コード例 #1
from ..models import User
from flask import g, make_response, request
from flask.ext.httpauth import HTTPBasicAuth

http_auth = HTTPBasicAuth()

def unauthorized():
    response = make_response()
    response.status_code = 401
    response.headers['WWW-Authenticate'] = 'xBasic realm="{0}"'.format(
        'Authentication Required')
    return response

def verify_password(username_or_token, password):
    if password == '':
        g.current_user = User.verify_auth_token(username_or_token)
        g.token_used = True
        return g.current_user != None
    user = User.query.filter_by(name=username_or_token).first()
    if not user:
        return False
    g.current_user = user
    g.token_used = False
    return user.verify_password(password)
コード例 #2
    'is_admin': fields.Boolean,
    'is_deleted': fields.Boolean,

blueprint_fields = {
    'id': fields.String(attribute='id'),
    'maximum_lifetime': fields.Integer,
    'name': fields.String,
    'is_enabled': fields.Boolean,
    'plugin': fields.String,
    'config': fields.Raw,
    'schema': fields.Raw,
    'form': fields.Raw

auth = HTTPBasicAuth()
auth.authenticate_header = lambda: "Authentication Required"

def verify_password(userid_or_token, password):
    g.user = User.verify_auth_token(userid_or_token, app.config['SECRET_KEY'])
    if not g.user:
        g.user = User.query.filter_by(email=userid_or_token).first()
        if not g.user:
            return False
        if not g.user.check_password(password):
            return False
    return True

コード例 #3
from flask import Flask, url_for, jsonify, request, g, Blueprint, current_app
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.httpauth import HTTPBasicAuth
from utils import split_url

basedir = os.path.abspath(os.path.dirname(__file__))
db_path = os.path.join(basedir, '../data.sqlite')

app = Flask(__name__)
api = Blueprint('api', __name__)
app.config['SECRET_KEY'] = 'top-secret!'
app.config['SQLALCHEMY_DATABASE_URI'] = os.environ.get('DATABASE_URL') or \
                                        'sqlite:///' + db_path

db = SQLAlchemy(app)
auth = HTTPBasicAuth()
auth_token = HTTPBasicAuth()

class ValidationError(ValueError):

def bad_request(e):
    response = jsonify({
        'status': 400,
        'error': 'bad request',
        'message': e.args[0]
    response.status_code = 400
コード例 #4
cfg_file = open('server.cfg')
cfg = json.load(cfg_file)

admin_datastore = AdminDatastore()
client_datastore = ClientDatastore()
iterated_client_datastore = IteratedClientDatastore()

from flask import Flask, jsonify, abort, request, make_response, url_for, render_template
from flask.ext.httpauth import HTTPBasicAuth

app = Flask(__name__, static_url_path="")
# Note: We don't need to call run() since our application is embedded within
# the App Engine WSGI application server.
auth = HTTPBasicAuth()
dashauth = HTTPBasicAuth()


# # Upload a Json file that contains the complete experiment with participants and stimuli
# @app.route('/psycloud/admin/api/experiments/upload_all_data',
# 	methods=['POST'])
# @auth.login_required
# def upload_experiment_data():
コード例 #5
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = 'My Realm'
        basic_custom_auth = HTTPBasicAuth()
        basic_verify_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = 'My Realm'

        def get_basic_password(username):
            if username == 'john':
                return 'hello'
            elif username == 'susan':
                return 'bye'
                return 'other'

        def get_basic_password(username):
            if username == 'john':
                return 'johnhello'
            elif username == 'susan':
                return 'susanbye'
                return 'other'

        def basic_auth_my_realm_hash_password(username, password):
            return username + password

        def basic_auth_my_realm_error():
            return 'custom error'

        def get_basic_custom_auth_get_password(username):
            if username == 'john':
                return md5('hello').hexdigest()
            elif username == 'susan':
                return md5('bye').hexdigest()
                return 'other'

        def basic_custom_auth_hash_password(password):
            return md5(password).hexdigest()

        def basic_verify_auth_verify_password(username, password):
            if username == 'john':
                return password == 'hello'
            elif username == 'susan':
                return password == 'bye'
            return False

        def get_digest_password(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
                return 'other'

        def get_digest_password(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
                return 'other'

        def index():
            return 'index'

        def basic_auth_route():
            return 'basic_auth:' + basic_auth.username()

        def basic_auth_my_realm_route():
            return 'basic_auth_my_realm:' + basic_auth_my_realm.username()

        def basic_custom_auth_route():
            return 'basic_custom_auth:' + basic_custom_auth.username()

        def basic_verify_auth_route():
            return 'basic_verify_auth:' + basic_verify_auth.username()

        def digest_auth_route():
            return 'digest_auth:' + digest_auth.username()

        def digest_auth_my_realm_route():
            return 'digest_auth_my_realm:' + digest_auth_my_realm.username()

