apiTwitter = twitter.Api(consumer_key=config.twitter["consumerKey"], consumer_secret=config.twitter["consumerSecret"], access_token_key=config.twitter["accessKey"], access_token_secret=config.twitter["accessSecret"], tweet_mode="extended") app = Flask(__name__) app.secret_key = "askdhabiuhasdjahbjda" gzip = Gzip(app) sentry = Sentry(app, dsn='https://*****:*****@sentry.io/1282333') endpoints = Api(app) assets = Environment(app) login_manager = LoginManager() login_manager.init_app(app) login_manager.login_view = "sign_in" cred = credentials.Certificate(config.firebase['serviceAccount']) firebase_admin.initialize_app(cred, config.firebase) app.config['CELERY_BROKER_URL'] = 'redis://localhost:6379/0' app.config['CELERY_RESULT_BACKEND'] = 'redis://localhost:6379/0' celery = Celery(app.name, broker=app.config['CELERY_BROKER_URL']) celery.conf.update(app.config) import methods
def create_app(config_name): app = Flask(__name__) app.config.from_object(config[config_name]) app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False # not using sqlalchemy event system, hence disabling it app.config['UPLOADED_IMAGES_DEST'] = 'C:/Users/user/mywebprojects/healthcareprofessionals/app/static/photo/' if \ not os.environ.get('UPLOADED_IMAGES_DEST') else os.path.dirname(os.path.realpath(__file__)) + os.environ.get( 'UPLOADED_IMAGES_DEST') app.config['UPLOADED_DOCS_DEST'] = 'C:/Users/user/mywebprojects/healthcareprofessionals/app/static/docs/' if \ not os.environ.get('UPLOADED_DOCS_DEST') else os.path.dirname(os.path.realpath(__file__)) + os.environ.get( 'UPLOADED_DOCS_DEST') app.config['docs'] = app.config['UPLOADED_DOCS_DEST'] app.config['CKEDITOR_SERVE_LOCAL'] = True app.config['CKEDITOR_HEIGHT'] = 400 app.config['CKEDITOR_FILE_UPLOADER'] = 'upload' app.config[ 'CKEDITOR_ENABLE_CSRF'] = True # if you want to enable CSRF protect, uncomment this line app.config['UPLOADED_PATH'] = os.path.join(basedir, 'uploads') config[config_name].init_app(app) # Set up extensions mail.init_app(app) db.init_app(app) login_manager.init_app(app) csrf.init_app(app) compress.init_app(app) RQ(app) configure_uploads(app, (images)) configure_uploads(app, docs) ckeditor = CKEditor(app) share.init_app(app) moment.init_app(app) jwt.init_app(app) sess.init_app(app) # Register Jinja template functions from .utils import register_template_utils register_template_utils(app) # Set up asset pipeline assets_env = Environment(app) dirs = ['assets/styles', 'assets/scripts'] for path in dirs: assets_env.append_path(os.path.join(basedir, path)) assets_env.url_expire = True assets_env.register('app_css', app_css) assets_env.register('app_js', app_js) assets_env.register('vendor_css', vendor_css) assets_env.register('vendor_js', vendor_js) # Configure SSL if platform supports it if not app.debug and not app.testing and not app.config['SSL_DISABLE']: from flask_sslify import SSLify SSLify(app) # Create app blueprints from .blueprints.public import public as public_blueprint app.register_blueprint(public_blueprint) from .blueprints.seo_arizona import seo_arizona as seo_arizona_blueprint app.register_blueprint(seo_arizona_blueprint) from .blueprints.seo_world import seo_world as seo_world_blueprint app.register_blueprint(seo_world_blueprint) from .blueprints.main import main as main_blueprint app.register_blueprint(main_blueprint) from .blueprints.account import account as account_blueprint app.register_blueprint(account_blueprint, url_prefix='/account') from .blueprints.admin import admin as admin_blueprint app.register_blueprint(admin_blueprint, url_prefix='/admin') from .blueprints.marketplace import marketplace as marketplace_blueprint app.register_blueprint(marketplace_blueprint, url_prefix='/marketplace') from .blueprints.jobs import jobs as jobs_blueprint app.register_blueprint(jobs_blueprint, url_prefix='/jobs') from .blueprints.crawlers import crawlers as crawlers_blueprint app.register_blueprint(crawlers_blueprint) from .blueprints.promos import promos as promos_blueprint app.register_blueprint(promos_blueprint, url_prefix='/promos') from .blueprints.posts import post_blueprint as post_blueprint app.register_blueprint(post_blueprint) from .blueprints.organisations import organisations as organisations_blueprint app.register_blueprint(organisations_blueprint, url_prefix='/organisations') from .blueprints.sitemaps import sitemaps as sitemaps_blueprint app.register_blueprint(sitemaps_blueprint) from .blueprints.api import api as apis_blueprint app.register_blueprint(apis_blueprint, url_prefix='/api') from .blueprints.professionals import professionals as professionals_blueprint app.register_blueprint(professionals_blueprint) # main_api.init_app(app) app.jinja_env.globals.update(json_load=json_load, image_size=image_size, get_cart=get_cart) @app.before_request def before_request(): try: session['cart_id'] except: u = uuid.uuid4() user_agent = request.headers.get('User-Agent') if user_agent is not None: user_agent = user_agent.encode('utf-8') base = 'cart: {0}|{1}|{2}'.format(_get_remote_addr(), user_agent, u) if str is bytes: base = text_type(base, 'utf-8', errors='replace') # pragma: no cover h = sha512() h.update(base.encode('utf8')) session['cart_id'] = h.hexdigest() @app.cli.command() def routes(): """'Display registered routes""" rules = [] for rule in app.url_map.iter_rules(): methods = ','.join(sorted(rule.methods)) rules.append((rule.endpoint, methods, str(rule))) sort_by_rule = operator.itemgetter(2) for endpoint, methods, rule in sorted(rules, key=sort_by_rule): route = '{:50s} {:25s} {}'.format(endpoint, methods, rule) print(route) return app
from flask_assets import Environment, Bundle assets = Environment() coffee_filters = [ 'coffeescript', #'uglifyjs' ] # TODO: pack js files, compiled, into project's /static coffee = Bundle( # here we compile the coffee scripts, then we minify it and pack it # in this example there is but one file, but this scales alright! # you may also use nested bundles http://webassets.readthedocs.org/en/latest/bundles.html#nested-bundles 'blog/coffee/app.coffee', filters=coffee_filters, # our output js will have this structure output='js/apps.min.js') # we want our js files to be compiled into our project's static folder coffee.directory = 'static' assets.register('js_all', coffee)
def create_app(test_config=None): """Flask application factory create_app(test_config:object) -> Flask test_config => Use a defined flask config rather than config.py """ logger = logging.getLogger(__name__) app = Flask( __name__, instance_path=INSTANCE_PATH, instance_relative_config=True, ) app.config.from_mapping( SECRET_KEY=SECRET_KEY, SQLALCHEMY_DATABASE_URI=SQLALCHEMY_DATABASE_URI, SECURITY_PASSWORD_SALT=SECURITY_PASSWORD_SALT, MAIL_DEBUG=MAIL_DEBUG, MAIL_DEFAULT_SENDER=MAIL_DEFAULT_SENDER, ) if test_config is None: settings_path = Path(os.path.dirname(__file__), '..', 'settings') app.config.from_pyfile(Path(settings_path, 'dev.cfg')) if FLASK_ENV != 'development': app.config.from_pyfile(Path(settings_path, 'prod.cfg')) else: app.config.from_mapping(test_config) init_template_filters(app) assets = Environment(app) main_css = Bundle('css/main.scss', filters='pyscss', output='gen/main.css') assets.register('main_css', main_css) try: os.makedirs(app.instance_path) except OSError: pass DB.init_app(app) MIGRATE.init_app(app, DB) MAIL.init_app(app) user_datastore = SQLAlchemyUserDatastore(DB, User, Role) AUTH.init_app(app, user_datastore) app = register_blueprints(app) ADMIN.init_app(app) with app.test_request_context(): DB.create_all() create_default_user_and_roles(user_datastore) @app.route('/favicon.ico') def _favicon(): return send_from_directory(os.path.join(app.root_path, 'static'), 'favicon.ico', mimetype='image/vnd.microsoft.icon') logger.debug('app loaded') return app
