def initdb(): '''Init/reset database.''' if not os.environ.get('PRODUCTION'): db.connection.drop_database(app.config['MONGODB_DB']) user_datastore = MongoEngineUserDatastore(db, User, Role) admin_role = user_datastore.create_role(name='admin', description='Admin User') user = user_datastore.create_user( email='*****@*****.**', password='******' ) user_datastore.add_role_to_user(user, admin_role)
def configure_extensions(app, admin): babel.configure(app) generic.configure(app) Cache(app) Mail(app) Dealer(app) error_handlers.configure(app) db.init_app(app) fixtures.configure(app) themes.configure(app, db) # Themes should be configured after db context_processors.configure(app) template_filters.configure(app) user_datastore = MongoEngineUserDatastore(db, User, Role) Security(app, user_datastore) blueprints.load_from_packages(app) blueprints.load_from_folder(app) configure_admin(app, admin) if app.config.get('DEBUG_TOOLBAR_ENABLED'): try: from flask_debugtoolbar import DebugToolbarExtension DebugToolbarExtension(app) except: pass before_request.configure(app) views.configure(app) return app
def _mk_ctx(): return dict(app=app, db=db, models=models, services=services, userdatastore=MongoEngineUserDatastore(db, models.User, models.Role))
def register_flask_security(app): """Register Flask-Security extension""" from flask.ext.security import MongoEngineUserDatastore from edx_data_research.web_app.auth.forms import ExtendedRegisterForm from edx_data_research.web_app.models import User, Role user_datastore = MongoEngineUserDatastore(db, User, Role) security.init_app(app, user_datastore, register_form=ExtendedRegisterForm)
def register_extensions(app): cache.init_app(app) db.init_app(app) admin.init_app(app) register_admin_views(admin) user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore, confirm_register_form=ExtendedRegisterForm) mail.init_app(app) debug_toolbar.init_app(app) return None
def create_app(auth_config=None, debug=True): app = create_base_app(auth_config, debug) app.config['MONGODB_DB'] = 'flask_social_test' app.config['MONGODB_HOST'] = 'localhost' app.config['MONGODB_PORT'] = 27017 db = MongoEngine(app) class Role(db.Document, RoleMixin): name = db.StringField(required=True, unique=True, max_length=80) description = db.StringField(max_length=255) class User(db.Document, UserMixin): email = db.StringField(unique=True, max_length=255) password = db.StringField(required=True, max_length=120) active = db.BooleanField(default=True) remember_token = db.StringField(max_length=255) authentication_token = db.StringField(max_length=255) roles = db.ListField(db.ReferenceField(Role), default=[]) @property def connections(self): return Connection.objects(user_id=str(self.id)) class Connection(db.Document): user_id = db.ObjectIdField() provider_id = db.StringField(max_length=255) provider_user_id = db.StringField(max_length=255) access_token = db.StringField(max_length=255) secret = db.StringField(max_length=255) display_name = db.StringField(max_length=255) full_name = db.StringField(max_length=255) profile_url = db.StringField(max_length=512) image_url = db.StringField(max_length=512) rank = db.IntField(default=1) @property def user(self): return User.objects(id=self.user_id).first() app.security = Security(app, MongoEngineUserDatastore(db, User, Role)) app.social = Social(app, MongoEngineConnectionDatastore(db, Connection)) @app.before_first_request def before_first_request(): for m in [User, Role, Connection]: m.drop_collection() populate_data() app.get_user = lambda: User.objects().first() return app
def initdb(): '''Init/reset database.''' if not os.environ.get('PRODUCTION'): db.connection.drop_database(app.config['MONGODB_DB']) user_datastore = MongoEngineUserDatastore(db, User, Role) admin_role = user_datastore.create_role(name='super_admin', description='Super Admin') team_role = user_datastore.create_role(name='team_admin', description='Team Admin') user = user_datastore.create_user( email='*****@*****.**', password=encrypt_password('password') ) user_datastore.add_role_to_user(user, admin_role)
def configure_extensions(app, admin): cache.init_app(app) babel.configure(app) generic.configure(app) Mail(app) Dealer(app) error_handlers.configure(app) db.init_app(app) themes.configure(app, db) # Themes should be configured after db context_processors.configure(app) template_filters.configure(app) app.security = Security(app, MongoEngineUserDatastore(db, User, Role)) fixtures.configure(app, db) blueprints.load_from_packages(app) blueprints.load_from_folder(app) # enable .pdf support for posts weasyprint.configure(app) configure_admin(app, admin) if app.config.get('DEBUG_TOOLBAR_ENABLED'): try: from flask_debugtoolbar import DebugToolbarExtension DebugToolbarExtension(app) except: pass before_request.configure(app) views.configure(app) oauthlib.configure(app) if app.config.get('SENTRY_ENABLED', False): from .sentry import configure configure(app) return app