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.basic_verify_auth = basic_verify_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
コード例 #6
    def setUp(self):
        app = Flask(__name__)
        app.config["SECRET_KEY"] = "my secret"

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = "My Realm"
        basic_custom_auth = HTTPBasicAuth()
        basic_verify_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = "My Realm"

        def get_basic_password(username):
            if username == "john":
                return "hello"
            elif username == "susan":
                return "bye"
                return "other"

        def get_basic_password(username):
            if username == "john":
                return "johnhello"
            elif username == "susan":
                return "susanbye"
                return "other"

        def basic_auth_my_realm_hash_password(username, password):
            return username + password

        def basic_auth_my_realm_error():
            return "custom error"

        def get_basic_custom_auth_get_password(username):
            if username == "john":
                return md5("hello").hexdigest()
            elif username == "susan":
                return md5("bye").hexdigest()
                return "other"

        def basic_custom_auth_hash_password(password):
            return md5(password).hexdigest()

        def basic_verify_auth_verify_password(username, password):
            if username == "john":
                return password == "hello"
            elif username == "susan":
                return password == "bye"
            return False

        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
                return "other"

        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
                return "other"

        def index():
            return "index"

        def basic_auth_route():
            return "basic_auth:" + basic_auth.username()

        def basic_auth_my_realm_route():
            return "basic_auth_my_realm:" + basic_auth_my_realm.username()

        def basic_custom_auth_route():
            return "basic_custom_auth:" + basic_custom_auth.username()

        def basic_verify_auth_route():
            return "basic_verify_auth:" + basic_verify_auth.username()

        def digest_auth_route():
            return "digest_auth:" + digest_auth.username()

        def digest_auth_my_realm_route():
            return "digest_auth_my_realm:" + digest_auth_my_realm.username()

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.basic_verify_auth = basic_verify_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
コード例 #7
ファイル: test_httpauth.py プロジェクト: riq/Flask-HTTPAuth
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = 'My Realm'
        basic_custom_auth = HTTPBasicAuth()
        basic_verify_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = 'My Realm'

        def get_basic_password(username):
            if username == 'john':
                return 'hello'
            elif username == 'susan':
                return 'bye'
                return None

        def get_basic_password_2(username):
            if username == 'john':
                return 'johnhello'
            elif username == 'susan':
                return 'susanbye'
                return None

        def basic_auth_my_realm_hash_password(username, password):
            return username + password

        def basic_auth_my_realm_error():
            return 'custom error'

        def get_basic_custom_auth_get_password(username):
            if username == 'john':
                return md5('hello').hexdigest()
            elif username == 'susan':
                return md5('bye').hexdigest()
                return None

        def basic_custom_auth_hash_password(password):
            return md5(password).hexdigest()

        def basic_verify_auth_verify_password(username, password):
            if username == 'john':
                return password == 'hello'
            elif username == 'susan':
                return password == 'bye'
            return False

        def get_digest_password(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
                return None

        def get_digest_password_2(username):
            if username == 'susan':
                return 'hello'
            elif username == 'john':
                return 'bye'
                return None

        def index():
            return 'index'

        def basic_auth_route():
            return 'basic_auth:' + basic_auth.username()

        def basic_auth_my_realm_route():
            return 'basic_auth_my_realm:' + basic_auth_my_realm.username()

        def basic_custom_auth_route():
            return 'basic_custom_auth:' + basic_custom_auth.username()

        def basic_verify_auth_route():
            return 'basic_verify_auth:' + basic_verify_auth.username()

        def digest_auth_route():
            return 'digest_auth:' + digest_auth.username()

        def digest_auth_my_realm_route():
            return 'digest_auth_my_realm:' + digest_auth_my_realm.username()

