FitTrackee/fittrackee/__init__.py
2023-12-20 20:49:19 +01:00

203 lines
6.5 KiB
Python

import logging
import os
import re
from importlib import import_module, reload
from typing import Any, Dict, Tuple
import redis
from flask import (
Flask,
Response,
render_template,
send_file,
send_from_directory,
)
from flask_bcrypt import Bcrypt
from flask_dramatiq import Dramatiq
from flask_limiter import Limiter
from flask_limiter.errors import RateLimitExceeded
from flask_limiter.util import get_remote_address
from flask_migrate import Migrate
from flask_sqlalchemy import SQLAlchemy
from sqlalchemy.exc import ProgrammingError
from werkzeug.middleware.proxy_fix import ProxyFix
from fittrackee.emails.email import EmailService
from fittrackee.request import CustomRequest
VERSION = __version__ = '0.7.27'
REDIS_URL = os.getenv('REDIS_URL', 'redis://')
API_RATE_LIMITS = os.environ.get('API_RATE_LIMITS', '300 per 5 minutes').split(
','
)
log_file = os.getenv('APP_LOG')
logging.basicConfig(
filename=log_file,
format='%(asctime)s - %(name)s - %(levelname)s - ' '%(message)s',
datefmt='%Y/%m/%d %H:%M:%S',
)
appLog = logging.getLogger('fittrackee')
db = SQLAlchemy()
bcrypt = Bcrypt()
migrate = Migrate()
email_service = EmailService()
dramatiq = Dramatiq()
limiter = Limiter(
key_func=get_remote_address,
default_limits=API_RATE_LIMITS, # type: ignore
default_limits_per_method=True,
headers_enabled=True,
storage_uri=REDIS_URL,
strategy='fixed-window',
)
# if redis is not available, disable the rate limiter
r = redis.from_url(REDIS_URL)
try:
r.ping()
except redis.exceptions.ConnectionError:
limiter.enabled = False
appLog.warning('Redis not available, API rate limits are disabled.')
class CustomFlask(Flask):
# add custom Request to handle user-agent parsing
# (removed in Werkzeug 2.1)
request_class = CustomRequest
def create_app(init_email: bool = True) -> Flask:
# instantiate the app
app = CustomFlask(
__name__, static_folder='dist/static', template_folder='dist'
)
# set config
with app.app_context():
app_settings = os.getenv(
'APP_SETTINGS', 'fittrackee.config.ProductionConfig'
)
if app_settings == 'fittrackee.config.TestingConfig':
# reload config on tests
config = import_module('fittrackee.config')
reload(config)
app.config.from_object(app_settings)
# set up extensions
db.init_app(app)
bcrypt.init_app(app)
migrate.init_app(app, db)
dramatiq.init_app(app)
limiter.init_app(app)
# set oauth2
from fittrackee.oauth2.config import config_oauth
config_oauth(app)
# set up email if 'EMAIL_URL' is initialized
if init_email:
if app.config['EMAIL_URL']:
email_service.init_email(app)
app.config['CAN_SEND_EMAILS'] = True
else:
appLog.warning(
'EMAIL_URL is not provided, email sending is deactivated.'
)
# get configuration from database
from .application.utils import (
get_or_init_config,
update_app_config_from_database,
)
with app.app_context():
# Note: check if "app_config" table exist to avoid errors when
# dropping tables on dev environments
try:
if db.engine.dialect.has_table(db.engine.connect(), 'app_config'):
db_app_config = get_or_init_config()
update_app_config_from_database(app, db_app_config)
except ProgrammingError as e:
# avoid error on AppConfig migration
if re.match(
r'psycopg2.errors.UndefinedColumn(.*)app_config.', str(e)
):
pass
from .application.app_config import config_blueprint # noqa
from .oauth2.routes import oauth2_blueprint # noqa
from .users.auth import auth_blueprint # noqa
from .users.users import users_blueprint # noqa
from .workouts.records import records_blueprint # noqa
from .workouts.sports import sports_blueprint # noqa
from .workouts.stats import stats_blueprint # noqa
from .workouts.workouts import workouts_blueprint # noqa
app.register_blueprint(auth_blueprint, url_prefix='/api')
app.register_blueprint(oauth2_blueprint, url_prefix='/api')
app.register_blueprint(config_blueprint, url_prefix='/api')
app.register_blueprint(records_blueprint, url_prefix='/api')
app.register_blueprint(sports_blueprint, url_prefix='/api')
app.register_blueprint(stats_blueprint, url_prefix='/api')
app.register_blueprint(users_blueprint, url_prefix='/api')
app.register_blueprint(workouts_blueprint, url_prefix='/api')
if app.debug:
logging.getLogger('sqlalchemy').setLevel(logging.WARNING)
logging.getLogger('sqlalchemy').handlers = logging.getLogger(
'werkzeug'
).handlers
logging.getLogger('sqlalchemy.orm').setLevel(logging.WARNING)
logging.getLogger('flake8').propagate = False
appLog.setLevel(logging.DEBUG)
# Enable CORS
@app.after_request # type: ignore
def after_request(response: Response) -> Response:
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add(
'Access-Control-Allow-Headers', 'Content-Type,Authorization'
)
response.headers.add(
'Access-Control-Allow-Methods',
'GET,PUT,POST,DELETE,PATCH,OPTIONS',
)
return response
@app.errorhandler(429)
def rate_limit_handler(error: RateLimitExceeded) -> Tuple[Dict, int]:
return {
'status': 'error',
'message': f'rate limit exceeded ({error.description})',
}, 429
@app.route('/favicon.ico')
@limiter.exempt
def favicon() -> Any:
return send_file(
os.path.join(app.root_path, 'dist/favicon.ico') # type: ignore
)
@app.route('/', defaults={'path': ''})
@app.route('/<path:path>')
@limiter.exempt
def catch_all(path: str) -> Any:
# workaround to serve images (not in static directory)
if path.startswith('img/'):
return send_from_directory(
directory=os.path.join(
app.root_path, # type: ignore
'dist',
),
path=path,
)
else:
return render_template('index.html')
# to get headers, especially 'X-Forwarded-Proto' for scheme needed by
# Authlib, when the application is running behind a proxy server
app.wsgi_app = ProxyFix(app.wsgi_app) # type: ignore
return app