app/__init__.py

import os
import re

from flask import Flask, session, Markup
from flask._compat import string_types
from flask.ext.sqlalchemy import SQLAlchemy
from flask_login import LoginManager
from flask_wtf import CsrfProtect
from werkzeug.exceptions import abort

from app.notify_client.api_client import AdminAPIClient
from app.its_dangerous_session import ItsdangerousSessionInterface
import app.proxy_fix
from config import configs


db = SQLAlchemy()
login_manager = LoginManager()
csrf = CsrfProtect()

admin_api_client = AdminAPIClient()


def create_app(config_name):
    application = Flask(__name__)

    application.config['NOTIFY_API_ENVIRONMENT'] = config_name
    application.config.from_object(configs[config_name])
    if 'FLASK_CONFIG' in os.environ:
        application.config.from_envvar('FLASK_CONFIG')
    db.init_app(application)
    init_app(application)
    init_csrf(application)

    login_manager.init_app(application)
    login_manager.login_view = 'main.render_sign_in'

    from app.main import main as main_blueprint
    application.register_blueprint(main_blueprint)

    proxy_fix.init_app(application)

    application.session_interface = ItsdangerousSessionInterface()
    admin_api_client.init_app(application)

    application.add_template_filter(placeholders)
    application.add_template_filter(replace_placeholders)

    return application


def init_csrf(application):
    csrf.init_app(application)

    @csrf.error_handler
    def csrf_handler(reason):
        if 'user_id' not in session:
            application.logger.info(
                u'csrf.session_expired: Redirecting user to log in page'
            )

            return application.login_manager.unauthorized()

        application.logger.info(
            u'csrf.invalid_token: Aborting request, user_id: {user_id}',
            extra={'user_id': session['user_id']})

        abort(400, reason)


def init_app(app):
    for key, value in app.config.items():
        if key in os.environ:
            app.config[key] = convert_to_boolean(os.environ[key])

    @app.context_processor
    def inject_global_template_variables():
        return {'asset_path': '/static/'}


def convert_to_boolean(value):
    if isinstance(value, string_types):
        if value.lower() in ['t', 'true', 'on', 'yes', '1']:
            return True
        elif value.lower() in ['f', 'false', 'off', 'no', '0']:
            return False

    return value


def placeholders(value):
    if not value:
        return value
    return Markup(re.sub(
        r"\(\(([^\)]+)\)\)",  # anything that looks like ((registration number))
        lambda match: "<span class='placeholder'>{}</span>".format(match.group(1)),
        value
    ))


def replace_placeholders(template, values):
    if not template:
        return template
    return Markup(re.sub(
        r"\(\(([^\)]+)\)\)",  # anything that looks like ((registration number))
        lambda match: values.get(match.group(1), ''),
        template
    ))
Introduce config file for application 2015-11-24 09:40:14 +00:00			`import os`
Add a template filter for message placeholders As a first guess placeholders can be added to messages with the `((placeholder))` syntax. This commit adds a Jinja template filter to convert strings containing said-formatted strings into HTML, which can then be styled to highlight which parts will be substituted in messages. 2015-12-10 16:26:53 +00:00			`import re`
108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00
Add a template filter for message placeholders As a first guess placeholders can be added to messages with the `((placeholder))` syntax. This commit adds a Jinja template filter to convert strings containing said-formatted strings into HTML, which can then be styled to highlight which parts will be substituted in messages. 2015-12-10 16:26:53 +00:00			`from flask import Flask, session, Markup`
Introduce config file for application 2015-11-24 09:40:14 +00:00			`from flask._compat import string_types`
108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00			`from flask.ext.sqlalchemy import SQLAlchemy`
108536490: Adding the login manager and csrf token. Still need to figure out how to override the load_user method, currently it is not working. 2015-11-27 16:25:56 +00:00			`from flask_login import LoginManager`
			`from flask_wtf import CsrfProtect`
108536490: Implement LoginManager for the admin app. Also added csrf error handler, will make the session unauthorized if the csrf token is invalid. 2015-11-30 11:21:51 +00:00			`from werkzeug.exceptions import abort`
108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00
108537814: Implementation of 3 factor authentication. The post register endpoint will send a random 5 digit code via sms and another via email. If either code fails to send, the user will not be created and the person can register again. The codes are saved to the session cookie, and expire in 1 hour. Another iteration of this story will save the codes to a database. 2015-12-04 14:40:16 +00:00			`from app.notify_client.api_client import AdminAPIClient`
108536490: Use ItsDangerousSessionInterface in the app. Start using http://flask.pocoo.org/snippets/51/ 2015-11-30 12:38:02 +00:00			`from app.its_dangerous_session import ItsdangerousSessionInterface`
108536490: add the proxy_fix 2015-11-30 14:32:58 +00:00			`import app.proxy_fix`
108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00			`from config import configs`