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.basic_verify_auth = basic_verify_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
コード例 #8
from datetime import datetime
import json
from flask import render_template, redirect, url_for, abort, flash, request,\
    current_app, make_response, jsonify
from flask.ext.sqlalchemy import get_debug_queries
from flask.ext.httpauth import HTTPBasicAuth
from . import main
from .forms import TodoForm
from .. import db
from ..models import Todo
from app.exceptions import ValidationError

# will be used for restfull authentication
auth = HTTPBasicAuth()
@main.route('/', methods=['GET'])
@main.route('/todos/', methods=['GET'])
def index():
    ''' index is the home page of the Todo Application '''
    todos = Todo.query.order_by(Todo.publication_date.desc()).all()
    return render_template('index.html', todos=todos)

@main.route('/todos/<int:todo_id>', methods = ['GET' , 'POST'])
def show_or_update(todo_id):
     as the name indicates, it either shows or updates the todo item.
     :param todo_id: the identifer
    todo_item = Todo.query.get_or_404(todo_id)
    # if it is GET, so we only need to redirect to the todo page
    if request.method == 'GET':
コード例 #9
ファイル: server.py プロジェクト: bprinty/simpleflask-starter
from flask import Flask, jsonify, request, make_response
from flask.ext.httpauth import HTTPBasicAuth

# init
# ----
config = {
    'auth': False,
    'debug': True,
    'port': 9999,
    'users': {
        'user': '******'
app = Flask(__name__, static_url_path="")
auth = HTTPBasicAuth()

# disable authentication (if specified)
if not config['auth']:
    auth.login_required = lambda x: x

# authentication
# --------------
def get_password(username):
    Basic authentication. Uses `user` map in config dictionary
    to check passwords.

    :param username: Username to authenticate on.
コード例 #10
ファイル: auth.py プロジェクト: StasEvseev/adminbuy
# coding: utf-8

from flask import make_response, jsonify, g
from flask.ext import login
from flask.ext.httpauth import HTTPBasicAuth

from db import db
from model import User

__author__ = 'StasEvseev'

auth = HTTPBasicAuth()
auth_admin = HTTPBasicAuth()

login_manager = login.LoginManager()

def load_user(user_id):
    return db.session.query(User).get(user_id)

def unauthorized():
    return make_response(
        jsonify({'error': 'Unauthorized access'}), 401,
        [('WWW-Authenticate', 'error')])

def access_denied():
    return make_response(
コード例 #11
from flask.ext.httpauth import HTTPBasicAuth
from flask import g

from app.models import User
from app.rest import make_response, CODES

from datetime import datetime, timedelta

auth = HTTPBasicAuth()
login = HTTPBasicAuth()
refresh = HTTPBasicAuth()

def verify_password(email, password):
    user = User.query.filter_by(email=email).first()
    if not user or not user.verify_password(password):
        return False
    g.user = user
    return True

def verify_token(token, passw=None):
    user = User.verify_auth_token(token)
    if not user:
        return False
    g.user = user
    return True

コード例 #12
ファイル: token.py プロジェクト: bennycheung/Flask-DB-Docker
from flask import (
from flask.ext.httpauth import HTTPBasicAuth

from .models import User
from .errors import unauthorized
from .decorators import no_cache, json

token = Blueprint('token', __name__)
token_auth = HTTPBasicAuth()

def verify_password(username_or_token, password):
    g.user = User.query.filter_by(username=username_or_token).first()
    if not g.user:
        return False
    return g.user.verify_password(password)

def unauthorized_error():
    return unauthorized('Please authenticate to access this API')

コード例 #13
from flask.ext.httpauth import HTTPBasicAuth

from goalboost.model.auth_models import User
from flask.ext.login import current_user, login_user

httpBasicAuth = HTTPBasicAuth()

def verify_password(username, password):
    global current_user
    user = User.verify_auth_token(password)
    if not user:
        return False
    # The next two lines set the current user correctly for the token case, on a
    # per-request basis,  Tthe user still needs to re-authenticate with each
    # request, so the RESTful statelessness is implemented correctly.
    user.authenticated = True
    login_user(user, remember=True)
    return True
コード例 #14
import Queue
from flask import Flask
from flask.ext import restful
from flask.ext.httpauth import HTTPBasicAuth

flaskapp = Flask(__name__)
flaskapi = restful.Api(flaskapp)
flaskauth = HTTPBasicAuth()

