hits # pylint: disable=no-value-for-parameter if use_cache and cache_size > 0: # lru_cache insists that all function arguments be hashable, # so unfortunately we have to stringify the data. prediction = _caching_prediction(model, json.dumps(data)) else: # if cache_size is 0, skip caching altogether prediction = model.predict_json(data) post_hits = _caching_prediction.cache_info().hits # pylint: disable=no-value-for-parameter if record_to_database and demo_db is not None: try: perma_id = None perma_id = demo_db.add_result(headers=dict(request.headers), requester=request.remote_addr, model_name=model_name, inputs=data, outputs=prediction) if perma_id is not None: slug = int_to_slug(perma_id) prediction["slug"] = slug log_blob["slug"] = slug except Exception: # pylint: disable=broad-except # TODO(joelgrus): catch more specific errors logger.exception("Unable to add result to database", exc_info=True) if use_cache and post_hits > pre_hits: # Cache hit, so insert an artifical pause log_blob["cached"] = True time.sleep(0.25) # The model predictions are extremely verbose, so we only log the most human-readable # parts of them. if model_name == "machine-comprehension": log_blob["outputs"]["best_span_str"] = prediction["best_span_str"] elif model_name == "coreference-resolution": log_blob["outputs"]["clusters"] = prediction["clusters"] log_blob["outputs"]["document"] = prediction["document"] elif model_name == "textual-entailment": log_blob["outputs"]["label_probs"] = prediction["label_probs"] elif model_name == "named-entity-recognition": log_blob["outputs"]["tags"] = prediction["tags"] elif model_name == "semantic-role-labeling": verbs = [] for verb in prediction["verbs"]: # Don't want to log boring verbs with no semantic parses. good_tags = [tag for tag in verb["tags"] if tag != "0"] if len(good_tags) > 1: verbs.append({ "verb": verb["verb"], "description": verb["description"] }) log_blob["outputs"]["verbs"] = verbs elif model_name == "constituency-parsing": log_blob["outputs"]["trees"] = prediction["trees"] elif model_name == "wikitables-parser": log_blob['outputs']['logical_form'] = prediction['logical_form'] log_blob['outputs']['answer'] = prediction['answer'] elif model_name == "quarel-parser-zero": log_blob['outputs']['logical_form'] = prediction['logical_form'] log_blob['outputs']['answer'] = prediction['answer'] log_blob['outputs']['score'] = prediction['score'] elif model_name == "nlvr-parser": log_blob['outputs']['logical_form'] = prediction['logical_form'][0] log_blob['outputs']['answer'] = prediction['denotations'][0][0] elif model_name == "atis-parser": log_blob['outputs']['predicted_sql_query'] = prediction[ 'predicted_sql_query'] # TODO(brendanr): Add event2mind log_blob here? logger.info("prediction: %s", json.dumps(log_blob)) return jsonify(prediction) @app.route('/models') def list_models() -> Response: # pylint: disable=unused-variable """list the available models""" return jsonify({"models": list(app.predictors.keys())}) @app.route('/info') def info() -> Response: # pylint: disable=unused-variable """List metadata about the running webserver""" uptime = str(datetime.now(pytz.utc) - start_time) git_version = os.environ.get('ALLENNLP_DEMO_SOURCE_COMMIT') or "" return jsonify({ "start_time": start_time_str, "uptime": uptime, "git_version": git_version, "peak_memory_mb": peak_memory_mb(), "githubUrl": "http://github.com/allenai/allennlp-demo/commit/" + git_version }) # As an SPA, we need to return index.html for /model-name and /model-name/permalink. @app.route('/open-information-extraction') @app.route('/semantic-role-labeling') @app.route('/constituency-parsing') @app.route('/dependency-parsing') @app.route('/machine-comprehension') @app.route('/textual-entailment') @app.route('/coreference-resolution') @app.route('/named-entity-recognition') @app.route('/fine-grained-named-entity-recognition') @app.route('/wikitables-parser') @app.route('/quarel-parser-zero') @app.route('/event2mind') @app.route('/open-information-extraction/<permalink>') @app.route('/atis-parser') @app.route('/semantic-role-labeling/<permalink>') @app.route('/constituency-parsing/<permalink>') @app.route('/dependency-parsing/<permalink>') @app.route('/machine-comprehension/<permalink>') @app.route('/textual-entailment/<permalink>') @app.route('/coreference-resolution/<permalink>') @app.route('/named-entity-recognition/<permalink>') @app.route('/event2mind/<permalink>') @app.route('/wikitables-parser/<permalink>') @app.route('/quarel-parser-zero/<permalink>') @app.route('/atis-parser/<permalink>') def return_page(permalink: str = None) -> Response: # pylint: disable=unused-argument, unused-variable """return the page""" return send_file(os.path.join(build_dir, 'index.html')) @app.route('/<path:path>') def static_proxy(path: str) -> Response: # pylint: disable=unused-variable return send_from_directory(build_dir, path) @app.route('/static/js/<path:path>') def static_js_proxy(path: str) -> Response: # pylint: disable=unused-variable return send_from_directory(os.path.join(build_dir, 'static/js'), path) @app.route('/static/css/<path:path>') def static_css_proxy(path: str) -> Response: # pylint: disable=unused-variable return send_from_directory(os.path.join(build_dir, 'static/css'), path) return app
import os from werkzeug.serving import run_simple from werkzeug.wsgi import DispatcherMiddleware from werkzeug.contrib.fixers import ProxyFix from xinshangjia import frontend if "PSYCOGREEN" in os.environ: # Do our monkey patching # from gevent.monkey import patch_all patch_all() from psycogreen.gevent import patch_psycopg patch_psycopg() frontend_app = frontend.create_app() application = ProxyFix(DispatcherMiddleware(frontend_app, { '/xinshangjia': frontend_app, })) if __name__ == "__main__": run_simple("0.0.0.0", 7100, application, use_debugger=True)
def create_app(config=None, testing=False): log = LoggingMixin().log app = Flask(__name__) if configuration.conf.getboolean('webserver', 'ENABLE_PROXY_FIX'): app.wsgi_app = ProxyFix(app.wsgi_app) app.secret_key = configuration.conf.get('webserver', 'SECRET_KEY') app.config['LOGIN_DISABLED'] = not configuration.conf.getboolean( 'webserver', 'AUTHENTICATE') csrf.init_app(app) app.config['TESTING'] = testing airflow.load_login() airflow.login.login_manager.init_app(app) from airflow import api api.load_auth() api.api_auth.init_app(app) # flake8: noqa: F841 cache = Cache(app=app, config={'CACHE_TYPE': 'filesystem', 'CACHE_DIR': '/tmp'}) app.register_blueprint(routes) configure_logging() with app.app_context(): from airflow.www import views admin = Admin( app, name='Airflow', static_url_path='/admin', index_view=views.HomeView(endpoint='', url='/admin', name="DAGs"), template_mode='bootstrap3', ) av = admin.add_view vs = views av(vs.Airflow(name='DAGs', category='DAGs')) if not conf.getboolean('core', 'secure_mode'): av(vs.QueryView(name='Ad Hoc Query', category="Data Profiling")) av(vs.ChartModelView( models.Chart, Session, name="Charts", category="Data Profiling")) av(vs.SlaMissModelView( models.SlaMiss, Session, name="SLA Misses", category="Browse")) av(vs.TaskInstanceModelView(models.TaskInstance, Session, name="Task