def _conf_security_mongo(app): '''Flask-Security MongoDB''' from flask_security import Security, MongoEngineUserDatastore from flask_social_blueprint.core import SocialBlueprint from shortener_url.backends.mongo import models extensions.login.init_app(app) extensions.login.login_view = "/login" security = Security() datastore = MongoEngineUserDatastore(app.db, models.User, models.Role) security = security.init_app(app, datastore) security.send_mail_task(_send_mail) SocialBlueprint.init_bp(app, models.SocialConnection, url_prefix="/_social") #@app.before_first_request #def before_first_request(): # for m in [models.User, models.Role, models.SocialConnection]: # m.drop_collection() @extensions.login.user_loader def load_user(user_id): return models.User.objects(_id=user_id)
def create_app(test_config=None): app = Flask(__name__) if test_config is not None: app.config.from_mapping(test_config) app.config.from_pyfile('config.py') if test_config is not None: app.config.from_mapping(test_config) cors = CORS(app, resources={r'/api/*': {'origins': '*'}}) from .core import db, security db.init_app(app) from .models import User, Role user_datastore = MongoEngineUserDatastore(db, User, Role) security.init_app(app, user_datastore) from .controllers import auth_controller app.register_blueprint(auth_controller, url_prefix='/api/auth') from .controllers import test_controller app.register_blueprint(test_controller, url_prefix='/api/test') @app.route('/api/hello', methods=['GET']) def home(): return jsonify({'message': 'Hello'}) @app.after_request def apply_headers(response): response.headers["Content-Type"] = "application/json" return response @app.cli.command() @click.argument('adminPassword') def initdb(adminpassword): Role.objects(name='admin').update(name='admin', upsert=True) superId = Role.objects.get(name='admin') Role.objects(name='user').update(name='user', upsert=True) userId = Role.objects.get(name='user') User.objects(email='admin').update(email='admin', roles= [superId, \ userId], password=adminpassword, upsert=True) @app.errorhandler(Exception) def handle_error(e): code = 500 if isinstance(e, HTTPException): code = e.code elif isinstance(e, NotUniqueError): code = HTTPStatus.CONFLICT else: ex_type, ex, tb = sys.exc_info() traceback.print_tb(tb) print(e) return jsonify(error=str(e)), code return app
def register_extensions(app): db.init_app(app) mail.init_app(app) resize.init_app(app) assets.init_app(app) sentry_dsn = app.config.get('SENTRY_DSN') if sentry_dsn: sentry.init_app(app, dsn=sentry_dsn) from .users.models import Role, User app.user_datastore = MongoEngineUserDatastore(db, User, Role) security.init_app(app, datastore=app.user_datastore) if app.debug: try: from flask_debugtoolbar import DebugToolbarExtension DebugToolbarExtension(app) except ImportError: pass if app.testing: from .core.testing import ContainsResponse app.response_class = ContainsResponse
def configure(app, db): register_form = ExtendedRegisterForm confirm_register_form = ExtendedRegisterForm Security(app=app, datastore=MongoEngineUserDatastore(db, User, Role), register_form=register_form, confirm_register_form=confirm_register_form)
def setup_user(app): mail = Mail(app) # Create database connection object db_engine = MongoEngine(app) class Role(db_engine.Document, RoleMixin): name = db_engine.StringField(max_length=80, unique=True) description = db_engine.StringField(max_length=255) class User(db_engine.Document, UserMixin): email = db_engine.StringField(max_length=255) password = db_engine.StringField(max_length=255) active = db_engine.BooleanField(default=True) confirmed_at = db_engine.DateTimeField() roles = db_engine.ListField(db_engine.ReferenceField(Role), default=[]) # Setup Flask-Security user_datastore = MongoEngineUserDatastore(db_engine, User, Role) security = Security(app, user_datastore) app.config['SECURITY_POST_LOGIN_VIEW'] = '/user_datasets' # Setup {{ user }} template variable @app.context_processor def inject_content(): return dict(user=current_user)
