selfprivacy-rest-api/selfprivacy_api/app.py

#!/usr/bin/env python3
"""SelfPrivacy server management API"""
import os
from gevent import monkey


from flask import Flask, request, jsonify
from flask_restful import Api
from flask_swagger import swagger
from flask_swagger_ui import get_swaggerui_blueprint

from selfprivacy_api.resources.users import User, Users
from selfprivacy_api.resources.common import ApiVersion
from selfprivacy_api.resources.system import api_system
from selfprivacy_api.resources.services import services as api_services

from selfprivacy_api.restic_controller.tasks import huey, init_restic

swagger_blueprint = get_swaggerui_blueprint(
    "/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"}
)


def create_app(test_config=None):
    """Initiate Flask app and bind routes"""
    app = Flask(__name__)
    api = Api(app)

    if test_config is None:
        app.config["AUTH_TOKEN"] = os.environ.get("AUTH_TOKEN")
        if app.config["AUTH_TOKEN"] is None:
            raise ValueError("AUTH_TOKEN is not set")
        app.config["ENABLE_SWAGGER"] = os.environ.get("ENABLE_SWAGGER", "0")
        app.config["B2_BUCKET"] = os.environ.get("B2_BUCKET")
    else:
        app.config.update(test_config)

    # Check bearer token
    @app.before_request
    def check_auth():
        # Exclude swagger-ui
        if not request.path.startswith("/api"):
            auth = request.headers.get("Authorization")
            if auth is None:
                return jsonify({"error": "Missing Authorization header"}), 401

            # Check if token is valid
            if auth != "Bearer " + app.config["AUTH_TOKEN"]:
                return jsonify({"error": "Invalid token"}), 401

    api.add_resource(ApiVersion, "/api/version")
    api.add_resource(Users, "/users")
    api.add_resource(User, "/users/<string:username>")

    app.register_blueprint(api_system)
    app.register_blueprint(api_services)

    @app.route("/api/swagger.json")
    def spec():
        if app.config["ENABLE_SWAGGER"] == "1":
            swag = swagger(app)
            swag["info"]["version"] = "1.1.0"
            swag["info"]["title"] = "SelfPrivacy API"
            swag["info"]["description"] = "SelfPrivacy API"
            swag["securityDefinitions"] = {
                "bearerAuth": {
                    "type": "apiKey",
                    "name": "Authorization",
                    "in": "header",
                }
            }
            swag["security"] = [{"bearerAuth": []}]

            return jsonify(swag)
        return jsonify({}), 404

    if app.config["ENABLE_SWAGGER"] == "1":
        app.register_blueprint(swagger_blueprint, url_prefix="/api/docs")

    return app


if __name__ == "__main__":
    monkey.patch_all()
    created_app = create_app()
    huey.start()
    init_restic()
    created_app.run(port=5050, debug=False)
Decomposition 2021-11-11 20:31:28 +02:00			`#!/usr/bin/env python3`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`"""SelfPrivacy server management API"""`
			`import os`
Restic controller 2021-12-06 08:48:29 +02:00			`from gevent import monkey`


Add basic API auth 2021-11-16 12:32:10 +02:00			`from flask import Flask, request, jsonify`
Decomposition 2021-11-11 20:31:28 +02:00			`from flask_restful import Api`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`from flask_swagger import swagger`
			`from flask_swagger_ui import get_swaggerui_blueprint`
Decomposition 2021-11-11 20:31:28 +02:00
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`from selfprivacy_api.resources.users import User, Users`
Fix imports 2021-12-14 11:52:17 +02:00			`from selfprivacy_api.resources.common import ApiVersion`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`from selfprivacy_api.resources.system import api_system`
			`from selfprivacy_api.resources.services import services as api_services`

Restic controller 2021-12-06 08:48:29 +02:00			`from selfprivacy_api.restic_controller.tasks import huey, init_restic`

Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`swagger_blueprint = get_swaggerui_blueprint(`
			`"/api/docs", "/api/swagger.json", config={"app_name": "SelfPrivacy API"}`
			`)`
Decomposition 2021-11-11 20:31:28 +02:00

First wave of unit tests, and bugfixes caused by them 2021-11-29 21:16:08 +02:00			`def create_app(test_config=None):`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`"""Initiate Flask app and bind routes"""`
Decomposition 2021-11-11 20:31:28 +02:00			`app = Flask(__name__)`
			`api = Api(app)`

First wave of unit tests, and bugfixes caused by them 2021-11-29 21:16:08 +02:00			`if test_config is None:`
			`app.config["AUTH_TOKEN"] = os.environ.get("AUTH_TOKEN")`
			`if app.config["AUTH_TOKEN"] is None:`
			`raise ValueError("AUTH_TOKEN is not set")`
			`app.config["ENABLE_SWAGGER"] = os.environ.get("ENABLE_SWAGGER", "0")`
Update backup endpoints 2021-12-02 17:06:23 +02:00			`app.config["B2_BUCKET"] = os.environ.get("B2_BUCKET")`
First wave of unit tests, and bugfixes caused by them 2021-11-29 21:16:08 +02:00			`else:`
			`app.config.update(test_config)`
Add basic API auth 2021-11-16 12:32:10 +02:00
			`# Check bearer token`
			`@app.before_request`
			`def check_auth():`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`# Exclude swagger-ui`
			`if not request.path.startswith("/api"):`
			`auth = request.headers.get("Authorization")`
			`if auth is None:`
			`return jsonify({"error": "Missing Authorization header"}), 401`

			`# Check if token is valid`
			`if auth != "Bearer " + app.config["AUTH_TOKEN"]:`
			`return jsonify({"error": "Invalid token"}), 401`

API version endpoint 2021-11-18 09:35:50 +02:00			`api.add_resource(ApiVersion, "/api/version")`
Decomposition 2021-11-11 20:31:28 +02:00			`api.add_resource(Users, "/users")`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`api.add_resource(User, "/users/<string:username>")`
Decomposition 2021-11-11 20:31:28 +02:00
			`app.register_blueprint(api_system)`
			`app.register_blueprint(api_services)`

Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`@app.route("/api/swagger.json")`
			`def spec():`
			`if app.config["ENABLE_SWAGGER"] == "1":`
			`swag = swagger(app)`
Add SSH and system settings endpoints 2021-11-22 18:50:50 +02:00			`swag["info"]["version"] = "1.1.0"`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`swag["info"]["title"] = "SelfPrivacy API"`
			`swag["info"]["description"] = "SelfPrivacy API"`
			`swag["securityDefinitions"] = {`
			`"bearerAuth": {`
			`"type": "apiKey",`
			`"name": "Authorization",`
			`"in": "header",`
			`}`
			`}`
			`swag["security"] = [{"bearerAuth": []}]`

			`return jsonify(swag)`
			`return jsonify({}), 404`

			`if app.config["ENABLE_SWAGGER"] == "1":`
			`app.register_blueprint(swagger_blueprint, url_prefix="/api/docs")`

Decomposition 2021-11-11 20:31:28 +02:00			`return app`


			`if __name__ == "__main__":`
Restic controller 2021-12-06 08:48:29 +02:00			`monkey.patch_all()`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`created_app = create_app()`
Restic controller 2021-12-06 08:48:29 +02:00			`huey.start()`
			`init_restic()`
Input sanitization, added swagger 2021-11-16 18:14:01 +02:00			`created_app.run(port=5050, debug=False)`