Exemplo n.º 1
0
class JSONSerializerWithPickleFallback(object):
    def __init__(self):
        self.json = JSONSerializer()
        self.pickle = PickleSerializer()

    def dumps(self, value):
        return self.json.dumps(value)

    def loads(self, value):
        try:
            return self.json.loads(value)
        except ValueError:
            return self.pickle.loads(value)
Exemplo n.º 2
0
def includeme(config):
    """Set up the app's Pyramid session."""
    # ``secure=True`` is recommended by the Pyramid docs (see
    # https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html)
    # but is inconvenient in development environments, so use insecure cookies
    # in dev for convenience but use secure (HTTPS-only) cookies otherwise.
    secure = not config.registry.settings.get("debug", False)

    config.set_session_factory(
        SignedCookieSessionFactory(
            secret=config.registry.settings["session_cookie_secret"],
            secure=secure,
            # ``httponly=True`` is recommended by the Pyramid docs to protect
            # the cookie from cross-site scripting vulnerabilities, see:
            # https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html
            httponly=True,
            # This is the timeout and reissue time recommended in the Pyramid
            # docs for auto-expiring cookies. See:
            # https://docs.pylonsproject.org/projects/pyramid/en/latest/api/session.html
            timeout=1200,
            reissue_time=120,
            # The Pyramid docs recommend JSONSerializer instead of the default
            # serializer for security reasons. See:
            # https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html
            serializer=JSONSerializer(),
        ))
Exemplo n.º 3
0
class JSONSerializerWithPickleFallback(object):
    def __init__(self):
        self.json = JSONSerializer()
        self.pickle = PickleSerializer()

    def dumps(self, value):
        # maybe catch serialization errors here and keep using pickle
        # while finding spots in your app that are not storing
        # JSON-serializable objects, falling back to pickle
        return self.json.dumps(value)

    def loads(self, value):
        try:
            return self.json.loads(value)
        except ValueError:
            return self.pickle.loads(value)
Exemplo n.º 4
0
def main(global_config, **settings):
    my_session_factory = SignedCookieSessionFactory(
        "supersecret", serializer=JSONSerializer(), httponly=True
    )
    config = Configurator(settings=settings, session_factory=my_session_factory)
    config.include("pyramid_chameleon")
    config.add_route("home", "/")
    config.add_route("hello", "/howdy")
    config.scan(".views")
    return config.make_wsgi_app()
Exemplo n.º 5
0
def includeme(config):
    settings = config.registry.settings

    # By default, derive_key generates a 64-byte (512 bit) secret, which is the
    # correct length for SHA512-based HMAC as specified by the `hashalg`.
    factory = SignedCookieSessionFactory(
        secret=derive_key(settings["secret_key"], settings["secret_salt"],
                          b"h.session.cookie_secret"),
        hashalg="sha512",
        httponly=True,
        timeout=3600,
        serializer=JSONSerializer(),
    )
    config.set_session_factory(factory)
    config.set_csrf_storage_policy(SessionCSRFStoragePolicy())
Exemplo n.º 6
0
def main(global_config, **settings):
    """ This function returns a Pyramid WSGI application.
    """
    with Configurator(settings=settings,
                      root_factory='.resources.Root') as config:
        config.include('.models')
        config.include('pyramid_jinja2')
        config.include('.routes')
        config.include('.security')
        config.scan(ignore=['.tests', '.migration_tests'])
        config.set_default_permission('view')
        hex_secret = config.get_settings()['session_secret'].strip()
        secret = binascii.unhexlify(hex_secret)
        factory = EncryptedCookieSessionFactory(secret=secret,
                                                serializer=JSONSerializer(),
                                                timeout=86400)
        config.set_session_factory(factory)
    return config.make_wsgi_app()
Exemplo n.º 7
0
def make_app(global_settings: dict, **settings: Any) -> Router:

    settings = {**BASE_SETTINGS, **settings}

    session_factory = SignedCookieSessionFactory(
        secret=settings["zam.session_secret"],
        serializer=JSONSerializer(),
        secure=asbool(settings["zam.auth_cookie_secure"]),
        httponly=True,
    )

    with Configurator(
        settings=settings, root_factory=Root, session_factory=session_factory
    ) as config:

        config.include("zam_repondeur.errors")

        setup_database(config, settings)

        config.include("zam_repondeur.menu")
        config.include("zam_repondeur.auth")
        config.include("zam_repondeur.templating")

        config.include("pyramid_default_cors")
        config.include("pyramid_retry")

        config.add_route("error", "/error")

        config.include("zam_repondeur.assets")
        config.include("zam_repondeur.tasks")
        config.include("zam_repondeur.services.data")
        config.include("zam_repondeur.services.users")
        config.include("zam_repondeur.services.progress")
        config.include("zam_repondeur.services.amendements")
        config.include("zam_repondeur.services.fetch.http")
        load_version(config)

        config.scan()

        app = config.make_wsgi_app()

    return app
Exemplo n.º 8
0
def make_app(global_settings: dict, **settings: Any) -> Router:

    settings = {**BASE_SETTINGS, **settings}

    session_factory = SignedCookieSessionFactory(
        secret=settings["zam.session_secret"], serializer=JSONSerializer())

    with Configurator(settings=settings,
                      root_factory=Root,
                      session_factory=session_factory) as config:

        rollbar_settings = extract_settings(settings, prefix="rollbar.")
        if "access_token" in rollbar_settings and "environment" in rollbar_settings:
            setup_rollbar_log_handler(rollbar_settings)

        setup_database(config, settings)

        config.include("zam_repondeur.auth")

        config.include("pyramid_default_cors")

        config.include("pyramid_jinja2")
        config.add_jinja2_renderer(".html")
        config.add_jinja2_search_path("zam_repondeur:templates", name=".html")

        config.add_route("choices_lectures", "/choices/dossiers/{uid}/")
        config.add_route("error", "/error")

        config.include("zam_repondeur.assets")

        init_huey(settings)
        config.include("zam_repondeur.data")
        config.include("zam_repondeur.users")
        config.include("zam_repondeur.amendements")
        load_version(config)

        config.scan()

        app = config.make_wsgi_app()

    return app
Exemplo n.º 9
0
 def __init__(self):
     self.json = JSONSerializer()
     self.pickle = PickleSerializer()
Exemplo n.º 10
0
def main(global_config, **settings):
    """ This function returns a Pyramid WSGI application.
    """
    config = Configurator(settings=settings)
    config.include('pyramid_jinja2')

    # Insecure Session
    # https://docs.pylonsproject.org/projects/pyramid/en/latest/narr/sessions.html#sessions-chapter
    my_session_factory = SignedCookieSessionFactory(
        'insecure-but-digitally-signed-382746', serializer=JSONSerializer())
    config.set_session_factory(my_session_factory)

    # Cache busting of static assets
    # See https://docs.pylonsproject.org/projects/pyramid/en/1.10-branch/narr/assets.html#cache-busting
    config.add_static_view('static', 'static', cache_max_age=3600)
    config.add_cache_buster(
        'arscca:static/',
        QueryStringConstantCacheBuster(str(int(time.time()))))