Instances", category="Browse")) av(vs.LogModelView( models.Log, Session, name="Logs", category="Browse")) av(vs.JobModelView( jobs.BaseJob, Session, name="Jobs", category="Browse")) av(vs.PoolModelView( models.Pool, Session, name="Pools", category="Admin")) av(vs.ConfigurationView( name='Configuration', category="Admin")) av(vs.UserModelView( models.User, Session, name="Users", category="Admin")) av(vs.ConnectionModelView( Connection, Session, name="Connections", category="Admin")) av(vs.VariableView( models.Variable, Session, name="Variables", category="Admin")) av(vs.XComView( models.XCom, Session, name="XComs", category="Admin")) admin.add_link(base.MenuLink( category='Docs', name='Documentation', url='https://airflow.apache.org/')) admin.add_link( base.MenuLink(category='Docs', name='Github', url='https://github.com/apache/airflow')) av(vs.VersionView(name='Version', category="About")) av(vs.DagRunModelView( models.DagRun, Session, name="DAG Runs", category="Browse")) av(vs.DagModelView(models.DagModel, Session, name=None)) # Hack to not add this view to the menu admin._menu = admin._menu[:-1] def integrate_plugins(): """Integrate plugins to the context""" from airflow.plugins_manager import ( admin_views, flask_blueprints, menu_links) for v in admin_views: log.debug('Adding view %s', v.name) admin.add_view(v) for bp in flask_blueprints: log.debug('Adding blueprint %s', bp.name) app.register_blueprint(bp) for ml in sorted(menu_links, key=lambda x: x.name): log.debug('Adding menu link %s', ml.name) admin.add_link(ml) integrate_plugins() import airflow.www.api.experimental.endpoints as e # required for testing purposes otherwise the module retains # a link to the default_auth if app.config['TESTING']: six.moves.reload_module(e) app.register_blueprint(e.api_experimental, url_prefix='/api/experimental') @app.context_processor def jinja_globals(): return { 'hostname': get_hostname(), 'navbar_color': configuration.get('webserver', 'NAVBAR_COLOR'), } @app.teardown_appcontext def shutdown_session(exception=None): settings.Session.remove() return app
def init_app(cls, app): ProductionConfig.init_app(app) # Handle proxy server headers from werkzeug.contrib.fixers import ProxyFix app.wsgi_app = ProxyFix(app.wsgi_app)
def create_app(config=None, session=None, testing=False, app_name="Airflow"): global app, appbuilder app = Flask(__name__) if conf.getboolean('webserver', 'ENABLE_PROXY_FIX'): app.wsgi_app = ProxyFix(app.wsgi_app) app.secret_key = conf.get('webserver', 'SECRET_KEY') airflow_home_path = conf.get('core', 'AIRFLOW_HOME') webserver_config_path = airflow_home_path + '/webserver_config.py' app.config.from_pyfile(webserver_config_path, silent=True) app.config['APP_NAME'] = app_name app.config['TESTING'] = testing app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['SESSION_COOKIE_HTTPONLY'] = True app.config['SESSION_COOKIE_SECURE'] = conf.getboolean( 'webserver', 'COOKIE_SECURE') app.config['SESSION_COOKIE_SAMESITE'] = conf.get('webserver', 'COOKIE_SAMESITE') if config: app.config.from_mapping(config) csrf.init_app(app) db = SQLA(app) from airflow import api api.load_auth() api.api_auth.init_app(app) # flake8: noqa: F841 cache = Cache(app=app, config={ 'CACHE_TYPE': 'filesystem', 'CACHE_DIR': '/tmp' }) from airflow.www.blueprints import routes app.register_blueprint(routes) configure_logging() configure_manifest_files(app) with app.app_context(): from airflow.www.security import AirflowSecurityManager security_manager_class = app.config.get('SECURITY_MANAGER_CLASS') or \ AirflowSecurityManager if not issubclass(security_manager_class, AirflowSecurityManager): raise Exception( """Your CUSTOM_SECURITY_MANAGER must now extend AirflowSecurityManager, not FAB's security manager.""") appbuilder = AppBuilder(app, db.session if not session else session, security_manager_class=security_manager_class, base_template='appbuilder/baselayout.html') def init_views(appbuilder): from airflow.www import views appbuilder.add_view_no_menu(views.Airflow()) appbuilder.add_view_no_menu(views.DagModelView()) appbuilder.add_view_no_menu(views.ConfigurationView()) appbuilder.add_view_no_menu(views.VersionView()) appbuilder.add_view(views.DagRunModelView, "DAG Runs", category="Browse", category_icon="fa-globe") appbuilder.add_view(views.JobModelView, "Jobs", category="Browse") appbuilder.add_view(views.LogModelView, "Logs", category="Browse") appbuilder.add_view(views.SlaMissModelView, "SLA Misses", category="Browse") appbuilder.add_view(views.TaskInstanceModelView, "Task Instances", category="Browse") appbuilder.add_link("Configurations", href='/configuration', category="Admin", category_icon="fa-user") appbuilder.add_view(views.ConnectionModelView, "Connections", category="Admin") appbuilder.add_view(views.PoolModelView, "Pools", category="Admin") appbuilder.add_view(views.VariableModelView, "Variables", category="Admin") appbuilder.add_view(views.XComModelView, "XComs", category="Admin") appbuilder.add_link("Documentation", href='https://airflow.apache.org/', category="Docs", category_icon="fa-cube") appbuilder.add_link("GitHub", href='https://github.com/apache/airflow', category="Docs") appbuilder.add_link('Version', href='/version', category='About', category_icon='fa-th') def integrate_plugins(): """Integrate plugins to the context""" from airflow.plugins_manager import ( flask_appbuilder_views, flask_appbuilder_menu_links) for v in flask_appbuilder_views: log.debug("Adding view %s", v["name"]) appbuilder.add_view(v["view"], v["name"], category=v["category"]) for ml in sorted(flask_appbuilder_menu_links, key=lambda x: x["name"]): log.debug("Adding menu link %s", ml["name"]) appbuilder.add_link(ml["name"], href=ml["href"], category=ml["category"], category_icon=ml["category_icon"]) integrate_plugins() # Garbage collect old permissions/views after they have been modified. # Otherwise, when the name of a view or menu is changed, the framework # will add the new Views and Menus names to the backend, but will not # delete the old ones. def init_plugin_blueprints(app): from airflow.plugins_manager import flask_blueprints for bp in flask_blueprints: log.debug("Adding blueprint %s:%s", bp["name"], bp["blueprint"].import_name) app.register_blueprint(bp["blueprint"]) init_views(appbuilder) init_plugin_blueprints(app) security_manager = appbuilder.sm security_manager.sync_roles() from airflow.www.api.experimental import endpoints as e # required for testing purposes otherwise the module retains # a link to the default_auth if app.config['TESTING']: if six.PY2: reload(e) # noqa else: import importlib importlib.reload(e) app.register_blueprint(e.api_experimental, url_prefix='/api/experimental') @app.context_processor def jinja_globals(): return { 'hostname': socket.getfqdn(), 'navbar_color': conf.get('webserver', 'NAVBAR_COLOR'), } @app.teardown_appcontext def shutdown_session(exception=None): settings.Session.remove() return app, appbuilder
def init_app(cls, app): # proxy servers from werkzeug.contrib.fixers import ProxyFix app.wsgi_app = ProxyFix(app.wsgi_app)
proxy_set_header X-Scheme $scheme; proxy_set_header X-Script-Name /myprefix; } :param app: the WSGI application ''' def __init__(self, app): self.app = app def __call__(self, environ, start_response): script_name = environ.get('HTTP_X_SCRIPT_NAME', '') if script_name: environ['SCRIPT_NAME'] = script_name path_info = environ['PATH_INFO'] if path_info.startswith(script_name): environ['PATH_INFO'] = path_info[len(script_name):] scheme = environ.get('HTTP_X_SCHEME', '') if scheme: environ['wsgi.url_scheme'] = scheme return self.app(environ, start_response) application = app # patch app to handle non root url-s behind proxy & wsgi app.wsgi_app = ReverseProxyPathFix(ProxyFix(application.wsgi_app)) if __name__ == "__main__": run()