def init(app): assets = Environment(app) # Basic CSS and Javascript: # Available under: base_css, base_js base_css = Bundle('css/base.scss', filters='pyscss', output='gen/css/base.%(version)s.css') base_js = Bundle('scripts/base.js', filters='jsmin', output='gen/scripts/base.%(version)s.js') assets.register('base_css', base_css) assets.register('base_js', base_js) # Pleblist-related javascript # Available under the following assets: pleblist_shared, pleblist_host, pleblist_client pleblist_client = Bundle('scripts/pleblist.js', filters='jsmin', output='gen/scripts/pleblist.%(version)s.js') pleblist_shared = Bundle('scripts/pleblist.shared.js', filters='jsmin', output='gen/scripts/pleblist.shared.%(version)s.js') pleblist_host = Bundle( 'scripts/pleblist.host.js', 'scripts/pleblist.host.streamtip.js', 'scripts/pleblist.host.streamelements.js', 'scripts/pleblist.host.streamlabs.js', filters='jsmin', output='gen/scripts/pleblist.host.%(version)s.js') assets.register('pleblist_shared', pleblist_shared) assets.register('pleblist_client', pleblist_client) assets.register('pleblist_host', pleblist_host) # CLR Overlay # Availabe under: clr_overlay_js, clr_overlay_css, clr_donations_js, clr_donations_css, clr_shared_js clr_overlay_js = Bundle('scripts/clr.overlay.js', filters='jsmin', output='gen/scripts/clr.overlay.%(version)s.js') clr_overlay_css = Bundle('css/clr.overlay.scss', filters='pyscss', output='gen/css/clr.overlay.%(version)s.css') clr_donations_js = Bundle('scripts/clr.donations.js', filters='jsmin', output='gen/scripts/clr.donations.%(version)s.js') clr_donations_css = Bundle('css/clr.donations.scss', filters='pyscss', output='gen/css/clr.donations.%(version)s.css') clr_shared_js = Bundle('scripts/clr.shared.js', filters='jsmin', output='gen/scripts/clr.shared.%(version)s.js') assets.register('clr_overlay_js', clr_overlay_js) assets.register('clr_overlay_css', clr_overlay_css) assets.register('clr_donations_js', clr_donations_js) assets.register('clr_donations_css', clr_donations_css) assets.register('clr_shared_js', clr_shared_js) # Admin site # Availabe under: admin_create_banphrase, admin_create_command, # admin_create_row, admin_edit_command admin_create_banphrase = Bundle('scripts/admin/create_banphrase.js', filters='jsmin', output='gen/scripts/admin/create_banphrase.%(version)s.js') admin_create_command = Bundle('scripts/admin/create_command.js', filters='jsmin', output='gen/scripts/admin/create_command.%(version)s.js') admin_create_row = Bundle('scripts/admin/create_row.js', filters='jsmin', output='gen/scripts/admin/create_row.%(version)s.js') admin_edit_command = Bundle('scripts/admin/edit_command.js', filters='jsmin', output='gen/scripts/admin/edit_command.%(version)s.js') assets.register('admin_create_banphrase', admin_create_banphrase) assets.register('admin_create_command', admin_create_command) assets.register('admin_create_row', admin_create_row) assets.register('admin_edit_command', admin_edit_command) # Admin CLR admin_clr_donations_edit_js = Bundle('scripts/admin/clr/donations/edit.js', output='gen/scripts/admin/clr/donations/edit.%(version)s.js') assets.register('admin_clr_donations_edit_js', admin_clr_donations_edit_js) notifications_base = Bundle('scripts/notifications/base.js', filters='jsmin', output='gen/scripts/notifications/base.%(version)s.js') assets.register('notifications_base', notifications_base) notifications_subscribers = Bundle('scripts/notifications/subscribers.js', filters='jsmin', output='gen/scripts/notifications/subscribers.%(version)s.js') assets.register('notifications_subscribers', notifications_subscribers) # Third party libraries # Available under: autolinker autolinker = Bundle('scripts/autolinker.js', filters='jsmin', output='gen/scripts/autolinker.%(version)s.js') assets.register('autolinker', autolinker) # Commands # Available under: commands_js commands_js = Bundle('scripts/commands.js', filters='jsmin', output='gen/scripts/commands.%(version)s.js') assets.register('commands_js', commands_js) # Pagination script # Available under: paginate_js paginate_js = Bundle('scripts/paginate.js', filters='jsmin', output='gen/scripts/paginate.%(version)s.js') assets.register('paginate_js', paginate_js) # Playsounds playsounds_js = Bundle('scripts/playsounds.js', filters='jsmin', output='gen/scripts/playsounds.%(version)s.js') assets.register('playsounds_js', playsounds_js) assets.init_app(app)
