def init(): global security app.config['SECURITY_CONFIRMABLE'] = not app.config['MAIL_SUPPRESS_SEND'] app.config['SECURITY_CHANGEABLE'] = True app.config['SECURITY_SEND_PASSWORD_CHANGE_EMAIL'] = not app.config['MAIL_SUPPRESS_SEND'] app.config['SECURITY_POST_CHANGE_VIEW'] = "profile.html" app.config['SECURITY_PASSWORD_HASH'] = "bcrypt" app.config['SECURITY_MSG_CONFIRMATION_REQUIRED'] = ( Markup('Email requires confirmation. <a href="/confirm">Resend confirmation instructions</a>.'), 'error') # This comes from config: app.config['SECURITY_REGISTERABLE'] # Update all salts with SECRET_KEY if they are not set secret_key = app.config['SECRET_KEY'] for salt in ('SECURITY_PASSWORD_SALT', 'SECURITY_CONFIRM_SALT', 'SECURITY_RESET_SALT', 'SECURITY_LOGIN_SALT', 'SECURITY_REMEMBER_SALT'): app.config[salt] = app.config.get(salt, secret_key) app.config['SECURITY_EMAIL_SENDER'] = app.config['MAIL_DEFAULT_SENDER'] app.config['SECURITY_POST_LOGIN_VIEW'] = "/" security = Security(app, CustomUserDatastore(), login_form=CustomLoginForm, register_form=CustomRegisterForm, confirm_register_form=CustomRegisterForm) security.send_mail_task(send_security_mail)
def init_extensions(app): """ Initialize extensions registered for this app :param app: :return: """ db_adapter = SQLAlchemyUserDatastore(db, User, Role) user_manager = Security() assets_env.init_app(app) mail.init_app(app) celery.init_app(app) compress.init_app(app) csrf.init_app(app) review_images_factory(app.testing, app) db.init_app(app) debug_toolbar.init_app(app) migrate.init_app(app, db, directory='store/migrations') resize.init_app(app) socketio.init_app(app) if app.config.get("MODE") == assets.AppModes.PRODUCTION: sentry.init_app(app, logging=True) from auth.forms import ExtendedRegisterForm, ExtendedLoginForm user_manager.init_app(app, db_adapter, register_form=ExtendedRegisterForm, login_form=ExtendedLoginForm, confirm_register_form=ExtendedRegisterForm)
def init_app(app, user_datastore, LoginForm): def load_user(user_id): return user_datastore.get_user(user_id) def load_user_from_request(request): apikey = request.headers.environ.get("HTTP_X_API_KEY", None) if apikey: user = user_datastore.find_user(apikey=apikey) if not user: return None else: auth = request.headers.get("Authorization") if not auth or auth.count(":") != 1: return None login, password = auth.split(":") user = user_datastore.find_user(email=login.strip()) if user is None: return None if not verify_and_update_password(password.strip(), user): return None return user if login_user(user) else None security = Security() security.init_app(app, user_datastore, login_form=LoginForm) app.login_manager.request_loader(load_user_from_request) app.login_manager.user_loader(load_user) user_logged_out.connect(invalidate_user)
def create_app(self): app = super(UserRegistrationDbTests, self).create_app() app.config['NOI_CAN_UNCONFIRMED_USERS_FULLY_REGISTER'] = False security = Security() security.init_app(app, datastore=DeploySQLAlchemyUserDatastore( db, User, Role )) return app
def init_app(app): from flask_login import LoginManager login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = "/login" # Setup Flask-Security security = Security() security = security.init_app(app, AppEngineUserDatastore(User, Role)) security.send_mail_task(send_mail) from flask_social_blueprint.core import SocialBlueprint SocialBlueprint.init_bp(app, SocialConnection, url_prefix="/_social")
def init_app(app): login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = '/login' # Setup Flask-Security security = Security() security = security.init_app(app, MongoEngineUserDatastore(db, User, Role)) security.send_mail_task(send_mail) from flask_social_blueprint.core import SocialBlueprint SocialBlueprint.init_bp(app, SocialConnection, url_prefix='/_social') state = app.extensions['security'] state.render_template = render_template app.extensions['security'] = state
def init_app(app): # Flask-Login # https://flask-login.readthedocs.org/en/latest/ from flask_login import LoginManager login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = "/login" # Setup Flask-Security security = Security() security = security.init_app(app, SQLAlchemyUserDatastore(db, User, Role)) security.send_mail_task(send_mail) from flask_social_blueprint.core import SocialBlueprint SocialBlueprint.init_bp(app, SocialConnection, url_prefix="/_social")
def create_app(config_override: Mapping = None) -> Flask: """Create the flask app for the debug server. Parameters: config_override: Dict containing custom configuration to apply after loading the normal config. Useful for testing. """ config_override = {} if config_override is None else config_override # TODO: Rename app, no longer used only for debugging app = Flask('stuffrdebugserver', instance_relative_config=True, static_url_path='', template_folder='static') app.config.from_object('config.default') app.config.from_envvar('STUFFR_SETTINGS') app.config.from_mapping(config_override) app.json_encoder = StuffrJSONEncoder logger.set_logger(app.logger) db.init_app(app) security = Security(app, user_store, confirm_register_form=StuffrRegisterForm) security.unauthorized_handler(api_unauthenticated_handler) Mail(app) # In debug mode Swagger documentation is served at root if not app.config['DEBUG']: def api_root_view(): """Provide a link to API documentation if root accessed.""" return error_response( 'TODO: Link to documentation here', HTTPStatus.NOT_FOUND) blueprint_api.add_url_rule('/', 'apiindex', api_root_view) app.register_blueprint(blueprint_simple, url_prefix='/simple') app.register_blueprint(blueprint_api, url_prefix='/api') def default404(e): """Default handler for 404.""" # TODO: Conditional JSON/HTML response (for simple mode) return error_response(e.description, HTTPStatus.NOT_FOUND) app.register_error_handler(HTTPStatus.NOT_FOUND, default404) # TODO: Make friendlier error message (40x or 50x?) app.add_url_rule('/', 'index', lambda: "You probably shouldn't be here") return app
def test_custom_forms_via_config(app, sqlalchemy_datastore): class MyLoginForm(LoginForm): email = StringField('My Login Email Address Field') class MyRegisterForm(RegisterForm): email = StringField('My Register Email Address Field') app.config['SECURITY_LOGIN_FORM'] = MyLoginForm app.config['SECURITY_REGISTER_FORM'] = MyRegisterForm security = Security(datastore=sqlalchemy_datastore) security.init_app(app) client = app.test_client() response = client.get('/login') assert b'My Login Email Address Field' in response.data response = client.get('/register') assert b'My Register Email Address Field' in response.data
def __init__(self, app=None, sessionstore=None): """Extension initialization. :param app: The Flask application. :param sessionstore: store for sessions. Passed to ``flask-kvsession``. Defaults to redis. """ self.security = Security() self.datastore = None if app: self.init_app(app, sessionstore=sessionstore)
def init(): global security app.config["SECURITY_CONFIRMABLE"] = not app.config["MAIL_SUPPRESS_SEND"] app.config["SECURITY_CHANGEABLE"] = True app.config["SECURITY_SEND_PASSWORD_CHANGE_EMAIL"] = not app.config["MAIL_SUPPRESS_SEND"] app.config["SECURITY_POST_CHANGE_VIEW"] = "profile.html" app.config["SECURITY_PASSWORD_HASH"] = "bcrypt" app.config["SECURITY_MSG_CONFIRMATION_REQUIRED"] = ( Markup('Email requires confirmation. <a href="/confirm">Resend confirmation instructions</a>.'), "error", ) # This comes from config: app.config['SECURITY_REGISTERABLE'] # Update all salts with SECRET_KEY if they are not set secret_key = app.config["SECRET_KEY"] for salt in ( "SECURITY_PASSWORD_SALT", "SECURITY_CONFIRM_SALT", "SECURITY_RESET_SALT", "SECURITY_LOGIN_SALT", "SECURITY_REMEMBER_SALT", ): app.config[salt] = app.config.get(salt, secret_key) app.config["SECURITY_EMAIL_SENDER"] = app.config["MAIL_DEFAULT_SENDER"] app.config["SECURITY_POST_LOGIN_VIEW"] = "/" security = Security( app, CustomUserDatastore(), login_form=CustomLoginForm, register_form=CustomRegisterForm, confirm_register_form=CustomRegisterForm, ) security.send_mail_task(send_security_mail) if app.config["SECURITY_CONFIRMABLE"] and app.config["NEW_USER_NOTIFICATION"]: user_confirmed.connect(new_user_notification, app)
def init(): global security app.config['SECURITY_REGISTERABLE'] = True app.config['SECURITY_CONFIRMABLE'] = True app.config['SECURITY_PASSWORD_HASH'] = "bcrypt" # Update all salts with SECRET_KEY if they are not set secret_key = app.config['SECRET_KEY'] for salt in ('SECURITY_PASSWORD_SALT', 'SECURITY_CONFIRM_SALT', 'SECURITY_RESET_SALT', 'SECURITY_LOGIN_SALT', 'SECURITY_REMEMBER_SALT'): app.config[salt] = app.config.get(salt, secret_key) app.config['SECURITY_EMAIL_SENDER'] = app.config['MAIL_DEFAULT_SENDER'] app.config['SECURITY_POST_LOGIN_VIEW'] = "/pledge.html" security = Security(app, IcoinUserDatastore(), confirm_register_form=IcoinRegisterForm) security.send_mail_task(send_security_mail)
def init_app(app): # Flask-Login # https://flask-login.readthedocs.org/en/latest/ from flask_login import LoginManager login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = "/login" # Setup Flask-Security security = Security() security = security.init_app(app, MongoEngineUserDatastore(db, User, Role)) security.send_mail_task(send_mail) from flask_social_blueprint.core import SocialBlueprint SocialBlueprint.init_bp(app, SocialConnection, url_prefix="/_social") @app.before_first_request def before_first_request(): for m in [User, Role, SocialConnection]: m.drop_collection()
from adminlte.views import FaLink from config import config, host, port import api.routes from api.models import db from api.models.user import User from api.admin.user import UserView app = Flask(__name__) app.config.from_object(config) db.init_app(app) db.app = app # AdminLTE Panel security = Security(app, admins_store) admin = AdminLte(app, skin='green', name='FlaskCMS', short_name="<b>F</b>C", long_name="<b>Flask</b>CMS") admin.add_link( FaLink(name="Documentation", icon_value='fa-book', icon_type="fa", url='/docs/')) admin.add_view( UserView(User, db.session, name="Users", menu_icon_value='fa-users')) @security.context_processor
class BaseModelView(ModelView): def on_model_change(self, form, model, is_created): model.generate_slug() return super(BaseModelView, self).on_model_change(form, model, is_created) class AdminView(AdminMixin, ModelView): pass class HomeAdminView(AdminMixin, AdminIndexView): pass class PostAdminView(AdminMixin, BaseModelView): form_columns = ['title', 'body', 'tags'] class TagAdminView(AdminMixin, BaseModelView): form_columns = ['name', 'posts'] admin = Admin(app, 'Flask', url='/', index_view=HomeAdminView(name='Home')) admin.add_view(PostAdminView(Post, db.session)) admin.add_view(TagAdminView(Tag, db.session)) #-------Flask security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore)
#!/usr/bin/env python import os from datetime import datetime from flask_security import Security, SQLAlchemySessionUserDatastore from manager.setup import app from manager.setup_db import init_db, db from manager.user import User, Role # with app.app_context(): # Create any database tables that don't exist yet. init_db() user_datastore = SQLAlchemySessionUserDatastore(db.session, User, Role) security = Security(app, user_datastore) # this sets some app.config # Create the Roles "admin" and "end-user" -- unless they already exist user_datastore.find_or_create_role(name='admin', description='Administrator') user_datastore.find_or_create_role(name='user', description='End user') admin_email = os.environ['ADMIN_EMAIL'] # create admin user if not user_datastore.get_user(admin_email): user_datastore.create_user( email=admin_email, username='******', password=os.environ['ADMIN_PASSWORD'], active=True, confirmed_at=datetime.now(), )