def run(args): logger = logging.getLogger("grappled.main.run") logger.debug("Launched with arguments: {}".format(args)) try: config = grappled.helpers.parseConfig(args.config_dir) except Exception as e: logger.error("Fatal error parsing configuration files.") logger.error(e) return app = GrappledFlask(__name__) if not args.no_proxyfix: from werkzeug.contrib.fixers import ProxyFix app.wsgi_app = ProxyFix(app.wsgi_app) guid_history = None if args.guid: guid_history = ExpiringDict(max_len=1000, max_age_seconds=3600) # Error Handlers: @app.errorhandler(GrappledAPIException) def error_handler(error): logger.warn(error) if args.debug: return {'status': error.status, 'message': error.message}, error.status else: return {'status': 500, 'message': 'Internal Server Error'}, 500 # Main Endpoint @app.route("/<endpoint>", methods=['GET', 'POST']) def index(endpoint=None): # Get the relevant endpoint object. # Normalize the endpoint name: endpoint = grappled.helpers.normalizeEndpointName(endpoint) try: end_cfg = config[endpoint] except KeyError: raise GrappledAPIException("Endpoint not found: {}".format(endpoint), 404) if end_cfg['ip-whitelist']: request_ip = ipaddress.ip_address(str(request.remote_addr)) # Check the whitelist if not any((request_ip in white) for white in end_cfg['ip-whitelist']): raise GrappledAPIException("IP not in whitelist: {}".format(request_ip), 401) # Track GUID if not request.headers.get('X-Github-Delivery'): raise GrappledAPIException("Rejected event with missing UUID.", 403) in_guid = UUID(request.headers.get('X-Github-Delivery')) if guid_history is not None: if in_guid in guid_history: raise GrappledAPIException("Rejected event with duplicate UUID {}".format(in_guid), 401) guid_history[in_guid] = True # Check signature if "key" in end_cfg: try: hashtype, signature = request.headers.get('X-Hub-Signature').split('=', 2) except: raise GrappledAPIException("Signature in unexpected format.", 403) if hashtype != "sha1": raise GrappledAPIException("Signature uses unexpected hash type. Only SHA-1 is supported.", 403) assert type(end_cfg["key"]) is bytes mac = hmac.new(end_cfg["key"], msg=request.data, digestmod=sha1) if not hmac.compare_digest(mac.hexdigest(), signature): raise GrappledAPIException("Invalid signature.", 403) if request.method == 'POST': # Respond to ping events. if request.headers.get('X-GitHub-Event') == "ping": return {'msg': 'pong'} if request.headers.get('X-GitHub-Event') != "push": raise GrappledAPIException("Only push events are supported.", 400) try: payload = request.get_json(force=True) except Exception as e: raise GrappledAPIException("Malformed JSON input.", 400) rv = {"status": 200, "error": None, "guid": in_guid, "do": []} for act_name, action in end_cfg["do"]: try: dostr = action(payload) rv["do"].append({"plugin_name": act_name, "output": dostr}) except Exception as e: rv["error"] = {"plugin_name": act_name, "message": str(e.message)} if hasattr(e, "output"): rv["error"]["output"] = e.output break return rv else: raise GrappledAPIException("Method Not Allowed. Only POST requests are allowed.", 405) app.run(host=str(args.ip), port=args.port)
''' Production App ''' import cointracker my_app = cointracker.app # Fix the proxy headers issue from werkzeug.contrib.fixers import ProxyFix my_app.wsgi_app = ProxyFix(my_app.wsgi_app)
def create_app(): app = Flask(__name__) APIKEY = os.environ['CHARON_APIKEY'] CONFIG_FILE = os.environ['CHARON_CONFIG_FILE'] app.wsgi_app = ProxyFix(app.wsgi_app, num_proxies=1) limiter = Limiter(app, key_func=get_remote_address) def require_apikey(func): @wraps(func) def decorated_function(*args, **kwargs): if request.headers.get('X-Api-Key') and request.headers.get('X-Api-Key') == APIKEY: return func(*args, **kwargs) else: logger.debug('Invalid API key. {0}'.format(request.json)) logger.debug('Headers: {}'.format(request.headers)) logger.debug('Headers API key: {}'.format(request.headers.get('X-Api-Key'))) abort(401) return decorated_function @app.route('/job', methods=['POST']) @limiter.limit("300 per hour") @require_apikey def index(): logger.debug('Received request: {}'.format(request.json)) charon_request = {} content = request.json try: charon_request = { 'request' : { 'source_project_id': content.get('source_project_id'), 'dest_project_id': content.get('dest_project_id'), 'image_uuids': content.get('image_uuids') } } except (TypeError, AttributeError): logger.warning('Request contents are incorrect') return Response('{"Error": "Request must contain: source_project_id, dest_project_id, image_uuids"}', status=400, mimetype='application/json') try: job_config = config.Config(CONFIG_FILE, charon_request) except ValidationError as e: logger.error('Error validating config. {}'.format(e)) error_string = '{"Error": "There was an issue validating the config.' + str(e) +'"}' return Response(error_string, status=400, mimetype='application/json') jobs = [] for job in content.get('image_uuids'): test_job = q.enqueue('charon.util.run_tests', job_config, timeout=5000) jobs.append(test_job.get_id()) logger.debug('Dispatched job {0} for image_uuid {1}'.format(test_job.get_id(), job)) return jsonify({'job_ids': jobs}) @app.route('/job/<job_id>', methods=['GET']) def get_results(job_id): logger.debug('Received request: {}'.format(request)) job = Job(job_id, connection=conn) if job.is_finished: return jsonify({'result': str(job.result)}) elif job.is_failed: return jsonify({'status': 'failed', 'result': job.exc_info}) elif job._status == 'started': return jsonify({'status': 'running'}) else: return jsonify({'status': 'error', 'result': job.exc_info}) return app
def init_webapp(config, test=False): """Initialize the web application. Initializes and configures the Flask web application. Call this method to make the web application and respective database engine usable. If initialized with `test=True` the application will use an in-memory SQLite database, and should be used for unit testing, but not much else. """ # Make app work with proxies (like nginx) that set proxy headers. app.wsgi_app = ProxyFix(app.wsgi_app) # logging.getLogger('flask_cors').level = logging.DEBUG # Note, this url namespace also exists for the Flask-Restless extension and # is where CRUD interfaces live, so be careful not to collide with model # names here. We could change this, but it's nice to have API live in the # same url namespace. app.register_blueprint(api, url_prefix='/api') # Initialize Flask configuration if test: app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://' else: app.config['SQLALCHEMY_DATABASE_URI'] = config['webapp'][ 'database_uri'] # FIXME: Port these over to configobj. app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['SECRET_KEY'] = os.environ.get('SECRET_KEY', 'abc123') app.config['SECURITY_TOKEN_MAX_AGE'] = 60 app.config['SECURITY_TOKEN_AUTHENTICATION_HEADER'] = 'Auth-Token' app.config['SECURITY_PASSWORD_HASH'] = 'bcrypt' app.config['SECURITY_PASSWORD_SALT'] = os.environ.get('SALT', 'salt123') app.config['SECURITY_REGISTERABLE'] = True