def register_security(app): security = Security(app, user_datastore) def unauth_handler(): return response.error_response("未登录", 401) security.unauthorized_handler(unauth_handler) @app.teardown_appcontext def shutdown_session(exception=None): db_session.remove()
def create_app(config_override: Mapping = None) -> Flask: """Create the flask app for the debug server. Parameters: config_override: Dict containing custom configuration to apply after loading the normal config. Useful for testing. """ config_override = {} if config_override is None else config_override # TODO: Rename app, no longer used only for debugging app = Flask('stuffrdebugserver', instance_relative_config=True, static_url_path='', template_folder='static') app.config.from_object('config.default') app.config.from_envvar('STUFFR_SETTINGS') app.config.from_mapping(config_override) app.json_encoder = StuffrJSONEncoder logger.set_logger(app.logger) db.init_app(app) security = Security(app, user_store, confirm_register_form=StuffrRegisterForm) security.unauthorized_handler(api_unauthenticated_handler) Mail(app) # In debug mode Swagger documentation is served at root if not app.config['DEBUG']: def api_root_view(): """Provide a link to API documentation if root accessed.""" return error_response( 'TODO: Link to documentation here', HTTPStatus.NOT_FOUND) blueprint_api.add_url_rule('/', 'apiindex', api_root_view) app.register_blueprint(blueprint_simple, url_prefix='/simple') app.register_blueprint(blueprint_api, url_prefix='/api') def default404(e): """Default handler for 404.""" # TODO: Conditional JSON/HTML response (for simple mode) return error_response(e.description, HTTPStatus.NOT_FOUND) app.register_error_handler(HTTPStatus.NOT_FOUND, default404) # TODO: Make friendlier error message (40x or 50x?) app.add_url_rule('/', 'index', lambda: "You probably shouldn't be here") return app
@application.route('/status') @login_required def status(): """ Method to get the list of components available. :return: It yields json string for the list of components. """ data = pgc.get_data("status") return render_template('status.html', data=data) @application.route('/') @login_required # @roles_accepted('Administrator','User') def home(): return render_template('index.html', user=current_user, is_admin=current_user.has_role("Administrator")) from responses import InvalidSessionResult def unauth_handler(): return InvalidSessionResult().http_response() security.unauthorized_handler(unauth_handler)
def create_app(test_config=None): app = Flask(__name__, instance_relative_config=True) app.config.from_mapping( SQLALCHEMY_TRACK_MODIFICATIONS=False, SECURITY_TRACKABLE=True, SECURITY_REGISTERABLE=True, SECURITY_SEND_REGISTER_EMAIL=False, SECURITY_LOGIN_URL='/api/login', # the default logout returns a 302, so we define our own logout method SECURITY_LOGOUT_URL='/logout', SECURITY_REGISTER_URL='/api/register', SECURITY_POST_LOGIN_VIEW='/', SECURITY_POST_LOGOUT_VIEW='/', CECTF_FILE_LOCATION='/tmp/ctf/dev', CECTF_PRODUCTION=True) if test_config is None: if app.config.from_envvar('CECTF_CONFIG', silent=True): print("Loaded configuration from CECTF_CONFIG: " + os.environ['CECTF_CONFIG']) else: print("Loading configuration from relative config.py") app.config.from_pyfile('config.py', silent=False) else: app.config.from_mapping(test_config) # ensure the instance and ctf folders exists try: os.makedirs(app.instance_path) os.makedirs(app.config['CECTF_FILE_LOCATION']) except OSError: pass from . import database database.init_app(app) from . import models from . import commands commands.init_app(app) # Setup Flask-Security security = Security(app, models.user_datastore, register_blueprint=False) security.unauthorized_handler(lambda: Response('Unauthorized', 400)) app.login_manager.unauthorized_handler( lambda: Response('Unauthorized', 400)) from . import users users.init_app(app) from . import challenges challenges.init_app(app) from . import challenges_admin challenges_admin.init_app(app) from . import challenges_files challenges_files.init_app(app) from . import authentication authentication.init_app(app) from . import reset reset.init_app(app) from . import jsconfig jsconfig.init_app(app) return app