def get_serializer(secret_key=None): if secret_key is None: secret_key = app.config["SECRET_KEY"] return URLSafeSerializer(secret_key)
def get_serializer(secret_key=None): if secret_key is None: secret_key = app.secret_key return URLSafeSerializer(secret_key)
def token(self): return URLSafeSerializer(current_app.config['SECRET_KEY'], salt='new_guest').dumps(str(self.id))
def order_serialize(user_order): serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_ORDER) token = serializer.dumps(user_order.id) return token
def email_serialize(email): serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_EMAIL) token = serializer.dumps(email) return token
import os from enum import Enum from flask import url_for from flask_login import current_user from itsdangerous import URLSafeSerializer json_url = URLSafeSerializer(os.environ.get("SECRET_KEY", "secret_key")) default_instructions = [ "Write your name and student number in the space provided", "Make sure your mobile phone is switched off and place it at the front together with\ any bags, books, coats etc. Then find your seat.", "Remember that talking is not allowed at any time in the exam hall.", "Listen carefully to instructions. Students are required to comply with\ the instructions of invigilators at all times.", "You are not permitted to share stationery, \ calculators or any other materials during the examination.", "If you have a question or need more papers, raise your hand and a teacher\ will come to you. Teachers will not give hints or answers, so please do not ask for them.", "Stop writing immediately when the teacher says it is the end of the exam.", "Leave the exam hall quickly and quietly. Remember to take all your belongings with you.\ (Remember to collect all your belongings from holding rooms.)\ You must remain silent until after you have exited the building.", "Remember! Any form of cheating is not allowed and action will be taken.", ] class CognitiveEnum(Enum): Knowledge = 1 Comprehension = 2
def email_deserialize(email_token): serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_EMAIL) email = serializer.loads(email_token) return email
def get_activation_serializer(secret_key=None): if secret_key is None: secret_key = SECRET_KEY return URLSafeSerializer(secret_key)
def get(self, *args, **kargs): social_name = args[0] dict_arguments = {k: self.request.arguments.get(k)[0].decode('utf-8') for k in self.request.arguments} url_base = self.projectConfig['BACKEND'][self.app_name]['http_address'] if social_name == "google": state = dict_arguments.get("state") q_state = self.DALDatabase( (self.DALDatabase.social_auth.social_name == "google") & (self.DALDatabase.social_auth.request_state == state)).select().first() origin = None if not q_state or q_state.used is True: message = "The authentication request has already been used." return self.write({ 'status': 'Bad Request', 'code': 400, 'message': message, 'i18n': { 'message': self.T(message) } }) else: self.phanterpwa_client_token = q_state.client_token q_state.update_record(used=True) origin = q_state.origin self.DALDatabase.commit() uri = "{0}{1}".format(url_base, self.request.uri) client_id = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_id'] client_secret = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_secret'] redirect_uri = '{0}/api/oauth/redirect/{1}'.format(url_base, social_name) scope = ['openid', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile'] oauth = OAuth2Session(client_id, redirect_uri=redirect_uri, scope=scope) try: token = oauth.fetch_token( 'https://accounts.google.com/o/oauth2/token', authorization_response=uri, client_secret=client_secret) except Exception as e: self.logger_api.warning(e) message = "There was a problem trying to authenticate using a google account." return self.write({ 'status': 'Bad Request', 'code': 400, 'uri': uri, 'message': message, 'i18n': { 'message': self.T(message) } }) else: url_consult = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['remote_address'] googleapi = "{0}?access_token={1}".format( url_consult, quote(token['access_token'])) try: with urllib.request.urlopen(googleapi) as req: googleapi_user = req.read() googleapi_user = json.loads(googleapi_user) except Exception as e: self.logger_api.warning(e) message = "There was a problem trying to load user information on google api." self.set_status(400) return self.write({ 'status': 'Bad Request', 'code': 400, 'uri': googleapi, 'message': message, 'i18n': { 'message': self.T(message) } }) else: email_verified = googleapi_user.get("email_verified", False) if not email_verified: self.logger_api.warning( 'LOGIN BY OAUTH METHOD (EMAIL NOT VERIFIED)\n\tsocial_login: {0}\n\tname: {1}\n\temail: {2}\n\temail_verified: {3}\n\tlocale: {4}'.format( social_name, googleapi_user.get("name", False), googleapi_user.get("email", False), googleapi_user.get("email_verified", False), googleapi_user.get("locale", False), ) ) message = "The google email has not been verified." self.set_status(400) return self.write({ 'status': 'Bad Request', 'code': 400, 'message': message, 'google_api': googleapi_user, 'i18n': { 'message': self.T(message) } }) email = googleapi_user.get('email', None) if email: q_user = self.DALDatabase(self.DALDatabase.auth_user.email == email).select().first() if q_user: self.logger_api.info( 'LOGIN BY OAUTH METHOD\n\tsocial_login: {0}\n\tname: {1}\n\temail: {2}'.format( social_name, googleapi_user.get("name", False), googleapi_user.get("email", False) ) ) q_user.update_record(activated=True) timeout_token_user = self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire_remember_me'] t_user = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], timeout_token_user ) content = { 'id': str(q_user.id), 'email': email } token_user = t_user.dumps(content) token_user = token_user.decode('utf-8') q_role = self.DALDatabase( (self.DALDatabase.auth_membership.auth_user == q_user.id) & (self.DALDatabase.auth_group.id == self.DALDatabase.auth_membership.auth_group) ).select(self.DALDatabase.auth_group.role, orderby=self.DALDatabase.auth_group.grade) roles = [x.role for x in q_role] role = None if roles: role = roles[-1] q_user.update_record(login_attempts=0) t_client = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire'] ) t_url = URLSafeSerializer( self.projectConfig['BACKEND'][self.app_name]["secret_key"], salt="url_secret_key" ) r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first() if r_client: r_client.delete_record() id_client = self.DALDatabase.client.insert(auth_user=q_user.id, date_created=datetime.now()) q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first() content = { 'id_user': str(q_user.id), 'id_client': str(id_client), 'user_agent': self.phanterpwa_user_agent, 'remote_addr': self.phanterpwa_remote_ip } token_url = t_url.dumps(content) token_client = t_client.dumps(content) token_client = token_client.decode('utf-8') q_client.update_record( token=token_client, date_created=datetime.now(), remember_me=True, locked=False, ) if not q_user.permit_mult_login: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == q_user.id) & (self.DALDatabase.client.token != token_client) ).select() if r_client: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == q_user.id) & (self.DALDatabase.client.token != token_client) ).delete() user_image = PhanterpwaGalleryUserImage(q_user.id, self.DALDatabase, self.projectConfig) social_image = googleapi_user.get("picture", None) redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format( origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'], social_name, state ) q_state.update_record(user_credentials=json.dumps({ 'authorization': token_user, 'client_token': token_client, 'url_token': token_url, 'auth_user': { 'id': str(q_user.id), 'first_name': E(q_user.first_name), 'last_name': E(q_user.last_name), 'email': email, 'remember_me': q_client.remember_me, 'roles': roles, 'role': role, 'activated': True, 'image': user_image.id_image, 'social_image': social_image, 'two_factor': False, 'multiple_login': q_user.permit_mult_login, 'social_login': social_name } })) self.DALDatabase.commit() self.set_status(200) return self.write( str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect)))))) else: self.logger_api.warning( 'CREATING ACCOUNT AND LOGIN BY OAUTH METHOD\n\tsocial_login: {0}\n\tname: {1}\n\temail: {2}\n\temail_verified: {3}\n\tlocale: {4}'.format( social_name, googleapi_user.get("name", False), googleapi_user.get("email", False), googleapi_user.get("email_verified", False), googleapi_user.get("locale", False), ) ) new_password = os.urandom(3).hex() password_hash = pbkdf2_sha512.hash("password{0}{1}".format( new_password, self.projectConfig['BACKEND'][self.app_name]['secret_key'])) table = self.DALDatabase.auth_user social_image = googleapi_user.get("picture", None) first_name = googleapi_user.get("given_name", "") last_name = googleapi_user.get("family_name", "") dict_arguments = { "first_name": first_name, "last_name": last_name, "email": email, "password_hash": password_hash, "activated": True } result = FieldsDALValidateDictArgs( dict_arguments, *[table[x] for x in table.fields if x in [ "first_name", "last_name", "email", "password_hash"]] ) r = result.validate_and_insert(self.DALDatabase.auth_user) if r and r.id: q_user = self.DALDatabase(self.DALDatabase.auth_user.id == r.id).select().first() id_user = q_user.id q_user.update_record(activated=True) if r.id == 1: role = "root" id_role = self.DALDatabase(self.DALDatabase.auth_group.role == 'root').select().first() if id_role: self.DALDatabase.auth_membership.insert( auth_user=1, auth_group=id_role.id ) else: role = "user" self.DALDatabase.auth_membership.insert(auth_user=r.id, auth_group=3) t_user = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire'] ) content_user = { 'id': str(r.id), 'email': dict_arguments['email'] } token_user = t_user.dumps(content_user) token_user = token_user.decode('utf-8') token_client = self.phanterpwa_client_token id_client = self.DALDatabase.client.update_or_insert(auth_user=r.id) t_client = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire'] ) t_url = URLSafeSerializer( self.projectConfig['BACKEND'][self.app_name]["secret_key"], salt="url_secret_key" ) content_client = { 'id_user': str(r.id), 'id_client': str(id_client), 'user_agent': self.phanterpwa_user_agent, 'remote_addr': self.phanterpwa_remote_ip } token_url = t_url.dumps(content_client) token_client = t_client.dumps(content_client) token_client = token_client.decode('utf-8') q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first() q_client.update_record( token=token_client, date_created=datetime.now() ) r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first() if r_client: r_client.delete_record() if not q_user.permit_mult_login: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == id_user) & (self.DALDatabase.client.token != self.phanterpwa_client_token) ).select() if r_client: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == id_user) & (self.DALDatabase.client.token != self.phanterpwa_client_token) ).remove() user_image = PhanterpwaGalleryUserImage(r.id, self.DALDatabase, self.projectConfig) self.set_status(201) roles = ["user"] role = "user" redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format( origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'], social_name, state ) q_state.update_record(user_credentials=json.dumps({ 'authorization': token_user, 'client_token': token_client, 'url_token': token_url, 'auth_user': { 'id': str(q_user.id), 'first_name': E(q_user.first_name), 'last_name': E(q_user.last_name), 'email': email, 'remember_me': q_client.remember_me, 'roles': roles, 'role': role, 'activated': True, 'image': user_image.id_image, 'social_image': social_image, 'two_factor': False, 'multiple_login': q_user.permit_mult_login, 'social_login': social_name } })) self.DALDatabase.commit() return self.write( str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect)))))) elif social_name == "facebook": state = dict_arguments.get("state") q_state = self.DALDatabase( (self.DALDatabase.social_auth.social_name == "facebook") & (self.DALDatabase.social_auth.request_state == state)).select().first() origin = None if not q_state: message = "The authentication request has already been used." return self.write({ 'status': 'Bad Request', 'code': 400, 'message': message, 'i18n': { 'message': self.T(message) } }) else: self.phanterpwa_client_token = q_state.client_token origin = q_state.origin q_state.delete_record() self.DALDatabase.commit() uri = "{0}{1}".format(url_base, self.request.uri) client_id = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_id'] client_secret = self.projectConfig['OAUTH_{0}'.format(social_name.upper())]['client_secret'] redirect_uri = '{0}/api/oauth/redirect/{1}'.format(url_base, social_name) oauth = OAuth2Session(client_id, redirect_uri=redirect_uri, scope='email') try: token = oauth.fetch_token( 'https://graph.facebook.com/oauth/access_token', authorization_response=uri, client_secret=client_secret) except Exception as e: self.logger_api.warning(e) message = "There was a problem trying to authenticate using a facebook account." return self.write({ 'status': 'Bad Request', 'code': 400, 'uri': uri, 'message': message, 'i18n': { 'message': self.T(message) } }) else: try: facebook_user = oauth.get( 'https://graph.facebook.com/me?fields=name,first_name,last_name,email,picture') facebookapi_user = json.loads(facebook_user.content) except Exception as e: self.logger_api.warning(e) message = "There was a problem trying to load user information on facebook api." self.set_status(400) return self.write({ 'status': 'Bad Request', 'code': 400, 'message': message, 'i18n': { 'message': self.T(message) } }) else: email = facebookapi_user.get('email', None) social_image = None try: social_image = facebookapi_user["picture"]["data"]["url"] except Exception as e: self.logger_api.warning(e) if email: q_user = self.DALDatabase(self.DALDatabase.auth_user.email == email).select().first() if q_user: q_user.update_record(activated=True) timeout_token_user = self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire_remember_me'] t_user = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], timeout_token_user ) content = { 'id': str(q_user.id), 'email': email } token_user = t_user.dumps(content) token_user = token_user.decode('utf-8') q_role = self.DALDatabase( (self.DALDatabase.auth_membership.auth_user == q_user.id) & (self.DALDatabase.auth_group.id == self.DALDatabase.auth_membership.auth_group) ).select(self.DALDatabase.auth_group.role, orderby=self.DALDatabase.auth_group.grade) roles = [x.role for x in q_role] role = None if roles: role = roles[-1] q_user.update_record(login_attempts=0) t_client = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire'] ) t_url = URLSafeSerializer( self.projectConfig['BACKEND'][self.app_name]["secret_key"], salt="url_secret_key" ) r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first() if r_client: r_client.delete_record() id_client = self.DALDatabase.client.insert(auth_user=q_user.id, date_created=datetime.now()) q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first() content = { 'id_user': str(q_user.id), 'id_client': str(id_client), 'user_agent': self.phanterpwa_user_agent, 'remote_addr': self.phanterpwa_remote_ip } token_url = t_url.dumps(content) token_client = t_client.dumps(content) token_client = token_client.decode('utf-8') q_client.update_record( token=token_client, date_created=datetime.now(), remember_me=True, locked=False, ) if not q_user.permit_mult_login: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == q_user.id) & (self.DALDatabase.client.token != token_client) ).select() if r_client: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == q_user.id) & (self.DALDatabase.client.token != token_client) ).delete() user_image = PhanterpwaGalleryUserImage(q_user.id, self.DALDatabase, self.projectConfig) redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format( origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'], social_name, state ) q_state.update_record(user_credentials=json.dumps({ 'authorization': token_user, 'client_token': token_client, 'url_token': token_url, 'auth_user': { 'id': str(q_user.id), 'first_name': E(q_user.first_name), 'last_name': E(q_user.last_name), 'email': email, 'remember_me': q_client.remember_me, 'roles': roles, 'role': role, 'activated': True, 'image': user_image.id_image, 'social_image': social_image, 'two_factor': False, 'multiple_login': q_user.permit_mult_login, 'social_login': social_name } })) self.DALDatabase.commit() self.set_status(200) return self.write( str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect)))))) else: new_password = os.urandom(3).hex() password_hash = pbkdf2_sha512.hash("password{0}{1}".format( new_password, self.projectConfig['BACKEND'][self.app_name]['secret_key'])) table = self.DALDatabase.auth_user social_image = googleapi_user.get("picture", None) first_name = googleapi_user.get("given_name", "") last_name = googleapi_user.get("family_name", "") dict_arguments = { "first_name": first_name, "last_name": last_name, "email": email, "password_hash": password_hash, "activated": True } result = FieldsDALValidateDictArgs( dict_arguments, *[table[x] for x in table.fields if x in [ "first_name", "last_name", "email", "password_hash"]] ) r = result.validate_and_insert(self.DALDatabase.auth_user) if r and r.id: q_user = self.DALDatabase(self.DALDatabase.auth_user.id == r.id).select().first() id_user = q_user.id q_user.update_record(activated=True) if r.id == 1: role = "root" id_role = self.DALDatabase(self.DALDatabase.auth_group.role == 'root').select().first() if id_role: self.DALDatabase.auth_membership.insert(auth_user=1, auth_group=id_role.id) else: role = "user" self.DALDatabase.auth_membership.insert(auth_user=r.id, auth_group=3) t_user = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], self.projectConfig['BACKEND'][self.app_name]['default_time_user_token_expire'] ) content_user = { 'id': str(r.id), 'email': dict_arguments['email'] } token_user = t_user.dumps(content_user) token_user = token_user.decode('utf-8') token_client = self.phanterpwa_client_token id_client = self.DALDatabase.client.update_or_insert(auth_user=r.id) t_client = Serialize( self.projectConfig['BACKEND'][self.app_name]['secret_key'], self.projectConfig['BACKEND'][self.app_name]['default_time_client_token_expire'] ) t_url = URLSafeSerializer( self.projectConfig['BACKEND'][self.app_name]["secret_key"], salt="url_secret_key" ) content_client = { 'id_user': str(r.id), 'id_client': str(id_client), 'user_agent': self.phanterpwa_user_agent, 'remote_addr': self.phanterpwa_remote_ip } token_url = t_url.dumps(content_client) token_client = t_client.dumps(content_client) token_client = token_client.decode('utf-8') q_client = self.DALDatabase(self.DALDatabase.client.id == id_client).select().first() q_client.update_record( token=token_client, date_created=datetime.now() ) r_client = self.DALDatabase(self.DALDatabase.client.token == self.phanterpwa_client_token).select().first() if r_client: r_client.delete_record() if not q_user.permit_mult_login: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == id_user) & (self.DALDatabase.client.token != self.phanterpwa_client_token) ).select() if r_client: r_client = self.DALDatabase( (self.DALDatabase.client.auth_user == id_user) & (self.DALDatabase.client.token != self.phanterpwa_client_token) ).remove() user_image = PhanterpwaGalleryUserImage(r.id, self.DALDatabase, self.projectConfig) self.set_status(201) roles = ["user"] role = "user" redirect = "{0}#_phanterpwa:/oauth/{1}/{2}".format( origin if origin else self.projectConfig['BACKEND'][self.app_name]['http_address'], social_name, state ) q_state.update_record(user_credentials=json.dumps({ 'authorization': token_user, 'client_token': token_client, 'url_token': token_url, 'auth_user': { 'id': str(q_user.id), 'first_name': E(q_user.first_name), 'last_name': E(q_user.last_name), 'email': email, 'remember_me': q_client.remember_me, 'roles': roles, 'role': role, 'activated': True, 'image': user_image.id_image, 'social_image': social_image, 'two_factor': False, 'multiple_login': q_user.permit_mult_login, 'social_login': social_name } })) self.DALDatabase.commit() return self.write( str(HTML(HEAD(), BODY(SCRIPT("window.location = '{0}'".format(redirect)))))) message = "An error occurred while trying to authenticate." self.set_status(400) return self.write({ 'status': 'Bad Request', 'code': 400, 'message': message, 'i18n': { 'message': self.T(message) } })
def __create_token() -> str: return URLSafeSerializer(app.config[SECRET_KEY]).dumps(TEST_EMAIL)