app.config['SECURITY_CONFIRMABLE'] = False app.config['SECURITY_SEND_REGISTER_EMAIL'] = False # This thing is a supreme PIA with API, and because we're using token based # authentication. app.config['WTF_CSRF_ENABLED'] = False # Initialize Flask-CORS CORS(app, supports_credentials=True) # CORS(app, supports_credentials=True, resources={r"/*": {"origins": "*"}}) # Initialize Flask-Bootstrap Bootstrap(app) # Initialize Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) Security(app, user_datastore) app.config['GOOGLE_CLIENT_ID'] = os.environ.get('GOOGLE_CLIENT_ID', 'abc123') app.config['GOOGLE_CLIENT_SECRET'] = os.environ.get( 'GOOGLE_CLIENT_SECRET', 'password') app.config[ 'GOOGLE_REFRESH_TOKEN_URL'] = 'https://www.googleapis.com/oauth2/v4/token' app.config['GOOGLE_CLIENT_KWARGS'] = dict(scope=' '.join([ 'openid', 'https://www.googleapis.com/auth/userinfo.profile', 'https://www.googleapis.com/auth/calendar.readonly', ])) # Initialize Authlib. oauth = OAuth() oauth.init_app(app, fetch_token=authlib_fetch_token, update_token=authlib_update_token) google_blueprint = create_flask_blueprint(Google, oauth, authlib_handle_authorize) app.register_blueprint(google_blueprint, url_prefix='/google') # Save the oauth object in the app so handlers can use it to build clients. app.oauth = oauth # Initialize Flask-SQLAlchemy db.app = app db.init_app(app) # NOTE: You don't want to use this if you're using alembic, since alembic # is now in charge of creating/upgrading/downgrading your database. If you # choose to not use alembic, you can add this line here. # db.create_all() # Initialize Flask-Restless manager = APIManager( app, flask_sqlalchemy_db=db, preprocessors=dict(GET_MANY=[restless_api_auth_func]), ) # manager.create_api(TableName methods=['GET', 'POST', 'OPTIONS']) return app
res.status_code = 200 return res # Associate flask app with flask_restplus configurations via blueprint flask_app.register_blueprint(rest_plus_blueprint) # Configure and associate monitoring dashboard # dashboard.config.init_from(envvar=ENV.DASHBOARD_CONFIG) # dashboard.bind(flask_app) # Required for custom error handler; see: https://stackoverflow.com/a/36575875/9730910 flask_app.config['TRAP_HTTP_EXCEPTIONS'] = True flask_app.register_error_handler(Exception, default_error_handler) # This is required to serve swagger through https; # Source: https://github.com/noirbizarre/flask-restplus/issues/54#issuecomment-143436291 flask_app.wsgi_app = ProxyFix(flask_app.wsgi_app) # type: ignore # Required to trim whitespaces in templates flask_app.jinja_env.trim_blocks = True flask_app.jinja_env.lstrip_blocks = True # Opens swagger routes by default: flask_app.config.SWAGGER_UI_DOC_EXPANSION = 'list' # type: ignore # Start app if __name__ == "__main__": flask_app.run(port=PORT) logger.info("<><><> STARTING APP <><><>")
def app_factory(): monkey_patch_json_encoder() app = Flask(__name__) app.config['SQLALCHEMY_DATABASE_URI'] = config.get('SQLALCHEMY_DATABASE_URI') app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True app.secret_key = config.get('FLASK_SESSION_SECRET_KEY') db.init_app(app) Marshmallow(app) app.wsgi_app = ProxyFix(app.wsgi_app) app.url_map.strict_slashes = False blueprint = Blueprint('v1', __name__, url_prefix='/api/v1') api.init_app(blueprint) api.add_namespace(auth_namespace, '/authentication') api.add_namespace(users_namespace, '/users') app.register_blueprint(blueprint) app.session_interface = AppSessionInterface() login_manager = LoginManager() login_manager.init_app(app) seed_data_enabled = config.get('SEED_DATA_ENABLED') if seed_data_enabled: with app.app_context(): seed_data = SeedDataService() seed_data.seed() @login_manager.user_loader def load_user(user_id): return User.query.get(user_id) @login_manager.request_loader def load_user_from_request(request): header = request.headers.get('Authorization') if header is None: # review how to whitelist end points that we know won't ever require authn/authz # total hack, clean up with werkzeug or flask trimming, or our own method... this is super messy. whitelist = ['/api/v1', '/api/v1?', '/api/v1/?', '/api/v1/swagger.json'] if request.full_path in whitelist: return raise Unauthorized() header_value = header.split() auth_type = header_value[0].lower() if auth_type == 'bearer': authenticated_bearer_token(header_value[1]) elif auth_type == 'basic': creds = request.authorization if creds is not None: authenticate_basic(creds.username, creds.password) if current_user is None: raise Unauthorized() g.authenticated_from_header = True @app.after_request def after_request(response): if 'cache-control' not in response.headers: response.headers['cache-control'] = 'no-cache' return response @api.errorhandler def default_error_handler(e): """ Provide a default error handler for RestPlus to leverage. """ logger.exception(e) debug = config.get('FLASK_DEBUG') if not debug: message = 'An unhandled exception occurred.' return {'message': message}, 500 @app.errorhandler(400) def bad_request_error(e): return jsonify(error=400, text=str(e)), 400 @app.errorhandler(404) def page_not_found(e): return jsonify(error=404, text=str(e)), 404 @app.errorhandler(500) def server_error(e): logger.error(e) return jsonify(error=500, text=str(e)), 500 @app.errorhandler(RequestException) def request_exception(e): logger.error(e) return jsonify(error=500, text=str(e)), 500 return app
def create_app(name=__name__, init_mode=False, destroy_mode=False, worker_mode=False, testing_mode=False, skip_endpoint_mapping=False, **kwargs): """ Create the server istance for Flask application """ if PRODUCTION and testing_mode: log.exit("Unable to execute tests in production") ############################# # Initialize reading of all files mem.customizer = Customizer(testing_mode, PRODUCTION, init_mode) # FIXME: try to remove mem. from everywhere... ############################# # Add template dir for output in HTML from utilities import helpers tp = helpers.script_abspath(__file__, 'templates') kwargs['template_folder'] = tp ################################################# # Flask app instance ################################################# microservice = Flask(name, **kwargs) ############################## # Add commands to 'flask' binary if init_mode: microservice.config['INIT_MODE'] = init_mode skip_endpoint_mapping = True elif destroy_mode: microservice.config['DESTROY_MODE'] = destroy_mode skip_endpoint_mapping = True elif testing_mode: microservice.config['TESTING'] = testing_mode init_mode = True # microservice.config['INIT_MODE'] = init_mode elif worker_mode: skip_endpoint_mapping = True ############################## # Fix proxy wsgi for production calls microservice.wsgi_app = ProxyFix(microservice.wsgi_app) ############################## # Cors from restapi.protocols.cors import cors cors.init_app(microservice) log.verbose("FLASKING! Injected CORS") ############################## # Enabling our internal Flask customized response microservice.response_class = InternalResponse ############################## # Flask configuration from config file microservice.config.from_object(config) log.debug("Flask app configured") # log.pp(microservice.