def setup(): # 不同種權限身份 class Role(_db.DB.Document, RoleMixin): name = _db.DB.StringField(max_length=80, unique=True) description = _db.DB.StringField(max_length=255) # 使用者資訊 class User(_db.DB.Document, UserMixin): name = _db.DB.StringField(max_length=255) password = _db.DB.StringField(max_length=255) phone = _db.DB.StringField(max_length=255) user_id = _db.DB.StringField(max_length=255) email = _db.DB.StringField(max_length=255) role = _db.DB.StringField(max_length=255) major = _db.DB.ListField() course_list = _db.DB.ListField() personal_plan = _db.DB.ListField() active = _db.DB.BooleanField(default=True) confirmed_at = _db.DB.DateTimeField() roles = _db.DB.ListField(_db.DB.ReferenceField(Role), default=[]) # meta = {'strict': False} # Setup Flask-Security global USER_DATASTORE USER_DATASTORE = MongoEngineUserDatastore(_db.DB, User, Role)
def configureSecurityMongoDb(app, user_mongodb_uri=None): with app.app_context(): print("Configuring security setup with mongodb") app.config['DEBUG'] = True app.config['SECRET_KEY'] = 'super-secret' app.config['SECURITY_PASSWORD_HASH'] = 'bcrypt' app.config['SECURITY_PASSWORD_SALT'] = 'saltit' # Default views app.config['SECURITY_SEND_REGISTER_EMAIL'] = False app.config['SECURITY_SEND_PASSWORD_CHANGE_EMAIL'] = False app.config['SECURITY_REGISTERABLE'] = True app.config['SECURITY_CHANGEABLE'] = True app.config['SECURITY_POST_LOGIN_VIEW'] = "/user/loginok" app.config['SECURITY_POST_REGISTER_VIEW'] = "/user/registerok" # app.config['WTF_CSRF_ENABLED'] = False # app.config['SECURITY_LOGIN_URL'] = '/testlogin' # MongoDB Config # app.config['MONGODB_DB'] = 'csoh_db' # app.config['MONGODB_HOST'] = 'localhost' user_mongodb_uri = DEFAULT_MONGODB_URI if ( user_mongodb_uri is None) else user_mongodb_uri print("Using '{}' as user mongo db".format(user_mongodb_uri)) app.config['MONGODB_HOST'] = user_mongodb_uri db = MongoEngine(app) class Role(db.Document, RoleMixin): name = db.StringField(max_length=80, unique=True) description = db.StringField(max_length=255) class User(db.Document, UserMixin): name = db.StringField(max_length=255) email = db.StringField(max_length=255, unique=True) password = db.StringField(max_length=255) active = db.BooleanField(default=True) confirmed_at = db.DateTimeField() roles = db.ListField(db.ReferenceField(Role), default=[]) # Setup Flask-Security user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) _initAdminUser(user_datastore) _setupRoleManagementEndpoints(app, user_datastore) return db, user_datastore, security # @app.route('/apchange', methods=['POST']) # @http_auth_required # @roles_required(ADMIN_ROLE) # def adminChangePassword(): # new_pass = utils.encrypt_password(request.form.get("pass")) # user = user_datastore.get_user(current_user.email) # user.password = new_padss # user_datastore.put(user) # return "Password changed", 200
def mongoengine_setup(request, app, tmpdir, realdburl): pytest.importorskip("flask_mongoengine") from flask_mongoengine import MongoEngine from mongoengine.fields import ( BooleanField, DateTimeField, IntField, ListField, ReferenceField, StringField, ) db_name = "flask_security_test_%s" % str(time.time()).replace(".", "_") app.config["MONGODB_SETTINGS"] = { "db": db_name, "host": "mongomock://localhost", "port": 27017, "alias": db_name, } db = MongoEngine(app) class Role(db.Document, RoleMixin): name = StringField(required=True, unique=True, max_length=80) description = StringField(max_length=255) permissions = StringField(max_length=255) meta = {"db_alias": db_name} class User(db.Document, UserMixin): email = StringField(unique=True, max_length=255) fs_uniquifier = StringField(unique=True, max_length=64, required=True) username = StringField(unique=True, required=False, sparse=True, max_length=255) password = StringField(required=False, max_length=255) security_number = IntField(unique=True, required=False, sparse=True) last_login_at = DateTimeField() current_login_at = DateTimeField() tf_primary_method = StringField(max_length=255) tf_totp_secret = StringField(max_length=255) tf_phone_number = StringField(max_length=255) us_totp_secrets = StringField() us_phone_number = StringField(max_length=255) last_login_ip = StringField(max_length=100) current_login_ip = StringField(max_length=100) login_count = IntField() active = BooleanField(default=True) confirmed_at = DateTimeField() roles = ListField(ReferenceField(Role), default=[]) meta = {"db_alias": db_name} def tear_down(): with app.app_context(): User.drop_collection() Role.drop_collection() db.connection.drop_database(db_name) request.addfinalizer(tear_down) return MongoEngineUserDatastore(db, User, Role)