from flask.ext.cache import Cache from flask.ext.debugtoolbar import DebugToolbarExtension from flask_assets import Environment # Setup flask cache cache = Cache() # init flask assets assets_env = Environment() debug_toolbar = DebugToolbarExtension()
def init(app): assets = Environment(app) # Basic CSS and Javascript: # Available under: base_css, base_js base_css = Bundle("css/base.scss", filters="pyscss,cssmin", output="gen/css/base.%(version)s.css") base_js = Bundle("scripts/base.js", filters="jsmin", output="gen/scripts/base.%(version)s.js") assets.register("base_css", base_css) assets.register("base_js", base_js) # Pleblist-related javascript # Available under the following assets: pleblist_shared, pleblist_host, pleblist_client pleblist_client = Bundle("scripts/pleblist.js", filters="jsmin", output="gen/scripts/pleblist.%(version)s.js") pleblist_shared = Bundle( "scripts/pleblist.shared.js", filters="jsmin", output="gen/scripts/pleblist.shared.%(version)s.js") pleblist_host = Bundle("scripts/pleblist.host.js", filters="jsmin", output="gen/scripts/pleblist.host.%(version)s.js") assets.register("pleblist_shared", pleblist_shared) assets.register("pleblist_client", pleblist_client) assets.register("pleblist_host", pleblist_host) # CLR Overlay # Availabe under: clr_overlay_js, clr_overlay_css, clr_shared_js # jsmin is intentionally disabled for clr.overlay.js because the output is broken (same as below for # playsounds) clr_overlay_js = Bundle("scripts/clr.overlay.js", output="gen/scripts/clr.overlay.%(version)s.js") clr_overlay_css = Bundle("css/clr.overlay.scss", filters="pyscss,cssmin", output="gen/css/clr.overlay.%(version)s.css") clr_shared_js = Bundle("scripts/clr.shared.js", filters="jsmin", output="gen/scripts/clr.shared.%(version)s.js") assets.register("clr_overlay_js", clr_overlay_js) assets.register("clr_overlay_css", clr_overlay_css) assets.register("clr_shared_js", clr_shared_js) # Admin site # Availabe under: admin_create_banphrase, admin_create_command, # admin_create_row, admin_edit_command admin_create_banphrase = Bundle( "scripts/admin/create_banphrase.js", filters="jsmin", output="gen/scripts/admin/create_banphrase.%(version)s.js") admin_create_command = Bundle( "scripts/admin/create_command.js", filters="jsmin", output="gen/scripts/admin/create_command.%(version)s.js") admin_create_row = Bundle( "scripts/admin/create_row.js", filters="jsmin", output="gen/scripts/admin/create_row.%(version)s.js") admin_edit_command = Bundle( "scripts/admin/edit_command.js", filters="jsmin", output="gen/scripts/admin/edit_command.%(version)s.js") assets.register("admin_create_banphrase", admin_create_banphrase) assets.register("admin_create_command", admin_create_command) assets.register("admin_create_row", admin_create_row) assets.register("admin_edit_command", admin_edit_command) notifications_base = Bundle( "scripts/notifications/base.js", filters="jsmin", output="gen/scripts/notifications/base.%(version)s.js") assets.register("notifications_base", notifications_base) notifications_subscribers = Bundle( "scripts/notifications/subscribers.js", filters="jsmin", output="gen/scripts/notifications/subscribers.%(version)s.js", ) assets.register("notifications_subscribers", notifications_subscribers) # Third party libraries # Available under: autolinker autolinker = Bundle("scripts/autolinker.js", filters="jsmin", output="gen/scripts/autolinker.%(version)s.js") assets.register("autolinker", autolinker) # Commands # Available under: commands_js commands_js = Bundle("scripts/commands.js", filters="jsmin", output="gen/scripts/commands.