def register_security(app):
security = Security(app, user_datastore)
def unauth_handler():
return response.error_response("未登录", 401)
security.unauthorized_handler(unauth_handler)
@app.teardown_appcontext
def shutdown_session(exception=None):
db_session.remove()
def create_app(config_override: Mapping = None) -> Flask:
"""Create the flask app for the debug server.
Parameters:
config_override:
Dict containing custom configuration to apply after loading the
normal config. Useful for testing.
"""
config_override = {} if config_override is None else config_override
# TODO: Rename app, no longer used only for debugging
app = Flask('stuffrdebugserver',
instance_relative_config=True,
static_url_path='',
template_folder='static')
app.config.from_object('config.default')
app.config.from_envvar('STUFFR_SETTINGS')
app.config.from_mapping(config_override)
app.json_encoder = StuffrJSONEncoder
logger.set_logger(app.logger)
db.init_app(app)
security = Security(app, user_store, confirm_register_form=StuffrRegisterForm)
security.unauthorized_handler(api_unauthenticated_handler)
Mail(app)
# In debug mode Swagger documentation is served at root
if not app.config['DEBUG']:
def api_root_view():
"""Provide a link to API documentation if root accessed."""
return error_response(
'TODO: Link to documentation here', HTTPStatus.NOT_FOUND)
blueprint_api.add_url_rule('/', 'apiindex', api_root_view)
app.register_blueprint(blueprint_simple, url_prefix='/simple')
app.register_blueprint(blueprint_api, url_prefix='/api')
def default404(e):
"""Default handler for 404."""
# TODO: Conditional JSON/HTML response (for simple mode)
return error_response(e.description, HTTPStatus.NOT_FOUND)
app.register_error_handler(HTTPStatus.NOT_FOUND, default404)
# TODO: Make friendlier error message (40x or 50x?)
app.add_url_rule('/', 'index', lambda: "You probably shouldn't be here")
return app
@application.route('/status')
@login_required
def status():
"""
Method to get the list of components available.
:return: It yields json string for the list of components.
"""
data = pgc.get_data("status")
return render_template('status.html', data=data)
@application.route('/')
@login_required
# @roles_accepted('Administrator','User')
def home():
return render_template('index.html',
user=current_user,
is_admin=current_user.has_role("Administrator"))
from responses import InvalidSessionResult
def unauth_handler():
return InvalidSessionResult().http_response()
security.unauthorized_handler(unauth_handler)
def create_app(test_config=None):
app = Flask(__name__, instance_relative_config=True)
app.config.from_mapping(
SQLALCHEMY_TRACK_MODIFICATIONS=False,
SECURITY_TRACKABLE=True,
SECURITY_REGISTERABLE=True,
SECURITY_SEND_REGISTER_EMAIL=False,
SECURITY_LOGIN_URL='/api/login',
# the default logout returns a 302, so we define our own logout method
SECURITY_LOGOUT_URL='/logout',
SECURITY_REGISTER_URL='/api/register',
SECURITY_POST_LOGIN_VIEW='/',
SECURITY_POST_LOGOUT_VIEW='/',
CECTF_FILE_LOCATION='/tmp/ctf/dev',
CECTF_PRODUCTION=True)
if test_config is None:
if app.config.from_envvar('CECTF_CONFIG', silent=True):
print("Loaded configuration from CECTF_CONFIG: " +
os.environ['CECTF_CONFIG'])
else:
print("Loading configuration from relative config.py")
app.config.from_pyfile('config.py', silent=False)
else:
app.config.from_mapping(test_config)
# ensure the instance and ctf folders exists
try:
os.makedirs(app.instance_path)
os.makedirs(app.config['CECTF_FILE_LOCATION'])
except OSError:
pass
from . import database
database.init_app(app)
from . import models
from . import commands
commands.init_app(app)
# Setup Flask-Security
security = Security(app, models.user_datastore, register_blueprint=False)
security.unauthorized_handler(lambda: Response('Unauthorized', 400))
app.login_manager.unauthorized_handler(
lambda: Response('Unauthorized', 400))
from . import users
users.init_app(app)
from . import challenges
challenges.init_app(app)
from . import challenges_admin
challenges_admin.init_app(app)
from . import challenges_files
challenges_files.init_app(app)
from . import authentication
authentication.init_app(app)
from . import reset
reset.init_app(app)
from . import jsconfig
jsconfig.init_app(app)
return app