def create_user(username, role, password): class Roles(db.Document, RoleMixin): name = db.StringField(max_length=80, unique=True) description = db.StringField(max_length=255) class Users(db.Document, UserMixin): email = db.StringField(max_length=255) password = db.StringField(max_length=255) emri = db.StringField(max_length=255) mbiemri = db.StringField(max_length=255) role = db.StringField() active = db.BooleanField(default=True) klinika = db.ListField(default=[]) nr_licences = db.StringField(max_length=255) kualifikimi = db.StringField(max_length=255) roles = db.ListField(db.ReferenceField(Roles), default=[]) user_datastore = MongoEngineUserDatastore(db, Users, Roles) ''' Create the roles using the flask-security plugin. ''' # Create User role try: Roles.objects.get(name=role) except DoesNotExist: # Create the user role user_datastore.create_role( name=role, description='User of the system.' ) try: Users.objects.get(email=username) # Create the admin user except DoesNotExist: user = user_datastore.create_user( emri="", mbiemri="", klinika=[], nr_licences = "", kualifikimi = "", email=username, role=role, password=bcrypt.generate_password_hash(password, rounds=12), ) user_datastore.add_role_to_user(user, role)
def create_app(config, **kwargs): app = create_base_app(config) app.config['MONGODB_SETTINGS'] = dict( db='flask_security_test', host='localhost', port=27017 ) db = MongoEngine(app) class Role(db.Document, RoleMixin): name = db.StringField(required=True, unique=True, max_length=80) description = db.StringField(max_length=255) class User(db.Document, UserMixin): email = db.StringField(unique=True, max_length=255) username = db.StringField(max_length=255) password = db.StringField(required=True, max_length=255) last_login_at = db.DateTimeField() current_login_at = db.DateTimeField() last_login_ip = db.StringField(max_length=100) current_login_ip = db.StringField(max_length=100) login_count = db.IntField() active = db.BooleanField(default=True) confirmed_at = db.DateTimeField() roles = db.ListField(db.ReferenceField(Role), default=[]) @app.before_first_request def before_first_request(): User.drop_collection() Role.drop_collection() populate_data(app.config.get('USER_COUNT', None)) app.security = Security(app, datastore=MongoEngineUserDatastore(db, User, Role), **kwargs) add_context_processors(app.security) return app
def __call__(self, name, **kwargs): self.app = Flask(name, **kwargs) self.app.config.from_object(self.config) self.bind_extensions(db, mail, celery, csrf, cache, htmlmin, toolbar) register_connection(DB_TEMP_NAME, DB_TEMP_NAME) self.app.session_interface = MongoEngineSessionInterface(db) self.app.permanent_session_lifetime = timedelta(weeks=1) self.app.user_datastore = MongoEngineUserDatastore(db, User, Role) self.app.security = Security(self.app, self.app.user_datastore, login_form=ExtLoginForm) @self.app.security.send_mail_task def delay_security_email(msg): send_security_mail.delay(msg) # @self.app.errorhandler(Exception) # def validation_error(err): # flash(err.message, 'error') # return redirect(request.path) self.register_blueprints(BLUEPRINTS) self.register_template_filters(time_distance, is_list, smart_round, pretty_date, phonofize) self.register_context_processors(categories, cart, visited_offers, pages) self.app.jinja_env.globals['get_plural'] = get_plural self.app.add_url_rule('/media/<filename>', 'media', build_only=True) self.app.wsgi_app = SharedDataMiddleware( self.app.wsgi_app, {'/media': self.app.config['MEDIA_DIR']}) return self.app
def create_app(testing=False, live=False): from bhs_api.models import User, Role from bhs_api.forms import LoginForm app = Flask(__name__) app.testing = testing # load the config file conf = get_conf() app.conf = conf # Our config - need to move everything here app.config[ 'VIDEO_BUCKET_URL'] = "https://storage.googleapis.com/bhs-movies" app.config[ 'IMAGE_BUCKET_URL'] = "https://storage.googleapis.com/bhs-flat-pics" # Set app config app.config['DEBUG'] = True app.config['FRONTEND_SERVER'] = conf.frontend_server app.config['DEFAULT_NEXT'] = '/mjs' # Security Config app.config['SECRET_KEY'] = conf.secret_key app.config['WTF_CSRF_ENABLED'] = False app.config['SECURITY_PASSWORDLESS'] = True app.config['SECURITY_EMAIL_SENDER'] = 'BH Databases<*****@*****.