def create_user_datastore():
if flask.current_app:
if "user_datastore" not in flask.g:
flask.g["user_datastore"] = SQLAlchemyUserDatastore(db, User, Role)
return flask.g
else:
return LocalProxy(lambda: SQLAlchemyUserDatastore(db, User, Role))
def __init__(self, db, user_model, role_model):
"""Init new datastore given user and role models."""
SQLAlchemyUserDatastore.__init__(self, db, user_model, role_model)
log = current_app.artemis_logger
self.role_mapping = config_value("RADIUS_ROLE_MAPPING", default=None)
self.role_attribute_code = config_value("RADIUS_ROLE_ATTRIBUTE_CODE",
default=None)
try:
self.role_attribute_code = (int(self.role_attribute_code)
if self.role_attribute_code is not None
else None)
except ValueError:
raise Exception(
"RADIUS_ROLE_ATTRIBUTE_CODE must be a number (was %s)" %
self.role_attribute_code)
self.default_role = config_value("RADIUS_DEFAULT_ROLE", default="user")
servers = self._create_radius_clients(
config_value("RADIUS_SERVERS", default=[]))
self.client_iterator = cycle(servers)
self.client_attempts = len(servers)
try:
self.current_client = next(self.client_iterator)
log.info(
"Radius servers configured. First server to try is %s:%s" %
(self.current_client.server, self.current_client.authport))
except StopIteration:
raise Exception(
"No radius servers defined but RADIUS auth is enabled!")
def create_app(config=None):
'''
Application factory
'''
flask_app = Flask(__name__)
# flask_app.config.from_object(config)
# flask_app.config.from_envvar('ORDER_CONFIG')
flask_app.config.from_json(config or os.environ.get('OM_CONFIG_FILE')
or 'config.json')
init_logging(flask_app)
Bootstrap(flask_app)
db.init_app(flask_app)
migrate.init_app(flask_app, db, compare_type=True)
init_celery(celery, flask_app)
from app.users.models.user import User
from app.users.models.role import Role
security.init_app(flask_app,
SQLAlchemyUserDatastore(db, User, Role),
login_form=LoginForm)
register_components(flask_app)
if flask_app.config.get('DEBUG'):
init_debug(flask_app)
return flask_app
def create_app():
flask_app = Flask(__name__)
flask_app.config.from_pyfile(get_config_file())
db.init_app(flask_app)
flask_admin = Admin(flask_app,
name=flask_app.config['ADMIN_NAME'],
base_template='my_master.html',
template_mode="bootstrap3",
index_view=AdminIndexView(
name='首页',
menu_icon_type='glyph',
menu_icon_value='glyphicon-home'))
flask_admin.add_view(
UserView(User,
db.session,
name='用户',
menu_icon_type='glyph',
menu_icon_value='glyphicon-user'))
flask_admin.add_view(
RoleView(Role,
db.session,
name='角色',
menu_icon_type='glyph',
menu_icon_value='glyphicon-lock'))
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(flask_app, datastore=user_datastore)
@security.context_processor
def security_context_processor():
return dict(admin_base_template=flask_admin.base_template,
admin_view=flask_admin.index_view,
h=admin_helpers,
get_url=url_for)
with flask_app.app_context():
init_database(flask_app.config['DATABASE_FILE'])
from application.home import home_bp
flask_app.register_blueprint(home_bp, url_prefix='/')
return flask_app
csrf = CsrfProtect()
csrf.init_app(app)
@csrf.error_handler
def csrf_error(reason):
app.logger.debug("CSRF ERROR: {}".format(reason))
return render_template('csrf_error.json', reason=reason), 400
from security_monkey.datastore import User, Role
### Flask-Security ###
from flask_security.core import Security
from flask_security.datastore import SQLAlchemyUserDatastore
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
@security.send_mail_task
def send_email(msg):
"""
Overrides the Flask-Security/Flask-Mail integration
to send emails out via boto and ses.
"""
common_send_email(subject=msg.subject, recipients=msg.recipients, html=msg.html)
from auth.modules import RBAC
rbac = RBAC(app=app)
def __init__(self, db, user_model, role_model):
"""Init new datastore given user and role models."""
SQLAlchemyUserDatastore.__init__(self, db, user_model, role_model)
from flask_security import Security
from flask_security.datastore import SQLAlchemyUserDatastore
from src.users import models
user_datastore = SQLAlchemyUserDatastore(models.db, models.User, models.Role)
class FlaskSecurity(Security):
def __init__(self, app=None):
if app:
super(FlaskSecurity, self).__init__(app, user_datastore)
def init_app(self,
app,
datastore=None,
register_blueprint=True,
login_form=None,
confirm_register_form=None,
register_form=None,
forgot_password_form=None,
reset_password_form=None,
change_password_form=None,
send_confirmation_form=None,
passwordless_login_form=None,
anonymous_user=None):
super().init_app(app, user_datastore)
security = FlaskSecurity()
