def create_app(db_config, image_folder, log_folder=None, log_file_name=None):
# set the project root directory as the static folder, you can set others.
app = Flask(__name__, static_url_path='')
# https://stackoverflow.com/questions/26980713/solve-cross-origin-resource-sharing-with-flask
# pip install -U flask-cors
CORS(app, resources={r"/*": {"origins": "*"}})
engine = create_engine('postgresql://{}:{}@{}:{}/{}'.format(
db_config['username'], db_config['password'], db_config['ip'],
db_config['port'], db_config['database_name']))
app.config['engine'] = engine
app.config['image_folder'] = image_folder
if log_folder is not None and log_file_name is not None:
configure_logging(log_folder, log_file_name)
logger = logging.getLogger(__name__)
logger.info('Current database being used: {}'.format(
db_config['database_name']))
logger.info('image_folder: {}'.format(app.config['image_folder']))
# Setup the Flask-JWT-Extended extension
app.config[
'JWT_SECRET_KEY'] = 's3label-completely-secret' # this should be kept secret!
jwt = fje.JWTManager(app)
# register the endpoints with this app
app.register_blueprint(ebp)
return app
def create_app(config):
"""
Create a Flask app with a registered API and namespaces
"""
flask_app = Flask('timezone_keeper')
flask_app.config.from_object(FlaskCfgObject(config))
blueprint = Blueprint('api', __name__, url_prefix=API_PREFIX)
flask_api.init_app(blueprint)
flask_api.add_namespace(auth_ns)
flask_api.add_namespace(user_ns)
flask_api.add_namespace(role_ns)
flask_api.add_namespace(timezone_ns)
if 'api' not in flask_app.blueprints:
flask_app.register_blueprint(blueprint)
log.info('Database path: %s', config.SQLALCHEMY_DATABASE_URI)
db.init_app(flask_app)
jwt = flask_jwt_extended.JWTManager(flask_app)
jwt.user_claims_loader(jwt_add_claims_to_access_token)
jwt.user_identity_loader(jwt_user_identity_lookup)
jwt.token_in_blacklist_loader(jwt_check_blacklisted)
flask_app.after_request(add_cors_headers)
return flask_app
def create_app():
app = Flask(FLASK_NAME,
static_folder="../client/dist",
template_folder="../client")
app.secret_key = FLASK_SECRET_KEY
# JWT
jwt = flask_jwt_extended.JWTManager(app)
return app
def __init__(self, app):
super(JwtRequestLoader, self).__init__(app)
self.jwt_manager = jwt_manager = flask_jwt_extended.JWTManager()
jwt_manager.init_app(app)
@jwt_manager.user_identity_loader
def user_identity_loader(user):
"""
Serialize a user entity to the JWT token
This method is the complement of `user_loader_callback_loader`
"""
return user.session_key
@jwt_manager.user_loader_callback_loader
def user_loader_callback_loader(session_key):
"""
Load a user entity from the JWT token
This method is the complement of `user_identity_loader`
Note, if user is not found or inactive, fail silently - user just won't get loaded
"""
return self.user_ent.get_by(session_key=session_key, is_active=True)
def create_app(config):
app = Flask(__name__)
app.config['PROPAGATE_EXCEPTIONS'] = True
app.config['JWT_SECRET_KEY'] = config.JWT_SECRET
app.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
from src.client.db import db as sqldb
sqldb.init_app(app)
from src.client.clients.dao.sql_dao import ClientSQLDAO
api = Api(app)
flask_jwt_extended.JWTManager(app)
app_logger = create_logger(__name__)
clients_dao = ClientSQLDAO()
# Client manager resources
api.add_resource(client_resources.ClientManager,
'/api/clients',
resource_class_kwargs={
'logger': app_logger,
'clients_dao': clients_dao
})
# List Client resources
api.add_resource(client_resources.ClientList,
'/api/listClients',
resource_class_kwargs={
'logger': app_logger,
'clients_dao': clients_dao
})
return app
app = Flask(__name__) # Create Flask app
app.config.update(get_config(
app.config['ENV'], app.open_resource('config.yaml')))
CORS(app) # Cross-origin resource sharing
api = Api(app, doc=False)
api.add_namespace(games_api, path='/api/games')
api.add_namespace(auth_api, path='/api/auth')
assert ('JWT_SECRET_KEY' in app.config), 'Must set FLASK_JWT_SECRET_KEY env variable'
if 'JWT_ACCESS_TOKEN_EXPIRES' not in app.config:
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 86400 # default is 1 day
app.config['PROPAGATE_EXCEPTIONS'] = True # avoids server error w/bad JWTs in gunicorn
jwt = JWT.JWTManager(app) # do this after config is set
print('URL MAP', app.url_map) # useful for debugging
@app.before_request
def init_db():
'''Initialize db by creating the global db_session
This runs on each request.