%(version)s.js") assets.register("commands_js", commands_js) # Pagination script # Available under: paginate_js paginate_js = Bundle("scripts/paginate.js", filters="jsmin", output="gen/scripts/paginate.%(version)s.js") assets.register("paginate_js", paginate_js) # range slider for semantic UI range_slider_js = Bundle("scripts/range.js", filters="jsmin", output="gen/scripts/range.%(version)s.js") assets.register("range_slider_js", range_slider_js) range_slider_css = Bundle("css/range.css", filters="cssmin", output="gen/css/range.%(version)s.css") assets.register("range_slider_css", range_slider_css) # common controls for the playsound pages playsound_common_js = Bundle( "scripts/playsound.common.js", filters="jsmin", output="gen/scripts/playsound.common.%(version)s.js") assets.register("playsound_common_js", playsound_common_js) # DON'T enable jsmin for this resource, it breaks the output # probably because it uses ECMAScript features that are too new playsound_admin_js = Bundle( "scripts/admin/playsound.admin.js", output="gen/scripts/admin/playsound.admin.%(version)s.js") assets.register("playsound_admin_js", playsound_admin_js) playsound_admin_css = Bundle( "css/admin/playsound.admin.css", filters="cssmin", output="gen/css/admin/playsound.admin.%(version)s.css") assets.register("playsound_admin_css", playsound_admin_css) assets.init_app(app)
def create_app(config_name=None): app = Flask(__name__) app.name = "response_operations_ui" app_config = f'config.{config_name or os.environ.get("APP_SETTINGS", "Config")}' app.config.from_object(app_config) # Load css and js assets assets = Environment(app) if app.config['DEBUG'] or app.config['TESTING']: assets.cache = False assets.manifest = None assets.url = app.static_url_path app.jinja_env.add_extension('jinja2.ext.do') app.register_blueprint(filter_blueprint) app.url_map.strict_slashes = False app.secret_key = app.config['RESPONSE_OPERATIONS_UI_SECRET'] # Zipkin zipkin = Zipkin(app=app, sample_rate=app.config.get("ZIPKIN_SAMPLE_RATE")) requestsdefaulter.default_headers(zipkin.create_http_headers_for_new_span) logger_initial_config(service_name='response-operations-ui', log_level=app.config['LOGGING_LEVEL']) logger = wrap_logger(logging.getLogger(__name__)) logger.info('Logger created', log_level=app.config['LOGGING_LEVEL']) login_manager = LoginManager(app) login_manager.init_app(app) login_manager.login_view = "sign_in_bp.sign_in" @app.context_processor def inject_availability_message(): redis_avail_msg = app.config['SESSION_REDIS'] if len(redis_avail_msg.keys('AVAILABILITY_MESSAGE_RES_OPS')) == 1: return { "availability_message": redis_avail_msg.get('AVAILABILITY_MESSAGE_RES_OPS').decode( 'utf-8') } return {} @login_manager.user_loader def user_loader(user_id): return User(user_id) if cf.detected: with app.app_context(): # If deploying in cloudfoundry set config to use cf redis instance logger.info( 'Cloudfoundry detected, setting service configurations') service = cf.redis app.config['REDIS_HOST'] = service.credentials['host'] app.config['REDIS_PORT'] = service.credentials['port'] # wrap in the flask server side session manager and back it by redis app.config['SESSION_REDIS'] = redis.StrictRedis( host=app.config['REDIS_HOST'], port=app.config['REDIS_PORT'], db=app.config['REDIS_DB']) app.jinja_environment.lstrip_blocks = True if app.config['DEBUG'] or os.environ.get('JINJA_RELOAD'): app.jinja_env.auto_reload = True Session(app) setup_blueprints(app) return app