ANSIBLE_QUEUE = Queue.Queue()
コード例 #15
ファイル: api.py プロジェクト: cryptobuks1/paytokensd
    def run(self):
        db = util.connect_to_db(flags='SQLITE_OPEN_READONLY')
        app = flask.Flask(__name__)
        auth = HTTPBasicAuth()

        def get_pw(username):
            if username == config.RPC_USER:
                return config.RPC_PASSWORD
            return None        

        #READ API

        # Generate dynamically get_{table} methods
        def generate_get_method(table):
            def get_method(**kwargs):
                return get_rows(db, table=table, **kwargs)
            return get_method

        for table in API_TABLES:
            new_method = generate_get_method(table)
            new_method.__name__ = 'get_{}'.format(table)

        def sql(query, bindings=[]):
            return db_query(db, query, tuple(bindings))


        # Generate dynamically create_{transaction} and do_{transaction} methods
        def generate_create_method(transaction):

            def split_params(**kwargs):
                transaction_args = {}
                common_args = {}
                private_key_wif = None
                for key in kwargs:
                    if key in COMMONS_ARGS:
                        common_args[key] = kwargs[key]
                    elif key == 'privkey':
                        private_key_wif = kwargs[key]
                        transaction_args[key] = kwargs[key]
                return transaction_args, common_args, private_key_wif

            def create_method(**kwargs):
                transaction_args, common_args, private_key_wif = split_params(**kwargs)
                return compose_transaction(db, name=transaction, params=transaction_args, **common_args)

            def do_method(**kwargs):
                transaction_args, common_args, private_key_wif = split_params(**kwargs)
                return do_transaction(db, name=transaction, params=transaction_args, private_key_wif=private_key_wif, **common_args)

            return create_method, do_method

        for transaction in API_TRANSACTIONS:
            create_method, do_method = generate_create_method(transaction)
            create_method.__name__ = 'create_{}'.format(transaction)
            do_method.__name__ = 'do_{}'.format(transaction)

        def sign_tx(unsigned_tx_hex, privkey=None):
            return sign_transaction(unsigned_tx_hex, private_key_wif=privkey)

        def broadcast_tx(signed_tx_hex):
            return broadcast_transaction(signed_tx_hex)

        def get_messages(block_index):
            if not isinstance(block_index, int):
                raise Exception("block_index must be an integer.")

            cursor = db.cursor()
            cursor.execute('select * from messages where block_index = ? order by message_index asc', (block_index,))
            messages = cursor.fetchall()
            return messages

        def get_messages_by_index(message_indexes):
            """Get specific messages from the feed, based on the message_index.

            @param message_index: A single index, or a list of one or more message indexes to retrieve.
            if not isinstance(message_indexes, list):
                message_indexes = [message_indexes,]
            for idx in message_indexes:  #make sure the data is clean
                if not isinstance(idx, int):
                    raise Exception("All items in message_indexes are not integers")

            cursor = db.cursor()
            cursor.execute('SELECT * FROM messages WHERE message_index IN (%s) ORDER BY message_index ASC'
                % (','.join([str(x) for x in message_indexes]),))
            messages = cursor.fetchall()
            return messages

        def get_xpt_supply():
            return util.xpt_supply(db)

        def get_asset_info(assets):
            if not isinstance(assets, list):
                raise Exception("assets must be a list of asset names, even if it just contains one entry")
            assetsInfo = []
            for asset in assets:

                # LTC and XPT.
                if asset in [config.LTC, config.XPT]:
                    if asset == config.LTC:
                        supply = litecoin.get_ltc_supply(normalize=False)
                        supply = util.xpt_supply(db)

                        'asset': asset,
                        'owner': None,
                        'divisible': True,
                        'locked': False,
                        'supply': supply,
                        'callable': False,
                        'call_date': None,
                        'call_price': None,
                        'description': '',
                        'issuer': None

