Merge pull request #61 from filak/dev-1.6.7

Version 1.6.7
filak · Oct 17, 2024 · c1664ad · c1664ad
2 parents 6bff070 + fd6d654
commit c1664ad
Show file tree

Hide file tree

Showing 11 changed files with 100 additions and 77 deletions.
diff --git a/flask-app/application/modules/auth.py b/flask-app/application/modules/auth.py
@@ -2,16 +2,24 @@
 from itsdangerous import URLSafeTimedSerializer
 from secrets import compare_digest
 
-from flask import abort, request, session, redirect, url_for, has_app_context, has_request_context
+from flask import (
+    abort,
+    request,
+    session,
+    redirect,
+    url_for,
+    has_app_context,
+    has_request_context,
+)
 from flask import current_app as app
 
 
 def login_required(f):
     @wraps(f)
     def secure_function(*args, **kwargs):
-        if not session.get('logged_in'):
-            session['next'] = request.url
-            return redirect(url_for('login'))
+        if not session.get("logged_in"):
+            session["next"] = request.url
+            return redirect(url_for("login"))
         return f(*args, **kwargs)
 
     return secure_function
@@ -22,8 +30,8 @@ def decorator(f):
         @wraps(f)
         def check_public(*args, **kwargs):
 
-            if app.config.get('API_STATUS') == 'private':
-                if not app.config.get('APP_RELAXED'):
+            if app.config.get("API_STATUS") == "private":
+                if not app.config.get("APP_RELAXED"):
 
                     if not validateBasicAuth():
                         abort(403)
@@ -40,100 +48,109 @@ def check_public(*args, **kwargs):
             return f(*args, **kwargs)
 
         return check_public
+
     return decorator
 
 
 def validateBasicAuth():
     if has_request_context():
-        if app.config.get('API_AUTH_BASIC'):
-            user, pwd = app.config.get('API_AUTH_BASIC')
+        if app.config.get("API_AUTH_BASIC"):
+            user, pwd = app.config.get("API_AUTH_BASIC")
             if user and pwd:
                 auth = request.authorization
                 if (
-                    auth is not None and
-                    auth.type == 'basic' and
-                    auth.username == user and
-                    compare_digest(auth.password, pwd)
+                    auth is not None
+                    and auth.type == "basic"  # noqa W503
+                    and auth.username == user  # noqa W503
+                    and compare_digest(auth.password, pwd)  # noqa W503
                 ):
                     return True
         else:
             return True
 
     if has_app_context():
-        app.logger.error('Basic Auth failed')
+        app.logger.error("Basic Auth failed")
 
 
 def getReqHost():
     if has_request_context():
-        return str(request.host).strip().split(':')[0]
+        return str(request.host).strip().split(":")[0]
 
 
 def getReqOrigin():
     if has_request_context():
         if request.origin:
-            origin = str(request.origin).strip().replace('https://', '').replace('http://', '').strip()
-            return origin.split(':')[0]
+            origin = (
+                str(request.origin)
+                .strip()
+                .replace("https://", "")
+                .replace("http://", "")
+                .strip()
+            )
+            return origin.split(":")[0]
         return getReqHost()
 
 
 def validateRequest(token=None):
 
     if not has_app_context():
-        return (418, 'No app context')
+        return (418, "No app context")
 
     if not has_request_context():
-        return (418, 'No request context')
+        return (418, "No request context")
 
     if not token:
-        if request.method == 'GET':
-            token = request.args.get('token')
+        if request.method == "GET":
+            token = request.args.get("token")
 
         if not token:
-            token = request.headers.get(app.config['WORKER_HEADER'])
+            token = request.headers.get(app.config["WORKER_HEADER"])
 
     if not token:
-        errmsg = 'Missing token'
+        errmsg = "Missing token"
         return (403, errmsg)
 
-    token_data = decodeApiToken(token,
-                                app.config.get('API_KEY'),
-                                salt=app.config.get('API_SCOPE'),
-                                max_age=app.config.get('API_MAX_AGE'))
+    token_data = decodeApiToken(
+        token,
+        app.config.get("API_KEY"),
+        salt=app.config.get("API_SCOPE"),
+        max_age=app.config.get("API_MAX_AGE"),
+    )
 
     if not token_data:
-        errmsg = 'Invalid token'
+        errmsg = "Invalid token"
         return (403, errmsg)
 
     host = getReqHost()
-    host_token = str(token_data).strip().split(':')[0]
+    host_token = str(token_data).strip().split(":")[0]
 
-    errmsg = check_hostnames(host, host_token, ttype='request')
+    errmsg = check_hostnames(host, host_token, ttype="request")
 
     if errmsg:
         return (403, errmsg)
     else:
-        return (200, 'OK')
+        return (200, "OK")
 
 
-def check_hostnames(host, host_token, ttype='request'):
+def check_hostnames(host, host_token, ttype="request"):
 
-    if host_token not in ['localhost', '127.0.0.1']:
+    if host_token not in ["localhost", "127.0.0.1"]:
 
-        app_host = app.config.get('SERVER_NAME', app.config.get('APP_HOST'))
+        app_host = app.config.get("SERVER_NAME", app.config.get("APP_HOST"))
 
         if app_host and host_token != app_host:
-            errmsg = 'Invalid ' + ttype + ' from : ' + host
-            if ttype == 'request':
-                errmsg += ' : ' + get_headers_log()
+            errmsg = "Invalid " + ttype + " from : " + host
+            if ttype == "request":
+                errmsg += " : " + get_headers_log()
             return errmsg
 
 
 def get_headers_log():
-    headers = ''
+    headers = ""
     try:
         headers = request.headers.environ
     except:  # noqa: E722
-        headers = 'NO_HEADERS'
+        headers = "NO_HEADERS"
     return str(headers)
 
 
@@ -145,16 +162,16 @@ def decodeApiToken(token, secret, salt=None, max_age=10):
         return False
 
 
-def genApiToken(secret, salt='', data=''):
+def genApiToken(secret, salt="", data=""):
     s = URLSafeTimedSerializer(secret, salt=salt)
     return s.dumps(data)
 
 
-def genApiHeaders(data='check'):
-    api_token = genApiToken(app.config['API_KEY'],
-                            salt=app.config['API_SCOPE'],
-                            data=data)
-    hdr = app.config['WORKER_HEADER']
+def genApiHeaders(data="check"):
+    api_token = genApiToken(
+        app.config["API_KEY"], salt=app.config["API_SCOPE"], data=data
+    )
+    hdr = app.config["WORKER_HEADER"]
     headers = {hdr: api_token}
 
     return headers
diff --git a/flask-app/application/static/jq-ui/jquery-ui.min.css b/flask-app/application/static/jq-ui/jquery-ui.min.css
diff --git a/flask-app/application/static/jq-ui/jquery-ui.min.js b/flask-app/application/static/jq-ui/jquery-ui.min.js
diff --git a/flask-app/application/static/jq-ui/jquery-ui.structure.min.css b/flask-app/application/static/jq-ui/jquery-ui.structure.min.css