    config.add_route('admin_clear_run_groups', '/admin/run_groups/clear')
    config.add_route('admin_generate_run_groups', '/admin/run_groups/generate')
    config.add_route('admin_run_groups', '/admin/run_groups')
    config.add_route('calendar', '/calendar')
    config.add_route('calendar_slash', '/calendar/')
    config.add_route('calendar_plain', '/calendar/plain')
    config.add_route('exception', '/exception')
    config.add_route('help_index', '/help')
    config.add_route('help_index_slash', '/help/')
    config.add_route('help_show', '/help/{document_name}')
    config.add_route('opinion_index', '/opinion')
    config.add_route('opinion_index_slash', '/opinion/')
    config.add_route('opinion_show', '/opinion/{document_name}')
    config.add_route('driver', '/drivers/{slug}')
    config.add_route('drivers', '/drivers')
    config.add_route('drivers_slash', '/drivers/')
    config.add_route('event', '/events/{date}')
    config.add_route('events', '/events')  # redirects to home
    config.add_route('events_slash',
                     '/events/')  # redirects to home (slash is distinct)
    config.add_route('index', '/')
    config.add_route('javascript_errors', '/javascript_errors')
    config.add_route('joomla_test__home_page_photos',
                     '/joomla_test/home_page_photos')
    config.add_route('joomla_test__home_page_calendar',
                     '/joomla_test/home_page_calendar')
    config.add_route('live_event', '/live')
    config.add_route('live_event_drivers', '/live/drivers')
    config.add_route('live_event_raw', '/live/raw')
    config.add_route('live_event_revision', '/live/revision')
    config.add_route('live_event_update_redis', '/live/update_redis')
    config.add_route('msreg', '/msreg')
    config.add_route('msreg_upload', '/msreg/upload', request_method='POST')
    config.add_route('msreg_download',
                     '/msreg/{download_filename}',
                     request_method='GET')
    config.add_route('national_event', '/national_events/{year}')
    config.add_route('photo_upload_create',
                     '/photos/upload',
                     request_method='POST')
    config.add_route('photo_upload_new',
                     '/photos/upload',
                     request_method='GET')
    config.add_route('photos', '/photos')
    config.add_route('photos_slash', '/photos/')
    config.add_route('photos__teaser', '/photos/teaser')
    config.add_route('report', '/standings')
    config.add_route('run_groups', '/run_groups')

    config.scan()
    config.include('pyramid_exclog')
    return config.make_wsgi_app()
Exemplo n.º 11
0
def get_session_factory(med_config):
    return SignedCookieSessionFactory(med_config["session_factory"],
                                      serializer=JSONSerializer())
Exemplo n.º 12
0
def main(global_config, test_settings=None, **settings):
	if test_settings is None:
		engine = engine_from_config(settings, 'sqlalchemy.')
		dbsession.configure(bind=engine)
		Base.metadata.bind = engine
		config = Configurator(settings=settings)
		session_factory = SignedCookieSessionFactory(
			secret=settings['session.secret'],
			domain=settings['hostname'],
			secure=True,
			httponly=True,
			samesite='strict',
			reissue_time=900,
			max_age=900,
			serializer=JSONSerializer()
		)
	else:
		engine = engine_from_config(test_settings, 'sqlalchemy.')
		dbsession.configure(bind=engine)
		Base.metadata.bind = engine
		config = Configurator(settings=test_settings)
		session_factory = SignedCookieSessionFactory(
			secret=test_settings['session.secret'],
			domain=test_settings['hostname'],
			secure=True,
			httponly=True,
			samesite='strict',
			reissue_time=900,
			max_age=900,
			serializer=JSONSerializer()
		)

	config.add_renderer('json', JSON(indent=4))

	config.set_session_factory(session_factory)
	config.add_forbidden_view(forbidden)
	config.include('pyramid_jinja2')

	def page_controller(page):
		if page == 'adminpage':
			return True
		if page == 'login':
			return False
		return False

	def check_sort(unsorted):
		return unsorted
	
	def img(imgtype):
		if imgtype == 'img':
			return True
		return False

	def pdf(imgtype):
		if imgtype == 'pdf':
			return True
		return False
	
	def setup_jinja2_env():
		jinja_environment = config.get_jinja2_environment()
		tests = {
			'page_controller': page_controller,
			'check_sort': check_sort,
			'img': img,
			'pdf': pdf
		}
		for key,val in tests.items():
			jinja_environment.tests[key] = val

	config.action(None, setup_jinja2_env, order=999)

	config.include('.models')
	config.include('.routes')
	config.include('.security')
	config.scan('bigwebsite')

	return config.make_wsgi_app()