def main():
host = config.get('FLASK_HOST', '0.0.0.0')
port = config.get('FLASK_PORT', 5000)
debug = config.get('FLASK_DEBUG', True)
use_reloader = config.get('FLASK_USE_RELOADER', True)
app.run(host=host,
port=port,
debug=debug,
use_debugger=debug,
use_reloader=use_reloader)
def default_error_handler(e):
"""
Provide a default error handler for RestPlus to leverage.
"""
logger.exception(e)
debug = config.get('FLASK_DEBUG')
if not debug:
message = 'An unhandled exception occurred.'
return {'message': message}, 500
class Users:
""" Known users """
seed_service = User(id='73ff4c06-5054-425e-a6fe-496a489a3013',
email='*****@*****.**',
password=hash_password(config.get('passwords.seed')),
is_system_user=True)
root = User(id='11b11961-949d-4c44-bf6a-1a44487c141d',
email='*****@*****.**',
password=hash_password(config.get('passwords.root')),
is_system_user=True)
admin = User(id='a1e121cc-76d8-45a1-a476-2936c6ba3278',
email='*****@*****.**',
password=hash_password(config.get('passwords.admin')),
is_system_user=True)
minion = User(id='99ddc422-d2d4-46a7-a236-929abeda9af9',
email='*****@*****.**',
password=hash_password(config.get('passwords.minion')),
is_system_user=True)
guest = User(id='788251aa-7290-4e96-b223-7ff42e27ba79',
email='*****@*****.**',
password=hash_password(config.get('passwords.guest')))
def audit(self,
action,
description=None,
meta={},
log_message=False) -> AuditLog:
"""
Builds an AuditLog object, with the current user's username.
If an http request object is present, the current request will be logged.
"""
user = current_user or self.user
assert user
audit_log_entry = AuditLog()
audit_log_entry.user_id = user.id
audit_log_entry.user_email = user.email
audit_log_entry.action = action
audit_log_entry.description = description
audit_log_entry.meta = meta
try:
if self.has_request_context:
audit_log_entry.url = request.url
firstline = '{} {}'.format(request.method, request.url)
audit_request_bodies = config.get('AUDIT_REQUEST_BODIES')
if audit_request_bodies:
audit_log_entry.request = '{}\n{}\n{}'.format(
firstline, request.headers, request.data)
else:
audit_log_entry.request = '{}\n{}'.format(
firstline, request.headers)
if log_message:
message = "Audit Log: User: '******' {}. Meta: {}"
message = message.format(audit_log_entry.user_email,
audit_log_entry.action,
audit_log_entry.meta)
logger.info(message)
except Exception as e:
logger.error(e)
return audit_log_entry
# This line sets up loggers basically.
fileConfig(config.config_file_name)
logger = logging.getLogger('alembic.env')
# add your model's MetaData object here
# for 'autogenerate' support
# from myapp import mymodel
# target_metadata = mymodel.Base.metadata
target_metadata = Base.metadata
# other values from the config, defined by the needs of env.py,
# can be acquired:
# my_important_option = config.get_main_option("my_important_option")
# ... etc.
sqlalchemy_uri = env.get('SQLALCHEMY_DATABASE_URI')
def run_migrations_offline():
"""Run migrations in 'offline' mode.
This configures the context with just a URL
and not an Engine, though an Engine is acceptable
here as well. By skipping the Engine creation
we don't even need a DBAPI to be available.
Calls to context.execute() here emit the given string to the
script output.
"""
print('Running migrations offline. sqlalchemy.uri: {}'.format(
def app_factory():
monkey_patch_json_encoder()
app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = config.get('SQLALCHEMY_DATABASE_URI')
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
app.secret_key = config.get('FLASK_SESSION_SECRET_KEY')
db.init_app(app)
Marshmallow(app)
app.wsgi_app = ProxyFix(app.wsgi_app)
app.url_map.strict_slashes = False
blueprint = Blueprint('v1', __name__, url_prefix='/api/v1')
api.init_app(blueprint)
api.add_namespace(auth_namespace, '/authentication')
api.add_namespace(users_namespace, '/users')
app.register_blueprint(blueprint)
app.session_interface = AppSessionInterface()
login_manager = LoginManager()
login_manager.init_app(app)
seed_data_enabled = config.get('SEED_DATA_ENABLED')
if seed_data_enabled:
with app.app_context():
seed_data = SeedDataService()
seed_data.seed()
@login_manager.user_loader
def load_user(user_id):
return User.query.get(user_id)
@login_manager.request_loader
def load_user_from_request(request):
header = request.headers.get('Authorization')
if header is None:
# review how to whitelist end points that we know won't ever require authn/authz
# total hack, clean up with werkzeug or flask trimming, or our own method... this is super messy.
whitelist = ['/api/v1', '/api/v1?', '/api/v1/?', '/api/v1/swagger.json']
if request.full_path in whitelist:
return
raise Unauthorized()
header_value = header.split()
auth_type = header_value[0].lower()
if auth_type == 'bearer':
authenticated_bearer_token(header_value[1])
elif auth_type == 'basic':
creds = request.authorization
if creds is not None:
authenticate_basic(creds.username, creds.password)
if current_user is None:
raise Unauthorized()
g.authenticated_from_header = True
@app.after_request
def after_request(response):
if 'cache-control' not in response.headers:
response.headers['cache-control'] = 'no-cache'
return response
@api.errorhandler
def default_error_handler(e):
"""
Provide a default error handler for RestPlus to leverage.
"""
logger.exception(e)
debug = config.get('FLASK_DEBUG')
if not debug:
message = 'An unhandled exception occurred.'
return {'message': message}, 500
@app.errorhandler(400)
def bad_request_error(e):
return jsonify(error=400, text=str(e)), 400
@app.errorhandler(404)
def page_not_found(e):
return jsonify(error=404, text=str(e)), 404
@app.errorhandler(500)
def server_error(e):
logger.error(e)
return jsonify(error=500, text=str(e)), 500
@app.errorhandler(RequestException)
def request_exception(e):
logger.error(e)
return jsonify(error=500, text=str(e)), 500
return app