From 1a6cd10d09c3eec9b20b4346fd0d44dcbfe295f7 Mon Sep 17 00:00:00 2001 From: Matt Wright Date: Thu, 8 Mar 2012 23:02:39 -0500 Subject: [PATCH] Changed configuration values to use the prefix "SECURITY_" instead of a nested dictionary for easier overidding --- example/app.py | 5 ++- flask_security/__init__.py | 76 +++++++++++++++++++------------------- tests/functional_tests.py | 14 +++---- 3 files changed, 50 insertions(+), 45 deletions(-) diff --git a/example/app.py b/example/app.py index a0e7356..9d0c914 100644 --- a/example/app.py +++ b/example/app.py @@ -36,7 +36,10 @@ def create_app(auth_config): app = Flask(__name__) app.debug = True app.config['SECRET_KEY'] = 'secret' - app.config['AUTH'] = auth_config or {} + + if auth_config: + for key, value in auth_config.items(): + app.config[key] = value @app.route('/') def index(): diff --git a/flask_security/__init__.py b/flask_security/__init__.py index d05ffc0..722e706 100644 --- a/flask_security/__init__.py +++ b/flask_security/__init__.py @@ -36,18 +36,16 @@ from werkzeug.local import LocalProxy User, Role = None, None -AUTH_CONFIG_KEY = 'AUTH' -URL_PREFIX_KEY = 'url_prefix' -USER_MODEL_ENGINE_KEY = 'user_model_engine' -AUTH_PROVIDER_KEY = 'auth_provider' -PASSWORD_HASH_KEY = 'password_hash' -USER_DATASTORE_NAME_KEY = 'user_datastore_name' -LOGIN_FORM_KEY = 'login_form' -AUTH_URL_KEY = 'auth_url' -LOGOUT_URL_KEY = 'logout_url' -LOGIN_VIEW_KEY = 'login_view' -POST_LOGIN_VIEW_KEY = 'post_login_view' -POST_LOGOUT_VIEW_KEY = 'post_logout_view' +URL_PREFIX_KEY = 'SECURITY_URL_PREFIX' +AUTH_PROVIDER_KEY = 'SECURITY_AUTH_PROVIDER' +PASSWORD_HASH_KEY = 'SECURITY_PASSWORD_HASH' +USER_DATASTORE_KEY = 'SECURITY_USER_DATASTORE' +LOGIN_FORM_KEY = 'SECURITY_LOGIN_FORM' +AUTH_URL_KEY = 'SECURITY_AUTH_URL' +LOGOUT_URL_KEY = 'SECURITY_LOGOUT_URL' +LOGIN_VIEW_KEY = 'SECURITY_LOGIN_VIEW' +POST_LOGIN_KEY = 'SECURITY_POST_LOGIN' +POST_LOGOUT_KEY = 'SECURITY_POST_LOGOUT' DEBUG_LOGIN = 'User %s logged in. Redirecting to: %s' ERROR_LOGIN = 'Unsuccessful authentication attempt: %s. Redirecting to: %s' @@ -56,16 +54,16 @@ FLASH_INACTIVE = 'Inactive user' FLASH_PERMISSIONS = 'You do not have permission to view this resource.' default_config = { - URL_PREFIX_KEY: None, - PASSWORD_HASH_KEY: 'plaintext', - USER_DATASTORE_NAME_KEY: 'user_datastore', - AUTH_PROVIDER_KEY: 'flask.ext.security.AuthenticationProvider', - LOGIN_FORM_KEY: 'flask.ext.security.LoginForm', - AUTH_URL_KEY: '/auth', - LOGOUT_URL_KEY: '/logout', - LOGIN_VIEW_KEY: '/login', - POST_LOGIN_VIEW_KEY: '/', - POST_LOGOUT_VIEW_KEY: '/', + URL_PREFIX_KEY: None, + PASSWORD_HASH_KEY: 'plaintext', + USER_DATASTORE_KEY: 'user_datastore', + AUTH_PROVIDER_KEY: 'flask.ext.security.AuthenticationProvider', + LOGIN_FORM_KEY: 'flask.ext.security.LoginForm', + AUTH_URL_KEY: '/auth', + LOGOUT_URL_KEY: '/logout', + LOGIN_VIEW_KEY: '/login', + POST_LOGIN_KEY: '/', + POST_LOGOUT_KEY: '/', } class BadCredentialsError(Exception): @@ -110,7 +108,7 @@ pwd_context = LocalProxy(lambda: current_app.pwd_context) # User service user_datastore = LocalProxy(lambda: getattr(current_app, - current_app.config[AUTH_CONFIG_KEY][USER_DATASTORE_NAME_KEY])) + current_app.config[USER_DATASTORE_KEY])) def roles_required(*args): roles = args @@ -119,8 +117,7 @@ def roles_required(*args): @wraps(fn) def decorated_view(*args, **kwargs): if