__dict__) ############################## if PRODUCTION: log.info("Production server mode is ON") # FIXME: random secrety key in production # # Check and use a random file a secret key. # install_secret_key(microservice) # # To enable exceptions printing inside uWSGI # # http://stackoverflow.com/a/17839750/2114395 # from werkzeug.debug import DebuggedApplication # app.wsgi_app = DebuggedApplication(app.wsgi_app, True) ############################## # Find services and try to connect to the ones available extensions = detector.init_services(app=microservice, worker_mode=worker_mode, project_init=init_mode, project_clean=destroy_mode) if worker_mode: microservice.extensions = extensions ############################## # Restful plugin if not skip_endpoint_mapping: # Triggering automatic mapping of REST endpoints current_endpoints = create_endpoints(farmer.EndpointsFarmer(Api)) # Restful init of the app current_endpoints.rest_api.init_app(microservice) ############################## # Injection! # Enabling "configuration modules" for services to be injected # IMPORTANT: Injector must be initialized AFTER mapping endpoints modules = detector.load_injector_modules() # AVOID warnings from Flask Injector warnings.filterwarnings("ignore") FlaskInjector(app=microservice, modules=modules) # otherwise... # Catch warnings from Flask Injector # try: # FlaskInjector(app=microservice, modules=modules) # except RuntimeWarning: # pass ############################## # Clean app routes ignore_verbs = {"HEAD", "OPTIONS"} for rule in microservice.url_map.iter_rules(): rulename = str(rule) # Skip rules that are only exposing schemas if '/schemas/' in rulename: continue endpoint = microservice.view_functions[rule.endpoint] if not hasattr(endpoint, 'view_class'): continue newmethods = ignore_verbs.copy() for verb in rule.methods - ignore_verbs: method = verb.lower() if method in mem.customizer._original_paths[rulename]: # remove from flask mapping # to allow 405 response newmethods.add(verb) else: log.verbose("Removed method %s.%s from mapping" % (rulename, verb)) rule.methods = newmethods # FIXME: SOLVE CELERY INJECTION # # Set global objects for celery workers # if worker_mode: # mem.services = internal_services ############################## # Logging responses @microservice.after_request def log_response(response): ############################### # NOTE: if it is an upload, # I must NOT consume request.data or request.json, # otherwise the content gets lost do_not_log_types = [ 'application/octet-stream', 'multipart/form-data', ] if request.mimetype in do_not_log_types: data = 'STREAM_UPLOAD' else: try: data = handle_log_output(request.data) # Limit the parameters string size, sometimes it's too big for k in data: try: if not isinstance(data[k], str): continue if len(data[k]) > MAX_CHAR_LEN: data[k] = data[k][:MAX_CHAR_LEN] + "..." except IndexError: pass except Exception as e: data = 'OTHER_UPLOAD' log.info("%s %s %s %s", request.method, request.url, data, response) return response ############################## # and the flask App is ready now: log.info("Boot completed") # return our flask app return microservice
from dotenv import load_dotenv import os from werkzeug.contrib.fixers import ProxyFix #反向代理 dotenv_path = os.path.join(os.path.dirname(__file__), '.env') if os.path.exists(dotenv_path): load_dotenv(dotenv_path) #手动导入环境变量 from bluelog import create_app app = create_app('production') app.wsgi_app = ProxyFix(app.wsgi_app) #方向代理设置
log = Logger('file_server.log').get_logger() UPLOAD_FOLDER = 'uploaded_files' ALLOWED_EXTENSIONS = {'db'} application = Flask(__name__) # application.debug = False application.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER application.config['SECRET_KEY'] = "4&^^%%$%BJHGFGHHVVBN%$$#^" # 文件大小限制 application.config['MAX_CONTENT_LENGTH'] = 16 * 1024 * 1024 application.wsgi_app = ProxyFix(application.wsgi_app) def setup_error_handler(app): @app.errorhandler(400) @app.errorhandler(ValueError) def http_bad_request(e): log.warn('{addr} request: {method}, ' 'url: {url}'.format(addr=get_remote_addr(), method=request.method, url=request.url)) log.warn("{}".format(request.headers)) log.exception(e) return fail(HTTP_BAD_REQUEST) @app.errorhandler(403)
def main(): # pragma: no cover """The main function for :program:`geofront-server` CLI program.""" parser = main_parser() args = parser.parse_args() try: app.config.from_pyfile(os.path.abspath(args.config), silent=False) except FileNotFoundError: parser.error('unable to load configuration file: ' + args.config) logger = logging.getLogger('geofront') handler = logging.StreamHandler() level = logging.DEBUG if args.debug else logging.INFO handler.setLevel(level) logger.addHandler(handler) logger.setLevel(level) master_key_store = get_master_key_store() remote_set = get_remote_set() servers = frozenset(remote_set.values()) master_key_bits = app.config['MASTER_KEY_BITS'] if not isinstance(master_key_bits, int): parser.error('MASTER_KEYS_BITS configuration must be an integer, ' 'not ' + repr(master_key_bits)) elif master_key_bits < 1024: parser.error('MASTER_KEY_BITS has to be 1024 at least.') elif master_key_bits % 256: parser.error('MASTER_KEY_BITS has to be a multiple of 256.') try: regenerate( master_key_store, remote_set, master_key_bits, create_if_empty=args.create_master_key or args.renew_master_key, renew_unless_empty=(args.renew_master_key and not os.environ.get('WERKZEUG_RUN_MAIN'))) except RegenError as e: parser.error(str(e)) master_key_renewal_interval = app.config['MASTER_KEY_RENEWAL'] if not (master_key_renewal_interval is None or isinstance(master_key_renewal_interval, datetime.timedelta)): raise RuntimeError( 'MASTER_KEY_RENEWAL configuration must be an instance of ' 'datetime.timedelta, not {!r}'.format(master_key_renewal_interval)) if master_key_renewal_interval is not None: master_key_renewal = PeriodicalRenewal(servers, master_key_store, master_key_renewal_interval, master_key_bits) waitress_options = {} if args.trusted_proxy: if hasattr(Adjustments, 'trusted_proxy'): # > 0.8.8 # https://github.com/Pylons/waitress/pull/42 waitress_options['trusted_proxy'] = True else: # <= 0.8.8 app.wsgi_app = ProxyFix(app.wsgi_app) if args.force_https: app.config.update(PREFERRED_URL_SCHEME='https', ENABLE_HSTS=True) try: if args.debug: app.run(args.host, args.port, debug=True) else: serve(app, host=args.host, port=args.port, asyncore_use_poll=True, **waitress_options) finally: if master_key_renewal_interval is not None: master_key_renewal.terminate()
from gevent import monkey monkey.patch_all() from flask import Flask from flask_restful import Api from werkzeug.contrib.fixers import ProxyFix from ocdsapi.storage import ReleaseStorage from ocdsapi.utils import build_meta from pkg_resources import iter_entry_points APP = Flask('ocdsapi') APP.wsgi_app = ProxyFix(APP.wsgi_app) # Fixed proto on nginx proxy API = Api(APP) def make_paste_application(global_config, **options): APP.config['DEBUG'] = options.get('debug', False) APP.db = ReleaseStorage( options.get('couchdb_url'), options.get('couchdb_dbname'), ) APP.paginate_by = options.get('paginate_by', 20) APP.config['metainfo'] = build_meta(options) for plugin in iter_entry_points('ocdsapi.resources'): includeme = plugin.load() includeme(options) return APP