# Memcache from flask_cache import Cache app.cache = Cache(app) # MongoEngine from flask_application.models import db app.db = db app.db.init_app(app) from flask_security import Security, MongoEngineUserDatastore from flask_application.users.models import User, Role # Setup Flask-Security app.user_datastore = MongoEngineUserDatastore(app.db, User, Role) app.security = Security(app, app.user_datastore) # Business Logic # http://flask.pocoo.org/docs/patterns/packages/ # http://flask.pocoo.org/docs/blueprints/ from flask_application.public.controllers import public app.register_blueprint(public) from flask_application.users.controllers import users app.register_blueprint(users) from flask_application.admin.controllers import admin app.register_blueprint(admin) def scan_and_import(name):
class User(db.Document, UserMixin): firstname = db.StringField(required=True, max_length=30) lastname = db.StringField(required=True, max_length=30) dateOfBirth = db.StringField(required=True, max_length=30) email = db.EmailField(required=True, max_length=50) password = db.StringField(required=True) confirmpassword = db.StringField(required=True) active = db.BooleanField(default=True) confirmed_at = db.DateTimeField() roles = db.ListField(db.ReferenceField(Role), default=[]) user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore, register_form=RegisterForm) @app.route('/') @app.route('/home') def home(): return render_template('home.html') @app.route('/register', methods=['GET', 'POST']) def register(): form = RegisterForm() if request.method == 'POST': passwordtest = request.form.get("password") if len(passwordtest) < 6:
def create_app(): app = Flask(__name__) app.config.from_pyfile('settings.py', silent=True) db.init_app(app) admin = Admin(app, name='Flask-Docker CPanel', template_mode='bootstrap3', index_view=SecureAdminIndexView()) admin.add_view( MenuModelView(Menu, db.session, menu_icon_type=ICON_TYPE_FONT_AWESOME, menu_icon_value='fa-list')) admin.add_view( PageModelView(Page, db.session, menu_icon_type=ICON_TYPE_FONT_AWESOME, menu_icon_value='fa-file-o')) admin.add_view( RoleModelView(Role, db.session, menu_icon_type=ICON_TYPE_FONT_AWESOME, menu_icon_value='fa-users')) admin.add_view( UserModelView(User, db.session, menu_icon_type=ICON_TYPE_FONT_AWESOME, menu_icon_value='fa-user-o')) user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore) @app.route('/') @app.route('/<url>') def index(url=None): content = '' page = None if url is not None: page = Page.query.filter_by(url=url).first() else: page = Page.query.filter_by(is_homepage=True).first() if page is not None: content = page.content else: return '<b>404</b> : Page not found' menu = Menu.query.order_by('order').all() return render_template('index.html', TITLE='Flask-Docker', CONTENT=content, MENU=menu) @app.route('/db_test') def db_test(): import psycopg2 connection = psycopg2.connect( 'dbname=flask user=postgres password=postgres host=postgres') cursor = connection.cursor() cursor.execute('select id, title, content from page') id, title, content = cursor.fetchone() connection.close() return 'Test query fetch 1 : {} | {}'.format(id, title) @app.route('/secret_url') @login_required def secret_url(): return '<h1>SECRET PAGE</h1>' @app.route('/favicon.ico') def favicon(): return send_from_directory(os.path.join(app.root_path, 'static'), 'favicon.ico', mimetype='image/vnd.microsoft.icon') return app
""" Pulls together modules to implement user roles and authorization """ from flask_security import Security, SQLAlchemyUserDatastore from flask_security.forms import ConfirmRegisterForm from wtforms import validators, StringField from . import db, app from .models import User, Role class ExtendedConfirmRegisterForm(ConfirmRegisterForm): # flask-security user registration first_name = StringField('First Name', validators=[validators.required()]) last_name = StringField('Last Name', validators=[validators.required()]) nickname = StringField('Nickname') user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore, confirm_register_form=ExtendedConfirmRegisterForm)
def init_app_with_options(app, datastore, **options): security_args = options.pop("security_args", {}) app.config.update(**options) app.security = Security(app, datastore=datastore, **security_args) populate_data(app)
def create_app(db_connection_string=None, testing=None): app = Flask(__name__) try: secret_key = server.config.faraday_server.secret_key except Exception: # Now when the config file does not exist it doesn't enter in this # condition, but it could happen in the future. TODO check save_new_secret_key(app) else: if secret_key is None: # This is what happens now when the config file doesn't exist. # TODO check save_new_secret_key(app) else: app.config['SECRET_KEY'] = secret_key login_failed_message = ("Invalid username or password", 'error') app.config.update({ 'SECURITY_PASSWORD_SINGLE_HASH': True, 'WTF_CSRF_ENABLED': False, 'SECURITY_USER_IDENTITY_ATTRIBUTES': ['username'], 'SECURITY_POST_LOGIN_VIEW': '/_api/session', 'SECURITY_POST_LOGOUT_VIEW': '/_api/login', 'SECURITY_POST_CHANGE_VIEW': '/_api/change', 'SECURITY_CHANGEABLE': True, 'SECURITY_SEND_PASSWORD_CHANGE_EMAIL': False, 'SECURITY_MSG_USER_DOES_NOT_EXIST': login_failed_message, # The line bellow should not be necessary because of the # CustomLoginForm, but i'll include it anyway. 'SECURITY_MSG_INVALID_PASSWORD': login_failed_message, 'SESSION_TYPE': 'filesystem', 'SESSION_FILE_DIR': server.config.FARADAY_SERVER_SESSIONS_DIR, 'SQLALCHEMY_TRACK_MODIFICATIONS': False, 'SQLALCHEMY_RECORD_QUERIES': True, # app.config['SQLALCHEMY_ECHO'] = True 'SECURITY_PASSWORD_SCHEMES': [ 'bcrypt', # This should be the default value # 'des_crypt', 'pbkdf2_sha1', # Used by CouchDB passwords # 'pbkdf2_sha256', # 'pbkdf2_sha512', # 'sha256_crypt', # 'sha512_crypt', 'plaintext', # TODO: remove it ], 'PERMANENT_SESSION_LIFETIME': datetime.timedelta(hours=12), }) try: storage_path = server.config.storage.path except AttributeError: logger.warn( 'No storage section or path in the .faraday/server.ini. Setting the default value to .faraday/storage' ) storage_path = setup_storage_path() if not DepotManager.get('default'): if testing: DepotManager.configure('default', {'depot.storage_path': '/tmp'}) else: DepotManager.configure('default', {'depot.storage_path': storage_path}) check_testing_configuration(testing, app) try: app.config[ 'SQLALCHEMY_DATABASE_URI'] = db_connection_string or server.config.database.connection_string.strip( "'") except AttributeError: logger.info( 'Missing [database] section on server.ini. Please configure the database before running the server.' ) except NoOptionError: logger.info( 'Missing connection_string on [database] section on server.ini. Please configure the database before running the server.' ) from server.models import db db.init_app(app) #Session(app) # Setup Flask-Security app.user_datastore = SQLAlchemyUserDatastore( db, user_model=server.models.User, role_model=None) # We won't use flask security roles feature Security(app, app.user_datastore, login_form=CustomLoginForm) # Make API endpoints require a login user by default. Based on # https://stackoverflow.com/questions/13428708/best-way-to-make-flask-logins-login-required-the-default app.view_functions['security.login'].is_public = True app.view_functions['security.logout'].is_public = True app.debug = server.config.is_debug_mode() minify_json_output(app) for handler in LOGGING_HANDLERS: app.logger.addHandler(handler) register_blueprints(app) register_handlers(app) return app
def create_app(test_config=None): from . import models, routes # app = Flask(__name__, static_folder="static/") ### FLASK CONFIG app = Flask(__name__, instance_relative_config=True, static_folder="static/") CORS(app, supports_credentials=True) if test_config is None: # load the instance config, if it exists, when not testing app.config.from_pyfile("config.py", silent=True) else: # load the test config if passed in app.config.from_mapping(test_config) # ensure the instance folder exists try: # os.makedirs(app.instance_path) pass except OSError: pass #### END basedir = os.path.abspath(os.path.dirname(__file__)) # Database app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///" + os.path.join( basedir, "database/db.sqlite") print(app.config["SQLALCHEMY_DATABASE_URI"]) app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False app.config["SECRET_KEY"] = "super-secret" app.config["SECURITY_PASSWORD_SALT"] = "super-secret" app.config["SECURITY_TRACKABLE"] = True app.config["SECURITY_REGISTERABLE"] = True app.config["WTF_CSRF_ENABLED"] = False app.config["SECURITY_SEND_REGISTER_EMAIL"] = False # Mail config app.config["MAIL_SERVER"] = "smtp.gmail.com" app.config["MAIL_PORT"] = 465 app.config["MAIL_USERNAME"] = "******" app.config["MAIL_PASSWORD"] = "******" app.config["MAIL_USE_TLS"] = False app.config["MAIL_USE_SSL"] = True from src.models.user import User, Role, db from flask_security import ( SQLAlchemySessionUserDatastore, Security, login_required, current_user, ) # Setup Flask-Security user_datastore = SQLAlchemySessionUserDatastore(db.session, User, Role) security = Security(app, user_datastore) import src.mail as mail models.init_app(app) routes.init_app(app) mail.init_app(app) from flask import send_from_directory # Serve React App @app.route("/", defaults={"path": ""}) @app.route("/<path:path>") @login_required def serve(path): if path != "" and os.path.exists(app.static_folder + "/" + path): return send_from_directory(app.static_folder, path) else: return send_from_directory(app.static_folder, "index.html") @app.errorhandler(404) def page_not_found(e): return redirect("/"), 404 @app.route("/schema") def get_schema(): return render_template("schema.html") return app
from flask import Flask, abort, redirect, url_for, request from flask_sqlalchemy import SQLAlchemy from config import config from flask_security import Security, SQLAlchemyUserDatastore, current_user, \ UserMixin, RoleMixin, login_required, auth_token_required, http_auth_required from flask_security.utils import encrypt_password from flask_admin.contrib import sqla from flask_admin import Admin, helpers as admin_helpers db = SQLAlchemy() # models引用必须在 db/login_manager之后,不然会循环引用 from .models import User, Role user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(datastore=user_datastore) # Create admin admin = Admin(name=u'简读Admin') def create_app(config_name): app = Flask(__name__) app.config.from_object(config[config_name]) config[config_name].init_app(app) db.init_app(app) security.init_app(app) admin.init_app(app) from .main import main as main_blueprint
def create() -> SecurityFixture: security = Security(app, datastore=sqlalchemy_datastore) app.security = security return app