def create_app(mode="development"): """Create webapp instance.""" app = Flask(__name__, instance_relative_config=True) #Load database #Initilise DB from unifispot.models import user_datastore db.init_app(app) # Load the default configuration app.config.from_object('config.default') # Load the configuration from the instance folder app.config.from_pyfile('config.py') # Load the file specified by the config_filename environment variable # Variables defined here will override those in the default configuration if mode is not None: app.config.from_object('config.' + mode) # Load test database config if mode == 'testing': app.config.from_pyfile('config_test.py') elif mode == 'e2e_testing': app.config.from_pyfile('config_e2e_test.py') #Setup Flask-Security before loading any blueprints security = Security(app, user_datastore) #initilise mail,celery and redis mail.init_app(app) celery.init_app(app) redis.init_app(app) ##not going to use server side sessions #sess.init_app(app) #initlize assets assets = Environment(app) assets.register(bundles) # simple load all blueprint settings, enabled in config load_blueprint_settings(app, blueprint_path='unifispot') # simple load all blueprints, enabled in config load_blueprints(app, blueprint_path='unifispot') #check for default values required before starting app with app.app_context(): from importlib import import_module import_module('unifispot.middleware') @app.route("/") @login_required def home(): if current_user.type == 'admin': account = Account.query.filter_by( id=current_user.account_id).first() if not account: app.logger.error("No account found!! Something is wrong") abort(404) elif account.firstrun != 0: #First time running return redirect(url_for('superadmin.firstrun')) return redirect(url_for('admin.admin_index')) elif current_user.type == 'client': return redirect(url_for('client.client_index')) else: app.logger.error("Unknown User Type!! for ID:%s" % current_user.id) abort(400) return app
'js/jquery-ui-{ver}.custom/jquery-ui.theme.css'.format(ver=jq_ui_ver), f'js/smartmenus-{sm_ver}/css/sm-core-css.css', f'js/smartmenus-{sm_ver}/css/sm-blue/sm-blue.css', 'js/DataTables-{ver}/css/dataTables.jqueryui.css'.format( ver=dt_datatables_ver), 'js/Buttons-{ver}/css/buttons.jqueryui.css'.format(ver=dt_buttons_ver), 'js/FixedColumns-{ver}/css/fixedColumns.jqueryui.css'.format( ver=dt_fixedcolumns_ver), 'js/Editor-{ver}/css/editor.jqueryui.css'.format(ver=dt_editor_ver), 'js/Select-{ver}/css/select.jqueryui.css'.format(ver=dt_select_ver), 'js/select2-{ver}/css/select2.css'.format(ver=s2_ver), 'js/yadcf-{ver}/jquery.dataTables.yadcf.css'.format(ver=yadcf_ver), 'js/fullcalendar-{ver}/fullcalendar.css'.format(ver=fullcalendar_ver), 'datatables.css', # from loutilities 'editor.css', # from loutilities 'filters.css', # from loutilities 'branding.css', # from loutilities 'style.css', 'admin/style.css', 'admin/editor-forms.css', 'admin/events.css', 'eventscalendar.css', 'charts.css', output='gen/admin.css', # cssrewrite helps find image files when ASSETS_DEBUG = False filters=['cssrewrite', 'cssmin'], ) } asset_env = Environment()
'libs/moment/moment.js', 'libs/bootstrap/dist/js/bootstrap.js', 'libs/select2/dist/js/select2.full.js', 'libs/eonasdan-bootstrap-datetimepicker/src/js/bootstrap-datetimepicker.js', filters='uglifyjs', output='public/js/admin.js' ) admin_less = Bundle( 'less/admin_main.less', filters='less', output='public/css/admin.css', depends=('less/*.less', 'less/**/*.less') ) assets = Environment() test_assets = Environment() # register our javascript bundles assets.register('ie8', ie8) assets.register('vendorjs', vendorjs) assets.register('publicjs', publicjs) assets.register('adminjs', adminjs) assets.register('opportunitiesjs', opportunitiesjs) assets.register('scoutjs', scoutjs) assets.register('conductorjs', conductorjs) # register our css bundles assets.register('css_all', less) assets.register('admin_less', admin_less) assets.register('scout_less', scout_less)
def configure_webassets(self): assets = Environment(self.app) assets.init_app(self.app) assets.debug = self.debug
def setup_assets(app): """Setup assets.""" from flask_assets import Environment assets = Environment(app)