'intcomma': humanize.intcomma, 'intword': humanize.intword, 'naturalday': humanize.naturalday, 'naturaldate': humanize.naturaldate, 'naturaltime': humanize.naturaltime, 'naturalsize': humanize.naturalsize, 'datetime': format_datetime, 'isodatetime': format_isodatetime, 'format_currency': format_currency, 'uuid': format_uuid, }) app.static_folder = 'static' if app.config['PROXY_FIX']: from werkzeug.contrib.fixers import ProxyFix app.wsgi_app = ProxyFix(app.wsgi_app, num_proxies=app.config['PROXY_FIX_NUM_PROXIES']) redis_conn = redis.from_url(app.config['REDIS_URL']) cache = RedisCache(host=redis_conn) csrf = CSRFProtect(app) db = SQLAlchemy(app) migrate = Migrate(app, db) from wuvt.auth import AuthManager auth_manager = AuthManager() auth_manager.db = db auth_manager.init_app(app) if len(app.config['SENTRY_DSN']) > 0: sentry_sdk.init(app.config['SENTRY_DSN'],
def create_app(config_class=Config): app = Flask(__name__) app.config.from_object(config_class) db.init_app(app) migrate.init_app(app, db) login.init_app(app) mail.init_app(app) bootstrap.init_app(app) moment.init_app(app) from app.errors import bp as errors_bp app.register_blueprint(errors_bp) from app.contract import bp as contract_bp app.register_blueprint(contract_bp) from app.tender import bp as tender_bp app.register_blueprint(tender_bp) from app.auth import bp as auth_bp app.register_blueprint(auth_bp, url_prefix='/auth') from app.main import bp as main_bp app.register_blueprint(main_bp) from app.clients import bp as clients_bp app.register_blueprint(clients_bp) configure_uploads(app, images) app.add_url_rule('/uploads/<filename>', 'uploaded_file', build_only=True) app.wsgi_app = SharedDataMiddleware(app.wsgi_app, { '/uploads': app.config['UPLOAD_FOLDER'] }) app.wsgi_app = ProxyFix(app.wsgi_app) app.config['MAX_CONTENT_LENGTH'] = 2 * 1024 * 1024 if not app.debug and not app.testing: if app.config['MAIL_SERVER']: auth = None if app.config['MAIL_USERNAME'] or app.config['MAIL_PASSWORD']: auth = (app.config['MAIL_USERNAME'], app.config['MAIL_PASSWORD']) secure = None if app.config['MAIL_USE_TLS']: secure = () mail_handler = SMTPHandler( mailhost=(app.config['MAIL_SERVER'], app.config['MAIL_PORT']), fromaddr='no-reply@' + app.config['MAIL_SERVER'], toaddrs=app.config['ADMINS'], subject='Microblog Failure', credentials=auth, secure=secure) mail_handler.setLevel(logging.ERROR) app.logger.addHandler(mail_handler) if not os.path.exists('logs'): os.mkdir('logs') file_handler = RotatingFileHandler('logs/microblog.log', maxBytes=10240, backupCount=10) file_handler.setFormatter(logging.Formatter( '%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]')) file_handler.setLevel(logging.INFO) app.logger.addHandler(file_handler) app.logger.setLevel(logging.INFO) app.logger.info('Microblog startup') return app
def create_app(test_config=None): print("{}".format('-' * 60)) import_name = __name__.split('.')[0] # step 1: Create Flask application object app = ApiFlask(import_name, instance_relative_config=True) print(f" > Flask App (with import name <{app.import_name}>) was created") # If this is set to ``True`` the first newline after a block is removed (block, not variable tag!). Defaults to `False`. app.jinja_env.trim_blocks = True # If this is set to ``True`` leading spaces and tabs are stripped from the start of a line to a block. Defaults to `False`. app.jinja_env.lstrip_blocks = True # The string marking the beginning of a print statement. app.jinja_env.variable_start_string = '{{' # The string marking the end of a print statement. app.jinja_env.variable_end_string = '}}' # app.register_api_error_handler() app.wsgi_app = ProxyFix(app.wsgi_app) # step 2: Builtin/Extensions/MyOwn Flask Configuration app.config.from_object(cfg.get('base')) # step 3: Overwrite Flask Configuration with cfg file in instance folder when not testing if test_config is None: print(' > No testing configuration found') app.config.from_pyfile('config.cfg', silent=True) else: # load the test config if passed in print(' > Applying testing configuration') app.config.from_mapping(test_config) # Ensure the instance folder exists try: os.makedirs(app.instance_path) except OSError: print(f' > Instance Folder Found : {app.instance_path}') pass """Binds the application only. > For as long as the application is bound to the current context the :data:`flask.current_app` points to that application. > An application context is automatically created when a request context is pushed if necessary """ with app.app_context(): # step 4: # Initialize extensions to current app object, this should be done after the flask object configuration from .extension import init_app_extensions init_app_extensions(app) # step 5: Register Blueprints register_blueprints(app, 'bp', include_packages=True, recursive=False) # step 6: # Init the DataBase from app.database.sqlalchemy_database import db_session # LazyLoad URL rules loader = LazyLoader(app) loader.url('favicon', ['/favicon.ico'], endpoint='favicon') loader.url('find_vendor_folder', ['/static/vendor/<path:filename>'], endpoint='vendor') # Close the session after each request or application context shutdown @app.teardown_appcontext def shutdown_session(exception=None): db_session.remove() print("{}".format('-' * 60)) return app # Return application object/instance
import os from flask import Flask from flask_migrate import Migrate from werkzeug.contrib.fixers import ProxyFix from myca import config, models from myca.admin import admin app = Flask(__name__, template_folder='admin/templates') app.secret_key = config.secret_key app.config['SQLALCHEMY_DATABASE_URI'] = config.database_uri app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False if config.reverse_proxy_count: app.wsgi_app = ProxyFix(app.wsgi_app, num_proxies=config.reverse_proxy_count) models.db.app = app models.db.init_app(app) migrate = Migrate(app, models.db, directory=os.path.join(config.app_root, 'myca', 'migrations')) admin.init_app(app)
from flask import Flask from flask_restplus import Api from flask_sqlalchemy import SQLAlchemy from app.utils import setting from werkzeug.contrib.fixers import ProxyFix flask_app = Flask(__name__) flask_app.wsgi_app = ProxyFix(flask_app.wsgi_app) flask_app.config.from_object(setting) api = Api(app=flask_app, version="1.0", title="Modovision Apis", description="Manage names of various apps api of the application") # Register namespace ns_WhatTheMask = api.namespace('WhatTheMask', description='WhatTheMask android app APIs') ns_RabbitMQ = api.namespace('RabbitMQ', description='WhatTheMask android app APIs') ns_APIAuth = api.namespace('auth', description='Auth') # Db connector db = SQLAlchemy(flask_app) from app.Controllers import WhatTheMaskController, APIAuthController, RabbitMQController from app.Expects import WhatTheMaskExpect from app.Models import WhatTheMaskModel, APIAuthModel, RabbitMQModel from app.Services import WhatTheMaskService, APIAuthService, RabbitMQService