def create_app(): #Creamos una instancia del flask logging.basicConfig(filename=LOG_FILENAME, level=logging.DEBUG) app = Flask(__name__) app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False #Generar la clave de sessión para crear una cookie con la inf. de la sessión app.config['SECRET_KEY'] = os.urandom(24) #Usar en caso de que no se tenga algun acceso a la principal app.config[ 'SQLALCHEMY_DATABASE_URI'] = 'mysql://*****:*****@31.170.161.1/u512768467_muebleria2' #app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql://*****:*****@31.170.161.1/u512768467_muebleria' app.config['SECURITY_PASSWORD_SALT'] = 'thisissecretsalt' db.init_app(app) @app.before_first_request def create_all(): try: db.create_all() userDataStore.find_or_create_role(name='admin', description='Administrator') userDataStore.find_or_create_role(name='vendedor', description='Vendedor') userDataStore.find_or_create_role(name='almacenista', description='Almacenista') encrypted_password = generate_password_hash( 'password', method='sha512') #utils.encrypt_password('password') if not userDataStore.get_user('*****@*****.**'): userDataStore.create_user(email='*****@*****.**', password=encrypted_password, numero_empleado=232, nivel_escolar='Telesecundaria', profesion='Ama de casa', observaciones='Es a toda madre', idPersona=7, estatus=1) db.session.commit() if not userDataStore.get_user('*****@*****.**'): userDataStore.create_user(email='*****@*****.**', password=encrypted_password, numero_empleado=32, nivel_escolar='Telesecundaria', profesion='Ama de casa', observaciones='Es a toda madre', idPersona=5, estatus=1) db.session.commit() if not userDataStore.get_user('*****@*****.**'): userDataStore.create_user(email='*****@*****.**', password=encrypted_password, numero_empleado=2132, nivel_escolar='Telesecundaria', profesion='Ama de casa', observaciones='Es a toda madre', idPersona=6, estatus=1) db.session.commit() # Commit any database changes; the User and Roles must exist before we can add a Role to the User except Exception as inst: message = {"result": "error"} logging.error( str(type(inst)) + '\n Tipo de error: ' + str(inst) + '[' + str(datetime.now()) + ']') return render_template('error.html') security = Security(app, userDataStore) try: # Initialize Flask-Admin admin = Admin(app) # Add Flask-Admin views for Users and Roles admin.add_view(UserAdmin(User, db.session)) admin.add_view(RoleAdmin(Role, db.session)) except Exception as inst: message = {"result": "error"} logging.error( str(type(inst)) + '\n Tipo de error: ' + str(inst) + '[' + str(datetime.now()) + ']') return render_template('error.html') @app.route('/login', methods=['GET', 'POST']) def index_login_fail(): if request.method == 'POST' and request.form['email']: return render_template('security/login.html') print(request.form.get('next')) else: return render_template('security/login.html') try: #Registramos el blueprint para el resto de la aplicación from .main import main as main_blueprint app.register_blueprint(main_blueprint) from .auth import auth as auth_blueprint app.register_blueprint(auth_blueprint) from .materialRutas import materialRutas as materialRutas_blueprint app.register_blueprint(materialRutas_blueprint) from .categoriasRutas import categoriasRutas as categoriasRutas_blueprint app.register_blueprint(categoriasRutas_blueprint) from .proveedorRutas import proveedorRutas as proveedorRutas_blueprint app.register_blueprint(proveedorRutas_blueprint) from .clienteRutas import clienteRutas as clienteRutas_blueprint app.register_blueprint(clienteRutas_blueprint) from .ventasRutas import ventasRutas as ventasRutas_blueprint app.register_blueprint(ventasRutas_blueprint) from .productoRutas import productoRutas as productoRutas_blueprint app.register_blueprint(productoRutas_blueprint) from .detalleProductoMaterialRutas import detalleProductoMaterialRutas as detalleProductoMaterialRutas_blueprint app.register_blueprint(detalleProductoMaterialRutas_blueprint) from .ordenCompraRutas import ordenCompraRutas as ordenCompraRutas_blueprint app.register_blueprint(ordenCompraRutas_blueprint) from .empleadoRutas import empleadoRutas as empleadoRutas_blueprint app.register_blueprint(empleadoRutas_blueprint) except Exception as inst: message = {"result": "error"} logging.error( str(type(inst)) + '\n Tipo de error: ' + str(inst) + '[' + str(datetime.now()) + ']') return render_template('error.html') logging.info('Incio de la aplicacion [' + str(datetime.now()) + ']') register_error_handlers(app) return app
def create_app(app_name=None): # Configuration settings import config if not app_name: app_name = config.APP_NAME """Create the Flask application, startup logging and dynamically load additional modules (blueprints) that are found in this directory.""" app = PgAdmin(__name__, static_url_path='/static') # Removes unwanted whitespace from render_template function app.jinja_env.trim_blocks = True app.config.from_object(config) app.config.update(dict(PROPAGATE_EXCEPTIONS=True)) ########################################################################## # Setup logging and log the application startup ########################################################################## # Add SQL level logging, and set the base logging level logging.addLevelName(25, 'SQL') app.logger.setLevel(logging.DEBUG) app.logger.handlers = [] # We also need to update the handler on the webserver in order to see # request. Setting the level prevents werkzeug from setting up it's own # stream handler thus ensuring all the logging goes through the pgAdmin # logger. logger = logging.getLogger('werkzeug') logger.setLevel(logging.INFO) # Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases if "PGADMIN_TESTING_MODE" in os. environ and \ os.environ["PGADMIN_TESTING_MODE"] == "1": config.SQLITE_PATH = config.TEST_SQLITE_PATH # Ensure the various working directories exist from pgadmin.setup import create_app_data_directory, db_upgrade create_app_data_directory(config) # File logging fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8') fh.setLevel(config.FILE_LOG_LEVEL) fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT)) app.logger.addHandler(fh) logger.addHandler(fh) # Console logging ch = logging.StreamHandler() ch.setLevel(config.CONSOLE_LOG_LEVEL) ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT)) app.logger.addHandler(ch) logger.addHandler(ch) # Log the startup app.logger.info('########################################################') app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION) app.logger.info('########################################################') app.logger.debug("Python syspath: %s", sys.path) ########################################################################## # Setup i18n ########################################################################## # Initialise i18n babel = Babel(app) app.logger.debug('Available translations: %s' % babel.list_translations()) @babel.localeselector def get_locale(): """Get the language for the user.""" language = 'en' if config.SERVER_MODE is False: # Get the user language preference from the miscellaneous module misc_preference = Preferences.module('miscellaneous', False) if misc_preference: user_languages = misc_preference.preference('user_language') if user_languages: language = user_languages.get() or language else: # If language is available in get request then return the same # otherwise check the session or cookie data = request.form if 'language' in data: language = data['language'] or language setattr(session, 'PGADMIN_LANGUAGE', language) elif hasattr(session, 'PGADMIN_LANGUAGE'): language = getattr(session, 'PGADMIN_LANGUAGE', language) elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'): language = getattr(request.cookies, 'PGADMIN_LANGUAGE', language) return language ########################################################################## # Setup authentication ########################################################################## app.config[ 'SQLALCHEMY_DATABASE_URI'] = u'sqlite:///{0}?timeout={1}'.format( config.SQLITE_PATH.replace(u'\\', u'/'), getattr(config, 'SQLITE_TIMEOUT', 500)) # Only enable password related functionality in server mode. if config.SERVER_MODE is True: # TODO: Figure out how to disable /logout and /login app.config['SECURITY_RECOVERABLE'] = True app.config['SECURITY_CHANGEABLE'] = True # Create database connection object and mailer db.init_app(app) ########################################################################## # Upgrade the schema (if required) ########################################################################## db_upgrade(app) Mail(app) import pgadmin.utils.paths as paths paths.init_app(app) # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(None, user_datastore) ########################################################################## # Setup security ########################################################################## with app.app_context(): config.CSRF_SESSION_KEY = Keys.query.filter_by( name='CSRF_SESSION_KEY').first().value config.SECRET_KEY = Keys.query.filter_by( name='SECRET_KEY').first().value config.SECURITY_PASSWORD_SALT = Keys.query.filter_by( name='SECURITY_PASSWORD_SALT').first().value # Update the app.config with proper security keyes for signing CSRF data, # signing cookies, and the SALT for hashing the passwords. app.config.update(dict(CSRF_SESSION_KEY=config.CSRF_SESSION_KEY)) app.config.update(dict(SECRET_KEY=config.SECRET_KEY)) app.config.update( dict(SECURITY_PASSWORD_SALT=config.SECURITY_PASSWORD_SALT)) security.init_app(app) app.session_interface = create_session_interface(app) # Make the Session more secure against XSS & CSRF when running in web mode if config.SERVER_MODE: paranoid = Paranoid(app) paranoid.redirect_view = 'browser.index' ########################################################################## # Load all available server drivers ########################################################################## driver.init_app(app) ########################################################################## # Register language to the preferences after login ########################################################################## @user_logged_in.connect_via(app) def register_language(sender, user): # After logged in, set the language in the preferences if we get from # the login page data = request.form if 'language' in data: language = data['language'] # Set the user language preference misc_preference = Preferences.module('miscellaneous') user_languages = misc_preference.preference('user_language') if user_languages and language: language = user_languages.set(language) ########################################################################## # Register any local servers we can discover ########################################################################## @user_logged_in.connect_via(app) def on_user_logged_in(sender, user): # Keep hold of the user ID user_id = user.id # Get the first server group for the user servergroup_id = 1 servergroups = ServerGroup.query.filter_by( user_id=user_id).order_by("id") if servergroups.count() > 0: servergroup = servergroups.first() servergroup_id = servergroup.id '''Add a server to the config database''' def add_server(user_id, servergroup_id, name, superuser, port, discovery_id, comment): # Create a server object if needed, and store it. servers = Server.query.filter_by( user_id=user_id, discovery_id=svr_discovery_id).order_by("id") if servers.count() > 0: return svr = Server(user_id=user_id, servergroup_id=servergroup_id, name=name, host='localhost', port=port, maintenance_db='postgres', username=superuser, ssl_mode='prefer', comment=svr_comment, discovery_id=discovery_id) db.session.add(svr) db.session.commit() # Figure out what servers are present if winreg is not None: arch_keys = set() proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower() try: proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower() except: proc_arch64 = None if proc_arch == 'x86' and not proc_arch64: arch_keys.add(0) elif proc_arch == 'x86' or proc_arch == 'amd64': arch_keys.add(winreg.KEY_WOW64_32KEY) arch_keys.add(winreg.KEY_WOW64_64KEY) for arch_key in arch_keys: for server_type in ('PostgreSQL', 'EnterpriseDB'): try: root_key = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, "SOFTWARE\\" + server_type + "\Services", 0, winreg.KEY_READ | arch_key) for i in xrange(0, winreg.QueryInfoKey(root_key)[0]): inst_id = winreg.EnumKey(root_key, i) inst_key = winreg.OpenKey(root_key, inst_id) svr_name = winreg.QueryValueEx( inst_key, 'Display Name')[0] svr_superuser = winreg.QueryValueEx( inst_key, 'Database Superuser')[0] svr_port = winreg.QueryValueEx(inst_key, 'Port')[0] svr_discovery_id = inst_id svr_comment = gettext( "Auto-detected %s installation with the data directory at %s" % (winreg.QueryValueEx(inst_key, 'Display Name')[0], winreg.QueryValueEx(inst_key, 'Data Directory')[0])) add_server(user_id, servergroup_id, svr_name, svr_superuser, svr_port, svr_discovery_id, svr_comment) inst_key.Close() except: pass else: # We use the postgres-winreg.ini file on non-Windows try: from configparser import ConfigParser except ImportError: from ConfigParser import ConfigParser # Python 2 registry = ConfigParser() try: registry.read('/etc/postgres-reg.ini') sections = registry.sections() # Loop the sections, and get the data from any that are PG or PPAS for section in sections: if section.startswith('PostgreSQL/') or section.startswith( 'EnterpriseDB/'): svr_name = registry.get(section, 'Description') svr_superuser = registry.get(section, 'Superuser') svr_port = registry.getint(section, 'Port') svr_discovery_id = section description = registry.get(section, 'Description') data_directory = registry.get(section, 'DataDirectory') if hasattr(str, 'decode'): description = description.decode('utf-8') data_directory = data_directory.decode('utf-8') svr_comment = gettext( u"Auto-detected %s installation with the data directory at %s" % (description, data_directory)) add_server(user_id, servergroup_id, svr_name, svr_superuser, svr_port, svr_discovery_id, svr_comment) except: pass ########################################################################## # Load plugin modules ########################################################################## for module in app.find_submodules('pgadmin'): app.logger.info('Registering blueprint module: %s' % module) app.register_blueprint(module) ########################################################################## # Handle the desktop login ########################################################################## @app.before_request def before_request(): """Login the default user if running in desktop mode""" # Check the auth key is valid, if it's set, and we're not in server # mode, and it's not a help file request. if not config.SERVER_MODE and app.PGADMIN_KEY != '': if ((not 'key' in request.args or request.args['key'] != app.PGADMIN_KEY) and request.cookies.get('PGADMIN_KEY') != app.PGADMIN_KEY and request.endpoint != 'help.static'): abort(401) if not config.SERVER_MODE: user = user_datastore.get_user(config.DESKTOP_USER) # Throw an error if we failed to find the desktop user, to give # the sysadmin a hint. We'll continue to try to login anyway as # that'll through a nice 500 error for us. if user is None: app.logger.error( 'The desktop user %s was not found in the configuration database.' % config.DESKTOP_USER) abort(401) login_user(user) @app.after_request def after_request(response): if 'key' in request.args: response.set_cookie('PGADMIN_KEY', value=request.args['key']) return response ########################################################################## # Minify output ########################################################################## # HTMLMIN doesn't work with Python 2.6. if not config.DEBUG and sys.version_info >= (2, 7): HTMLMIN(app) @app.context_processor def inject_blueprint(): """Inject a reference to the current blueprint, if any.""" return { 'current_app': current_app, 'current_blueprint': current_blueprint } ########################################################################## # All done! ########################################################################## return app
def create(): app.security = Security(app, datastore=pony_datastore) return app
app = Flask(__name__) app.config.from_object(Config) # Database --------------------------------------------------------------------- model.db.init_app(app) migrations_dir = app.config.get('MIGRATE_DIRECTORY', 'data/migrations') Migrate(app, model.db, migrations_dir, render_as_batch=True) # Security --------------------------------------------------------------------- LoginForm.email.label = wtf.Label('email', _l('Username or e-mail')) LoginForm.password.label = wtf.Label('password', _l('Password')) LoginForm.submit.label = wtf.Label('submit', _l('Log in')) Security(app, SQLAlchemyUserDatastore(model.db, model.User, model.Role)) # Frontend --------------------------------------------------------------------- admin.admin.init_app(app) Bootstrap(app) # Translations ----------------------------------------------------------------- domain = Domain(app.config.get("BABEL_TRANSLATIONS")[0], "messages") babel = Babel(app, default_domain=domain) babel.domain = "messages" babel.translation_directories = app.config.get("BABEL_TRANSLATIONS") @babel.localeselector
def create_app(info): app.config.update( **{'SECURITY_USER_IDENTITY_ATTRIBUTES': ('email', 'username')}) app.security = Security(app, datastore=datastore) return app
import config from flask.ext.sqlalchemy import SQLAlchemy db = SQLAlchemy() from flask.ext.security import SQLAlchemyUserDatastore from .models import User, Role ud = SQLAlchemyUserDatastore(db, User, Role) from flask.ext.mail import Mail mail = Mail() from pyelasticsearch import ElasticSearch es = ElasticSearch(config.ELASTICSEARCH_SERVER) from flask_security import Security sec = Security() sec.datastore = ud class HSSError(Exception): def __init__(self, msg): self.msg = msg
def create_app(app_name=None): # Configuration settings import config if not app_name: app_name = config.APP_NAME # Check if app is created for CLI operations or Web cli_mode = False if app_name.endswith('-cli'): cli_mode = True # Only enable password related functionality in server mode. if config.SERVER_MODE is True: # Some times we need to access these config params where application # context is not available (we can't use current_app.config in those # cases even with current_app.app_context()) # So update these params in config itself. # And also these updated config values will picked up by application # since we are updating config before the application instance is # created. config.SECURITY_RECOVERABLE = True config.SECURITY_CHANGEABLE = True # Now we'll open change password page in alertify dialog # we don't want it to redirect to main page after password # change operation so we will open the same password change page again. config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password' """Create the Flask application, startup logging and dynamically load additional modules (blueprints) that are found in this directory.""" app = PgAdmin(__name__, static_url_path='/static') # Removes unwanted whitespace from render_template function app.jinja_env.trim_blocks = True app.config.from_object(config) app.config.update(dict(PROPAGATE_EXCEPTIONS=True)) ########################################################################## # Setup logging and log the application startup ########################################################################## # We won't care about errors in the logging system, we are more # interested in application errors. logging.raiseExceptions = False # Add SQL level logging, and set the base logging level logging.addLevelName(25, 'SQL') app.logger.setLevel(logging.DEBUG) app.logger.handlers = [] # We also need to update the handler on the webserver in order to see # request. Setting the level prevents werkzeug from setting up it's own # stream handler thus ensuring all the logging goes through the pgAdmin # logger. logger = logging.getLogger('werkzeug') logger.setLevel(config.CONSOLE_LOG_LEVEL) # Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases if ( 'PGADMIN_TESTING_MODE' in os.environ and os.environ['PGADMIN_TESTING_MODE'] == '1' ): config.SQLITE_PATH = config.TEST_SQLITE_PATH config.MASTER_PASSWORD_REQUIRED = False config.UPGRADE_CHECK_ENABLED = False if not cli_mode: # Ensure the various working directories exist from pgadmin.setup import create_app_data_directory create_app_data_directory(config) # File logging fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8') fh.setLevel(config.FILE_LOG_LEVEL) fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT)) app.logger.addHandler(fh) logger.addHandler(fh) # Console logging ch = logging.StreamHandler() ch.setLevel(config.CONSOLE_LOG_LEVEL) ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT)) app.logger.addHandler(ch) logger.addHandler(ch) # Log the startup app.logger.info('########################################################') app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION) app.logger.info('########################################################') app.logger.debug("Python syspath: %s", sys.path) ########################################################################## # Setup i18n ########################################################################## # Initialise i18n babel = Babel(app) app.logger.debug('Available translations: %s' % babel.list_translations()) @babel.localeselector def get_locale(): """Get the language for the user.""" language = 'en' if config.SERVER_MODE is False: # Get the user language preference from the miscellaneous module if current_user.is_authenticated: user_id = current_user.id else: user = user_datastore.get_user(config.DESKTOP_USER) if user is not None: user_id = user.id user_language = Preferences.raw_value( 'misc', 'user_language', 'user_language', user_id ) if user_language is not None: language = user_language else: # If language is available in get request then return the same # otherwise check the session or cookie data = request.form if 'language' in data: language = data['language'] or language setattr(session, 'PGADMIN_LANGUAGE', language) elif hasattr(session, 'PGADMIN_LANGUAGE'): language = getattr(session, 'PGADMIN_LANGUAGE', language) elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'): language = getattr( request.cookies, 'PGADMIN_LANGUAGE', language ) return language ########################################################################## # Setup authentication ########################################################################## app.config['SQLALCHEMY_DATABASE_URI'] = u'sqlite:///{0}?timeout={1}' \ .format(config.SQLITE_PATH.replace(u'\\', u'/'), getattr(config, 'SQLITE_TIMEOUT', 500) ) # Create database connection object and mailer db.init_app(app) ########################################################################## # Upgrade the schema (if required) ########################################################################## with app.app_context(): # Run migration for the first time i.e. create database from config import SQLITE_PATH from pgadmin.setup import db_upgrade # If version not available, user must have aborted. Tables are not # created and so its an empty db if not os.path.exists(SQLITE_PATH) or get_version() == -1: # If running in cli mode then don't try to upgrade, just raise # the exception if not cli_mode: db_upgrade(app) else: if not os.path.exists(SQLITE_PATH): raise FileNotFoundError( 'SQLite database file "' + SQLITE_PATH + '" does not exists.') raise Exception('Specified SQLite database file is not valid.') else: schema_version = get_version() # Run migration if current schema version is greater than the # schema version stored in version table if CURRENT_SCHEMA_VERSION >= schema_version: db_upgrade(app) # Update schema version to the latest if CURRENT_SCHEMA_VERSION > schema_version: set_version(CURRENT_SCHEMA_VERSION) db.session.commit() if os.name != 'nt': os.chmod(config.SQLITE_PATH, 0o600) Mail(app) # Don't bother paths when running in cli mode if not cli_mode: import pgadmin.utils.paths as paths paths.init_app(app) # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(None, user_datastore) ########################################################################## # Setup security ########################################################################## with app.app_context(): config.CSRF_SESSION_KEY = Keys.query.filter_by( name='CSRF_SESSION_KEY').first().value config.SECRET_KEY = Keys.query.filter_by( name='SECRET_KEY').first().value config.SECURITY_PASSWORD_SALT = Keys.query.filter_by( name='SECURITY_PASSWORD_SALT').first().value # Update the app.config with proper security keyes for signing CSRF data, # signing cookies, and the SALT for hashing the passwords. app.config.update(dict({ 'CSRF_SESSION_KEY': config.CSRF_SESSION_KEY, 'SECRET_KEY': config.SECRET_KEY, 'SECURITY_PASSWORD_SALT': config.SECURITY_PASSWORD_SALT, 'SESSION_COOKIE_DOMAIN': config.SESSION_COOKIE_DOMAIN, # CSRF Token expiration till session expires 'WTF_CSRF_TIME_LIMIT': getattr(config, 'CSRF_TIME_LIMIT', None), 'WTF_CSRF_METHODS': ['GET', 'POST', 'PUT', 'DELETE'], })) security.init_app(app, user_datastore) # register custom unauthorised handler. app.login_manager.unauthorized_handler(pga_unauthorised) # Set the permanent session lifetime to the specified value in config file. app.permanent_session_lifetime = timedelta( days=config.SESSION_EXPIRATION_TIME) if not cli_mode: app.session_interface = create_session_interface( app, config.SESSION_SKIP_PATHS ) # Make the Session more secure against XSS & CSRF when running in web mode if config.SERVER_MODE and config.ENHANCED_COOKIE_PROTECTION: paranoid = Paranoid(app) paranoid.redirect_view = 'browser.index' ########################################################################## # Load all available server drivers ########################################################################## driver.init_app(app) authenticate.init_app(app) ########################################################################## # Register language to the preferences after login ########################################################################## @user_logged_in.connect_via(app) def register_language(sender, user): # After logged in, set the language in the preferences if we get from # the login page data = request.form if 'language' in data: language = data['language'] # Set the user language preference misc_preference = Preferences.module('misc') user_languages = misc_preference.preference( 'user_language' ) if user_languages and language: language = user_languages.set(language) ########################################################################## # Register any local servers we can discover ########################################################################## @user_logged_in.connect_via(app) def on_user_logged_in(sender, user): # Keep hold of the user ID user_id = user.id # Get the first server group for the user servergroup_id = 1 servergroups = ServerGroup.query.filter_by( user_id=user_id ).order_by("id") if servergroups.count() > 0: servergroup = servergroups.first() servergroup_id = servergroup.id '''Add a server to the config database''' def add_server(user_id, servergroup_id, name, superuser, port, discovery_id, comment): # Create a server object if needed, and store it. servers = Server.query.filter_by( user_id=user_id, discovery_id=svr_discovery_id ).order_by("id") if servers.count() > 0: return svr = Server(user_id=user_id, servergroup_id=servergroup_id, name=name, host='localhost', port=port, maintenance_db='postgres', username=superuser, ssl_mode='prefer', comment=svr_comment, discovery_id=discovery_id) db.session.add(svr) db.session.commit() # Figure out what servers are present if winreg is not None: arch_keys = set() proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower() try: proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower() except Exception: proc_arch64 = None if proc_arch == 'x86' and not proc_arch64: arch_keys.add(0) elif proc_arch == 'x86' or proc_arch == 'amd64': arch_keys.add(winreg.KEY_WOW64_32KEY) arch_keys.add(winreg.KEY_WOW64_64KEY) for arch_key in arch_keys: for server_type in ('PostgreSQL', 'EnterpriseDB'): try: root_key = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, "SOFTWARE\\" + server_type + "\\Services", 0, winreg.KEY_READ | arch_key ) for i in xrange(0, winreg.QueryInfoKey(root_key)[0]): inst_id = winreg.EnumKey(root_key, i) inst_key = winreg.OpenKey(root_key, inst_id) svr_name = winreg.QueryValueEx( inst_key, 'Display Name' )[0] svr_superuser = winreg.QueryValueEx( inst_key, 'Database Superuser' )[0] svr_port = winreg.QueryValueEx(inst_key, 'Port')[0] svr_discovery_id = inst_id svr_comment = gettext( "Auto-detected {0} installation with the data " "directory at {1}").format( winreg.QueryValueEx( inst_key, 'Display Name' )[0], winreg.QueryValueEx( inst_key, 'Data Directory' )[0]) add_server( user_id, servergroup_id, svr_name, svr_superuser, svr_port, svr_discovery_id, svr_comment ) inst_key.Close() except Exception: pass else: # We use the postgres-winreg.ini file on non-Windows from configparser import ConfigParser registry = ConfigParser() try: registry.read('/etc/postgres-reg.ini') sections = registry.sections() # Loop the sections, and get the data from any that are PG or PPAS for section in sections: if ( section.startswith('PostgreSQL/') or section.startswith('EnterpriseDB/') ): svr_name = registry.get(section, 'Description') svr_superuser = registry.get(section, 'Superuser') # getint function throws exception if value is blank. # Ex: Port= # In such case we should handle the exception and continue # to read the next section of the config file. try: svr_port = registry.getint(section, 'Port') except ValueError: continue svr_discovery_id = section description = registry.get(section, 'Description') data_directory = registry.get(section, 'DataDirectory') if hasattr(str, 'decode'): description = description.decode('utf-8') data_directory = data_directory.decode('utf-8') svr_comment = gettext(u"Auto-detected {0} installation " u"with the data directory at {1}" ).format(description, data_directory) add_server(user_id, servergroup_id, svr_name, svr_superuser, svr_port, svr_discovery_id, svr_comment) except Exception: pass @user_logged_in.connect_via(app) @user_logged_out.connect_via(app) def force_session_write(app, user): session.force_write = True @user_logged_in.connect_via(app) def store_crypt_key(app, user): # in desktop mode, master password is used to encrypt/decrypt # and is stored in the keyManager memory if config.SERVER_MODE and 'password' in request.form: current_app.keyManager.set(request.form['password']) @user_logged_out.connect_via(app) def current_user_cleanup(app, user): from config import PG_DEFAULT_DRIVER from pgadmin.utils.driver import get_driver from flask import current_app # remove key current_app.keyManager.reset() for mdl in current_app.logout_hooks: try: mdl.on_logout(user) except Exception as e: current_app.logger.exception(e) _driver = get_driver(PG_DEFAULT_DRIVER) _driver.gc_own() ########################################################################## # Load plugin modules ########################################################################## for module in app.find_submodules('pgadmin'): app.logger.info('Registering blueprint module: %s' % module) app.register_blueprint(module) app.register_logout_hook(module) ########################################################################## # Handle the desktop login ########################################################################## @app.before_request def before_request(): """Login the default user if running in desktop mode""" # Check the auth key is valid, if it's set, and we're not in server # mode, and it's not a help file request. if not config.SERVER_MODE and app.PGADMIN_INT_KEY != '' and (( 'key' not in request.args or request.args['key'] != app.PGADMIN_INT_KEY) and request.cookies.get('PGADMIN_INT_KEY') != app.PGADMIN_INT_KEY and request.endpoint != 'help.static' ): abort(401) if not config.SERVER_MODE and not current_user.is_authenticated: user = user_datastore.get_user(config.DESKTOP_USER) # Throw an error if we failed to find the desktop user, to give # the sysadmin a hint. We'll continue to try to login anyway as # that'll through a nice 500 error for us. if user is None: app.logger.error( 'The desktop user %s was not found in the configuration ' 'database.' % config.DESKTOP_USER ) abort(401) login_user(user) # if the server is restarted the in memory key will be lost # but the user session may still be active. Logout the user # to get the key again when login if config.SERVER_MODE and current_user.is_authenticated and \ current_app.keyManager.get() is None and \ request.endpoint not in ('security.login', 'security.logout'): logout_user() @app.after_request def after_request(response): if 'key' in request.args: domain = dict() if config.COOKIE_DEFAULT_DOMAIN and \ config.COOKIE_DEFAULT_DOMAIN != 'localhost': domain['domain'] = config.COOKIE_DEFAULT_DOMAIN response.set_cookie('PGADMIN_INT_KEY', value=request.args['key'], path=config.COOKIE_DEFAULT_PATH, **domain) # X-Frame-Options for security if config.X_FRAME_OPTIONS != "" and \ config.X_FRAME_OPTIONS.lower() != "deny": response.headers["X-Frame-Options"] = config.X_FRAME_OPTIONS return response ########################################################################## # Cache busting ########################################################################## # Version number to be added to all static file url requests # This is used by url_for function when generating urls # This will solve caching issues when application is upgrading # This is called - Cache Busting @app.url_defaults def add_internal_version(endpoint, values): extensions = config.APP_VERSION_EXTN # Add the internal version only if it is set if config.APP_VERSION_PARAM is not None and \ config.APP_VERSION_PARAM != '': # If there is a filename, add the version if 'filename' in values \ and values['filename'].endswith(extensions): values[config.APP_VERSION_PARAM] = config.APP_VERSION_INT else: # Sometimes there may be direct endpoint for some files # There will be only one rule for such endpoints urls = [url for url in app.url_map.iter_rules(endpoint)] if len(urls) == 1 and urls[0].rule.endswith(extensions): values[config.APP_VERSION_PARAM] = \ config.APP_VERSION_INT # Strip away internal version param before sending further to app as it was # required for cache busting only @app.url_value_preprocessor def strip_version_number(endpoint, values): if values and config.APP_VERSION_PARAM in values: values.pop(config.APP_VERSION_PARAM) ########################################################################## # Minify output. Not required in desktop mode ########################################################################## if not config.DEBUG and config.SERVER_MODE: from flask_compress import Compress Compress(app) from pgadmin.misc.themes import themes themes(app) @app.context_processor def inject_blueprint(): """ Inject a reference to the current blueprint, if any. """ return { 'current_app': current_app, 'current_blueprint': current_blueprint, } @app.errorhandler(Exception) def all_exception_handler(e): current_app.logger.error(e, exc_info=True) return internal_server_error(errormsg=str(e)) # Exclude HTTPexception from above handler (all_exception_handler) # HTTPException are user defined exceptions and those should be returned # as is @app.errorhandler(HTTPException) def http_exception_handler(e): current_app.logger.error(e, exc_info=True) return e # Intialize the key manager app.keyManager = KeyManager() ########################################################################## # Protection against CSRF attacks ########################################################################## with app.app_context(): pgCSRFProtect.init_app(app) ########################################################################## # All done! ########################################################################## return app
class InvenioAccounts(object): """Invenio-Accounts extension.""" def __init__(self, app=None): """Extension initialization.""" self.security = Security() self.datastore = None if app: self.init_app(app) def init_app(self, app, use_celery=True): """Flask application initialization.""" self.init_config(app) # Create user datastore self.datastore = SQLAlchemyUserDatastore(db, User, Role) # Initialize extension. state = self.security.init_app(app, datastore=self.datastore) if app.config['ACCOUNTS_USE_CELERY']: from invenio_accounts.tasks import send_security_email @state.send_mail_task def delay_security_email(msg): send_security_email.delay(msg) # Register CLI app.cli.add_command(roles_cli, 'roles') app.cli.add_command(users_cli, 'users') app.extensions['invenio-accounts'] = self def init_config(self, app): """Initialize configuration.""" try: pkg_resources.get_distribution('celery') app.config.setdefault("ACCOUNTS_USE_CELERY", True) except pkg_resources.DistributionNotFound: app.config.setdefault("ACCOUNTS_USE_CELERY", False) app.config.setdefault('ACCOUNTS', True) # Change Flask-Security defaults app.config.setdefault('SECURITY_CHANGEABLE', True) app.config.setdefault('SECURITY_CONFIRMABLE', True) app.config.setdefault('SECURITY_PASSWORD_HASH', 'pbkdf2_sha512') app.config.setdefault('SECURITY_PASSWORD_SCHEMES', ['pbkdf2_sha512']) app.config.setdefault('SECURITY_DEPRECATED_PASSWORD_SCHEMES', []) app.config.setdefault('SECURITY_RECOVERABLE', True) app.config.setdefault('SECURITY_REGISTERABLE', True) app.config.setdefault('SECURITY_TRACKABLE', True) app.config.setdefault('SECURITY_LOGIN_WITHOUT_CONFIRMATION', True) app.config.setdefault('SECURITY_PASSWORD_SALT', app.config['SECRET_KEY']) # Change default templates app.config.setdefault("SECURITY_FORGOT_PASSWORD_TEMPLATE", "invenio_accounts/forgot_password.html") app.config.setdefault("SECURITY_LOGIN_USER_TEMPLATE", "invenio_accounts/login_user.html") app.config.setdefault("SECURITY_REGISTER_USER_TEMPLATE", "invenio_accounts/register_user.html") app.config.setdefault("SECURITY_RESET_PASSWORD_TEMPLATE", "invenio_accounts/reset_password.html") app.config.setdefault("SECURITY_CHANGE_PASSWORD_TEMPLATE", "invenio_accounts/change_password.html") app.config.setdefault("SECURITY_SEND_CONFIRMATION_TEMPLATE", "invenio_accounts/send_confirmation.html") app.config.setdefault("SECURITY_SEND_LOGIN_TEMPLATE", "invenio_accounts/send_login.html") app.config.setdefault("SECURITY_REGISTER_URL", "/signup")