from app.util.events import build_mbld_results # ------------------------------------------------------------------------------------------------- app = Flask(__name__) app.config.from_object(Config) Mobility(app) app.secret_key = app.config['FLASK_SECRET_KEY'] DB = SQLAlchemy(app) MIGRATE = Migrate(app, DB) ASSETS = Environment(app) ASSETS.register({ # --------- common static bundles ------------ 'init_js': Bundle( 'js/init.js', filters="jsmin", output='gen/init.js' ), # --------- home page static bundles ------------ 'index_js': Bundle( 'js/home/home_page.js', 'js/ui/shapes.js',
def create_app(config): app = Flask(__name__, template_folder=config.SOURCE_TEMPLATES_DIR, static_folder=path.join(config.SECUREDROP_ROOT, 'static')) app.request_class = RequestThatSecuresFileUploads app.config.from_object(config.SourceInterfaceFlaskConfig) # The default CSRF token expiration is 1 hour. Since large uploads can # take longer than an hour over Tor, we increase the valid window to 24h. app.config['WTF_CSRF_TIME_LIMIT'] = 60 * 60 * 24 CSRFProtect(app) @app.errorhandler(CSRFError) def handle_csrf_error(e): msg = render_template('session_timeout.html') session.clear() flash(Markup(msg), "important") return redirect(url_for('main.index')) assets = Environment(app) app.config['assets'] = assets i18n.setup_app(app) app.jinja_env.trim_blocks = True app.jinja_env.lstrip_blocks = True app.jinja_env.globals['version'] = version.__version__ if getattr(config, 'CUSTOM_HEADER_IMAGE', None): app.jinja_env.globals['header_image'] = config.CUSTOM_HEADER_IMAGE app.jinja_env.globals['use_custom_header_image'] = True else: app.jinja_env.globals['header_image'] = 'logo.png' app.jinja_env.globals['use_custom_header_image'] = False app.jinja_env.filters['rel_datetime_format'] = \ template_filters.rel_datetime_format app.jinja_env.filters['nl2br'] = evalcontextfilter(template_filters.nl2br) app.jinja_env.filters['filesizeformat'] = template_filters.filesizeformat for module in [main, info, api]: app.register_blueprint(module.make_blueprint(config)) @app.before_request @ignore_static def check_tor2web(): # ignore_static here so we only flash a single message warning # about Tor2Web, corresponding to the initial page load. if 'X-tor2web' in request.headers: flash( Markup( gettext( '<strong>WARNING:</strong> You appear to be using Tor2Web. ' 'This <strong>does not</strong> provide anonymity. ' '<a href="{url}">Why is this dangerous?</a>').format( url=url_for('info.tor2web_warning'))), "banner-warning") @app.before_request @ignore_static def setup_g(): """Store commonly used values in Flask's special g object""" g.locale = i18n.get_locale() g.text_direction = i18n.get_text_direction(g.locale) g.html_lang = i18n.locale_to_rfc_5646(g.locale) g.locales = i18n.get_locale2name() if 'expires' in session and datetime.utcnow() >= session['expires']: msg = render_template('session_timeout.html') # clear the session after we render the message so it's localized session.clear() flash(Markup(msg), "important") session['expires'] = datetime.utcnow() + \ timedelta(minutes=getattr(config, 'SESSION_EXPIRATION_MINUTES', 120)) # ignore_static here because `crypto_util.hash_codename` is scrypt # (very time consuming), and we don't need to waste time running if # we're just serving a static resource that won't need to access # these common values. if logged_in(): g.codename = session['codename'] g.filesystem_id = crypto_util.hash_codename(g.codename) try: g.source = Source.query \ .filter(Source.filesystem_id == g.filesystem_id) \ .one() except NoResultFound as e: app.logger.error("Found no Sources when one was expected: %s" % (e, )) del session['logged_in'] del session['codename'] return redirect(url_for('main.index')) g.loc = store.path(g.filesystem_id) @app.teardown_appcontext def shutdown_session(exception=None): """Automatically remove database sessions at the end of the request, or when the application shuts down""" db_session.remove() @app.errorhandler(404) def page_not_found(error): return render_template('notfound.html'), 404 @app.errorhandler(500) def internal_error(error): return render_template('error.html'), 500 return app