def send_tag_alert_emails(tag): """ Sends emails to every tag.alert_email :param tag SmartTagChannel: :returns: True if sending process was successful, False otherwise """ if not tag.alert_can_be_sent: return False # to prevent sending several emails by different processes # we sent alert_last_sent_at to current time # it is changed back if sending was unsuccesful previous_sent_time = tag.alert_last_sent_at tag.alert_last_sent_at = datetime.now() tag.save() # noinspection PyBroadException try: tag_edit_url = '{}/configure#/tags/edit/{}'.format( get_var('HOST_DOMAIN'), str(tag.id)) for user_email in tag.alert_emails: s = URLSafeSerializer(get_var('UNSUBSCRIBE_KEY'), get_var('UNSUBSCRIBE_SALT')) email_tag_id = s.dumps((user_email, str(tag.id))) tag_unsubscribe_url = '{}/unsubscribe/tag/{}'.format( get_var('HOST_DOMAIN'), email_tag_id) tag_view_url = '{}/inbound#?tag={}&channel={}'.format( get_var('HOST_DOMAIN'), str(tag.id), str(tag.parent_channel)) msg = Message(subject="Geneys Social Analytics Alert - Smart Tag", sender=_get_sender(), recipients=[user_email]) try: user = User.objects.get(email=user_email) except User.DoesNotExist: user = None msg.html = render_template( "mail/smarttag_alert.html", user_name=user.first_name if user else None, tag_title=tag.title, tag_edit_url=tag_edit_url, tag_unsubscribe_url=tag_unsubscribe_url, tag_view_url=tag_view_url) # get_var('ON_TEST') since when running tests # get_app_mode() returns 'dev' in pool_worker thread try: app_mode = get_app_mode() except RuntimeError: app_mode = 'dev' if app_mode != 'dev' or get_var('ON_TEST'): send_mail(msg) else: LOGGER.info(msg.html) tag.alert_last_sent_at = datetime.now() tag.save() return True except: if previous_sent_time: tag.alert_last_sent_at = previous_sent_time tag.save() return False
from parameterized import parameterized from airflow import DAG from airflow.api_connexion.exceptions import EXCEPTIONS_LINK_MAP from airflow.configuration import conf from airflow.models import DagBag, DagModel from airflow.models.serialized_dag import SerializedDagModel from airflow.operators.dummy import DummyOperator from airflow.security import permissions from airflow.utils.session import provide_session from airflow.www import app from tests.test_utils.api_connexion_utils import assert_401, create_user, delete_user from tests.test_utils.config import conf_vars from tests.test_utils.db import clear_db_dags, clear_db_runs, clear_db_serialized_dags SERIALIZER = URLSafeSerializer(conf.get('webserver', 'secret_key')) FILE_TOKEN = SERIALIZER.dumps(__file__) class TestDagEndpoint(unittest.TestCase): dag_id = "test_dag" task_id = "op1" dag2_id = "test_dag2" dag3_id = "test_dag3" @staticmethod def clean_db(): clear_db_runs() clear_db_dags() clear_db_serialized_dags()
def encrypt_cookie(content): s = URLSafeSerializer(current_app.secret_key, salt='cookie') return s.dumps(content)
def init_app(app): global url_serializer, url_timed_serializer url_serializer = URLSafeSerializer(app.config['SECRET_KEY']) url_timed_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
def remove_token(self, token): s = URLSafeSerializer(self.secret_key) return s.loads(token)
from itsdangerous import URLSafeSerializer auth_s = URLSafeSerializer("secret key", "auth") token = auth_s.dumps({"id": 1, "name": "name"}) print(token) data = auth_s.loads(token) print(data["name"])
import json from flask import g from find_restaurant.member.views import dbsession from find_restaurant.member.models import User from oauth2client import client from flask_httpauth import HTTPBasicAuth, HTTPTokenAuth from itsdangerous import URLSafeSerializer from config import SECRET_KEY, GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET auth = HTTPTokenAuth() s = URLSafeSerializer(SECRET_KEY) def verify_token(token): user_id = User.verify_auth_token(token) if user_id: user = dbsession.query(User).filter_by(id=user_id).one() if not user: return False g.user = user return True def google_login(auth_code): try: oauth_flow = client.OAuth2WebServerFlow( client_id=GOOGLE_CLIENT_ID, client_secret=GOOGLE_CLIENT_SECRET, scope='profile email', redirect_uri='http://localhost:5000/dashboard') oauth_flow.redirect_uri = 'postmessage'
def index(): uid = current_user.id s = URLSafeSerializer('') s.dumps({'uid': uid}) return request.args.get('i')
def _serializer(self): return URLSafeSerializer(SECRET_KEY, salt=self.salt)
#encoding:utf8 #url安全序列化 #防篡改 #明文加密传输 #更多相关知识请看https://itsdangerous.readthedocs.io/en/latest/ from itsdangerous import URLSafeSerializer s = URLSafeSerializer('secret-key') print(s.dumps([1, 2, 3, 4])) #WzEsMiwzLDRd.wSPHqC0gR7VUqivlSukJ0IeTDgo print(s.loads('WzEsMiwzLDRd.wSPHqC0gR7VUqivlSukJ0IeTDgo'))
def order_product_deserialize_old(order_product_token): serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_ORDER_PRODUCT) order_product_id = serializer.loads(order_product_token) order_product = OrderProduct.query.filter_by(id=order_product_id).one() return order_product