def create_app(ENV_SETTING): app = Flask(__name__, instance_relative_config=True) #configuration app.config.from_object(app_config[ENV_SETTING]) # Logging configuration logging.config.dictConfig(yaml.load(open(app.config['LOGGING_FILEPATH']))) # Yaml Loader to load css and js assets = Environment(app) loader = YAMLLoader(app.config['ASSETS_FILEPATH']).load_bundles() load_assets(assets, loader) #database init db.init_app(app) # with app.app_context(): # create_user(app,db) #flask_admin admin = Admin(app, index_view=AdminIndexCustomView(url=None,endpoint=None) , name='Admin Panel', base_template='admin/my_master.html', template_mode='bootstrap3') # Mail mail.init_app(app) # csrf csrf.init_app(app) #SSL sslify = SSLify(app) #setting babelex babel = Babel(app) @babel.localeselector def get_locale(): # if the user has set up the language manually it will be stored in the session, # so we use the locale from the user settings try: language = session['language'] except KeyError: language = None if language is not None: return language return request.accept_languages.best_match(app.config['LANGUAGES'].keys()) # Inject to JINJA Template app.context_processor(inject_current_language) app.context_processor(inject_all_languages) app.context_processor(inject_google_token) app.context_processor(inject_total_notification) app.context_processor(inject_tasks) # Template Filter app.jinja_env.globals['momentjs'] = momentjs # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore) # Integrate Flask Security with Flask Admin @security.context_processor def security_context_processor(): return dict( admin_base_template=admin.base_template, admin_view=admin.index_view, h=admin_helpers, get_url=url_for ) # Admin Views load_admin_views(admin, db) # Blueprint Views load_blueprints(app) # Register Error Handling app.register_error_handler(400, bad_request) app.register_error_handler(404, page_not_found) app.register_error_handler(403, page_forbidden) app.register_error_handler(500, page_server_error) app.logger.info('app started') return app
def create_app(config=None): """ config should be a python file """ from pathlib import Path from flask import (Flask, current_app, g, session, url_for, render_template) from flask_sqlalchemy import SQLAlchemy from flask_security import (Security, SQLAlchemyUserDatastore) from flask_wtf.csrf import CsrfProtect from flask_assets import (Environment, Bundle) from .app_setup import (init_db, setup_dirs) from .core import (db, load_blueprints, setup_logger) from .lib.template_filters import ( fmt_datetime, none_as_str, next_page_url, prev_page_url, get_page_url, get_images) from .models.user import (User, Role, user_datastore) from .Admin import (index, series, images, texts, contact) from .Public import (index, contact, texts) from .Security import user app = Flask(__name__.split('.')[0], instance_relative_config=True) app.config.from_object('config') app.config.from_pyfile('config.py') if config is not None: app.config.from_pyfile(config) setup_logger(app) app.logger.info('Started with config from: {}'.format(config)) else: setup_logger(app) app.logger.info('Started App') # Flask.sqlalchemy db.init_app(app) load_blueprints(app) # make sure db tables and required directories exist before_first_request_funcs = [setup_dirs(app), init_db(app)] #Security csrf = CsrfProtect() csrf.init_app(app) security = Security() security.init_app(app, user_datastore, register_blueprint=False) # Assets assets = Environment(app=app) assets.from_yaml('assets.yml') # template filters app.add_template_filter(fmt_datetime) app.add_template_filter(none_as_str) app.add_template_filter(next_page_url) app.add_template_filter(prev_page_url) app.add_template_filter(get_page_url) app.add_template_filter(get_images) return app
db.Integer(), db.ForeignKey('user.id', ondelete="CASCADE")), db.Column( 'committee_id', db.Integer(), db.ForeignKey('committee.id', ondelete="CASCADE")), db.Column( 'created_at', db.DateTime(timezone=True), index=True, unique=False, nullable=False, server_default=func.now())) user_committee_alerts = db.Table( 'user_committee_alerts', db.Column( 'user_id', db.Integer(), db.ForeignKey('user.id', ondelete="CASCADE")), db.Column( 'committee_id', db.Integer(), db.ForeignKey('committee.id', ondelete="CASCADE"))) # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore, confirm_register_form=forms.RegisterForm, send_confirmation_form=forms.SendConfirmationForm) user_confirmed.connect(user_confirmed_handler, app)
class InvenioAccounts(object): """Invenio-Accounts extension.""" def __init__(self, app=None, sessionstore=None): """Extension initialization.""" self.security = Security() self.datastore = None if app: self.init_app(app, sessionstore=sessionstore) def init_app(self, app, use_celery=True, sessionstore=None): """Flask application initialization. :param sessionstore: store for sessions. Passed to ``flask-kvsession``. Defaults to redis. """ self.init_config(app) # Create user datastore self.datastore = SQLAlchemyUserDatastore(db, User, Role) # Create sessionstore if sessionstore is None: import redis from simplekv.memory.redisstore import RedisStore sessionstore = RedisStore(redis.StrictRedis.from_url( app.config['ACCOUNTS_SESSION_REDIS_URL'])) self.sessionstore = sessionstore user_logged_in.connect(login_listener, app) # Initialize extension. state = self.security.init_app(app, datastore=self.datastore) self.kvsession_extension = KVSessionExtension(self.sessionstore, app) if app.config['ACCOUNTS_USE_CELERY']: from invenio_accounts.tasks import send_security_email @state.send_mail_task def delay_security_email(msg): send_security_email.delay(msg.__dict__) # Register CLI app.cli.add_command(roles_cli, 'roles') app.cli.add_command(users_cli, 'users') app.extensions['invenio-accounts'] = self def init_config(self, app): """Initialize configuration.""" try: pkg_resources.get_distribution('celery') app.config.setdefault( "ACCOUNTS_USE_CELERY", not (app.debug or app.testing)) except pkg_resources.DistributionNotFound: app.config.setdefault("ACCOUNTS_USE_CELERY", False) app.config.setdefault('ACCOUNTS', True) # Change Flask-Security defaults app.config.setdefault('SECURITY_CHANGEABLE', True) app.config.setdefault('SECURITY_CONFIRMABLE', True) app.config.setdefault('SECURITY_PASSWORD_HASH', 'pbkdf2_sha512') app.config.setdefault('SECURITY_PASSWORD_SCHEMES', ['pbkdf2_sha512']) app.config.setdefault('SECURITY_DEPRECATED_PASSWORD_SCHEMES', []) app.config.setdefault('SECURITY_RECOVERABLE', True) app.config.setdefault('SECURITY_REGISTERABLE', True) app.config.setdefault('SECURITY_TRACKABLE', True) app.config.setdefault('SECURITY_LOGIN_WITHOUT_CONFIRMATION', True) app.config.setdefault('SECURITY_PASSWORD_SALT', app.config['SECRET_KEY']) # Change default templates app.config.setdefault("SECURITY_FORGOT_PASSWORD_TEMPLATE", "invenio_accounts/forgot_password.html") app.config.setdefault("SECURITY_LOGIN_USER_TEMPLATE", "invenio_accounts/login_user.html") app.config.setdefault("SECURITY_REGISTER_USER_TEMPLATE", "invenio_accounts/register_user.html") app.config.setdefault("SECURITY_RESET_PASSWORD_TEMPLATE", "invenio_accounts/reset_password.html") app.config.setdefault("SECURITY_CHANGE_PASSWORD_TEMPLATE", "invenio_accounts/change_password.html") app.config.setdefault("SECURITY_SEND_CONFIRMATION_TEMPLATE", "invenio_accounts/send_confirmation.html") app.config.setdefault("SECURITY_SEND_LOGIN_TEMPLATE", "invenio_accounts/send_login.html") app.config.setdefault("SECURITY_REGISTER_URL", "/signup/") app.config.setdefault("SECURITY_RESET_URL", "/lost-password/") app.config.setdefault("SECURITY_LOGIN_URL", "/login/") app.config.setdefault("SECURITY_LOGOUT_URL", "/logout/") app.config.setdefault("SECURITY_CHANGE_URL", "/accounts/settings/password/") for k in dir(config): if k.startswith('ACCOUNTS_'): app.config.setdefault(k, getattr(config, k))
# coding=utf-8 from flask import current_app from flask_babel import Babel from flask_cache import Cache from flask_login import LoginManager from flask_mail import Mail from flask_mako import MakoTemplates from flask_mongoengine import MongoEngine from flask_redis import FlaskRedis from flask_restful import Api from flask_security import Security from werkzeug.local import LocalProxy api = Api() babel = Babel() cache = Cache() db = MongoEngine() login_manager = LoginManager() mail = Mail() mako = MakoTemplates() redis_store = FlaskRedis() security = Security() logger = LocalProxy(lambda: current_app.logger)
from app import app, models, forms, Config from flask import render_template, flash, request from flask_security import Security, SQLAlchemyUserDatastore, login_required from flask_login import current_user # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(models.db, models.User, models.Role) security = Security(app, user_datastore,login_form=forms.ExtendedLoginForm) # Create a user to test with #@app.before_first_request #def create_user(): # models.db.create_all() # user_datastore.create_user(name='<name>', password='******') # models.db.session.commit() @app.errorhandler(401) def auth_error(): return render_template("401.html") @app.errorhandler(404) def page_not_found(): return render_template("404.html") @app.route('/') @app.route('/index') def index(): if current_user.is_authenticated: user_id = current_user.get_id() user_name = models.User.query.filter_by(id=user_id).first() return render_template('index.html',
def create_app(config_name): global user_datastore app = Flask(__name__) app.config.from_object(app_config[config_name]) csrf = CSRFProtect() csrf.init_app(app) assets = Environment(app) create_assets(assets) via = Via() via.init_app(app) # Ipload in several models - - - - from app.user import user_photo from app.restaurant import restaurant_photo from app.food import food_photo configure_uploads(app, (restaurant_photo, food_photo, user_photo)) engine = create_engine(app.config['SQLALCHEMY_DATABASE_URI']) if not database_exists(engine.url): create_database(engine.url) security = Security(app, user_datastore, register_form=SecurityRegisterForm) create_security_admin(app=app, path=os.path.join(os.path.dirname(__file__))) with app.app_context(): db.init_app(app) #Conditionally create admin/end_user db.create_all() user_datastore.find_or_create_role(name='admin', description='Administrator') db.session.commit() user_datastore.find_or_create_role(name='end-user', description='End user') db.session.commit() # Create two Users for testing purposes -- unless they already exists. # In each case, use Flask-Security utility function to encrypt the password. encrypted_password = utils.encrypt_password('password') if not user_datastore.get_user('*****@*****.**'): user_datastore.create_user(email='*****@*****.**', password=encrypted_password) if not user_datastore.get_user('*****@*****.**'): user_datastore.create_user(email='*****@*****.**', password=encrypted_password) # Commit any database changes; the User and Roles must exist before we can add a Role to the User db.session.commit() # Give one User has the "end-user" role, while the other has the "admin" role. (This will have no effect if the # Users already have these Roles.) Again, commit any database changes. user_datastore.add_role_to_user('*****@*****.**', 'end-user') user_datastore.add_role_to_user('*****@*****.**', 'admin') db.session.commit() @app.route('/', methods=['GET']) @app.route('/home', methods=['GET']) def index(): return render_template('index.html') @app.errorhandler(403) def forbidden(error): return render_template('error/403.html', title='Forbidden'), 403 @app.errorhandler(404) def page_not_found(error): return render_template('error/404.html', title='Page Not Found'), 404 @app.errorhandler(500) def internal_server_error(error): db.session.rollback() return render_template('error/500.html', title='Server Error'), 500 return app
