-
Notifications
You must be signed in to change notification settings - Fork 3
/
__init__.py
79 lines (63 loc) · 2.48 KB
/
__init__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
from flask import Flask, request
import os
import json
import logging
DEFAULT_CACHE_DURATION = 300
def ensure_secret_key_exists(app: Flask):
import boto3
import botocore
import secrets
# this is where the session secret goes
key = "SECRET_KEY"
s3 = boto3.resource("s3")
bucket = app.config["S3_BUCKET"]
obj = s3.Object(bucket, key)
try:
app.logger.debug(f"ensure_secret_key_exists: Checking for s3 bucket {bucket}")
resp = obj.get()
# the key already exists, so use that instead.
app.config["SECRET_KEY"] = resp["Body"].read().decode("utf-8")
except botocore.exceptions.ClientError as ex:
if ex.response["Error"]["Code"] == "NoSuchKey":
app.config["SECRET_KEY"] = secrets.token_hex()
obj.put(Body=app.config["SECRET_KEY"].encode("utf-8"))
app.logger.info("Created a new SECRET_KEY")
else:
raise
def create_app(config_overrides={}) -> Flask:
app = Flask("serverless-flask")
# Apply a JSON config override from env var if exists
if os.environ.get("JSON_CONFIG_OVERRIDE"):
app.config.update(json.loads(os.environ.get("JSON_CONFIG_OVERRIDE")))
if os.environ.get("DEBUG", False):
app.logger.setLevel(logging.DEBUG)
app.config.update(config_overrides)
import serverless_flask.pages.index
app.register_blueprint(serverless_flask.pages.index.app)
app.logger.debug("Config is: %r" % app.config)
if not app.config.get("UNITTEST", False):
ensure_secret_key_exists(app)
cacheable_methods = set(["GET", "HEAD"])
@app.after_request
def after_request(response):
response.headers["X-Frame-Options"] = "SAMEORIGIN"
response.headers["Content-Security-Policy"] = "frame-ancestors self"
if request.method not in cacheable_methods:
# don't cache if logged in or not cacheable
response.headers["Cache-Control"] = "no-store"
elif not response.headers.get("Cache-Control", False):
# cache for 5 minutes by default, unless otherwise specified.
response.headers["Cache-Control"] = "public, max-age=300"
app.logger.info(
"[from:%s|%s %s]+[%s]=>[%d|%dbytes]"
% (
request.remote_addr,
request.method,
request.url,
request.data,
response.status_code,
response.content_length,
)
)
return response
return app