def __init__(self, import_name): super().__init__(import_name=import_name) CORS(app=self) self.csrf = CSRFProtect(self) self.config.from_object('app.config.Config') self.mongo_engine = MongoEngine(self) self.jwt_manager = JWTManager(self) self.user_data_store = MongoEngineUserDatastore(self.mongo_engine, Customer, Role) self.security = Security(self, datastore=self.user_data_store)
def _configure_security(app): from . import models from flask_security import MongoEngineUserDatastore datastore = MongoEngineUserDatastore(models.db, models.User, models.Role) state = extensions.security.init_app(app, datastore, register_blueprint=True)
def add_flask_security(app): with app.app_context(): app.config['SECURITY_UNAUTHORIZED_VIEW'] = '/' app.config['SECRET_KEY'] = f3c_global_config.secret_key app.config['SECURITY_PASSWORD_SALT'] = f3c_global_config.secret_key user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) create_default_user_and_roles(user_datastore) _add_apikey_handler(security, user_datastore)
def extensions_load(app): db.init_app(app) user_data_store = MongoEngineUserDatastore(db, User, Role) s = security.init_app(app, user_data_store, register_blueprint=False) # TODO 无法分辨token过期/没有token/无效的token def unauthorized_handler(): error(InterfaceTips.INVALID_TOKEN) s.unauthorized_handler(unauthorized_handler)
def register_extensions(app): cache.init_app(app) db.init_app(app) user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore, confirm_register_form=ExtendedRegisterForm) mail.init_app(app) debug_toolbar.init_app(app) return None
def configure(app, db): register_form = ExtendedRegisterForm confirm_register_form = ExtendedRegisterForm if app.config.get('SECURITY_RECAPTCHA_ENABLED'): register_form = RecaptchaForm confirm_register_form = RecaptchaForm app.security = Security(app=app, datastore=MongoEngineUserDatastore(db, User, Role), register_form=register_form, confirm_register_form=confirm_register_form)
def init_app(self, app): global current_app current_app = self self.app = app if app.config['DEBUG']: self.cors.init_app( self.app, resources={r'/api/*': { 'origins': '*' }}, ) from api import api_v0, api self.api = api self.blueprint = Blueprint( 'onelove', __name__, template_folder='templates', static_folder='static', static_url_path='/static/onelove', ) self.app.register_blueprint(self.blueprint) self.app.register_blueprint(api_v0, url_prefix='/api/v0') self.app.register_blueprint(apidoc.apidoc) self.mail.init_app(self.app) self.db.init_app(self.app) self.user_datastore = MongoEngineUserDatastore( self.db, User, Role, ) self.security.init_app( self.app, self.user_datastore, ) self.jwt.init_app(self.app) self.collect.init_app(self.app) if self.app.config.get('DEBUG_TB_PANELS', False): from flask_debugtoolbar import DebugToolbarExtension from flask_debug_api import DebugAPIExtension self.toolbar = DebugToolbarExtension(self.app) self.toolbar = DebugAPIExtension(self.app) self.socketio = SocketIO(self.app, logger=True) self.app.onelove = self
def create_app(): db = MongoEngine() app = Flask(__name__) app.config.from_object(Config) # flask_security config user_datastore = MongoEngineUserDatastore(db, Users, Roles) security = Security(app, user_datastore) # do some init db.init_app(app) create_user_role(user_datastore, db) return app
def configure_extensions(app): # flask-assets assets.init_app(app) # flask-mongoengine db.init_app(app) # flask-s3 s3.init_app(app) # flask-security user_datastore = MongoEngineUserDatastore(db, User, Role) security.init_app(app, user_datastore)
def extensions_load(app): db.init_app(app) user_data_store = MongoEngineUserDatastore(db, User, Role) s = security.init_app(app, user_data_store, register_blueprint=False) cors = CORS( app, resources={r"*": { "origins": "*", "expose_headers": "X-Total" }}) # TODO 无法分辨token过期/没有token/无效的token def unauthorized_handler(): error(InterfaceTips.INVALID_TOKEN) s.unauthorized_handler(unauthorized_handler)
