forget-cancellare-vecchi-toot/app.py

100 lines
2.9 KiB
Python
Raw Normal View History

from flask import Flask
2017-07-25 09:52:24 +02:00
from flask_sqlalchemy import SQLAlchemy
from sqlalchemy import MetaData
2017-07-25 09:52:24 +02:00
from flask_migrate import Migrate
2017-08-07 14:51:33 +02:00
import version
2017-09-20 23:02:36 +02:00
from libforget.cachebust import cachebust
import mimetypes
2017-09-20 23:02:36 +02:00
import libforget.brotli
import libforget.img_proxy
2020-11-18 01:23:58 +01:00
from werkzeug.middleware.proxy_fix import ProxyFix
2017-07-25 09:52:24 +02:00
app = Flask(__name__)
2017-07-26 11:11:54 +02:00
default_config = {
"SQLALCHEMY_TRACK_MODIFICATIONS": False,
"SQLALCHEMY_DATABASE_URI": "postgresql+psycopg2:///forget",
2017-08-07 15:06:29 +02:00
"HTTPS": True,
"SENTRY_CONFIG": {},
"REPO_URL": "https://github.com/codl/forget",
"CHANGELOG_URL": "https://github.com/codl/forget/blob/{hash}/CHANGELOG.markdown",
"REDIS_URI": "redis://",
2017-07-26 11:11:54 +02:00
}
app.config.update(default_config)
app.config.from_pyfile('config.py', True)
2017-08-29 14:46:32 +02:00
metadata = MetaData(naming_convention={
2017-07-25 09:52:24 +02:00
"ix": 'ix_%(column_0_label)s',
"uq": "uq_%(table_name)s_%(column_0_name)s",
"ck": "ck_%(table_name)s_%(constraint_name)s",
"fk": "fk_%(table_name)s_%(column_0_name)s_%(referred_table_name)s",
"pk": "pk_%(table_name)s"
})
db = SQLAlchemy(app, metadata=metadata)
migrate = Migrate(app, db)
2017-08-07 13:29:31 +02:00
if 'CELERY_BROKER' not in app.config:
uri = app.config['REDIS_URI']
if uri.startswith('unix://'):
2017-11-19 01:00:30 +01:00
uri = uri.replace('unix', 'redis+socket', 1)
app.config['CELERY_BROKER'] = uri
2017-08-07 13:29:31 +02:00
sentry = None
if 'SENTRY_DSN' in app.config:
from raven.contrib.flask import Sentry
app.config['SENTRY_CONFIG']['release'] = version.get_versions()['version']
2017-08-07 14:59:38 +02:00
sentry = Sentry(app, dsn=app.config['SENTRY_DSN'])
2017-08-07 21:35:46 +02:00
2017-08-07 21:50:31 +02:00
url_for = cachebust(app)
2017-08-29 14:46:32 +02:00
2017-08-07 21:35:46 +02:00
@app.context_processor
def inject_static():
def static(filename, **kwargs):
return url_for('static', filename=filename, **kwargs)
return {'st': static}
2017-08-10 17:07:39 +02:00
2017-08-29 14:46:32 +02:00
2017-08-28 01:47:01 +02:00
@app.after_request
def install_security_headers(resp):
2017-08-29 14:46:32 +02:00
csp = ("default-src 'none';"
"img-src 'self';"
2017-08-29 14:46:32 +02:00
"style-src 'self' 'unsafe-inline';"
"frame-ancestors 'none';"
)
if 'SENTRY_DSN' in app.config:
csp += "script-src 'self' https://cdn.ravenjs.com/;"
2017-08-31 20:46:38 +02:00
csp += "connect-src 'self' https://sentry.io/;"
else:
csp += "script-src 'self' 'unsafe-eval';"
2017-08-31 20:46:38 +02:00
csp += "connect-src 'self';"
2017-08-28 01:47:01 +02:00
if 'CSP_REPORT_URI' in app.config:
csp += "report-uri " + app.config.get('CSP_REPORT_URI')
2017-08-28 01:47:01 +02:00
if app.config.get('HTTPS'):
2017-08-29 14:46:32 +02:00
resp.headers.set('strict-transport-security',
'max-age={}'.format(60*60*24*365))
csp += "; upgrade-insecure-requests"
2017-08-28 01:47:01 +02:00
resp.headers.set('Content-Security-Policy', csp)
2017-08-28 01:47:01 +02:00
resp.headers.set('referrer-policy', 'no-referrer')
resp.headers.set('x-content-type-options', 'nosniff')
resp.headers.set('x-frame-options', 'DENY')
2017-08-28 01:58:00 +02:00
resp.headers.set('x-xss-protection', '1')
2017-08-28 01:47:01 +02:00
return resp
2017-08-29 14:46:32 +02:00
mimetypes.add_type('image/webp', '.webp')
2017-09-20 23:02:36 +02:00
libforget.brotli.brotli(app)
2017-09-20 23:02:36 +02:00
imgproxy = (
libforget.img_proxy.ImgProxyCache(redis_uri=app.config.get('REDIS_URI')))
2020-11-18 01:23:58 +01:00
app.wsgi_app = ProxyFix(app.wsgi_app, x_proto=1, x_host=1)