snappass/snappass/main.py

import os
import sys
import uuid

import redis
from redis.exceptions import ConnectionError

from flask import abort, Flask, render_template, request


NO_SSL = os.environ.get('NO_SSL', False)
app = Flask(__name__)
app.secret_key = os.environ.get('SECRET_KEY', 'Secret Key')
app.config.update(
    dict(STATIC_URL=os.environ.get('STATIC_URL', 'static')))

redis_host = os.environ.get('REDIS_HOST', 'localhost')
redis_port = os.environ.get('REDIS_PORT', 6379)
redis_db = os.environ.get('SNAPPASS_REDIS_DB', 0)
redis_client = redis.StrictRedis(host=redis_host, port=redis_port, db=redis_db)

time_conversion = {
    'week': 604800,
    'day': 86400,
    'hour': 3600
}


def check_redis_alive(fn):
    def inner(*args, **kwargs):
        try:
            if fn.__name__ == 'main':
                redis_client.ping()
            return fn(*args, **kwargs)
        except ConnectionError as e:
            print('Failed to connect to redis! %s' % e.message)
            if fn.__name__ == 'main':
                sys.exit(0)
            else:
                return abort(500)
    return inner


@check_redis_alive
def set_password(password, ttl):
    key = uuid.uuid4().hex
    redis_client.set(key, password)
    redis_client.expire(key, ttl)
    return key


@check_redis_alive
def get_password(key):
    password = redis_client.get(key)
    if password is not None:
        password = password.decode('utf-8')
    redis_client.delete(key)
    return password


def clean_input():
    """
    Make sure we're not getting bad data from the front end,
    format data to be machine readable
    """
    if 'password' not in request.form:
        abort(400)

    if 'ttl' not in request.form:
        abort(400)

    time_period = request.form['ttl'].lower()
    if time_period not in time_conversion:
        abort(400)

    return time_conversion[time_period], request.form['password']


@app.route('/', methods=['GET'])
def index():
    return render_template('set_password.html')


@app.route('/', methods=['POST'])
def handle_password():
    ttl, password = clean_input()
    key = set_password(password, ttl)

    if NO_SSL:
        base_url = request.url_root
    else:
        base_url = request.url_root.replace("http://", "https://")
    link = base_url + key
    return render_template('confirm.html', password_link=link)


@app.route('/<password_key>', methods=['GET'])
def show_password(password_key):
    password = get_password(password_key)
    if not password:
        abort(404)

    return render_template('password.html', password=password)


@check_redis_alive
def main():
    app.run(host='0.0.0.0', debug=True)


if __name__ == '__main__':
    main()
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`import os`
Add exception handling for when redis is down and or not running. 2016-08-21 20:20:00 +02:00			`import sys`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`import uuid`

			`import redis`
Remove TimeoutError import 2016-08-22 06:33:12 +02:00			`from redis.exceptions import ConnectionError`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00
			`from flask import abort, Flask, render_template, request`


Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00			`NO_SSL = os.environ.get('NO_SSL', False)`
			`app = Flask(__name__)`
			`app.secret_key = os.environ.get('SECRET_KEY', 'Secret Key')`
			`app.config.update(`
			`dict(STATIC_URL=os.environ.get('STATIC_URL', 'static')))`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00
			`redis_host = os.environ.get('REDIS_HOST', 'localhost')`
Add env var options 2016-08-21 09:05:01 +02:00			`redis_port = os.environ.get('REDIS_PORT', 6379)`
			`redis_db = os.environ.get('SNAPPASS_REDIS_DB', 0)`
			`redis_client = redis.StrictRedis(host=redis_host, port=redis_port, db=redis_db)`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00
			`time_conversion = {`
			`'week': 604800,`
			`'day': 86400,`
			`'hour': 3600`
			`}`