                # User‐created asset.
                cursor = db.cursor()
                issuances = list(cursor.execute('''SELECT * FROM issuances WHERE (status = ? AND asset = ?) ORDER BY block_index ASC''', ('valid', asset)))
                if not issuances: break #asset not found, most likely
                else: last_issuance = issuances[-1]
                supply = 0
                locked = False
                for e in issuances:
                    if e['locked']: locked = True
                    supply += e['quantity']
                    'asset': asset,
                    'owner': last_issuance['issuer'],
                    'divisible': bool(last_issuance['divisible']),
                    'locked': locked,
                    'supply': supply,
                    'callable': bool(last_issuance['callable']),
                    'call_date': last_issuance['call_date'],
                    'call_price': last_issuance['call_price'],
                    'description': last_issuance['description'],
                    'issuer': last_issuance['issuer']})
            return assetsInfo

        def get_block_info(block_index):
            assert isinstance(block_index, int)
            cursor = db.cursor()
            cursor.execute('''SELECT * FROM blocks WHERE block_index = ?''', (block_index,))
            blocks = list(cursor)
            if len(blocks) == 1:
                block = blocks[0]
            elif len(blocks) == 0:
                raise exceptions.DatabaseError('No blocks found.')
                assert False
            return block
        def get_blocks(block_indexes):
            """fetches block info and messages for the specified block indexes"""
            if not isinstance(block_indexes, (list, tuple)):
                raise Exception("block_indexes must be a list of integers.")
            if len(block_indexes) >= 250:
                raise Exception("can only specify up to 250 indexes at a time.")

            block_indexes_str = ','.join([str(x) for x in block_indexes])
            cursor = db.cursor()
            cursor.execute('SELECT * FROM blocks WHERE block_index IN (%s) ORDER BY block_index ASC'
                % (block_indexes_str,))
            blocks = cursor.fetchall()
            cursor.execute('SELECT * FROM messages WHERE block_index IN (%s) ORDER BY block_index ASC, message_index ASC'
                % (block_indexes_str,))
            messages = collections.deque(cursor.fetchall())
            for block in blocks:
                messages_in_block = []
                block['_messages'] = []
                while len(messages) and messages[0]['block_index'] == block['block_index']:
            assert not len(messages) #should have been cleared out
            return blocks

        def get_running_info():
            latestBlockIndex = litecoin.get_block_count()

                util.database_check(db, latestBlockIndex)
            except exceptions.DatabaseError as e:
                caught_up = False
                caught_up = True

                last_block = util.last_block(db)
                last_block = {'block_index': None, 'block_hash': None, 'block_time': None}

                last_message = util.last_message(db)
                last_message = None

            return {
                'db_caught_up': caught_up,
                'litecoin_block_count': latestBlockIndex,
                'last_block': last_block,
                'last_message_index': last_message['message_index'] if last_message else -1,
                'running_testnet': config.TESTNET,
                'running_testcoin': config.TESTCOIN,
                'version_major': config.VERSION_MAJOR,
                'version_minor': config.VERSION_MINOR,
                'version_revision': config.VERSION_REVISION

        def get_element_counts():
            counts = {}
            cursor = db.cursor()
            for element in ['transactions', 'blocks', 'debits', 'credits', 'balances', 'sends', 'orders',
                'order_matches', 'ltcpays', 'issuances', 'broadcasts', 'bets', 'bet_matches', 'dividends',
                'burns', 'cancels', 'callbacks', 'order_expirations', 'bet_expirations', 'order_match_expirations',
                'bet_match_expirations', 'messages']:
                cursor.execute("SELECT COUNT(*) AS count FROM %s" % element)
                count_list = cursor.fetchall()
                assert len(count_list) == 1
                counts[element] = count_list[0]['count']
            return counts

        def get_asset_names():
            cursor = db.cursor()
            names = [row['asset'] for row in cursor.execute("SELECT DISTINCT asset FROM issuances WHERE status = 'valid' ORDER BY asset ASC")]
            return names

        def get_holder_count(asset):
            holders = util.holders(db, asset)
            addresses = []
            for holder in holders:
            return { asset: len(set(addresses)) }

        def _set_cors_headers(response):
            if config.RPC_ALLOW_CORS:
                response.headers['Access-Control-Allow-Origin'] = '*'
                response.headers['Access-Control-Allow-Methods'] = 'GET, POST, OPTIONS'
                response.headers['Access-Control-Allow-Headers'] = 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        @app.route('/', methods=["OPTIONS",])
        @app.route('/api/', methods=["OPTIONS",])
        def handle_options():
            response = flask.Response('', 204)
            return response

