-
Notifications
You must be signed in to change notification settings - Fork 30
/
app.py
executable file
·143 lines (116 loc) · 5.4 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
'''
* Author : see AUTHORS
* Licence: MIT, see LICENSE
'''
import logging.config
from flask import Flask, Blueprint, request, url_for
from flask_cors import CORS
from flask_login import login_required, current_user
from flask import abort, make_response, jsonify
from werkzeug.http import dump_cookie
from werkzeug.wrappers import Response
import settings
from src.api.apiConfig import api
from src.api.fitcrack.endpoints.chart.chart import ns as chart_namespace
from src.api.fitcrack.endpoints.hashcat.hashcat import ns as hashcat_namespace
from src.api.fitcrack.endpoints.host.hosts import ns as hosts_namespace
from src.api.fitcrack.endpoints.notifications.notifications import ns as notifications_namespace
from src.api.fitcrack.endpoints.job.job import ns as job_namespace
from src.api.fitcrack.endpoints.bins.bins import ns as bins_namespace
from src.api.fitcrack.endpoints.batches.batches import ns as batches_namespace
from src.api.fitcrack.endpoints.serverInfo.server import ns as server_namespace
from src.api.fitcrack.endpoints.user.user import login_manager
from src.api.fitcrack.endpoints.user.user import ns as user_namespace
from src.api.fitcrack.endpoints.dictionary.dictionary import ns as dictionary_namespace
from src.api.fitcrack.endpoints.pcfg.pcfg import ns as pcfg_namespace
from src.api.fitcrack.endpoints.markov.markov import ns as markov_namespace
from src.api.fitcrack.endpoints.masks.masks import ns as masks_namespace
from src.api.fitcrack.endpoints.rule.rule import ns as rule_namespace
from src.api.fitcrack.endpoints.charset.charset import ns as charset_namespace
from src.api.fitcrack.endpoints.directory.directory import ns as directory_ns
from src.api.fitcrack.endpoints.protectedFile.protectedFile import ns as protected_files_ns
from src.api.fitcrack.endpoints.hashCache.hashes import ns as hashes_ns
from src.api.fitcrack.endpoints.jobTemplate.template import ns as template_ns
from src.api.fitcrack.endpoints.logs.logs import ns as logs_ns
from src.api.fitcrack.endpoints.status.status import ns as status_ns
from src.api.fitcrack.endpoints.pcfg.pcfg import ns as pcfg_ns
from src.api.fitcrack.endpoints.settings.settings import ns as settings_ns
from src.database import db
app = Flask(__name__)
def configure_app(flask_app):
flask_app.config['SECRET_KEY'] = 'fitcrack456152'
# flask_app.config['SERVER_NAME'] = settings.FLASK_SERVER_NAME
flask_app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
flask_app.config['SQLALCHEMY_DATABASE_URI'] = settings.SQLALCHEMY_DATABASE_URI
flask_app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = settings.SQLALCHEMY_TRACK_MODIFICATIONS
flask_app.config['SWAGGER_UI_DOC_EXPANSION'] = settings.RESTPLUS_SWAGGER_UI_DOC_EXPANSION
flask_app.config['RESTPLUS_VALIDATE'] = settings.RESTPLUS_VALIDATE
flask_app.config['RESTPLUS_MASK_SWAGGER'] = settings.RESTPLUS_MASK_SWAGGER
flask_app.config['ERROR_404_HELP'] = settings.RESTPLUS_ERROR_404_HELP
flask_app.config['SESSION_COOKIE_SAMESITE'] = None
flask_app.config['SESSION_COOKIE_SECURE'] = True
# flask_app.config['DEBUG'] = True
def set_cookie(response, *args, **kwargs):
cookie = dump_cookie(*args, **kwargs)
if 'samesite' in kwargs and kwargs['samesite'] is None:
cookie = "{}; {}".format(cookie, b'SameSite=None'.decode('latin1'))
response.headers.add(
'Set-Cookie',
cookie
)
Response.set_cookie = set_cookie
def initialize_app(flask_app):
configure_app(flask_app)
blueprint = Blueprint('api', __name__)
api.init_app(blueprint)
api.add_namespace(job_namespace)
api.add_namespace(bins_namespace)
api.add_namespace(batches_namespace)
api.add_namespace(chart_namespace)
api.add_namespace(hosts_namespace)
api.add_namespace(hashcat_namespace)
api.add_namespace(server_namespace)
api.add_namespace(user_namespace)
api.add_namespace(notifications_namespace)
api.add_namespace(dictionary_namespace)
api.add_namespace(pcfg_namespace)
api.add_namespace(markov_namespace)
api.add_namespace(masks_namespace)
api.add_namespace(rule_namespace)
api.add_namespace(charset_namespace)
api.add_namespace(protected_files_ns)
api.add_namespace(directory_ns)
api.add_namespace(hashes_ns)
api.add_namespace(template_ns)
api.add_namespace(logs_ns)
api.add_namespace(status_ns)
api.add_namespace(pcfg_ns)
api.add_namespace(settings_ns)
flask_app.register_blueprint(blueprint)
CORS(app, supports_credentials=True)
return flask_app
@app.before_request
def check_valid_login():
if request.path == '/' or request.blueprint == 'restplus_doc' or request.path == '/swagger.json':
return
if not app.view_functions.get(request.endpoint):
abort(make_response(jsonify(message=('Endpoint ' + request.url + ' not exists.' )), 400))
publicEndpoint = getattr(app.view_functions[request.endpoint].view_class, 'is_public', False)
if not publicEndpoint and request.method != 'OPTIONS':
login_valid = current_user.is_authenticated
if not login_valid:
abort(401)
return
@app.after_request
def bake_cookies(response):
"just a workaround"
if (response.headers.get('Set-Cookie')):
response.headers['Set-Cookie'] += '; SameSite=None; Secure; HttpOnly'
return response
def main():
app.run(host='0.0.0.0', port=5000, threaded=False)
initialize_app(app)
login_manager.init_app(app)
db.init_app(app)
if __name__ == "__main__":
main()