import datetime
import logging
from flask_security import Security, login_required, MongoEngineUserDatastore
from luckycat.database.models.Role import Role
from luckycat.database.models.User import User
from luckycat.database.database import db
from luckycat import f3c_global_config
def has_user():
return User.objects.count() != 0
def has_role():
return Role.objects.count() != 0
def create_default_user_and_roles(user_datastore):
if not has_role():
user_datastore.create_role(name='admin',
description='Administrative user of LuckyCat')
user_datastore.create_role(name='analyst',
description='General LuckyCat user without admin privileges')
if not has_user():
admin_role = Role.objects.get(name='admin')
user_datastore.create_user(email=f3c_global_config.default_user_email,
password=f3c_global_config.default_user_password,
api_key=f3c_global_config.default_user_api_key,
registration_date=datetime.datetime.now(),
roles=[admin_role])
logging.info('Added default user on first request')
def _add_apikey_handler(security, user_datastore):
@security.login_manager.request_loader
def load_user_from_request(request):
api_key = request.headers.get('Authorization')
if api_key:
user = user_datastore.find_user(api_key=api_key)
if user:
return user
return None
def add_flask_security(app):
with app.app_context():
app.config['SECURITY_UNAUTHORIZED_VIEW'] = '/'
app.config['SECRET_KEY'] = f3c_global_config.secret_key
app.config['SECURITY_PASSWORD_SALT'] = f3c_global_config.secret_key
user_datastore = MongoEngineUserDatastore(db, User, Role)
security = Security(app, user_datastore)
create_default_user_and_roles(user_datastore)
_add_apikey_handler(security, user_datastore)
