# coding=utf-8 from flask import Flask, jsonify from flask_bcrypt import Bcrypt from flask_cors import CORS from flask_marshmallow import Marshmallow from flask_sqlalchemy import SQLAlchemy from flask_session import Session from flask_login import LoginManager from sqlalchemy.orm import sessionmaker from werkzeug.routing import BaseConverter from flask_mail import Mail try: from local_settings import ApplicationConfig except Exception as e: from settings import ApplicationConfig app = Flask(__name__, static_url_path='', static_folder='static', template_folder='templates') app.config.from_object(ApplicationConfig) session = sessionmaker() check_enviroment = ApplicationConfig.CURRENT_SETTINGS print(f"starting server with {check_enviroment} settings") class RegexConverter(BaseConverter): def __init__(self, url_map, *items): super(RegexConverter, self).__init__(url_map) self.regex = items[0] app.url_map.converters['regex'] = RegexConverter app.jinja_env.autoescape = True # configuration UPLOADED_FILES_DEST_ITEM = ApplicationConfig.UPLOADED_FILES_DEST_ITEM UPLOADED_FILES_ALLOW = ApplicationConfig.UPLOADED_FILES_ALLOW CURRENT_SETTINGS = ApplicationConfig.CURRENT_SETTINGS app.config['UPLOADED_FILES_DEST_ITEM'] = ApplicationConfig.UPLOADED_FILES_DEST_ITEM app.config['UPLOADED_FILES_ALLOW'] = ApplicationConfig.UPLOADED_FILES_ALLOW app.config['MAX_CONTENT_LENGTH'] = ApplicationConfig.MAX_CONTENT_LENGTH app.config['SESSION_COOKIE_NAME'] = ApplicationConfig.SESSION_COOKIE_NAME app.config['SESSION_COOKIE_SECURE'] = ApplicationConfig.SESSION_COOKIE_SECURE app.config['SESSION_COOKIE_HTTPONLY'] = ApplicationConfig.SESSION_COOKIE_HTTPONLY app.config['SESSION_COOKIE_SAMESITE'] = ApplicationConfig.SESSION_COOKIE_SAMESITE app.config['SESSION_PERMANENT'] = ApplicationConfig.SESSION_PERMANENT app.config['SESSION_USE_SIGNER'] = ApplicationConfig.SESSION_USE_SIGNER app.config['ORIGIN_URL'] = ApplicationConfig.ORIGIN_URL app.config['CURRENT_SETTINGS'] = ApplicationConfig.CURRENT_SETTINGS app.config['SECRET_KEY'] = ApplicationConfig.SECRET_KEY session.configure(bind=ApplicationConfig.SQLALCHEMY_DATABASE_URI) db = SQLAlchemy(app) bcrypt = Bcrypt(app) server_session = Session(app) ma = Marshmallow(app) mail = Mail(app) login_manager = LoginManager(app) login_manager.session_protection = 'strong' login_manager.anonymous_user = "Guest" @login_manager.request_loader def load_user_from_request(request): from app.classes.auth import Auth_User # first, try to log in using the api_key url arg api_key = request.args.get('api_key') if api_key: user = db.session\ .query(Auth_User)\ .filter_by(api_key=api_key)\ .first() if user: return user # next, try to log in using Basic Auth api_key_auth = request.headers.get('Authorization') if api_key_auth: api_key = api_key_auth.replace('bearer ', '', 1) if api_key.startswith('"') and api_key.endswith('"'): api_key = api_key[1:-1] user = db.session\ .query(Auth_User)\ .filter_by(api_key=api_key)\ .first() if user: return user return None api_main = { "origins": [ApplicationConfig.ORIGIN_URL], "methods": ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS", "HEAD"], "allow_headers": ['Authorization', 'application/json', 'authorization', 'Content-Type', 'Access-Control-Allow-Headers', 'Origin,Accept', 'X-Requested-With', 'Content-Type', 'Access-Control-Request-Method', 'Access-Control-Request-Headers'] } cors = CORS(app, supports_credentials=True, resources={r'/*': api_main}) # bind a function after each request, even if an exception is encountered. @app.teardown_request def teardown_request(error): db.session.remove() @app.teardown_appcontext def teardown_appcontext(error): db.session.remove() @app.errorhandler(500) def internal_error500(): return jsonify({"error": "Internal Error 500"}), 500 @app.errorhandler(502) def internal_error502(): return jsonify({"error": "Internal Error 502"}), 502 @app.errorhandler(404) def internal_error404(): return jsonify({"error": "Internal Error 400"}), 400 @app.errorhandler(401) def internal_error404(): return jsonify({"error": "Internal Error 401"}), 401 @app.errorhandler(400) def internal_error400(): return jsonify({"error": "Internal Error 400"}), 400 @app.errorhandler(413) def to_large_file(): return jsonify({"error": "File is too large. Use a smaller image/file."}), 413 @app.errorhandler(403) def internal_error403(): return jsonify({"error": "Internal Error 403"}), 403 @app.errorhandler(405) def internal_error(): return jsonify({"error": "Internal Error 405"}), 405 # link locations from .admin import admin as admin_blueprint app.register_blueprint(admin_blueprint, url_prefix='/admin') from .main import main as main_blueprint app.register_blueprint(main_blueprint, url_prefix='/main') from .customer import customer as customer_blueprint app.register_blueprint(customer_blueprint, url_prefix='/customer') from .delivery import delivery as delivery_blueprint app.register_blueprint(delivery_blueprint, url_prefix='/delivery') from .delivery_data import delivery_data as delivery_data_blueprint app.register_blueprint(delivery_data_blueprint, url_prefix='/deliverydata') from .delivery_status import deliverystatus as delivery_status_blueprint app.register_blueprint(delivery_status_blueprint, url_prefix='/deliverystatus') from .search import search as search_blueprint app.register_blueprint(search_blueprint, url_prefix='/search') from .reports import reports as reports_blueprint app.register_blueprint(reports_blueprint, url_prefix='/report') from .query import query as query_blueprint app.register_blueprint(query_blueprint, url_prefix='/query') from .payment import payment as payment_blueprint app.register_blueprint(payment_blueprint, url_prefix='/payment') from .auth import auth as auth_blueprint app.register_blueprint(auth_blueprint, url_prefix='/auth') from .employees import employees as employees_blueprint app.register_blueprint(employees_blueprint, url_prefix='/employee') from .info import info as info_blueprint app.register_blueprint(info_blueprint, url_prefix='/info') from .stats import stats as stats_blueprint app.register_blueprint(stats_blueprint, url_prefix='/stats') with app.app_context(): db.configure_mappers() db.create_all() db.session.commit()