        @app.route('/', methods=["POST",])
        @app.route('/api/', methods=["POST",])
        def handle_post():
                request_json = flask.request.get_data().decode('utf-8')
                request_data = json.loads(request_json)
                assert 'id' in request_data and request_data['jsonrpc'] == "2.0" and request_data['method']
                # params may be omitted 
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(data="Invalid JSON-RPC 2.0 request format")
                return flask.Response(obj_error.json.encode(), 200, mimetype='application/json')
            #only arguments passed as a dict are supported
            if request_data.get('params', None) and not isinstance(request_data['params'], dict):
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(
                    data='Arguments must be passed as a JSON object (list of unnamed arguments not supported)')
                return flask.Response(obj_error.json.encode(), 200, mimetype='application/json')
            #return an error if API fails checks
            if not config.FORCE and current_api_status_code:
                return flask.Response(current_api_status_response_json, 200, mimetype='application/json')

            jsonrpc_response = jsonrpc.JSONRPCResponseManager.handle(request_json, dispatcher)
            response = flask.Response(jsonrpc_response.json.encode(), 200, mimetype='application/json')
            return response


        http_server = HTTPServer(WSGIContainer(app), xheaders=True)
            http_server.listen(config.RPC_PORT, address=config.RPC_HOST)
            self.is_ready = True
        except OSError:
            raise Exception("Cannot start the API subsystem. Is {} already running, or is something else listening on port {}?".format(config.XPT_CLIENT, config.RPC_PORT))
コード例 #16
from models import Base, User, Bagel
from flask import Flask, jsonify, request, url_for, abort, g
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import relationship, sessionmaker
from sqlalchemy import create_engine
from flask.ext.httpauth import HTTPBasicAuth
import pdb
authb = HTTPBasicAuth()

engine = create_engine('sqlite:///bagelShop.db')

Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
session = DBSession()
app = Flask(__name__)

#ADD @auth.verify_password here
def verify_password(username, password):
    print("Looking for user {0} with password {1}".format(username, password))
    user = session.query(User).filter_by(username=username).first()

    if not user or not user.verify_password(password):
        return False

    g.user = user
    return True

#ADD a /users route here
コード例 #17
ファイル: eegws-api.py プロジェクト: al1na/EEGws-api
from pymongo import MongoClient
from pylab import *
from matplotlib import pyplot as plt
from matplotlib import mlab

    'AF3', 'AF4', 'AF7', 'AF8', 'AFz', 'C1', 'C2', 'C3', 'C4', 'C5', 'C6',
    'CP1', 'CP2', 'CP3', 'CP4', 'CP5', 'CP6', 'CPz', 'Cz', 'F1', 'F2', 'F3',
    'F4', 'F5', 'F6', 'F7', 'F8', 'FC1', 'FC2', 'FC3', 'FC4', 'FC5', 'FC6',
    'FCz', 'FP1', 'FP2', 'Fpz', 'FT7', 'FT8', 'Fz', 'Iz', 'Nz', 'P1', 'P2',
    'P3', 'P4', 'P5', 'P6', 'P7', 'P8', 'PO3', 'PO4', 'PO7', 'PO8', 'POz',
    'Pz', 'O1', 'O2', 'Oz', 'T7', 'T8', 'T9', 'T10', 'TP7', 'TP8', 'TP9',

auth = HTTPBasicAuth()

client = MongoClient()
db = client.testeegdb
recordings_collection = db.recordings
users_collection = db.users

UPLOAD_FOLDER = 'uploaded_recordings'
app = Flask(__name__)
app.config['MAX_CONTENT_LENGTH'] = 20 * 1024 * 1024

rec1 = {
    'timestamp': [1428262635, 1428262636, 1428262637, 1428262638, 1428262639],
    'device': 'emotiv',
コード例 #18
ファイル: routes.py プロジェクト: RJMetrics/homerun
from homerun.app import app, db
import homerun.models as m
import flask
from flask.ext.httpauth import HTTPBasicAuth
from flask.ext.restless import APIManager
import md5

auth = HTTPBasicAuth()

def get_pw(username):
    user = db.session.query(m.User).filter_by(username=username).first()
    return user.password if user else None

def hash_password(password):
    return md5.md5(password).hexdigest()


def index():
    return app.send_static_file("index.html")

