def init(argv=None): app = web.Application(middlewares=[ JWTMiddleware(settings.SECRET_KEY, auth_scheme='Token', whitelist=[ r'/api/users', ]) ]) app.router.add_routes(authentication_routes) app.router.add_routes(profiles_routes) app.router.add_routes(articles_routes) # Configure default CORS settings. cors = aiohttp_cors.setup(app, defaults={ "*": aiohttp_cors.ResourceOptions( allow_credentials=True, expose_headers="*", allow_headers="*", ) }) # Configure CORS on all routes. for route in list(app.router.routes()): cors.add(route) app.on_shutdown.append(on_shutdown) return app
async def init_app(config=None): app = web.Application(middlewares=[ JWTMiddleware(config['JWT_SECRET'], whitelist=[ r'/public*', ]) ]) app.update(config=config or load_config(), logger=log) setup_routes(app) # db_pool = await init_db(app) app.on_startup.append(init_db) # app.on_startup.append(setup_redis) # redis_pool = await setup_redis(app) # setup_session(app, RedisStorage(redis_pool)) # needs to be after session setup because of `current_user_ctx_processor` # aiohttp_jinja2.setup( # app, # loader=jinja2.PackageLoader('app/templates'), # # context_processors=[current_user_ctx_processor], # ) # setup_security( # app, # SessionIdentityPolicy(), # DBAuthorizationPolicy(db_pool) # ) log.debug(app['config']) return app
def setup_middleware(cls, app: web.Application, **kwargs): auth_config = AppConfig.get("control_server.auth", {}) auth_config = update_recursive(auth_config, kwargs) if "secret_or_pub_key" in auth_config: log.debug("setting up JWT authentication middleware, config=%s", auth_config, flags=[logflags.SENSITIVE]) app.middlewares.append(JWTMiddleware(**auth_config))
def get_middlewares() -> tuple: """ List of active middlewares. """ middlewares = ( version_middleware, firewall_middleware, remove_slash_middleware, JWTMiddleware(SECRET_KEY, whitelist=WHITELIST_URLS), ) return middlewares
def jwt_middleware_with_cors(*args, **kwargs): mdlwr = JWTMiddleware(*args, **kwargs) @wraps(mdlwr) async def wrap(request: Request, handler): if request.method == hdrs.METH_OPTIONS: return await handler(request) return await mdlwr(request, handler) return wrap
def initApp(): app = web.Application(middlewares=[ JWTMiddleware(secret_or_pub_key=SHARABLE_SECRET, token_getter=get_token, request_property='user', credentials_required=False, whitelist=[r'/public*']) ]) fernet_key = fernet.Fernet.generate_key() secret_key = base64.urlsafe_b64decode(fernet_key) setup(app, EncryptedCookieStorage(secret_key)) aiohttp_jinja2.setup(app, loader=jinja2.FileSystemLoader(TEMPLATE_PATH)) return app
async def init_app(argv=None) -> web.Application: app = web.Application(middlewares=[JWTMiddleware(JWT_SECRET)]) app['storage_client'] = storage.Client() app.on_startup.append(mq_connect) app.on_cleanup.append(mq_close) app.router.add_post('/', post) app.router.add_put('/{content_id}', put) app.router.add_delete('/{content_id}', delete) return app
async def get_app(): await create_table() app = web.Application(middlewares=[ JWTMiddleware(config.JWT_SECRET, algorithms=config.JWT_ALGORITHM, whitelist=[r'/api/user/login']) ]) app.cleanup_ctx.append(partial(register_connection_alchemy)) app.router.add_view('/api/user/{user_id:\d+}', UserView) app.router.add_view('/api/user/login', UserView) app.router.add_view('/api/post/{post_id:\d+}', PostView) app.router.add_view('/api/post/', PostView) app.router.add_view('/api/posts/', PostsView) return app
def factory(routes, *args, **kwargs): defaults = {'secret_or_pub_key': secret} app = web.Application( middlewares=[ JWTMiddleware( *args, **{ **defaults, **kwargs }, ), ], ) for path, handler in routes: app.router.add_get(path, handler) return app
def make_app(conf, initialize_db): api = web.Application( middlewares=[ JWTMiddleware( secret_or_pub_key=conf.sharable_secret, request_property='user', credentials_required=False, ), ] ) api['config'] = conf api.add_routes(api_routes) api.cleanup_ctx.append(initialize_db) app = web.Application() app.add_routes(routes) app.add_subapp('/api/v1', api) return app