def register_auth(app): def load_user(user_id): return User.objects(_id=user_id) login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = '/login' # Setup Flask-Security security.init_app(app, MongoEngineUserDatastore(db, User, Role)) state = app.extensions['security'] state.send_mail_task(send_mail) app.extensions['security'] = state SocialBlueprint.init_bp(app, SocialConnection, url_prefix='/_social')
def create_app(config): app = Flask(__name__, static_folder='static') app.config.from_object(config) app.url_map.strict_slashes = False app.register_blueprint(landfile_site) # app.register_blueprint(landfile_api) user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) mail = Mail(app) db.init_app(app) CORS(app) return app
def extensions(app): """ Register 0 or more extensions (mutates the app passed in). :param app: Flask application instance :return: None """ debug_toolbar.init_app(app) db.init_app(app) app.session_interface = mongoInterface # init login init_login(app) # Setup Flask-Security user_datastore = MongoEngineUserDatastore(db, User, Role) security = Security(app, user_datastore) # add admin view admin.init_app(app, index_view=HomeView()) # admin.index_view = admin.add_view(CourseView(Course)) admin.add_view(RequirementView(Requirement)) admin.add_view(MajorView(Major)) admin.add_view(QuarterView(Quarter)) admin.add_view(UserView(User)) admin.add_view(RoleView(Role)) admin.add_view(FileUploadView(name='util', endpoint='util')) # define a context processor for merging flask-admin's template context into the # flask-security views. @security.context_processor def security_context_processor(): return dict(admin_base_template=admin.base_template, admin_view=admin.index_view, h=admin_helpers, get_url=url_for) # Create a user to test with @app.before_first_request def create_user(): user_datastore.find_or_create_role(name='superuser', description='Administrator') user_datastore.find_or_create_role(name='user', description='User') if not user_datastore.get_user('admin'): user_datastore.create_user(email='admin', password='******') user_datastore.add_role_to_user('admin', 'superuser') return None
def initdb(): '''Init/reset database.''' if not os.environ.get('PRODUCTION'): db.connection.drop_database(app.config['MONGODB_SETTINGS']['db']) user_datastore = MongoEngineUserDatastore(db, User, Role) admin = user_datastore.create_role(name='admin', description='Admin User') user = user_datastore.create_user( email='*****@*****.**', password=encrypt_password('password') ) user_datastore.add_role_to_user(user, admin)
def init_app(app): login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = '/login' # Setup Flask-Security security = Security() security = security.init_app(app, MongoEngineUserDatastore(db, User, Role)) security.send_mail_task(send_mail) from flask_social_blueprint.core import SocialBlueprint SocialBlueprint.init_bp(app, SocialConnection, url_prefix='/_social') state = app.extensions['security'] state.render_template = render_template app.extensions['security'] = state
def init_app(app): admin = flask_admin.Admin(app=app, name='ProxyPool Admin', base_template="admin/master_base.html", index_view=ProxyPoolAdminIndexView(), template_mode='bootstrap3') admin.add_view(ProxyView(ProxyModel)) admin.add_view(SettingView(SettingModel)) # admin.add_view(ProxyPoolView(ProxyPoolModel)) admin.add_view(FetcherView(FetcherModel)) db = MongoEngine() db.init_app(app) user_datastore = MongoEngineUserDatastore(db, User, Role) init_security(user_datastore, app, admin) init_base_data(user_datastore, app)
def create_app(modo='dev'): instance_path = path.join(path.abspath('.'), 'instancias', modo) # App e blueprints app = Flask('wikizera', instance_path=instance_path, instance_relative_config=True) app.register_blueprint(index_blueprint) # Configurações app.config.from_pyfile('config.py') # UTF-8 por padrão xD app.response_class = Utf8Response # Plugins CORS(app, origins=[app.config['WIKIZERA_REACT_ORIGIN']]) db.init_app(app) Bootstrap(app) admin.configura(app) create_api(app) # Segurança user_datastore = MongoEngineUserDatastore(db, User, Role) Security(app=app, datastore=user_datastore) return app