'''
db_auth = create_engine(app.config['DB_AUTH'])
g.auth_db = sessionmaker(db_auth)()
db_usage = create_engine(app.config['DB_USAGE'])
g.usage_db = sessionmaker(db_usage)()
def create_app(config):
app = Flask(__name__)
app.config['PROPAGATE_EXCEPTIONS'] = True
app.config['JWT_SECRET_KEY'] = config.JWT_SECRET
app.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
from .db import db as sqldb
sqldb.init_app(app)
from .books.dao.sql_dao import BooksSQLDAO
from .users.dao.sql_dao import UsersSQLDAO
api = Api(app)
flask_jwt_extended.JWTManager(app)
app_logger = utils.create_logger(__name__)
books_dao = BooksSQLDAO()
users_dao = UsersSQLDAO()
# public Book resources
api.add_resource(book_resources.PublicBookList,
'/books',
resource_class_kwargs={
'logger': app_logger,
'books_dao': books_dao
})
api.add_resource(book_resources.PublicBook,
'/books/<string:book_id>',
resource_class_kwargs={
'logger': app_logger,
'books_dao': books_dao
})
# Books resources owned by Users
api.add_resource(book_resources.UserBookList,
'/users/books',
resource_class_kwargs={
'logger': app_logger,
'books_dao': books_dao,
'users_dao': users_dao,
})
api.add_resource(book_resources.UserBook,
'/users/books/<string:book_id>',
resource_class_kwargs={
'logger': app_logger,
'books_dao': books_dao
})
# Authentication resource
api.add_resource(user_resources.UserAuthentication,
'/auth',
resource_class_kwargs={
'logger': app_logger,
'users_dao': users_dao
})
return app
)
#CORS(app)
CORS(app, resources={r'/*': {'origins': '*'}})
api = Api(app, prefix="/api")
#api = Api(app)
print('App config:\n ', '\n '.join([f'{k}: {v}' for k,v in sorted(app.config.items())]))
if 'JWT_SECRET_KEY' not in app.config:
app.config['JWT_SECRET_KEY'] = 'very secret'
if 'JWT_ACCESS_TOKEN_EXPIRES' not in app.config:
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = 3600
jwt = JWT.JWTManager(app)
#routes before auth, no discover
@api.route('/user')
class UsersResource(Resource):
def post(self):
'''Registers a new user'''
#grabs fields to create user
d = api.payload
if d is None: return {'msg': 'No change submitted'}
#need
#user_id, name, creation_date, email, email_confirmation
user = User() #creates new user object
auth = Auth() #creates new authentication object
modelTicks = btctaiModels.Ticks
# markets = Markets()
app = flask.Flask(__name__)
if 'AIMAI_JWT_SECRET_KEY' not in os.environ:
print('''Required environment variables not defined.
export AIMAI_JWT_SECRET_KEY="Your_Secret_Key"
''')
exit()
app.config['JWT_SECRET_KEY'] = os.environ['AIMAI_JWT_SECRET_KEY']
app.config['JWT_EXPIRATION_DELTA'] = datetime.timedelta(days=14)
jwt = flask_jwt.JWTManager(app)
@jwt.user_claims_loader
def makeJWTClaims(account):
obj = account.toDict()
return {'username': obj['username']}
@jwt.user_identity_loader
def userIdentityLoader(account):
obj = account.toDict()
return obj['_id']
#jwt.payload_handler = makeJWTPayload
from models import users, settlements, names
# general logging
#utils.basic_logging()
# create the flask app with settings/utils info
application = Flask(__name__)
application.config.update(
DEBUG=settings.get("server", "DEBUG"),
TESTING=settings.get("server", "DEBUG"),
)
application.logger.addHandler(utils.get_logger(log_name="server"))
application.config['SECRET_KEY'] = settings.get("api", "secret_key", "private")
# Javascript Web Token! DO NOT import jwt (i.e. pyjwt) here!
jwt = flask_jwt_extended.JWTManager(application)
