flask-security/example/app.py

# -*- coding: utf-8 -*-

# a little trick so you can run:
# $ python example/app.py
# from the root of the security project
import os
import sys
sys.path.pop(0)
sys.path.insert(0, os.getcwd())

from flask import Flask, render_template, current_app
from flask.ext.mail import Mail
from flask.ext.mongoengine import MongoEngine
from flask.ext.sqlalchemy import SQLAlchemy
from flask.ext.security import Security, LoginForm, login_required, \
     roles_required, roles_accepted, UserMixin, RoleMixin
from flask.ext.security.datastore import SQLAlchemyUserDatastore, \
     MongoEngineUserDatastore
from flask.ext.security.decorators import http_auth_required, \
     auth_token_required


def create_roles():
    for role in ('admin', 'editor', 'author'):
        current_app.security.datastore.create_role(name=role)


def create_users():
    for u in  (('matt@lp.com', 'password', ['admin'], True),
               ('joe@lp.com', 'password', ['editor'], True),
               ('dave@lp.com', 'password', ['admin', 'editor'], True),
               ('jill@lp.com', 'password', ['author'], True),
               ('tiya@lp.com', 'password', [], False)):
        current_app.security.datastore.create_user(
            email=u[0], password=u[1], roles=u[2], active=u[3])


def populate_data():
    create_roles()
    create_users()


def create_app(auth_config):
    app = Flask(__name__)
    app.debug = True
    app.config['SECRET_KEY'] = 'secret'

    if auth_config:
        for key, value in auth_config.items():
            app.config[key] = value

    app.mail = Mail(app)

    @app.route('/')
    def index():
        return render_template('index.html', content='Home Page')

    @app.route('/login')
    def login():
        return render_template('login.html', content='Login Page', form=LoginForm())

    @app.route('/custom_login')
    def custom_login():
        return render_template('login.html', content='Custom Login Page', form=LoginForm())

    @app.route('/profile')
    @login_required
    def profile():
        return render_template('index.html', content='Profile Page')

    @app.route('/post_login')
    @login_required
    def post_login():
        return render_template('index.html', content='Post Login')

    @app.route('/http')
    @http_auth_required
    def http():
        return render_template('index.html', content='HTTP Authentication')

    @app.route('/http_custom_realm')
    @http_auth_required('My Realm')
    def http_custom_realm():
        return render_template('index.html', content='HTTP Authentication')

    @app.route('/token')
    @auth_token_required
    def token():
        return render_template('index.html', content='Token Authentication')

    @app.route('/post_logout')
    def post_logout():
        return render_template('index.html', content='Post Logout')

    @app.route('/post_register')
    def post_register():
        return render_template('index.html', content='Post Register')

    @app.route('/admin')
    @roles_required('admin')
    def admin():
        return render_template('index.html', content='Admin Page')

    @app.route('/admin_and_editor')
    @roles_required('admin', 'editor')
    def admin_and_editor():
        return render_template('index.html', content='Admin and Editor Page')

    @app.route('/admin_or_editor')
    @roles_accepted('admin', 'editor')
    def admin_or_editor():
        return render_template('index.html', content='Admin or Editor Page')

    @app.route('/unauthorized')
    def unauthorized():
        return render_template('unauthorized.html')

    return app


def create_sqlalchemy_app(auth_config=None, register_blueprint=True):
    app = create_app(auth_config)
    app.config['SQLALCHEMY_DATABASE_URI'] = 'mysql://root@localhost/flask_security_test'

    db = SQLAlchemy(app)

    roles_users = db.Table('roles_users',
        db.Column('user_id', db.Integer(), db.ForeignKey('user.id')),
        db.Column('role_id', db.Integer(), db.ForeignKey('role.id')))

    class Role(db.Model, RoleMixin):
        id = db.Column(db.Integer(), primary_key=True)
        name = db.Column(db.String(80), unique=True)
        description = db.Column(db.String(255))

    class User(db.Model, UserMixin):
        id = db.Column(db.Integer, primary_key=True)
        email = db.Column(db.String(255), unique=True)
        password = db.Column(db.String(255))
        remember_token = db.Column(db.String(255))
        last_login_at = db.Column(db.DateTime())
        current_login_at = db.Column(db.DateTime())
        last_login_ip = db.Column(db.String(100))
        current_login_ip = db.Column(db.String(100))
        login_count = db.Column(db.Integer)
        active = db.Column(db.Boolean())
        confirmed_at = db.Column(db.DateTime())
        authentication_token = db.Column(db.String(255))
        roles = db.relationship('Role', secondary=roles_users,
                                backref=db.backref('users', lazy='dynamic'))

    app.security = Security(app, SQLAlchemyUserDatastore(db, User, Role),
                            register_blueprint=register_blueprint)

    if not register_blueprint:
        from example import security
        blueprint = security.create_blueprint(app, 'flask_security', __name__)
        app.register_blueprint(blueprint)

    @app.before_first_request
    def before_first_request():
        db.drop_all()
        db.create_all()
        populate_data()

    return app


def create_mongoengine_app(auth_config=None):
    app = create_app(auth_config)
    app.config['MONGODB_DB'] = 'flask_security_test'
    app.config['MONGODB_HOST'] = 'localhost'
    app.config['MONGODB_PORT'] = 27017

    db = MongoEngine(app)

    class Role(db.Document, RoleMixin):
        name = db.StringField(required=True, unique=True, max_length=80)
        description = db.StringField(max_length=255)

    class User(db.Document, UserMixin):
        email = db.StringField(unique=True, max_length=255)
        password = db.StringField(required=True, max_length=255)
        remember_token = db.StringField(max_length=255)
        last_login_at = db.DateTimeField()
        current_login_at = db.DateTimeField()
        last_login_ip = db.StringField(max_length=100)
        current_login_ip = db.StringField(max_length=100)
        login_count = db.IntField()
        active = db.BooleanField(default=True)
        confirmed_at = db.DateTimeField()
        authentication_token = db.StringField(max_length=255)
        roles = db.ListField(db.ReferenceField(Role), default=[])

    app.security = Security(app, MongoEngineUserDatastore(db, User, Role))

    @app.before_first_request
    def before_first_request():
        User.drop_collection()
        Role.drop_collection()
        populate_data()

    return app

if __name__ == '__main__':
    app = create_sqlalchemy_app()
    #app = create_mongoengine_app()
    app.run()