Kezdőlap Felfedezés Súgó
Regisztráció Bejelentkezés
AIGC
/
SourceShareOSV1
6
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Branch: master
Branch-ok Tag-ek
SourceShareOSV1
/
server
/
app_factory.py

app_factory.py 2.8 KB
Állandó hivatkozás Előzmények Nyers

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. from pathlib import Path
    2. 

  2. 

  3. from flask import Flask
    4. 

  4. from flask import jsonify, request
    5. 

  5. import secrets
    6. 

  6. 

  7. from .config import load_config
    8. 

  8. from .db import ensure_default_admin, ensure_default_plans, init_db
    9. 

  9. from .routes import register_routes
    10. 

  10. 

  11. 

  12. def create_app() -> Flask:
    13. 

  13.     project_root = Path(__file__).resolve().parent.parent
    14. 

  14.     app = Flask(__name__, static_folder=str(project_root / "static"), template_folder=str(project_root / "templates"))
    15. 

  15.     config = load_config()
    16. 

  16.     app.config["APP_CONFIG"] = config
    17. 

  17.     app.secret_key = config.secret_key
    18. 

  18.     app.config.setdefault("SESSION_COOKIE_SAMESITE", "Lax")
    19. 

  19.     app.config.setdefault("SESSION_COOKIE_HTTPONLY", True)
    20. 

  20. 

  21.     @app.before_request
    22. 

  22.     def _attach_config_to_g() -> None:
    23. 

  23.         from flask import g
    24. 

  24. 

  25.         g.app_config = config
    26. 

  26. 

  27.     @app.before_request
    28. 

  28.     def _csrf_protect() -> tuple[dict, int] | None:
    29. 

  29.         if request.method in {"GET", "HEAD", "OPTIONS", "TRACE"}:
    30. 

  30.             return None
    31. 

  31.         if request.path == "/pay/callback":
    32. 

  32.             return None
    33. 

  33.         if request.method != "POST":
    34. 

  34.             return None
    35. 

  35.         if (request.mimetype or "").lower() == "application/json":
    36. 

  36.             return None
    37. 

  37.         csrf_cookie = (request.cookies.get("csrf_token") or "").strip()
    38. 

  38.         csrf_header = (request.headers.get("X-CSRF-Token") or request.headers.get("X-Csrf-Token") or "").strip()
    39. 

  39.         if not csrf_cookie or not csrf_header or csrf_cookie != csrf_header:
    40. 

  40.             return jsonify({"error": "csrf_failed"}), 403
    41. 

  41.         return None
    42. 

  42. 

  43.     @app.before_request
    44. 

  44.     def _block_writes_during_migration() -> tuple[dict, int] | None:
    45. 

  45.         if request.method in {"GET", "HEAD", "OPTIONS", "TRACE"}:
    46. 

  46.             return None
    47. 

  47.         from .db import is_migrating
    48. 

  48. 

  49.         if not is_migrating():
    50. 

  50.             return None
    51. 

  51.         allow = {"/admin/db/switch", "/admin/db/status", "/admin/mysql/test"}
    52. 

  52.         if request.path in allow:
    53. 

  53.             return None
    54. 

  54.         return jsonify({"error": "readonly_migrating"}), 503
    55. 

  55. 

  56.     @app.after_request
    57. 

  57.     def _set_csrf_cookie(resp):
    58. 

  58.         token = (request.cookies.get("csrf_token") or "").strip()
    59. 

  59.         if not token:
    60. 

  60.             token = secrets.token_urlsafe(32)
    61. 

  61.             resp.set_cookie("csrf_token", token, httponly=False, samesite="Lax", secure=bool(request.is_secure))
    62. 

  62.         return resp
    63. 

  63. 

  64.     @app.teardown_appcontext
    65. 

  65.     def _close_db(_exc) -> None:
    66. 

  66.         from flask import g
    67. 

  67.         from .db import close_db
    68. 

  68. 

  69.         db = g.pop("db", None)
    70. 

  70.         if db is not None:
    71. 

  71.             close_db(db)
    72. 

  72.         ctl_db = g.pop("ctl_db", None)
    73. 

  73.         if ctl_db is not None:
    74. 

  74.             try:
    75. 

  75.                 ctl_db.close()
    76. 

  76.             except Exception:
    77. 

  77.                 pass
    78. 

  78. 

  79.     with app.app_context():
    80. 

  80.         init_db()
    81. 

  81.         ensure_default_admin()
    82. 

  82.         ensure_default_plans()
    83. 

  83. 

  84.     register_routes(app)
    85. 

  85.     return app
    86.