#
# Routes start here! Settings object initialized above...
#
# default route - landing page, vanity URL stuff
@application.route("/")
def index():
return send_file("html/index.html")
# static css and js routes
@application.route('/static/<sub_dir>/<path:path>')
def route_to_static(path, sub_dir):
from flask_socketio import SocketIO, send, emit
import flask_jwt_extended as fj
import jwt as jt # see FIXME below
import peewee
from playhouse.fields import PasswordField
from chappy.config import Config
from chappy.models import User, Channel, ChannelUser, Message, init_db
from adapters.embedly_adapter import get_video_metadata, get_img_metadata
from adapters.twilio_adapter import message_user
app = Flask(__name__)
app.config.from_object(Config)
jwt = fj.JWTManager(app)
socketio = SocketIO(app)
###################
# JWT SESSION SETUP
###################
# FIXME: fj.get_jwt_identity appears to be borked; I wrote my own:
def decode_identity():
algorithm = fj.config.__dict__['ALGORITHM']
secret = app.config.get('SECRET_KEY')
token = request.headers.get('AUTHORIZATION').split(' ')[1]
identity = jt.decode(token, secret, algorithm)
return identity['identity']
convergence-server
A REStful API service that helps you find the ideal place to meet.
"""
import logging
import flask_jwt_extended
from flask import Flask
from flask_cors import CORS
from convergence.data import convergence_db
app = Flask(__name__, instance_relative_config=True, static_url_path="/static")
app.config.from_object("config")
app.config.from_pyfile("config.py")
CORS(app, supports_credentials=True)
jwt = flask_jwt_extended.JWTManager(app)
db_url = app.config["DB_URL"]
db = convergence_db.ConvergenceDB(db_url)
logging.basicConfig(filename="logs/Convergence.log", level=logging.INFO)
from convergence.endpoints import user_bp, events_bp, suggestions_bp, \
friends_bp
from convergence.utils import error_handling
app.register_blueprint(user_bp)
app.register_blueprint(events_bp)
app.register_blueprint(suggestions_bp)
app.register_blueprint(friends_bp)
API.config.from_object(config.Config)
API.config.from_pyfile('secret.py')
# import the settings module and add it
from app import assets, utils
from app.utils import settings
from app.utils import crossdomain
# fiddle the loggers; remove the default to avoid handle conflicts
API.logger.removeHandler(flask.logging.default_handler)
API.logger = utils.get_logger(log_name="server")
API.settings = settings
# Javascript Web Token! DO NOT import jwt (i.e. pyjwt) here!
JWT = flask_jwt_extended.JWTManager(API)
# HTTP basic auth, which we use for the admin panel:
API.basicAuth = HTTPBasicAuth()
@API.basicAuth.verify_password
def verify_password(username, password):
""" cf. the methods in routes.py that use the @basicAuth decorator. This is
what happens when those routes try to verify their user. """
flask.request.User = assets.users.authenticate(username, password)
if flask.request.User is None:
return False
if flask.request.User.user.get("admin", None) is None:
"""This module implements all authorization functions used by :py:mod:`psef`.
:license: AGPLv3, see LICENSE for details.
"""
import typing as t
from functools import wraps
import oauth2
import flask_jwt_extended as flask_jwt
from mypy_extensions import NoReturn
import psef
from psef.errors import APICodes, APIException
jwt = flask_jwt.JWTManager() # pylint: disable=invalid-name
def init_app(app: t.Any) -> None:
"""Initialize the app by initializing our jwt manager.
:param app: The flask app to initialize.
"""
jwt.init_app(app)
class PermissionException(APIException):
"""The exception used when a permission check fails.