def create_app(config=None, session=None, testing=False, app_name="Airflow"): global app, appbuilder app = Flask(__name__) app.wsgi_app = ProxyFix(app.wsgi_app) app.secret_key = conf.get('webserver', 'SECRET_KEY') airflow_home_path = conf.get('core', 'AIRFLOW_HOME') webserver_config_path = airflow_home_path + '/webserver_config.py' app.config.from_pyfile(webserver_config_path, silent=True) app.config['APP_NAME'] = app_name app.config['TESTING'] = testing csrf.init_app(app) db = SQLA(app) from airflow import api api.load_auth() api.api_auth.init_app(app) cache = Cache(app=app, config={'CACHE_TYPE': 'filesystem', 'CACHE_DIR': '/tmp'}) # noqa from airflow.www_rbac.blueprints import routes app.register_blueprint(routes) configure_logging() configure_manifest_files(app) with app.app_context(): from airflow.www_rbac.security import AirflowSecurityManager security_manager_class = app.config.get('SECURITY_MANAGER_CLASS') or \ AirflowSecurityManager if not issubclass(security_manager_class, AirflowSecurityManager): raise Exception( """Your CUSTOM_SECURITY_MANAGER must now extend AirflowSecurityManager, not FAB's security manager.""") appbuilder = AppBuilder( app, db.session if not session else session, security_manager_class=security_manager_class, base_template='appbuilder/baselayout.html') def init_views(appbuilder): from airflow.www_rbac import views appbuilder.add_view_no_menu(views.Airflow()) appbuilder.add_view_no_menu(views.DagModelView()) appbuilder.add_view_no_menu(views.ConfigurationView()) appbuilder.add_view_no_menu(views.VersionView()) appbuilder.add_view(views.DagRunModelView, "DAG Runs", category="Browse", category_icon="fa-globe") appbuilder.add_view(views.JobModelView, "Jobs", category="Browse") appbuilder.add_view(views.LogModelView, "Logs", category="Browse") appbuilder.add_view(views.SlaMissModelView, "SLA Misses", category="Browse") appbuilder.add_view(views.TaskInstanceModelView, "Task Instances", category="Browse") appbuilder.add_link("Configurations", href='/configuration', category="Admin", category_icon="fa-user") appbuilder.add_view(views.ConnectionModelView, "Connections", category="Admin") appbuilder.add_view(views.PoolModelView, "Pools", category="Admin") appbuilder.add_view(views.VariableModelView, "Variables", category="Admin") appbuilder.add_view(views.XComModelView, "XComs", category="Admin") appbuilder.add_link("Documentation", href='https://airflow.apache.org/', category="Docs", category_icon="fa-cube") appbuilder.add_link("Github", href='https://github.com/apache/incubator-airflow', category="Docs") appbuilder.add_link('Version', href='/version', category='About', category_icon='fa-th') # Garbage collect old permissions/views after they have been modified. # Otherwise, when the name of a view or menu is changed, the framework # will add the new Views and Menus names to the backend, but will not # delete the old ones. init_views(appbuilder) security_manager = appbuilder.sm security_manager.sync_roles() from airflow.www_rbac.api.experimental import endpoints as e # required for testing purposes otherwise the module retains # a link to the default_auth if app.config['TESTING']: if six.PY2: reload(e) # noqa else: import importlib importlib.reload(e) app.register_blueprint(e.api_experimental, url_prefix='/api/experimental') @app.context_processor def jinja_globals(): return { 'hostname': socket.getfqdn(), 'navbar_color': conf.get('webserver', 'NAVBAR_COLOR'), } @app.teardown_appcontext def shutdown_session(exception=None): settings.Session.remove() return app, appbuilder
def create_app(_read_config=True, **config): app = flask.Flask( __name__, static_folder=None, template_folder=os.path.join(PROJECT_ROOT, 'templates')) # Utilized for sessions and other secrets # NOTE: This key is insecure and you should override it on the server app.config['SECRET_KEY'] = 't\xad\xe7\xff%\xd2.\xfe\x03\x02=\xec\xaf\\2+\xb8=\xf7\x8a\x9aLD\xb1' if 'SECRET_KEY' in os.environ: app.config['SECRET_KEY'] = os.environ['SECRET_KEY'] # The api key to authorize end users against this system. # NOTE: This key is insecure and you should override it on the server app.config['API_KEY'] = '3e84744ab2714151b1db789df82b41c0021958fe4d77406e9c0947c34f5c5a70' if 'API_KEY' in os.environ: app.config['API_KEY'] = os.environ['API_KEY'] # The private key to use when cloning repositories # TODO(dcramer): this should support an on-disk option, as well as be # possible to override per repo app.config['SSH_PRIVATE_KEY'] = os.environ.get('SSH_PRIVATE_KEY', '').replace("\\n", "\n") app.config['FREIGHT_URL'] = os.environ.get('FREIGHT_URL', '').rstrip('/') if 'REDISCLOUD_URL' in os.environ: app.config['REDIS_URL'] = os.environ['REDISCLOUD_URL'] elif 'REDIS_URL' in os.environ: app.config['REDIS_URL'] = os.environ['REDIS_URL'] app.config['WORKSPACE_ROOT'] = os.environ.get('WORKSPACE_ROOT', '/tmp') app.config['DEFAULT_TIMEOUT'] = int(os.environ.get('DEFAULT_TIMEOUT', 3600)) app.config['DEFAULT_READ_TIMEOUT'] = int(os.environ.get('DEFAULT_READ_TIMEOUT', 600)) app.config['LOG_LEVEL'] = os.environ.get('LOG_LEVEL', 'INFO' if config.get('DEBUG') else 'ERROR') app.config['DEV'] = config.get('DEV', False) # Currently authentication requires Google app.config['GOOGLE_CLIENT_ID'] = os.environ.get('GOOGLE_CLIENT_ID') app.config['GOOGLE_CLIENT_SECRET'] = os.environ.get('GOOGLE_CLIENT_SECRET') app.config['GOOGLE_DOMAIN'] = os.environ.get('GOOGLE_DOMAIN') # Generate a GitHub token via Curl: # curlish https://api.github.com/authorizations \ # -u your-username \ # -X POST \ # -J scopes='repo' \ # -J note='freight' app.config['GITHUB_TOKEN'] = os.environ.get('GITHUB_TOKEN') app.config['GITHUB_API_ROOT'] = 'https://api.github.com' app.config['SQLALCHEMY_COMMIT_ON_TEARDOWN'] = True app.config['SQLALCHEMY_POOL_SIZE'] = 5 app.config['SQLALCHEMY_MAX_OVERFLOW'] = 0 if 'SQLALCHEMY_DATABASE_URI' in os.environ: app.config['SQLALCHEMY_DATABASE_URI'] = os.environ['SQLALCHEMY_DATABASE_URI'] app.config['QUEUES'] = [ 'freight.default', 'freight.tasks', 'freight.queue', 'freight.notifications', ] app.config['QUEUE_DEFAULT'] = 'freight.default' app.config['QUEUE_ROUTES'] = { 'freight.jobs.execute_task': 'freight.tasks', 'freight.jobs.check_queue': 'freight.queue', 'freight.jobs.send_pending_notifications': 'freight.notifications', } app.config['QUEUE_SCHEDULE'] = { 'freight.jobs.check_queue': { 'seconds': 1, }, 'freight.jobs.send_pending_notifications': { 'seconds': 1, }, } app.config['SENTRY_INCLUDE_PATHS'] = [ 'freight', ] # We don't support non-proxied installs app.wsgi_app = ProxyFix(app.wsgi_app) # Pull in Heroku configuration heroku.init_app(app) # Pull in environment variables from docker docker_init_app(app) if 'DYNO' in os.environ: # XXX: the released version of flask-sslify does not support init_app SSLify(app) # Set any remaining defaults that might not be present yet if not app.config.get('SQLALCHEMY_DATABASE_URI'): app.config['SQLALCHEMY_DATABASE_URI'] = 'postgresql:///freight' app.config.setdefault('REDIS_URL', 'redis://localhost:6379') app.config.setdefault('REDIS_DB', 0) app.config.update(config) if _read_config: if os.environ.get('FREIGHT_CONF'): # FREIGHT_CONF=/etc/freight.conf.py app.config.from_envvar('FREIGHT_CONF') else: # Look for ~/.freight/freight.conf.py path = os.path.normpath(os.path.expanduser('~/.freight/freight.conf.py')) app.config.from_pyfile(path, silent=True) configure_logging(app) configure_sentry(app) configure_api(app) configure_redis(app) configure_queue(app) configure_sqlalchemy(app) configure_web_routes(app) configure_webpack(app) return app