Switch to use decorator for checking if redis server is up. - setup.py removed empty line flake8 was complaining. 2016-08-22 06:27:00 +02:00
			`def check_redis_alive(fn):`
			`def inner(args, *kwargs):`
			`try:`
Fix for remaining comments. - Call function within try/catch - Syntax clean up 2016-08-23 06:59:08 +02:00			`if fn.__name__ == 'main':`
			`redis_client.ping()`
			`return fn(args, *kwargs)`
Remove TimeoutError import 2016-08-22 06:33:12 +02:00			`except ConnectionError as e:`
Fix for remaining comments. - Call function within try/catch - Syntax clean up 2016-08-23 06:59:08 +02:00			`print('Failed to connect to redis! %s' % e.message)`
			`if fn.__name__ == 'main':`
Switch to use decorator for checking if redis server is up. - setup.py removed empty line flake8 was complaining. 2016-08-22 06:27:00 +02:00			`sys.exit(0)`
			`else:`
			`return abort(500)`
			`return inner`
Add exception handling for when redis is down and or not running. 2016-08-21 20:20:00 +02:00
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
Switch to use decorator for checking if redis server is up. - setup.py removed empty line flake8 was complaining. 2016-08-22 06:27:00 +02:00			`@check_redis_alive`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`def set_password(password, ttl):`
Refactor _id() function to be inline 2016-07-18 22:35:57 +02:00			`key = uuid.uuid4().hex`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00			`redis_client.set(key, password)`
			`redis_client.expire(key, ttl)`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`return key`

Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
Switch to use decorator for checking if redis server is up. - setup.py removed empty line flake8 was complaining. 2016-08-22 06:27:00 +02:00			`@check_redis_alive`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`def get_password(key):`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00			`password = redis_client.get(key)`
Improve string encoding for password retrieval - Prevent the password from displaying as b'...' in the app; - Use Flask's `get_data(as_test=True)` to read the data, in the tests; - Add test to ensure `get_password` is not returning bytes. 2016-08-12 03:50:37 +02:00			`if password is not None:`
			`password = password.decode('utf-8')`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00			`redis_client.delete(key)`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`return password`

Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`def clean_input():`
			`"""`
			`Make sure we're not getting bad data from the front end,`
			`format data to be machine readable`
			`"""`
Make flake8 test pass 2016-07-18 20:52:37 +02:00			`if 'password' not in request.form:`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`abort(400)`

Make flake8 test pass 2016-07-18 20:52:37 +02:00			`if 'ttl' not in request.form:`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`abort(400)`

			`time_period = request.form['ttl'].lower()`
Make flake8 test pass 2016-07-18 20:52:37 +02:00			`if time_period not in time_conversion:`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`abort(400)`

			`return time_conversion[time_period], request.form['password']`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00

			`@app.route('/', methods=['GET'])`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`def index():`
			`return render_template('set_password.html')`

Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
			`@app.route('/', methods=['POST'])`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`def handle_password():`
			`ttl, password = clean_input()`
			`key = set_password(password, ttl)`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
			`if NO_SSL:`
			`base_url = request.url_root`
			`else:`
			`base_url = request.url_root.replace("http://", "https://")`
			`link = base_url + key`
When displaying the password link, show it as https, not http 2012-10-11 01:09:45 +02:00			`return render_template('confirm.html', password_link=link)`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
			`@app.route('/<password_key>', methods=['GET'])`
Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`def show_password(password_key):`
			`password = get_password(password_key)`
			`if not password:`
			`abort(404)`

			`return render_template('password.html', password=password)`

Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00
Switch to use decorator for checking if redis server is up. - setup.py removed empty line flake8 was complaining. 2016-08-22 06:27:00 +02:00			`@check_redis_alive`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00			`def main():`
			`app.run(host='0.0.0.0', debug=True)`


Privatley share passwords using redis 2012-10-08 19:51:41 +02:00			`if __name__ == '__main__':`
Prepare snappass for distribution. 2013-10-05 23:12:31 +02:00			`main()`