108536490: add the proxy_fix 2015-11-30 14:32:58 +00:00
108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00			`db = SQLAlchemy()`
108536490: Adding the login manager and csrf token. Still need to figure out how to override the load_user method, currently it is not working. 2015-11-27 16:25:56 +00:00			`login_manager = LoginManager()`
			`csrf = CsrfProtect()`
Start to create views 2015-11-20 16:22:44 +00:00
108537814: Implementation of 3 factor authentication. The post register endpoint will send a random 5 digit code via sms and another via email. If either code fails to send, the user will not be created and the person can register again. The codes are saved to the session cookie, and expire in 1 hour. Another iteration of this story will save the codes to a database. 2015-12-04 14:40:16 +00:00			`admin_api_client = AdminAPIClient()`

Start to create views 2015-11-20 16:22:44 +00:00
Introduce config file for application 2015-11-24 09:40:14 +00:00			`def create_app(config_name):`
Start to create views 2015-11-20 16:22:44 +00:00			`application = Flask(__name__)`

Introduce config file for application 2015-11-24 09:40:14 +00:00			`application.config['NOTIFY_API_ENVIRONMENT'] = config_name`
			`application.config.from_object(configs[config_name])`
upstart puts FLASK_CONFIG into env on AWS. If present then read the config file pointed at by this property to do environment specific overrides 2015-12-07 13:39:56 +00:00			`if 'FLASK_CONFIG' in os.environ:`
Setting ENV to live and read config on non-dev environments from a file. 2015-12-07 11:30:29 +00:00			`application.config.from_envvar('FLASK_CONFIG')`
108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00			`db.init_app(application)`
Introduce config file for application 2015-11-24 09:40:14 +00:00			`init_app(application)`
108536490: Implement LoginManager for the admin app. Also added csrf error handler, will make the session unauthorized if the csrf token is invalid. 2015-11-30 11:21:51 +00:00			`init_csrf(application)`

108536490: Adding the login manager and csrf token. Still need to figure out how to override the load_user method, currently it is not working. 2015-11-27 16:25:56 +00:00			`login_manager.init_app(application)`
109638656: fix the login_manager.login_view 2015-12-07 16:28:27 +00:00			`login_manager.login_view = 'main.render_sign_in'`
Introduce config file for application 2015-11-24 09:40:14 +00:00
Use absolute paths for imports 2015-11-20 16:33:11 +00:00			`from app.main import main as main_blueprint`
Start to create views 2015-11-20 16:22:44 +00:00			`application.register_blueprint(main_blueprint)`

108536490: add the proxy_fix 2015-11-30 14:32:58 +00:00			`proxy_fix.init_app(application)`

108536490: Use ItsDangerousSessionInterface in the app. Start using http://flask.pocoo.org/snippets/51/ 2015-11-30 12:38:02 +00:00			`application.session_interface = ItsdangerousSessionInterface()`
108537814: Implementation of 3 factor authentication. The post register endpoint will send a random 5 digit code via sms and another via email. If either code fails to send, the user will not be created and the person can register again. The codes are saved to the session cookie, and expire in 1 hour. Another iteration of this story will save the codes to a database. 2015-12-04 14:40:16 +00:00			`admin_api_client.init_app(application)`
108536490: add the proxy_fix 2015-11-30 14:32:58 +00:00
Add a template filter for message placeholders As a first guess placeholders can be added to messages with the `((placeholder))` syntax. This commit adds a Jinja template filter to convert strings containing said-formatted strings into HTML, which can then be styled to highlight which parts will be substituted in messages. 2015-12-10 16:26:53 +00:00			`application.add_template_filter(placeholders)`
Try out previewing messages 2015-12-11 12:02:21 +00:00			`application.add_template_filter(replace_placeholders)`
Add a template filter for message placeholders As a first guess placeholders can be added to messages with the `((placeholder))` syntax. This commit adds a Jinja template filter to convert strings containing said-formatted strings into HTML, which can then be styled to highlight which parts will be substituted in messages. 2015-12-10 16:26:53 +00:00
Start to create views 2015-11-20 16:22:44 +00:00			`return application`
Introduce config file for application 2015-11-24 09:40:14 +00:00