def mongoengine_setup(request, app, tmpdir, realdburl): from flask_mongoengine import MongoEngine db_name = 'flask_security_test_%s' % str(time.time()).replace('.', '_') app.config['MONGODB_SETTINGS'] = { 'db': db_name, 'host': 'mongomock://localhost', 'port': 27017, 'alias': db_name } db = MongoEngine(app) class Role(db.Document, RoleMixin): name = db.StringField(required=True, unique=True, max_length=80) description = db.StringField(max_length=255) meta = {"db_alias": db_name} class User(db.Document, UserMixin): email = db.StringField(unique=True, max_length=255) username = db.StringField(max_length=255) password = db.StringField(required=False, max_length=255) security_number = db.IntField(unique=True) last_login_at = db.DateTimeField() current_login_at = db.DateTimeField() last_login_ip = db.StringField(max_length=100) current_login_ip = db.StringField(max_length=100) login_count = db.IntField() active = db.BooleanField(default=True) confirmed_at = db.DateTimeField() roles = db.ListField(db.ReferenceField(Role), default=[]) meta = {"db_alias": db_name} def tear_down(): with app.app_context(): db.connection.drop_database(db_name) request.addfinalizer(tear_down) return MongoEngineUserDatastore(db, User, Role)
def init_app(app): # Flask-Login # https://flask-login.readthedocs.org/en/latest/ from flask_login import LoginManager login_manager = LoginManager() login_manager.init_app(app) login_manager.user_loader(load_user) login_manager.login_view = "/login" # Setup Flask-Security security = Security() security = security.init_app(app, MongoEngineUserDatastore(db, User, Role)) security.send_mail_task(send_mail) from flask_social_blueprint.core import SocialBlueprint SocialBlueprint.init_bp(app, SocialConnection, url_prefix="/_social") @app.before_first_request def before_first_request(): for m in [User, Role, SocialConnection]: m.drop_collection()
def create_admin_console(app): # Admin Panel user_datastore = MongoEngineUserDatastore(db, models.User, models.Role) security = Security(app, user_datastore) admin_console = flask_admin.Admin( app, 'Jumiabot System Dashboard', base_template='my_master.html', template_mode='bootstrap3', ) admin_console.add_view(views.RolesView(models.Role)) admin_console.add_view(views.UsersView(models.User)) @security.context_processor def security_context_processor(): return dict(admin_base_template=admin_console.base_template, admin_view=admin_console.index_view, h=admin_helpers, get_url=url_for)
from flask import Blueprint, render_template, redirect, url_for, request, flash from flask_security import login_required, MongoEngineUserDatastore from flask_security.utils import login_user, logout_user from flask_security.utils import verify_and_update_password, encrypt_password from honeyswarm.models import db, User, Role auth = Blueprint('auth', __name__) user_datastore = MongoEngineUserDatastore(db, User, Role) @auth.route('/login') def login(): return render_template("login.html") @auth.route('/login', methods=['POST']) # @csrf_exempt def login_post(): email = request.form.get('email') password = request.form.get('password') remember = True if request.form.get('remember') else False user = User.objects(email=email).first() # ToDo: There is username enumeration here. # Check if enabled account if not user or not user.active: flash('This account has been disabled') return redirect(url_for('auth.login'))
# 不同種權限身份 class Role(security_db.Document, RoleMixin): name = security_db.StringField(max_length=80, unique=True) description = security_db.StringField(max_length=255) # 使用者資訊 class User(security_db.Document, UserMixin): email = security_db.StringField(max_length=255) password = security_db.StringField(max_length=255) active = security_db.BooleanField(default=True) confirmed_at = security_db.DateTimeField() roles = security_db.ListField(security_db.ReferenceField(Role), default=[]) user_datastore = MongoEngineUserDatastore(security_db, Role, User) security = Security(app, user_datastore) def create_user(): print(user_datastore) student_role = user_datastore.find_or_create_role('student') print(student_role) if user_datastore.get_user('Liao') == None: print('345') user_datastore.create_user(email='Liao', password=hashPassword('871029'), roles=[student_role]) #密碼加密