lunaport_server.wgi ~~~~~~~~~~~~~~~~~~~ Describes WSGI application. """ import os from flask import Flask from werkzeug.contrib.fixers import ProxyFix from flask.ext.sqlalchemy import SQLAlchemy from raven.contrib.flask import Sentry app = Flask(__name__) app.config.from_envvar('LUNAPORT_CFG') app.wsgi_app = ProxyFix(app.wsgi_app) # Fix for old proxyes db = SQLAlchemy(app) if os.environ.get('LUNAPORT_ENV') == 'production': sentry = Sentry(app, dsn=app.config.get('SENTRY_DSN')) sentry.init_app(app) from plugg_views import User, Issue, Test, Host, Stat, Chart, Eval, Case, \ Artefact, Job, Assert, Proj, Notification, Token, Ammo, Dc, Line, \ HealthStatus, Hook, HookRegistration from helpers import auth_required user_ident = auth_required(User.UserIdent.as_view('user_ident')) user_view = auth_required(User.User.as_view('user')) test_view = auth_required(Test.Test.as_view('test')) case_view = auth_required(Case.Case.as_view('case'))
def init_app(app, **kwargs): """Initialize the Flask app located in the module sipa. This initializes the Flask app by: * calling the internal init_app() procedures of each module * registering the Blueprints * registering the Jinja global variables :return: None """ load_config_file(app, config=kwargs.pop('config', None)) app.wsgi_app = ProxyFix(app.wsgi_app, app.config['NUM_PROXIES']) init_logging(app) init_env_and_config(app) logger.debug('Initializing app') login_manager.init_app(app) babel = Babel() babel.init_app(app) babel.localeselector(select_locale) app.before_request(save_user_locale_setting) app.session_interface = SeparateLocaleCookieSessionInterface() cf_pages = CategorizedFlatPages() cf_pages.init_app(app) backends = Backends() backends.init_app(app) QRcode(app) app.url_map.converters['int'] = IntegerConverter from sipa.blueprints import bp_features, bp_usersuite, \ bp_pages, bp_documents, bp_news, bp_generic, bp_hooks logger.debug('Registering blueprints') app.register_blueprint(bp_generic) app.register_blueprint(bp_features) app.register_blueprint(bp_usersuite) app.register_blueprint(bp_pages) app.register_blueprint(bp_documents) app.register_blueprint(bp_news) app.register_blueprint(bp_hooks) from sipa.model import query_gauge_data logger.debug('Registering Jinja globals') form_label_width = 3 form_input_width = 7 app.jinja_env.globals.update( cf_pages=cf_pages, gauge_data=query_gauge_data, get_locale=get_locale, get_weekday=get_weekday, possible_locales=possible_locales, get_attribute_endpoint=get_attribute_endpoint, traffic_chart=provide_render_function(generate_traffic_chart), credit_chart=provide_render_function(generate_credit_chart), current_datasource=backends.current_datasource, form_label_width_class="col-sm-{}".format(form_label_width), form_input_width_class="col-sm-{}".format(form_input_width), form_input_offset_class="col-sm-offset-{}".format(form_label_width), url_self=url_self, ) logger.debug("Jinja globals have been set", extra={'data': {'jinja_globals': app.jinja_env.globals}}) backends.init_backends()
def create_app(config='CTFd.config.Config'): app = CTFdFlask(__name__) with app.app_context(): app.config.from_object(config) theme_loader = ThemeLoader(os.path.join(app.root_path, 'themes'), followlinks=True) app.jinja_loader = theme_loader from CTFd.models import db, Teams, Solves, Challenges, Fails, Flags, Tags, Files, Tracking url = create_database() # This allows any changes to the SQLALCHEMY_DATABASE_URI to get pushed back in # This is mostly so we can force MySQL's charset app.config['SQLALCHEMY_DATABASE_URI'] = str(url) # Register database db.init_app(app) # Register Flask-Migrate migrations.init_app(app, db) # Alembic sqlite support is lacking so we should just create_all anyway if url.drivername.startswith('sqlite'): db.create_all() stamp() else: # This creates tables instead of db.create_all() # Allows migrations to happen properly upgrade() from CTFd.models import ma ma.init_app(app) app.db = db app.VERSION = __version__ from CTFd.cache import cache cache.init_app(app) app.cache = cache # If you have multiple workers you must have a shared cache socketio.init_app(app, async_mode=app.config.get('SOCKETIO_ASYNC_MODE'), message_queue=app.config.get('CACHE_REDIS_URL')) if app.config.get('REVERSE_PROXY'): app.wsgi_app = ProxyFix(app.wsgi_app) version = utils.get_config('ctf_version') # Upgrading from an older version of CTFd if version and (StrictVersion(version) < StrictVersion(__version__)): if confirm_upgrade(): run_upgrade() else: exit() if not version: utils.set_config('ctf_version', __version__) if not utils.get_config('ctf_theme'): utils.set_config('ctf_theme', 'core') update_check(force=True) init_request_processors(app) init_template_filters(app) init_template_globals(app) # Importing here allows tests to use sensible names (e.g. api instead of api_bp) from CTFd.views import views from CTFd.teams import teams from CTFd.users import users from CTFd.challenges import challenges from CTFd.scoreboard import scoreboard from CTFd.auth import auth from CTFd.admin import admin from CTFd.api import api from CTFd.events import events from CTFd.errors import page_not_found, forbidden, general_error, gateway_error app.register_blueprint(views) app.register_blueprint(teams) app.register_blueprint(users) app.register_blueprint(challenges) app.register_blueprint(scoreboard) app.register_blueprint(auth) app.register_blueprint(api) app.register_blueprint(events) app.register_blueprint(admin) app.register_error_handler(404, page_not_found) app.register_error_handler(403, forbidden) app.register_error_handler(500, general_error) app.register_error_handler(502, gateway_error) init_logs(app) init_plugins(app) return app
import base64 import random import logging from datetime import datetime from werkzeug.contrib.fixers import ProxyFix DOMAIN_NAME = "http://www.yourdomain.com" IMG_DIR = "/path/to/your/image/dir" TOKEN = "YourToken" logging.basicConfig(filename="./log/run.log", filemode="a", format="%(asctime)s-%(name)s-%(levelname)s-%(message)s", level=logging.INFO) app = Flask(__name__) app.wsgi_app = ProxyFix(app.wsgi_app) @app.route('/get/<img_name>', methods=['GET']) def download(img_name): img_path = "%s/%s" % (IMG_DIR, img_name) if not os.path.isfile(img_path): return jsonify({"ret": -1, "msg": "invalid file name:%s" % (img_name)}) mdict = { 'jpeg': 'image/jpeg', 'jpg': 'image/jpeg', 'png': 'image/png', 'gif': 'image/gif' } img_type = (img_name.split('/')[-1]).split('.')[-1]
else: from config import DefaultConfig logger.debug('Loading default config.') app.config.from_object(DefaultConfig()) app.teardown_request(database.close_db_filter) # Load the override config via the provider. config_provider.update_app_config(app.config) # Update any configuration found in the override environment variable. environ_config = json.loads(os.environ.get(OVERRIDE_CONFIG_KEY, '{}')) app.config.update(environ_config) # Fix remote address handling for Flask. if app.config.get('PROXY_COUNT', 1): app.wsgi_app = ProxyFix(app.wsgi_app, num_proxies=app.config.get('PROXY_COUNT', 1)) # Ensure the V3 upgrade key is specified correctly. If not, simply fail. # TODO: Remove for V3.1. if not is_testing and not is_building and app.config.get( 'SETUP_COMPLETE', False): v3_upgrade_mode = app.config.get('V3_UPGRADE_MODE') if v3_upgrade_mode is None: raise Exception( 'Configuration flag `V3_UPGRADE_MODE` must be set. Please check the upgrade docs' ) if (v3_upgrade_mode != 'background' and v3_upgrade_mode != 'complete' and v3_upgrade_mode != 'production-transition' and v3_upgrade_mode != 'post-oci-rollout' and v3_upgrade_mode != 'post-oci-roll-back-compat'):