def create(): app.security = Security(app, datastore=mongoengine_datastore) return app
def test_access_datastore_from_factory(app, datastore): security = Security() security.init_app(app, datastore) assert security.datastore is not None assert security.app is not None
def test_register_blueprint_flag(app, sqlalchemy_datastore): app.security = Security(app, datastore=Security, register_blueprint=False) client = app.test_client() response = client.get("/login") assert response.status_code == 404
def create_app(app_name=None): # Configuration settings import config if not app_name: app_name = config.APP_NAME # Only enable password related functionality in server mode. if config.SERVER_MODE is True: # Some times we need to access these config params where application # context is not available (we can't use current_app.config in those # cases even with current_app.app_context()) # So update these params in config itself. # And also these updated config values will picked up by application # since we are updating config before the application instance is # created. config.SECURITY_RECOVERABLE = True config.SECURITY_CHANGEABLE = True # Now we'll open change password page in alertify dialog # we don't want it to redirect to main page after password # change operation so we will open the same password change page again. config.SECURITY_POST_CHANGE_VIEW = 'browser.change_password' """Create the Flask application, startup logging and dynamically load additional modules (blueprints) that are found in this directory.""" app = PgAdmin(__name__, static_url_path='/static') # Removes unwanted whitespace from render_template function app.jinja_env.trim_blocks = True app.config.from_object(config) app.config.update(dict(PROPAGATE_EXCEPTIONS=True)) ########################################################################## # Setup logging and log the application startup ########################################################################## # Add SQL level logging, and set the base logging level logging.addLevelName(25, 'SQL') app.logger.setLevel(logging.DEBUG) app.logger.handlers = [] # We also need to update the handler on the webserver in order to see # request. Setting the level prevents werkzeug from setting up it's own # stream handler thus ensuring all the logging goes through the pgAdmin # logger. logger = logging.getLogger('werkzeug') logger.setLevel(logging.INFO) # Set SQLITE_PATH to TEST_SQLITE_PATH while running test cases if ( 'PGADMIN_TESTING_MODE' in os.environ and os.environ['PGADMIN_TESTING_MODE'] == '1' ): config.SQLITE_PATH = config.TEST_SQLITE_PATH # Ensure the various working directories exist from pgadmin.setup import create_app_data_directory, db_upgrade create_app_data_directory(config) # File logging fh = logging.FileHandler(config.LOG_FILE, encoding='utf-8') fh.setLevel(config.FILE_LOG_LEVEL) fh.setFormatter(logging.Formatter(config.FILE_LOG_FORMAT)) app.logger.addHandler(fh) logger.addHandler(fh) # Console logging ch = logging.StreamHandler() ch.setLevel(config.CONSOLE_LOG_LEVEL) ch.setFormatter(logging.Formatter(config.CONSOLE_LOG_FORMAT)) app.logger.addHandler(ch) logger.addHandler(ch) # Log the startup app.logger.info('########################################################') app.logger.info('Starting %s v%s...', config.APP_NAME, config.APP_VERSION) app.logger.info('########################################################') app.logger.debug("Python syspath: %s", sys.path) ########################################################################## # Setup i18n ########################################################################## # Initialise i18n babel = Babel(app) app.logger.debug('Available translations: %s' % babel.list_translations()) @babel.localeselector def get_locale(): """Get the language for the user.""" language = 'en' if config.SERVER_MODE is False: # Get the user language preference from the miscellaneous module if current_user.is_authenticated: user_id = current_user.id else: user = user_datastore.get_user(config.DESKTOP_USER) if user is not None: user_id = user.id user_language = Preferences.raw_value( 'miscellaneous', 'user_language', None, user_id ) if user_language is not None: language = user_language else: # If language is available in get request then return the same # otherwise check the session or cookie data = request.form if 'language' in data: language = data['language'] or language setattr(session, 'PGADMIN_LANGUAGE', language) elif hasattr(session, 'PGADMIN_LANGUAGE'): language = getattr(session, 'PGADMIN_LANGUAGE', language) elif hasattr(request.cookies, 'PGADMIN_LANGUAGE'): language = getattr( request.cookies, 'PGADMIN_LANGUAGE', language ) return language ########################################################################## # Setup authentication ########################################################################## app.config['SQLALCHEMY_DATABASE_URI'] = u'sqlite:///{0}?timeout={1}' \ .format(config.SQLITE_PATH.replace(u'\\', u'/'), getattr(config, 'SQLITE_TIMEOUT', 500) ) # Create database connection object and mailer db.init_app(app) ########################################################################## # Upgrade the schema (if required) ########################################################################## with app.app_context(): # Run migration for the first time i.e. create database from config import SQLITE_PATH if not os.path.exists(SQLITE_PATH): db_upgrade(app) else: version = Version.query.filter_by(name='ConfigDB').first() schema_version = version.value # Run migration if current schema version is greater than the # schema version stored in version table if CURRENT_SCHEMA_VERSION >= schema_version: db_upgrade(app) # Update schema version to the latest if CURRENT_SCHEMA_VERSION > schema_version: version = Version.query.filter_by(name='ConfigDB').first() version.value = CURRENT_SCHEMA_VERSION db.session.commit() Mail(app) import pgadmin.utils.paths as paths paths.init_app(app) # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(None, user_datastore) ########################################################################## # Setup security ########################################################################## with app.app_context(): config.CSRF_SESSION_KEY = Keys.query.filter_by( name='CSRF_SESSION_KEY').first().value config.SECRET_KEY = Keys.query.filter_by( name='SECRET_KEY').first().value config.SECURITY_PASSWORD_SALT = Keys.query.filter_by( name='SECURITY_PASSWORD_SALT').first().value # Update the app.config with proper security keyes for signing CSRF data, # signing cookies, and the SALT for hashing the passwords. app.config.update(dict({ 'CSRF_SESSION_KEY': config.CSRF_SESSION_KEY, 'SECRET_KEY': config.SECRET_KEY, 'SECURITY_PASSWORD_SALT': config.SECURITY_PASSWORD_SALT, 'SESSION_COOKIE_DOMAIN': config.SESSION_COOKIE_DOMAIN })) security.init_app(app, user_datastore) # register custom unauthorised handler. app.login_manager.unauthorized_handler(pga_unauthorised) app.session_interface = create_session_interface(app) # Make the Session more secure against XSS & CSRF when running in web mode if config.SERVER_MODE: paranoid = Paranoid(app) paranoid.redirect_view = 'browser.index' ########################################################################## # Load all available server drivers ########################################################################## driver.init_app(app) ########################################################################## # Register language to the preferences after login ########################################################################## @user_logged_in.connect_via(app) def register_language(sender, user): # After logged in, set the language in the preferences if we get from # the login page data = request.form if 'language' in data: language = data['language'] # Set the user language preference misc_preference = Preferences.module('miscellaneous') user_languages = misc_preference.preference( 'user_language' ) if user_languages and language: language = user_languages.set(language) ########################################################################## # Register any local servers we can discover ########################################################################## @user_logged_in.connect_via(app) def on_user_logged_in(sender, user): # Keep hold of the user ID user_id = user.id # Get the first server group for the user servergroup_id = 1 servergroups = ServerGroup.query.filter_by( user_id=user_id ).order_by("id") if servergroups.count() > 0: servergroup = servergroups.first() servergroup_id = servergroup.id '''Add a server to the config database''' def add_server(user_id, servergroup_id, name, superuser, port, discovery_id, comment): # Create a server object if needed, and store it. servers = Server.query.filter_by( user_id=user_id, discovery_id=svr_discovery_id ).order_by("id") if servers.count() > 0: return svr = Server(user_id=user_id, servergroup_id=servergroup_id, name=name, host='localhost', port=port, maintenance_db='postgres', username=superuser, ssl_mode='prefer', comment=svr_comment, discovery_id=discovery_id) db.session.add(svr) db.session.commit() # Figure out what servers are present if winreg is not None: arch_keys = set() proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower() try: proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower() except Exception as e: proc_arch64 = None if proc_arch == 'x86' and not proc_arch64: arch_keys.add(0) elif proc_arch == 'x86' or proc_arch == 'amd64': arch_keys.add(winreg.KEY_WOW64_32KEY) arch_keys.add(winreg.KEY_WOW64_64KEY) for arch_key in arch_keys: for server_type in ('PostgreSQL', 'EnterpriseDB'): try: root_key = winreg.OpenKey( winreg.HKEY_LOCAL_MACHINE, "SOFTWARE\\" + server_type + "\Services", 0, winreg.KEY_READ | arch_key ) for i in xrange(0, winreg.QueryInfoKey(root_key)[0]): inst_id = winreg.EnumKey(root_key, i) inst_key = winreg.OpenKey(root_key, inst_id) svr_name = winreg.QueryValueEx( inst_key, 'Display Name' )[0] svr_superuser = winreg.QueryValueEx( inst_key, 'Database Superuser' )[0] svr_port = winreg.QueryValueEx(inst_key, 'Port')[0] svr_discovery_id = inst_id svr_comment = gettext( "Auto-detected %s installation with the data " "directory at %s" % ( winreg.QueryValueEx( inst_key, 'Display Name' )[0], winreg.QueryValueEx( inst_key, 'Data Directory' )[0] ) ) add_server( user_id, servergroup_id, svr_name, svr_superuser, svr_port, svr_discovery_id, svr_comment ) inst_key.Close() except Exception as e: pass else: # We use the postgres-winreg.ini file on non-Windows try: from configparser import ConfigParser except ImportError: from ConfigParser import ConfigParser # Python 2 registry = ConfigParser() try: registry.read('/etc/postgres-reg.ini') sections = registry.sections() # Loop the sections, and get the data from any that are PG or PPAS for section in sections: if ( section.startswith('PostgreSQL/') or section.startswith('EnterpriseDB/') ): svr_name = registry.get(section, 'Description') svr_superuser = registry.get(section, 'Superuser') svr_port = registry.getint(section, 'Port') svr_discovery_id = section description = registry.get(section, 'Description') data_directory = registry.get(section, 'DataDirectory') if hasattr(str, 'decode'): description = description.decode('utf-8') data_directory = data_directory.decode('utf-8') svr_comment = gettext(u"Auto-detected %s installation " u"with the data directory at %s" % ( description, data_directory ) ) add_server(user_id, servergroup_id, svr_name, svr_superuser, svr_port, svr_discovery_id, svr_comment) except