not current_user.is_authenticated(): - c = current_app.config[AUTH_CONFIG_KEY] - return redirect(c[LOGIN_VIEW_KEY]) + return redirect(current_app.config[LOGIN_VIEW_KEY]) if perm.can(): return fn(*args, **kwargs) @@ -140,8 +137,7 @@ def roles_accepted(*args): @wraps(fn) def decorated_view(*args, **kwargs): if not current_user.is_authenticated(): - c = current_app.config[AUTH_CONFIG_KEY] - return redirect(c[LOGIN_VIEW_KEY]) + return redirect(current_app.config[LOGIN_VIEW_KEY]) for perm in perms: if perm.can(): @@ -198,11 +194,18 @@ class Security(object): """ if app is None or datastore is None: return - blueprint = Blueprint(AUTH_CONFIG_KEY.lower(), __name__) + blueprint = Blueprint('auth', __name__) - config = default_config.copy() - config.update(app.config.get(AUTH_CONFIG_KEY, {})) - app.config[AUTH_CONFIG_KEY] = config + configured = {} + + for key, value in default_config.items(): + configured[key] = app.config.get(key, value) + + app.config.update(configured) + config = app.config + #config = default_config.copy() + #config.update(app.config.get(AUTH_CONFIG_KEY, {})) + #app.config[AUTH_CONFIG_KEY] = config # setup the login manager extension login_manager = LoginManager() @@ -219,7 +222,7 @@ class Security(object): app.auth_provider = Provider(Form) app.principal = Principal(app) - setattr(app, config[USER_DATASTORE_NAME_KEY], datastore) + setattr(app, config[USER_DATASTORE_KEY], datastore) @identity_loaded.connect_via(app) def on_identity_loaded(sender, identity): @@ -270,7 +273,7 @@ class Security(object): identity_changed.send(app, identity=AnonymousIdentity()) logout_user() - redirect_url = find_redirect(POST_LOGOUT_VIEW_KEY, config) + redirect_url = find_redirect(POST_LOGOUT_KEY) logger.debug(DEBUG_LOGOUT % redirect_url) return redirect(redirect_url) @@ -361,14 +364,13 @@ def get_url(value): def get_post_login_redirect(): return (get_url(request.args.get('next')) or get_url(request.form.get('next')) or - find_redirect(POST_LOGIN_VIEW_KEY, - current_app.config[AUTH_CONFIG_KEY])) + find_redirect(POST_LOGIN_KEY)) -def find_redirect(key, config): +def find_redirect(key): # Look in the session first, and if not there go to the config, and # if its not there either just go to the root url result = (get_url(session.get(key.lower(), None)) or - get_url(config[key.lower()] or None) or '/') + get_url(current_app.config[key] or None) or '/') # Try and delete the session value if it was used try: del session[key.lower()] except: pass diff --git a/tests/functional_tests.py b/tests/functional_tests.py index fbd7bc5..04a6271 100644 --- a/tests/functional_tests.py +++ b/tests/functional_tests.py @@ -104,13 +104,13 @@ class DefaultSecurityTests(SecurityTest): class ConfiguredSecurityTests(SecurityTest): AUTH_CONFIG = { - 'password_hash': 'bcrypt', - 'user_datastore_name': 'custom_datastore_name', - 'auth_url': '/custom_auth', - 'logout_url': '/custom_logout', - 'login_view': '/custom_login', - 'post_login_view': '/post_login', - 'post_logout_view': '/post_logout' + 'SECURITY_PASSWORD_HASH': 'bcrypt', + 'SECURITY_USER_DATASTORE': 'custom_datastore_name', + 'SECURITY_AUTH_URL': '/custom_auth', + 'SECURITY_LOGOUT_URL': '/custom_logout', + 'SECURITY_LOGIN_VIEW': '/custom_login', + 'SECURITY_POST_LOGIN': '/post_login', + 'SECURITY_POST_LOGOUT': '/post_logout' } def test_login_view(self):