def person_created(result, **kwargs):
    default_docs = ["NDA", "Option Grant", "Offer Letter", "Computer Safety Checklist"]
コード例 #19
    def setUp(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'my secret'

        basic_auth = HTTPBasicAuth()
        basic_auth_my_realm = HTTPBasicAuth()
        basic_auth_my_realm.realm = "My Realm"
        basic_custom_auth = HTTPBasicAuth()
        digest_auth = HTTPDigestAuth()
        digest_auth_my_realm = HTTPDigestAuth()
        digest_auth_my_realm.realm = "My Realm"
        def get_basic_password(username):
            if username == "john":
                return "hello"
            elif username == "susan":
                return "bye"
                return "other"

        def get_basic_password(username):
            if username == "john":
                return "hello"
            elif username == "susan":
                return "bye"
                return "other"

        def basic_auth_my_realm_error():
            return "custom error"

        def get_basic_custom_auth_get_password(username):
            if username == "john":
                return md5("hello").hexdigest()
            elif username == "susan":
                return md5("bye").hexdigest()
                return "other"

        def custom_authenticate(password):
            return md5(password).hexdigest()

        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
                return "other"
        def get_digest_password(username):
            if username == "susan":
                return "hello"
            elif username == "john":
                return "bye"
                return "other"
        def index():
            return "index"
        def basic_auth_route():
            return "basic_auth"
        def basic_auth_my_realm_route():
            return "basic_auth_my_realm"

        def basic_custom_auth_route():
            return "basic_custom_auth"

        def digest_auth_route():
            return "digest_auth"
        def digest_auth_my_realm_route():
            return "digest_auth_my_realm"

        self.app = app
        self.basic_auth = basic_auth
        self.basic_auth_my_realm = basic_auth_my_realm
        self.basic_custom_auth = basic_custom_auth
        self.digest_auth = digest_auth
        self.client = app.test_client()
コード例 #20
Use the following decorators to apply authentication to any route:

- `@password_auth.login_required` for password auth (only use to GET a token).
- `@token_auth.login_required` for token (for all other authenticated routes).

Copyright 2016 AURA/LSST.
Copyright 2014 Miguel Grinberg.

from functools import wraps
from flask import jsonify, g, current_app
from flask.ext.httpauth import HTTPBasicAuth
from .models import User

# User+Password-based auth (only allowed for getting a token)
password_auth = HTTPBasicAuth()

# Token-based auth (used for all requests)
token_auth = HTTPBasicAuth()

def verify_password(username, password):
    g.user = User.query.filter_by(username=username).first()
    if g.user is None:
        return False
    return g.user.verify_password(password)

def unauthorized():
コード例 #21
ファイル: api.py プロジェクト: wizardofozzie/pypayd
    def _run(self, payment_handler):
        app = flask.Flask(__name__)
        auth = HTTPBasicAuth()
        def is_ready(): 
            except: return False 
            return True
        def create_order(amount, currency=config.DEFAULT_CURRENCY, item_number=None, order_id=None, gen_new = config.GEN_NEW, qr_code = False):
            ret = payment_handler.createOrder(amount, currency, item_number, order_id, gen_new)
            if ret.get('error'): 
                return ret
            ret.update({'qr_image': (qr.bitcoinqr(ret['receiving_address']) if qr_code else None)})
            return ret
        def check_order_status(order_id=None, special_digits=None, timestamp=None, payment_address=None):  
            return payment_handler.CheckPaymentsFor(order_id=order_id, special_digits=special_digits, payment_address=payment_address, timestamp=timestamp)
        def get_payments(bindings= (),): 
            return payment_handler.db.getPayments(bindings)
        def poll_payments(bindings = (),):
            return payment_handler.pollPayments(bindings)
        def get_invalids(bindings= (),): 
            return payment_handler.db.getInvalids(bindings)
        def get_orders(bindings= (),): 
            return payment_handler.db.getOrders(bindings)
        def get_address(bindings= (), ):
            return payment_handler.db.getAddresses(bindings)
        def get_unfilled_orders(timestamp=config.ORDER_LIFE): 
            statement = "select * from orders where filled = 0 and timestamp > %s" %(time.time() - config.ORDER_LIFE)
            return payment_handler.db.rquery(statement)
        def get_filled_orders(timestamp=config.ORDER_LIFE): 
            statement = "select * from orders where filled != 0 and timestamp > %s" %(time.time() - config.ORDER_LIFE)
            return payment_handler.db.rquery(statement)
        def query(statement, bindings=()):
            return payment_handler.db.rquery(statement, bindings)