async def create_application(self): app = web.Application(middlewares=[ JWTMiddleware(self.config["settings"]["secret"], whitelist=[r"/public*"]), ]) log.info("Create app") app["pool"] = await asyncpg.create_pool( user=self.config['database']['username'], password=self.config['database']['password'], database=self.config['database']['dbname'], host=self.config['database']['host'], port=self.config['database']['port']) log.info("Create pool") auth = Auth(self.config) app = await auth.create_routes(app) await self.create_routes(app) return app
def factory(routes=tuple(), views=tuple(), *args, **kwargs): defaults = {'secret_or_pub_key': secret} init_middleware = kwargs.pop('init_middleware', True) middlewares = [] if init_middleware: middlewares.append(JWTMiddleware( *args, **{ **defaults, **kwargs }, )) app = web.Application(middlewares=middlewares) for path, handler in routes: app.router.add_get(path, handler) for path, view in views: app.router.add_view(path, view) return app
def __init__(self): self.routes = {} self.private_routes = {} self.app = web.Application(middlewares=[]) # CORS middleware allows CORS from localhost self.app.middlewares.append( cors_middleware(origins=[re.compile(r"^https?\:\/\/localhost.*")])) self.app.middlewares.append( JWTMiddleware( config.JWT_SECRET, request_property="user", credentials_required=False, )) self.app.router.add_routes(login_routes) self.app.router.add_routes(quote_routes) self.app.router.add_route('*', '/public/{name}', self.public_handler) self.app.router.add_route('*', '/{name}', self.private_handler) self.handler = self.app.make_handler()
return web.Response( text= "You sent an invalid type parameter. Valid types: feminino, masculino, acessorio, all", status=406) except Exception as e: print(str(e)) return web.Response(text="Something went wrong. Please try later", status=500) return web.json_response(body=data) async def handleWelcome(request): return web.Response(text="This is not a web page") ##APP SETUP my_secret = os.environ.get('APP_JWT_SECRET') app = web.Application(middlewares=[ JWTMiddleware(secret_or_pub_key=my_secret, algorithms="HS256", request_property='user') ]) app.add_routes([web.get('/produto', handleGet), web.get('', handleWelcome)]) if __name__ == '__main__': web.run_app(app, port=os.environ.get('PORT'), host='0.0.0.0')
from aiohttp_jwt import JWTMiddleware, check_permissions, match_any sharable_secret = "secret" async def get_token(request): return jwt.encode({ "username": "******", "scopes": ["username:johndoe"] }, sharable_secret) jwt_middleware = JWTMiddleware( sharable_secret, token_getter=get_token, request_property="user", credentials_required=False, whitelist=[r"/public*"], ) async def public_handler(request): return web.json_response({ "username": request["user"].get("username") if "user" in request else "anonymous" }) @check_permissions(["app/user:admin", "username:johndoe"], comparison=match_any) async def protected_handler(request):
''' Serve file. ''' from aiohttp import web from aiohttp_jwt import JWTMiddleware from chunked_app import handle as chunked_handle from standard_app import handle as standard_handle from settings import jwt_secret app = web.Application(middlewares=[ JWTMiddleware(jwt_secret, auth_scheme='JWT', algorithms='HS256') ]) app.add_routes([ web.get('/chunked', chunked_handle), web.get('/standard', standard_handle) ]) web.run_app(app)
await conn.execute("commit") engine.close() return json_response({'result': 'True'}) except BaseException as e: request.app['app_logger'].error(f'Error in app: {str(e)}') return json_response({'result': False}) async def ping(request): return web.Response(body='Pong') app = web.Application(middlewares=[ JWTMiddleware( secret_or_pub_key=JWT_SECRET, request_property='user', credentials_required=False, whitelist=['/api/auth/*', '/api/ws/*'], algorithms=[JWT_ALGORITHM] ) ]) jwt_logger = logging.getLogger('aiohttp_jwt.middleware') jwt_logger.addHandler(logging.NullHandler()) app.add_routes([web.get('/api/auth/ping', ping), web.post('/api/auth/obtain_token', obtaint), web.post('/api/auth/refresh_token', refresht), web.post('/api/get_user_list', get_user_list), web.post('/api/update_user', update_user)]) app.add_routes(maintenance.MaintenanceRoutes)