**>' app.config['SECURITY_USER_IDENTITY_ATTRIBUTES'] = 'email' app.config[ 'SECURITY_EMAIL_SUBJECT_PASSWORDLESS'] = 'Login link for Your Jewish Story' app.config['SECURITY_POST_LOGIN_VIEW'] = '/mjs' app.config['SECURITY_USER_IDENTITY_ATTRIBUTES'] = ('email', 'username', 'hash') # Mail Config app.config['MAIL_SERVER'] = conf.mail_server app.config['MAIL_PORT'] = conf.mail_port # Mail optional username and password try: app.config['MAIL_USERNAME'] = conf.mail_username app.config['MAIL_PASSWORD'] = conf.mail_password except AttributeError: pass # DB Config app.config['MONGODB_DB'] = conf.user_db_name app.config['MONGODB_HOST'] = conf.user_db_host app.config['MONGODB_PORT'] = conf.user_db_port # Redis app.config['REDIS_HOST'] = conf.redis_host app.config['REDIS_PORT'] = conf.redis_port app.config['REDIS_PASSWORD'] = getattr(conf, 'redis_password', None) # CACHING app.config['CACHING_TTL'] = conf.caching_ttl app.mail = Mail(app) app.db = MongoEngine(app) app.user_datastore = MongoEngineUserDatastore(app.db, User, Role) app.security = Security(app, app.user_datastore, passwordless_login_form=LoginForm) # Create database connection object app.client_data_db = pymongo.MongoClient( conf.data_db_host, conf.data_db_port, read_preference=pymongo.ReadPreference.SECONDARY_PREFERRED) app.data_db = app.client_data_db[conf.data_db_name] # Create the elasticsearch connection app.es = elasticsearch.Elasticsearch(conf.elasticsearch_host) # Add the user's endpoints from bhs_api.user import user_endpoints app.register_blueprint(user_endpoints) # Add the v1 endpoint from bhs_api.v1_endpoints import v1_endpoints app.register_blueprint(v1_endpoints, url_prefix='/v1') # Initialize autodoc - https://github.com/acoomans/flask-autodoc #allow CORS cors = CORS(app, origins=['*'], headers=[ 'content-type', 'accept', 'authentication-token', 'Authorization' ]) # logging if live: app.config['PROPAGATE_EXCEPTIONS'] = True try: fh = logging.FileHandler(conf.log_file) formatter = logging.Formatter( '%(asctime)s - %(name)s - %(levelname)s - %(message)s') fh.setFormatter(formatter) app.logger.addHandler(fh) except AttributeError: pass # redis try: app.redis = redis.StrictRedis(host=conf.redis_host, port=conf.redis_port, password=app.config['REDIS_PASSWORD'], db=0) except AttributeError: app.redis = None return app, conf
name = db.StringField(max_length=80, unique=True) description = db.StringField(max_length=255) # Generic User schema class User(db.Document, UserMixin): firstname = db.StringField(max_length=40) # first name lastname = db.StringField(max_length=40) # last name email = db.EmailField(max_length=100, unique=True) # email (contact information) uid = db.StringField(max_length=40, unique=True) # username, technically 4-12 char password = db.StringField(max_length=20) # password, at least 1 number active = db.BooleanField(default=True) # set False for user confirmation confirmed_at = db.DateTimeField() # confirmation time, currently not used roles = db.ListField(db.ReferenceField(Role), default=[]) # Setup Flask-Security user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) # Generic entry schema, per image uploaded class Entry(db.Document): uid = db.StringField(max_length=40) # uploader username uuid = db.StringField(max_length=255) # image filename, uuid datetime = db.DateTimeField() # time of upload diag = db.FloatField() # DR diagnosis of image # API key schema class Key(db.Document): key = db.StringField(max_length=255) # API key, uuid uid = db.StringField(max_length=40) # username of API key owner datetime = db.DateTimeField() # time of API key creation
def configure_security(app): """ ABOUT Configures Flask-Security with our app """ from .user.models import Role, User user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) @identity_loaded.connect_via(app) def on_identity_loaded(sender, identity): # Set the default state g.user = None if identity.name is None: return # Ok we're ok to proceed now ... if isinstance(identity.name, (bson.ObjectId)): user = User.objects(id=identity.name) elif isinstance(identity.name, (str, unicode)): user = User.objects(email=identity.name) if user.count() > 1: app.logger.error("Got more than one match for user login %s" % identity.name) raise Exception( "[on_identity_loaded] Error getting login information. Please contact an administrator" ) g.user = None elif user.count() == 0: g.user = None else: user = user.first() if hasattr(user, 'id'): identity.provides.add(UserNeed(user.id)) # Assuming the User model has a list of roles, update the # identity with the roles that the user provides if hasattr(user, 'roles'): for role in user.roles: identity.provides.add(RoleNeed(role.name)) # Assuming the User model has a list of posts the user # has authored, add the needs to the identity if hasattr(user, 'posts'): for post in user.posts: identity.provides.add(EditBlogPostNeed(unicode(post.id))) identity.user = user g.user = user # set the user load clalback @login_manager.user_loader def load_user(userid): return User.objects.with_id(userid) @app.before_request def before_request(): """ ABOUT This was inserted when we started to see errors from g.user.is_anonymous() for non-registered users, this seemed to fix that """ g.user = current_user
