-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.py
More file actions
97 lines (81 loc) · 3.29 KB
/
main.py
File metadata and controls
97 lines (81 loc) · 3.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
from datetime import datetime, timedelta, timezone
from flask import Flask, jsonify
from db import db
import os
from sources.post import blp as PostBlp
from sources.user import blp as AuthorBlp
from flask_jwt_extended import JWTManager, get_jwt, create_access_token, get_jwt_identity, \
set_access_cookies
from models.jwt import BlocklistJwt
from models.user import AuthorModel
from models.post import PostModel
import hashlib
from flask_cors import CORS
def create_app(db_url=None):
app = Flask(__name__, template_folder='templates')
app.config['SQLALCHEMY_DATABASE_URI'] = db_url or os.getenv("DATABASE_URL", "sqlite:///data.db")
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['JWT_SECRET_KEY'] = 'enc_key_for_production_864792' #
app.config['JWT_COOKIE_SECURE'] = False # change to True in production
app.config['JWT_TOKEN_LOCATION'] = ["cookies", "headers"]
app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(hours=5)
app.config['JWT_COOKIE_CSRF_PROTECT'] = False
db.init_app(app)
jwt = JWTManager(app)
cors = CORS(app)
@app.after_request
def refresh_expiring_jwts(response):
try:
exp_timestamp = get_jwt()["exp"]
now = datetime.now(timezone.utc)
target_timestamp = datetime.timestamp(now + timedelta(minutes=30))
if target_timestamp > exp_timestamp:
access_token = create_access_token(identity=get_jwt_identity())
set_access_cookies(response, access_token)
response.headers['Access-Control-Allow-Origin'] = '*'
return response
except (RuntimeError, KeyError) as e:
print(f'Error: {e}')
return response
with app.app_context():
db.create_all()
admin = {"username": "admin", "password": hashlib.sha256("r04S9[*.£Wb6".encode()).hexdigest()}
post = {"title": "Первый пост", "content": "Привет всем, оставляйте здесь интересные заметки."}
db.session.add(AuthorModel(**admin))
db.session.add(PostModel(author_id=1, **post))
db.session.commit()
print('Создан пользователь админ и его пост')
app.register_blueprint(PostBlp)
app.register_blueprint(AuthorBlp)
@jwt.expired_token_loader
def expired_token_loader(jwt_header, jwt_payload):
return (
jsonify(
{"Message": "The token as expired", "error": "token_expired"
}),
401,
)
@jwt.unauthorized_loader
def unauthorized_loader_callback(error):
return (
jsonify(
{"Message": "token is not found.", "error": "missing_token"}
),
401,
)
@jwt.invalid_token_loader
def invalid_token_callback(error):
return (
jsonify(
{"Message": "Signature verification failed.", "error": "invalid_token"}
),
401,
)
@jwt.token_in_blocklist_loader
def check_if_token_in_blocklist(jwt_header, jwt_payload: dict) -> bool:
jti = jwt_payload['jti']
token = db.session.query(BlocklistJwt.id).filter_by(jti=jti).scalar()
return token is not None
return app
appl = create_app()
appl.run(host='0.0.0.0')