108536490: Implement LoginManager for the admin app. Also added csrf error handler, will make the session unauthorized if the csrf token is invalid. 2015-11-30 11:21:51 +00:00			`def init_csrf(application):`
			`csrf.init_app(application)`

			`@csrf.error_handler`
			`def csrf_handler(reason):`
			`if 'user_id' not in session:`
			`application.logger.info(`
			`u'csrf.session_expired: Redirecting user to log in page'`
			`)`

			`return application.login_manager.unauthorized()`

			`application.logger.info(`
			`u'csrf.invalid_token: Aborting request, user_id: {user_id}',`
			`extra={'user_id': session['user_id']})`

			`abort(400, reason)`


Introduce config file for application 2015-11-24 09:40:14 +00:00			`def init_app(app):`
			`for key, value in app.config.items():`
			`if key in os.environ:`
			`app.config[key] = convert_to_boolean(os.environ[key])`

Use a Node-based tools for handling assets …or how to move a bunch of things from a bunch of different places into `app/static`. There are three main reasons not to use Flask Assets: - It had some strange behaviour like only - It was based on Ruby SASS, which is slower to get new features than libsass, and meant depending on Ruby, and having the SASS Gem globally installed—so you’re already out of being a ‘pure’ Python app - Martyn and I have experience of doing it this way on Marketplace, and we’ve ironed out the initial rough patches The specific technologies this introduces, all of which are Node-based: - Gulp – like a Makefile written in Javascript - NPM – package management, used for managing Gulp and its related dependencies - Bower – also package management, and the only way I can think to have GOV.UK template as a proper dependency …speaking of which, GOV.UK template is now a dependency. This means it can’t be modified at all (eg to add a global `#content` wrapper), so every page now inherits from a template that has this wrapper. But it also means that we have a clean upgrade path when the template is modified. Everything else (toolkit, elements) I’ve kept as submodules but moved them to a more logical place (`app/assets` not `app/assets/stylesheets`, because they contain more than just SASS/CSS). 2015-12-15 08:20:25 +00:00			`@app.context_processor`
			`def inject_global_template_variables():`
			`return {'asset_path': '/static/'}`

108536234: created users and roles data and domain model. You will need to run the /scripts/bootstrap.sh to create the database for test and the app. 2015-11-25 15:29:12 +00:00
Introduce config file for application 2015-11-24 09:40:14 +00:00			`def convert_to_boolean(value):`
			`if isinstance(value, string_types):`
			`if value.lower() in ['t', 'true', 'on', 'yes', '1']:`
			`return True`
			`elif value.lower() in ['f', 'false', 'off', 'no', '0']:`
			`return False`

			`return value`
Add a template filter for message placeholders As a first guess placeholders can be added to messages with the `((placeholder))` syntax. This commit adds a Jinja template filter to convert strings containing said-formatted strings into HTML, which can then be styled to highlight which parts will be substituted in messages. 2015-12-10 16:26:53 +00:00

			`def placeholders(value):`
			`if not value:`
			`return value`
			`return Markup(re.sub(`
			`r"\(\(([^\)]+)\)\)", # anything that looks like ((registration number))`
			`lambda match: "<span class='placeholder'>{}</span>".format(match.group(1)),`
			`value`
			`))`
Try out previewing messages 2015-12-11 12:02:21 +00:00

			`def replace_placeholders(template, values):`
			`if not template:`
			`return template`
			`return Markup(re.sub(`
			`r"\(\(([^\)]+)\)\)", # anything that looks like ((registration number))`
			`lambda match: values.get(match.group(1), ''),`
			`template`
			`))`