"/answers": {"origins": "*"}, "/task_data": {"origins" : "*"}}) import schema.requester import schema.question import schema.task import schema.role print "Loading mail extension" sys.stdout.flush() mail = Mail(app) print "Loading security datastore" sys.stdout.flush() user_datastore = MongoEngineUserDatastore(db, schema.requester.Requester, schema.role.Role) security = Security(app, user_datastore) print "Done loading security datastore. Ready to serve pages." sys.stdout.flush() print "Loading Celery" def make_celery(app): celery = Celery(app.import_name, backend=app.config['REDIS_URL'], broker=app.config['REDIS_URL']) celery.conf.update(app.config) TaskBase = celery.Task class ContextTask(TaskBase): abstract = True def __call__(self, *args, **kwargs): with app.app_context():
def initdb(): """Init/reset database.""" user_datastore = MongoEngineUserDatastore(db, User, Role) user_datastore.create_user(email='*****@*****.**', password='******')
def create_app(settings_override=None, register_security_blueprint=True): """Returns the frontend application instance""" app = factory.create_app(__name__, __path__, settings_override) # Init assets assets.init_app(app) menu.init_app(app) gravatar.init_app(app) userdatastore = MongoEngineUserDatastore(db, models.User, models.Role) security.init_app(app, userdatastore, login_form=DeploymentLoginForm, register_blueprint=register_security_blueprint) app.session_interface = CustomMongoEngineSessionInterface(db) csrf.init_app(app) init_admin(admin, app) # Register custom error handlers if not app.debug: for e in [500, 404, 403]: app.errorhandler(e)(handle_error) @app.before_first_request def create_user_roles(): userdatastore.find_or_create_role('clerk') userdatastore.find_or_create_role('manager') userdatastore.find_or_create_role('analyst') userdatastore.find_or_create_role('admin') # register deployment selection middleware app.before_request(set_request_presets) # add Jinja2 filters app.jinja_env.filters.update(custom_filters) # Login and logout signal handlers # user_logged_out.connect(lambda app, user: session.clear()) user_logged_out.connect(clear_session) @identity_loaded.connect_via(app) def on_identity_loaded(sender, identity): needs = services.perms.get_all_needs( models.User(**identity.user._data)) for need in needs: identity.provides.add(need) @app.context_processor def inject_permissions(): ga_key = app.config.get('GOOGLE_ANALYTICS_KEY') return dict(perms=permissions, ga_key=ga_key) # clickjacking protection @app.after_request def frame_buster(response): response.headers['X-Frame-Options'] = app.config.get( 'X_FRAME_OPTIONS', 'DENY') return response # content security policy @app.after_request def content_security_policy(response): response.headers['Content-Security-Policy'] = "default-src 'self' " + \ "*.googlecode.com *.google-analytics.com *.persona.org " + \ "'unsafe-inline' 'unsafe-eval'; img-src * data:" return response return app
def init_flask_security(app): user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) # This step may not be necessary app.security = security
class NotAuthenticatedMenuLink(MenuLink): def is_accessible(self): return not current_user.is_authenticated() admin.add_link(NotAuthenticatedMenuLink(name='Login', url='/login')) admin.add_link(AuthenticatedMenuLink(name='Logout', url='/logout')) db.init_app(app) admin.init_app(app) from api import models from api import views from api import administration # Setup Flask-Security user_datastore = MongoEngineUserDatastore(db, models.User, models.Role) security = Security(app, user_datastore) # sanyam = models.User(email="*****@*****.**", password="******") @app.before_first_request def before_first_request(): user_datastore.find_or_create_role(name='admin', description='Administrator') user_datastore.find_or_create_role(name='super_admin', description='Super Administrator') encrypted_password = encrypt_password('password') if not user_datastore.get_user('*****@*****.**'): user_datastore.create_user(email='*****@*****.**', password=encrypted_password) user_datastore.add_role_to_user('*****@*****.**', 'admin') user_datastore.add_role_to_user('*****@*****.**', 'super_admin')
def configure(app, db): from quokka.modules.accounts.models import User, Role app.security = Security( app=app, datastore=MongoEngineUserDatastore(db, User, Role), )