logger = logging.getLogger(__name__) secret = "your secret" async def get_token(request): return jwt.encode({ "username": "******", "scopes": ["user:admin"] }, secret) jwt_middleware = JWTMiddleware( secret, request_property="user", token_getter=get_token, credentials_required=False, whitelist=[r"/(foo|bar)"], ) async def foo_handler(request): return json_response({"status": "OK"}) @check_permissions(["user:admin", "johndoe"], comparison=match_any) async def protected_handler(request): payload = request.get("user", {}) return json_response({"status": "OK", "username": payload.get("username")})
@middleware async def error_middleware(request: Request, handler) -> Response: catch_codes = {500} try: response: Response = await handler(request) if response.status not in catch_codes: return response message = response.text status = response.status except JSONDecodeError as exc: message = f"JSON isn't passed or invalid: {exc}" status = 400 except HTTPException as exc: if exc.status not in catch_codes: raise message = exc.reason status = exc.status except InvalidSignatureError as exc: message = str(exc) status = 400 return json_response({"error": message}, status=status) jwt_middleware = JWTMiddleware( get_secret_key(), request_property=Fields.USER, credentials_required=False, )
from main.routes import setup_routes setup_routes(app) if settings.DEBUG: setup_swagger(app, swagger_url='/docs') # enable debugtoolbar aiohttp_debugtoolbar.setup(app) async def close_app(app): pass if __name__ == '__main__': app = web.Application( middlewares=[ settings.DB, JWTMiddleware(settings.SHARED_SECRET_KEY, credentials_required=False) ] ) app['settings'] = settings app.on_startup.append(init_app) app.on_cleanup.append(close_app) settings.DB.init_app(app, config=settings.DATABASE) web.run_app(app, host=settings.HOST, port=settings.PORT)
def create_jwt_middleware(): return JWTMiddleware(secret_or_pub_key=Config.JWT_PUBLIC_KEY, request_property='token_data', credentials_required=True, whitelist=SECURITY_WHITELIST)
'status': 'OK', 'username': payload.get('username'), }) async def get_token(request): return jwt.encode({ 'username': '******', 'scopes': [ 'user:admin', ], }, secret) return None app = web.Application(middlewares=[ JWTMiddleware( secret=secret, request_property='user', token_getter=get_token, credentials_required=False, whitelist=[r'/(foo|bar)'], ), ]) app.router.add_get('/foo', foo_handler) app.router.add_get('/protected', protected_handler) if __name__ == '__main__': web.run_app(app)
from aiohttp_jwt import JWTMiddleware from settings import JWT_SECRET_KEY async def handle_http_error(request, e, status): return web.json_response( { 'message': f'{type(e).__name__}: {str(e)}' }, status=status ) jwt_middleware = JWTMiddleware( secret_or_pub_key=JWT_SECRET_KEY, request_property='user', algorithms=['HS256'], credentials_required=False ) @middleware async def error_middleware(request, handler): try: return await handler(request) except web.HTTPException as e: return await handle_http_error(request, e, status=e.status) except (BadRequest, JSONDecodeError, ValidationError) as e: return await handle_http_error(request, e, status=400) except RecordNotFound as e: return await handle_http_error(request, e, status=404) except Exception as e:
from aiohttp_jwt import JWTMiddleware JWT_SECRET_KEY = 'secret' REDIS_URL = 'redis://localhost' REDIS_KEY_EXPIRE_SECONDS = 86400 MIDDLEWARES = [ JWTMiddleware( secret_or_pub_key=JWT_SECRET_KEY, auth_scheme='JWT', ) ]