Exception as e: pass @user_logged_in.connect_via(app) @user_logged_out.connect_via(app) def force_session_write(app, user): session.force_write = True ########################################################################## # Load plugin modules ########################################################################## for module in app.find_submodules('pgadmin'): app.logger.info('Registering blueprint module: %s' % module) app.register_blueprint(module) ########################################################################## # Handle the desktop login ########################################################################## @app.before_request def before_request(): """Login the default user if running in desktop mode""" # Check the auth key is valid, if it's set, and we're not in server # mode, and it's not a help file request. if not config.SERVER_MODE and app.PGADMIN_KEY != '': if ( ('key' not in request.args or request.args['key'] != app.PGADMIN_KEY) and request.cookies.get('PGADMIN_KEY') != app.PGADMIN_KEY and request.endpoint != 'help.static' ): abort(401) if not config.SERVER_MODE and not current_user.is_authenticated: user = user_datastore.get_user(config.DESKTOP_USER) # Throw an error if we failed to find the desktop user, to give # the sysadmin a hint. We'll continue to try to login anyway as # that'll through a nice 500 error for us. if user is None: app.logger.error( 'The desktop user %s was not found in the configuration ' 'database.' % config.DESKTOP_USER ) abort(401) login_user(user) @app.after_request def after_request(response): if 'key' in request.args: domain = dict() if config.COOKIE_DEFAULT_DOMAIN and \ config.COOKIE_DEFAULT_DOMAIN != 'localhost': domain['domain'] = config.COOKIE_DEFAULT_DOMAIN response.set_cookie('PGADMIN_KEY', value=request.args['key'], path=config.COOKIE_DEFAULT_PATH, **domain) return response ########################################################################## # Minify output ########################################################################## # HTMLMIN doesn't work with Python 2.6. if not config.DEBUG and sys.version_info >= (2, 7): from flask_htmlmin import HTMLMIN HTMLMIN(app) @app.context_processor def inject_blueprint(): """Inject a reference to the current blueprint, if any.""" return { 'current_app': current_app, 'current_blueprint': current_blueprint } ########################################################################## # All done! ########################################################################## return app
from flask import Flask from flask_sqlalchemy import SQLAlchemy from flask_security import Security, SQLAlchemyUserDatastore from malprogramm.forms import ExtendedLoginForm, ExtendedRegisterForm app = Flask(__name__) app.config.from_object('config') db = SQLAlchemy(app) from malprogramm import models user_datastore = SQLAlchemyUserDatastore(db, models.User, models.Role) security = Security(app, user_datastore, login_form=ExtendedLoginForm, register_form=ExtendedRegisterForm) from malprogramm import views
def create_app(): app = Flask(__name__, static_url_path='/_static') app.config.from_object('config') jsglue.init_app(app) db.init_app(app) from models import User, Role # Setup Flask-Security user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) # Create a user to test with @app.before_first_request def create_user(): user_datastore.create_user(email='*****@*****.**', password='******') @app.route('/') def index(): return redirect(url_for('portal.index')) # Views # @app.route('/') # @login_required # def home(): # return render_template('index.html') # @app.route('/') # @login_required # def hello_world(): # return redirect(url_for('project.documents')) from project import bpproject from annotation import bpannotator from resources import bpresources from typesystem import bptypesystem from portal import bpportal # from login import bpapp as bplogin class RegexConverter(BaseConverter): def __init__(self, url_map, *items): super(RegexConverter, self).__init__(url_map) self.regex = items[0] class MongoObjRegexConverter(BaseConverter): def __init__(self, url_map): super(MongoObjRegexConverter, self).__init__(url_map) self.regex = "[a-z0-9]{24}" gen_timestamp = time.time() @app.template_filter('autoversion') def autoversion_filter(filename): # determining fullpath might be project specific # fullpath = os.path.join('some_app/', filename[1:]) # try: # timestamp = str(os.path.getmtime(fullpath)) # except OSError: # return filename newfilename = "{0}?v={1}".format(filename, gen_timestamp) return newfilename # Use the RegexConverter function as a converter # method for mapped urls app.url_map.converters['regex'] = RegexConverter app.url_map.converters['mbj'] = MongoObjRegexConverter app.register_blueprint(bpportal, url_prefix='/portal') app.register_blueprint(bpproject, url_prefix='/p') app.register_blueprint(bptypesystem, url_prefix='/p/typesystem') app.register_blueprint(bpresources, url_prefix='/resources') app.register_blueprint(bpannotator, url_prefix='/p/a') return app
def create(): app.security = Security(app, datastore=sqlalchemy_session_datastore) return app
id = db.Column(db.Integer(), primary_key=True) name = db.Column(db.String(80), unique=True) description = db.Column(db.String(255)) class User(db.Model, UserMixin): id = db.Column(db.Integer, primary_key=True) email = db.Column(db.String(255), unique=True) password = db.Column(db.String(255)) active = db.Column(db.Boolean()) confirmed_at = db.Column(db.DateTime()) roles = db.relationship('Role', secondary=roles_users, backref=db.backref('users', lazy='dynamic')) # Setup Flask-Security user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore) security.SECURITY_PASSWORD_HASH = None # Create a user to test with @app.before_first_request def create_user(): db.create_all() user_datastore.create_user(email='hatlab', password='******') db.session.commit() @app.route('/') def retourner_accueil(): contenu =[] jour = str(date.today()) for line in open (sortie): if jour in line:
primary_key=True, nullable=False) content_id = db.Column(db.Integer, db.ForeignKey('volunteer.id'), primary_key=True, nullable=False) admin.add_view(ModelView(User, db.session)) admin.add_view(ModelView(Role, db.session)) admin.add_view(ModelView(User_category, db.session)) admin.add_view(ModelView(Volunteer, db.session)) admin.add_view(ModelView(Like, db.session)) user_datastore = SQLAlchemyUserDatastore(db, User, Role) security = Security(app, user_datastore) # Security 기능 확장 위함 univer = "" major = "" #@app.before_first_request # 초기화할때 def create_user(): db.create_all() user_datastore.create_user(email='*****@*****.**', password='******') db.session.commit() def classification(categories): category_num = 22 receiver_cate_num = 11
def __init__(self, app=None): """Extension initialization.""" self.security = Security() self.datastore = None if app: self.init_app(app)
class InvenioAccounts(object): """Invenio-Accounts extension.""" def __init__(self, app=None, sessionstore=None): """Extension initialization. :param app: The Flask application. :param sessionstore: store for sessions. Passed to ``flask-kvsession``. Defaults to redis. """ self.security = Security() self.datastore = None if app: self.init_app(app, sessionstore=sessionstore) @staticmethod def monkey_patch_flask_security(): """Monkey-patch Flask-Security.""" if utils.get_hmac != get_hmac: utils.get_hmac = get_hmac if utils.encrypt_password != encrypt_password: utils.encrypt_password = encrypt_password changeable.encrypt_password = encrypt_password recoverable.encrypt_password = encrypt_password registerable.encrypt_password = encrypt_password def init_app(self, app, sessionstore=None, register_blueprint=True): """Flask application initialization. The following actions are executed: #. Initialize the configuration. #. Monkey-patch Flask-Security. #. Create the user datastore. #. Create the sessionstore. #. Initialize the extension, the forms to register users and confirms their emails, the CLI and, if ``ACCOUNTS_USE_CELERY`` is ``True``, register a celery task to send emails. :param app: The Flask application. :param sessionstore: store for sessions. Passed to ``flask-kvsession``. If ``None`` then Redis is configured. (Default: ``None``) :param register_blueprint: If ``True``, the application registers the blueprints. (Default: ``True``) """ self.init_config(app) # Monkey-patch Flask-Security InvenioAccounts.monkey_patch_flask_security() # Create user datastore if not self.datastore: self.datastore = SessionAwareSQLAlchemyUserDatastore( db, User, Role) # Create sessionstore if sessionstore is None: if app.testing and \ os.environ.get('CI', 'false') == 'false': from simplekv.memory import DictStore sessionstore = DictStore() else: import redis from simplekv.memory.redisstore import RedisStore sessionstore = RedisStore(redis.StrictRedis.from_url( app.config['ACCOUNTS_SESSION_REDIS_URL'])) user_logged_in.connect(login_listener, app) # Initialize extension. _register_blueprint = app.config.get('ACCOUNTS_REGISTER_BLUEPRINT') if _register_blueprint is not None: register_blueprint = _register_blueprint state = self.security.init_app(app, datastore=self.datastore, register_blueprint=register_blueprint) self.kvsession_extension = KVSessionExtension(sessionstore, app) app.extensions['security'].register_form = register_form_factory( app.extensions['security'].register_form, app) app.extensions['security'].confirm_register_form = \ confirm_register_form_factory( app.extensions['security'].confirm_register_form, app ) if app.config['ACCOUNTS_USE_CELERY']: from invenio_accounts.tasks import send_security_email @state.send_mail_task def delay_security_email(msg): send_security_email.delay(msg.__dict__) app.extensions['invenio-accounts'] = self def init_config(self, app): """Initialize configuration. :param app: The Flask application. """ try: pkg_resources.get_distribution('celery') app.config.setdefault( "ACCOUNTS_USE_CELERY", not (app.debug or app.testing)) except pkg_resources.DistributionNotFound: # pragma: no cover app.config.setdefault("ACCOUNTS_USE_CELERY", False) app.config.setdefault('ACCOUNTS', True) # Register Invenio legacy password hashing register_crypt_handler(InvenioAesEncryptedEmail) # Change Flask-Security defaults app.config.setdefault('SECURITY_CHANGEABLE', True) app.config.setdefault('SECURITY_CONFIRMABLE', True) app.config.setdefault('SECURITY_PASSWORD_HASH', 'pbkdf2_sha512') app.config.setdefault('SECURITY_PASSWORD_SCHEMES', ['pbkdf2_sha512', 'invenio_aes_encrypted_email']) app.config.setdefault('SECURITY_DEPRECATED_PASSWORD_SCHEMES', ['invenio_aes_encrypted_email']) app.config.setdefault('SECURITY_RECOVERABLE', True) app.config.setdefault('SECURITY_REGISTERABLE', True) app.config.setdefault('SECURITY_TRACKABLE', True) app.config.setdefault('SECURITY_LOGIN_WITHOUT_CONFIRMATION', True) app.config.setdefault('SECURITY_PASSWORD_SALT', app.config['SECRET_KEY']) # Change default templates app.config.setdefault("SECURITY_FORGOT_PASSWORD_TEMPLATE", "invenio_accounts/forgot_password.html") app.config.setdefault("SECURITY_LOGIN_USER_TEMPLATE", "invenio_accounts/login_user.html") app.config.setdefault("SECURITY_REGISTER_USER_TEMPLATE", "invenio_accounts/register_user.html") app.config.setdefault("SECURITY_RESET_PASSWORD_TEMPLATE", "invenio_accounts/reset_password.html") app.config.setdefault("SECURITY_CHANGE_PASSWORD_TEMPLATE", "invenio_accounts/change_password.html") app.config.setdefault("SECURITY_SEND_CONFIRMATION_TEMPLATE", "invenio_accounts/send_confirmation.html") app.config.setdefault("SECURITY_SEND_LOGIN_TEMPLATE", "invenio_accounts/send_login.html") app.config.setdefault("SECURITY_REGISTER_URL", "/signup/") app.config.setdefault("SECURITY_RESET_URL", "/lost-password/") app.config.setdefault("SECURITY_LOGIN_URL", "/login/") app.config.setdefault("SECURITY_LOGOUT_URL", "/logout/") app.config.setdefault("SECURITY_CHANGE_URL", "/accounts/settings/password/") for k in dir(config): if k.startswith('ACCOUNTS_'): app.config.setdefault(k, getattr(config, k))