"""
pass
import functools
from datetime import timedelta
import flask
import flask_jwt_extended as jwt
from flask_httpauth import HTTPBasicAuth
from flaskel.flaskel import cap, httpcode
from flaskel.utils.datastruct import ObjectDict
from .sqlalchemy import db
from .sqlalchemy.mixins import StandardMixin
jwtm = jwt.JWTManager()
basic_auth = HTTPBasicAuth()
@basic_auth.verify_password
def simple_basic_auth(username, password):
if (
username == cap.config.BASIC_AUTH_USERNAME
and password == cap.config.BASIC_AUTH_PASSWORD
):
return dict(username=username, password=password)
return None
@jwtm.invalid_token_loader
def invalid_token_loader(mess):
return dict(message=mess), httpcode.UNAUTHORIZED # pragma: no cover
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import datetime
import logging
import flask_jwt_extended
from flask_jwt_extended import exceptions as jwt_exc
from cnapps import exceptions
LOGGER = logging.getLogger(__name__)
JWT_MANAGER = flask_jwt_extended.JWTManager()
def setup(app):
"""Setup JWT
Args:
app ([flask.Flask]): the main application
"""
JWT_MANAGER.init_app(app)
app.config['JWT_SECRET_KEY'] = "my-secret"
app.config['JWT_TOKEN_LOCATION'] = ['headers']
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = datetime.timedelta(hours=1)
def create_app():
logging.configure()
werkzeug_log = std_logging.getLogger('werkzeug')
werkzeug_log.setLevel(std_logging.ERROR)
app = flask.Flask(__name__, instance_relative_config=True)
# FIXME: Add production config and keys
app.config['SECRET_KEY'] = 'dev'
app.config['JWT_SECRET_KEY'] = 'dev'
app.config['JWT_TOKEN_LOCATION'] = ('headers', 'cookies')
app.config['JWT_COOKIE_SECURE'] = False
app.config['JWT_COOKIE_CSRF_PROTECT'] = False
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = dt.timedelta(hours=12)
app.config['db_pool'] = psql.pool.SimpleConnectionPool(1, 20, '')
flask_jwt.JWTManager(app)
from . import auth
app.register_blueprint(auth.bp)
from . import users
app.register_blueprint(users.bp)
from . import teams
app.register_blueprint(teams.bp)
from . import hubs
app.register_blueprint(hubs.bp)
from . import datasets
app.register_blueprint(datasets.bp)
from . import versions
app.register_blueprint(versions.bp)
from . import partitions
app.register_blueprint(partitions.bp)
from . import connections
app.register_blueprint(connections.bp)
app.jinja_env.filters['datetime'] = format_datetime
app.jinja_env.filters['tooltip'] = format_tooltip
@app.before_request
def before_request_logger():
flask.g.start_time = time.time()
logging.init(request_id=uuid.uuid4())
logging.info('start_request',
method=flask.request.method,
host=flask.request.host_url,
path=flask.request.path,
endpoint=getattr(flask.request.url_rule, 'endpoint', ''))
exclude_authorization = [
'auth.login_html',
'auth.login_json',
'redirect_index',
'static',
'users.new_json',
]
@app.before_request
def before_request_authorization():
endpoint = getattr(flask.request.url_rule, 'endpoint', '')
if flask.request.path == '/favicon.ico' or endpoint in exclude_authorization:
return
try:
flask_jwt.verify_jwt_in_request()
except (flask_jwt.exceptions.JWTExtendedException,
jwt.ExpiredSignature):
if flask.request.url.endswith('html'):
return flask.redirect(flask.url_for('auth.login_html'))
return flask.jsonify({'error': 'missing access token'}), 401
@app.after_request
def after_request_logger(response):
log = structlog.get_logger()
log.info('stop_request',
code=response.status_code,
time=round((time.time() - flask.g.start_time) * 1000,
ndigits=4),
method=flask.request.method,
host=flask.request.host_url,
path=flask.request.path,
endpoint=getattr(flask.request.url_rule, 'endpoint', ''))
return response
@app.teardown_appcontext
def close_db_pool(e):
db = flask.g.pop('db', None)
if db is not None:
app.config['db_pool'].putconn(db)
@app.errorhandler(DbException)
def handle_db_exception(error):
if flask.request.url.endswith('html'):
return flask.render_template('error.html.j2',
error=str(error)), 500
return flask.jsonify({'error': str(error)}), 500
@app.errorhandler(AssertionFailure)
def handle_assertion_failure(error):
if flask.request.url.endswith('html'):
return flask.render_template('error.html.j2',
error=str(error)), error.status_code
return flask.jsonify({'error': str(error)}), error.status_code
@app.route('/', methods=['GET'])
def redirect_index():
return flask.redirect(flask.url_for('hubs.index_html'))
return app
def init_jwt(app):
user_store.UserStore.set_users(env_singleton.env.get_auth_users())
_ = flask_jwt_extended.JWTManager(app)
logger.debug("Initialized JWT with secret key that started with " +
app.config["JWT_SECRET_KEY"][:4])
import os
import flask
import flask_jwt_extended as jwt
from database.seeders import reset_database
from routes import blueprints
# init
app = flask.Flask(__name__)
app.url_map.strict_slashes = False
app.config['JWT_SECRET_KEY'] = os.urandom(256)
jwt.JWTManager(app)
# CLI
@app.cli.command()
def resetdb():
reset_database()
# index route
@app.route('/', defaults={'path': ''})
@app.route('/<path:path>')
def index(path):
return flask.send_file('./static/index.html')
# route for storage, TODO: use nginx instead
@app.route('/api/image/<path:path>')
def get_file_from_storage(path):
path = '/storage/image_posts/{}'.format(path)