async def public_handler(request): return web.json_response({"username": "******"}) async def protected_handler(request): return web.json_response({"username": request["user"].get("username", "anonymous")}) async def get_token(request): return jwt.encode({"username": "******"}, sharable_secret) app = web.Application( middlewares=[ JWTMiddleware( secret_or_pub_key=sharable_secret, token_getter=get_token, request_property="user", whitelist=[r"/public*"], ) ] ) app.router.add_get("/public", public_handler) app.router.add_get("/protected", protected_handler) if __name__ == "__main__": web.run_app(app)
def test_throw_on_invalid_secret(): with pytest.raises(RuntimeError): JWTMiddleware(secret_or_pub_key='')
from aiohttp import web from aiohttp_jwt import JWTMiddleware from routes import setup_routes from aiohttp_swagger import * from settings import SWAGGER_PARAMS, APP_PORT, JWT_SECRET, JWT_ALGORITHMS from dotenv import load_dotenv from src.middlewares import json_response from src.service.db import Database load_dotenv() app = web.Application(middlewares=[ JWTMiddleware( JWT_SECRET, algorithms=JWT_ALGORITHMS, credentials_required=False, request_property='payload', ), json_response, ], debug=True) setup_routes(app) setup_swagger(app, **SWAGGER_PARAMS) app.on_startup.append(Database.init_pg) app.on_cleanup.append(Database.close_pg) web.run_app(app, port=APP_PORT)
import jwt from aiohttp import web from aiohttp_jwt import JWTMiddleware secret = 'secret' middlewares = [JWTMiddleware(secret)] app = web.Application(middlewares=middlewares) run_configurations = {'host': '127.0.0.1', 'port': 9090} from async_rest_api.async_app import routers
return web.json_response({ 'username': request['user'].get('username', 'anonymous'), }) async def get_token(request): return jwt.encode({ 'username': '******', }, sharable_secret) app = web.Application( middlewares=[ JWTMiddleware( secret_or_pub_key=sharable_secret, token_getter=get_token, request_property='user', whitelist=[ r'/public*' ] ) ] ) app.router.add_get('/public', public_handler) app.router.add_get('/protected', protected_handler) if __name__ == '__main__': web.run_app(app)
async def init(loop): """Cheap and dirty protected API example""" app = Application(middlewares=[ JWTMiddleware( secret_or_pub_key=publickey, algorithms=algorithms, auth_scheme="Bearer", request_property="user", credentials_required=False, whitelist=[r"/(public|bar)"], audience=audience, issuer=issuer, ) ]) # Configure default CORS settings. cors = aiohttp_cors.setup( app, defaults={ "*": aiohttp_cors.ResourceOptions(allow_credentials=True, expose_headers="*", allow_headers="*"), "http://localhost": aiohttp_cors.ResourceOptions(allow_credentials=True, expose_headers="*", allow_headers="*"), "http://127.0.0.0": aiohttp_cors.ResourceOptions(allow_credentials=True, expose_headers="*", allow_headers="*"), }, ) ############ # API Views ############ # TODO move to views async def public_handler(request): return json_response({"Access": "Public"}) @login_required async def protected_handler(request): return json_response({"Access": "Protected"}) @check_permissions(["openid"], comparison=match_any, permissions_property="scope") async def profile_handler(request): """ This handler retrieves the user data from the auth0 userinfo endpoint. The scope openid is required for this. See: https://auth0.com/docs/api/authentication#get-user-info """ # pdb.set_trace() payload = request.get("user", {}) session = aiohttp.ClientSession() userinfo = {} async with session.get( issuer + "userinfo", headers={"Authorization": request.headers["Authorization"]}, ) as r: userinfo = await r.json() return json_response({ "name": userinfo.get("name"), "email": userinfo.get("email") }) cors.add(app.router.add_get("/", public_handler)) cors.add(app.router.add_get("/public", public_handler)) cors.add(app.router.add_get("/protected", protected_handler)) cors.add(app.router.add_get("/profile", profile_handler)) # Routes # Config setup_swagger(app, swagger_url="/api/v1/doc", swagger_from_file="swagger.yaml") logger.info("Starting server at %s:%s", IP, PORT) srv = await loop.create_server(app.make_handler(), IP, PORT) return srv