        def get_pw(username):
            if username == config.RPC_USER:
                return config.RPC_PASSWORD
            return None
        @app.route('/', methods = ["POST",])
        @app.route('/api', methods = ["POST",])
        def handle_post():
            # Dispatcher is a dictionary {<method_name>: callable}
                request_json = flask.request.get_data().decode('utf-8')
                request_data = json.loads(request_json)
                assert('id' in request_data and request_data['jsonrpc'] == "2.0" and request_data['method'])
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(data="Invalid JSON-RPC 2.0 request format")
                return flask.Response(obj_error.json.encode(), 200, mimetype='application/json')
            jsonrpc_response = jsonrpc.JSONRPCResponseManager.handle(request_json, dispatcher)
            response = flask.Response(jsonrpc_response.json.encode(), 200, mimetype='application/json')
            return response

        if config.AUTH_REQUIRED: 
        d = wsgiserver.WSGIPathInfoDispatcher({'/': app.wsgi_app})
        self.server = wsgiserver.CherryPyWSGIServer((config.RPC_HOST, config.RPC_PORT), d) 
        logging.info("API Started on %s" %(  config.RPC_HOST + ':' +  str(config.RPC_PORT)))
コード例 #22
    def _run(self, payment_handler):
        app = flask.Flask(__name__)
        auth = HTTPBasicAuth()

        def is_ready():
                return False
            return True

        def create_order(amount,
            if gen_new is None:
                gen_new = config.GEN_NEW
            ret = payment_handler.createOrder(amount, currency, item_number,
                                              order_id, gen_new)
            if ret.get('error'):
                return ret
                (qr.bitcoinqr(ret['receiving_address']) if qr_code else None)
            return ret

        # @dispatcher.add_method
        # def check_order_status(order_id=None, special_digits=None, timestamp=None, payment_address=None):
        #     return payment_handler.CheckPaymentsFor(order_id=order_id, special_digits=special_digits, payment_address=payment_address, timestamp=timestamp)

        def get_payments(bindings={}):
            return payment_handler.db.getPayments(bindings)

        def poll_payments(bindings={}):
            return payment_handler.pollPayments(bindings)

        def get_orders(bindings={}):
            return payment_handler.db.getOrders(bindings)

        def get_address(bindings={}):
            return payment_handler.db.getAddresses(bindings)

        def get_unfilled_orders(timestamp=None):
            statement = "select * from orders where filled = 0 and created_at > ?"
            return payment_handler.db.rquery(statement, (timestamp or 0, ))

        def get_filled_orders(timestamp=None):
            statement = "select * from orders where filled != 0 and created_at > ?"
            return payment_handler.db.rquery(statement, (timestamp or 0, ))

        def query(statement, bindings=()):
            return payment_handler.db.rquery(statement, bindings)

        def get_pw(username):
            if username == config.RPC_USER:
                return config.RPC_PASSWORD
            return None

        @app.route('/', methods=[
        @app.route('/api', methods=[
        def handle_post():
            # Dispatcher is a dictionary {<method_name>: callable}
                request_json = flask.request.get_data().decode('utf-8')
                request_data = json.loads(request_json)
                assert ('id' in request_data
                        and request_data['jsonrpc'] == "2.0"
                        and request_data['method'])
                obj_error = jsonrpc.exceptions.JSONRPCInvalidRequest(
                    data="Invalid JSON-RPC 2.0 request format")
                return flask.Response(obj_error.json.encode(),
            jsonrpc_response = jsonrpc.JSONRPCResponseManager.handle(
                request_json, dispatcher)
            response = flask.Response(jsonrpc_response.json.encode(),
            return response

        if config.AUTH_REQUIRED:
        d = wsgiserver.WSGIPathInfoDispatcher({'/': app.wsgi_app})
        self.server = wsgiserver.CherryPyWSGIServer(
            (config.RPC_HOST, config.RPC_PORT), d)
        logging.info("API Started on %s" %
                     (config.RPC_HOST + ':' + str(config.RPC_PORT)))