def make_tokenizer(salt): """ Instantiate a tokenizer for the given salt. """ signer = URLSafeSerializer(get_secret(), salt=salt) return signer.dumps
def order_deserialize(order_token): serializer = URLSafeSerializer(SECRET_KEY, salt=SALT_ORDER) order_id = serializer.loads(order_token) user_order = Order.query.filter_by(id=order_id).one() return user_order
super(SQLAlchemy, self).apply_pool_defaults(app, options) options["pool_pre_ping"] = True # Creating and Initializing db object of SQLAlchemy class db = SQLAlchemy(app) db.init_app(app) migrate = Migrate(app, db, render_as_batch=True) with app.app_context(): if db.engine.url.drivername == 'sqlite': migrate.init_app(app, db, render_as_batch=True) else: migrate.init_app(app, db) manager = Manager(app) manager.add_command('db', MigrateCommand) # Creating serializer object of URLSafeSerializer class for serializing session_token serializer = URLSafeSerializer(app.secret_key) # Here we set session_token as our user_loader. from bookstore.client.views import client # from bookstore.admin.views import admin app.register_blueprint(client) # app.register_blueprint(myadmin, url_prefix='/admin')
import logging from flask import abort, redirect, render_template, request, url_for from itsdangerous import URLSafeSerializer, BadSignature from structlog import wrap_logger from frontstage import app from frontstage.views.passwords import reset_password from frontstage.models import ForgotPasswordForm from frontstage.views.passwords import passwords_bp logger = wrap_logger(logging.getLogger(__name__)) BAD_AUTH_ERROR = 'Unauthorized user credentials' url_safe_serializer = URLSafeSerializer(app.config['SECRET_KEY']) @passwords_bp.route('/forgot-password', methods=['GET']) def get_forgot_password(): form = ForgotPasswordForm(request.form) return render_template('passwords/forgot-password.html', form=form) @passwords_bp.route('/forgot-password', methods=['POST']) def post_forgot_password(): form = ForgotPasswordForm(request.form) email = form.data.get('email_address').strip() if form.validate(): return reset_password.request_password_change(email)
def generate_token(self, email): s = URLSafeSerializer(self.secret_key) token = s.dumps(email) return token
from app import db, login, app from flask_login import UserMixin from werkzeug.security import generate_password_hash, check_password_hash from itsdangerous import URLSafeSerializer import datetime login_serializer = URLSafeSerializer(app.config['SECRET_KEY']) @login.user_loader def load_user(session_token): return User.query.filter_by(session_token=session_token).first() class User(UserMixin, db.Model): id = db.Column(db.Integer, primary_key=True) username = db.Column(db.VARCHAR(256), index=True, unique=True) email = db.Column(db.VARCHAR(256), index=True, unique=True) password = db.Column(db.VARCHAR(256)) session_token = db.Column(db.VARCHAR(256)) active = db.Column(db.BOOLEAN(), default=1) first_login = db.Column(db.BOOLEAN(), default=1) admin = db.Column(db.BOOLEAN(), default=0) cards = db.relationship('Card', secondary='user_card_lookup', lazy='dynamic') preferences = db.relationship('UserPreference', backref='user', lazy='dynamic') def __repr__(self):
def confirm_token(self, token): s = URLSafeSerializer(self.secret_key) result = s.loads(token) return result
import re from datetime import datetime, time from enum import Enum from io import BytesIO from flask import current_app, render_template, send_file from itsdangerous import BadData, Signer, URLSafeSerializer, URLSafeTimedSerializer from werkzeug.local import LocalProxy DATE_FORMAT = '%Y-%m-%d' DATETIME_FORMAT = '%Y-%m-%dT%H:%M' secure_serializer = LocalProxy( lambda: URLSafeSerializer(current_app.config['SECRET_KEY'], b'newdle')) secure_timed_serializer = LocalProxy(lambda: URLSafeTimedSerializer( current_app.config['SECRET_KEY'], b'newdle')) class AutoNameEnum(Enum): def _generate_next_value_(name, start, count, last_values): return name def parse_dt(text): return datetime.strptime(text, DATETIME_FORMAT) def format_dt(dt): return dt.strftime(DATETIME_FORMAT)
def encrypt(text): secret_key = current_app.config.get('SECRET_KEY', 'never') s = URLSafeSerializer(secret_key) return s.dumps(text)