trilium/src/app.py

import os

import binascii
from flask import Flask, request, send_from_directory
from flask import render_template, redirect
from flask_cors import CORS
from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user

from notes_api import notes_api
from sql import connect
from tree_api import tree_api
from notes_move_api import notes_move_api
from password_api import password_api
import config_provider
import my_scrypt
import password_provider

config = config_provider.getConfig()

app = Flask(__name__)
app.secret_key = config['Security']['flaskSecretKey']
app.register_blueprint(tree_api)
app.register_blueprint(notes_api)
app.register_blueprint(notes_move_api)
app.register_blueprint(password_api)

class User(UserMixin):
    pass

@app.route('/login', methods=['GET'])
def login_form():
    return render_template('login.html')

@app.route('/app', methods=['GET'])
@login_required
def show_app():
    return render_template('app.html')

@app.route('/logout', methods=['POST'])
@login_required
def logout():
    logout_user()
    return redirect('login')

user = User()
user.id = config['Login']['username']

port = config['Network']['port']
https = config['Network']['https']
certPath = config['Network']['certPath']
certKeyPath = config['Network']['certKeyPath']

documentPath = config['Document']['documentPath']

connect(documentPath)

def verify_password(guessed_password):
    hashed_password = binascii.unhexlify(password_provider.getPasswordHash())

    guess_hashed = my_scrypt.getVerificationHash(guessed_password)

    return guess_hashed == hashed_password

@app.route('/login', methods=['POST'])
def login_post():
    guessedPassword = request.form['password'].encode('utf-8')

    if request.form['username'] == user.id and verify_password(guessedPassword):
        rememberMe = True if 'remember-me' in request.form else False

        login_user(user, remember=rememberMe)

        return redirect('app')
    else:
        return render_template('login.html', failedAuth=True)

CORS(app)

@app.route('/stat/<path:path>')
def send_stc(path):
    return send_from_directory(os.path.join(os.getcwd(), 'static'), path)

login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'login_form'

@login_manager.user_loader
def load_user(user_id):
    if user_id == user.id:
        return user
    else:
        return None

if __name__ == "__main__":
    ssl_context = None

    if https == "true":
        ssl_context = (certPath, certKeyPath)

    app.run(host='0.0.0.0', port=port, ssl_context = ssl_context)
path to document file is now configurable, flask secret is now also taken from configuration 2017-08-16 10:57:44 +08:00			`import os`

verifying password with hash on the backend to make sure we don't decrypt garbage and also to make sure that everything is encrypted with same password/key 2017-09-06 09:22:16 +08:00			`import binascii`
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00			`from flask import Flask, request, send_from_directory`
			`from flask import render_template, redirect`
			`from flask_cors import CORS`
			`from flask_login import LoginManager, UserMixin, login_user, login_required, logout_user`
got rid of flask_restful and using plain flask to handle REST API calls 2017-08-31 11:07:45 +08:00
			`from notes_api import notes_api`
path to document file is now configurable, flask secret is now also taken from configuration 2017-08-16 10:57:44 +08:00			`from sql import connect`
got rid of flask_restful and using plain flask to handle REST API calls 2017-08-31 11:07:45 +08:00			`from tree_api import tree_api`
			`from notes_move_api import notes_move_api`
verifying password with hash on the backend to make sure we don't decrypt garbage and also to make sure that everything is encrypted with same password/key 2017-09-06 09:22:16 +08:00			`from password_api import password_api`
password change (reencryption) 2017-09-10 01:53:58 +08:00			`import config_provider`
login uses my_scrypt to reuse the same scrypt code 2017-09-10 01:57:01 +08:00			`import my_scrypt`
password is moved out of config file into separate generated file 2017-09-10 02:21:57 +08:00			`import password_provider`
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00
password change (reencryption) 2017-09-10 01:53:58 +08:00			`config = config_provider.getConfig()`
path to document file is now configurable, flask secret is now also taken from configuration 2017-08-16 10:57:44 +08:00
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00			`app = Flask(__name__)`
path to document file is now configurable, flask secret is now also taken from configuration 2017-08-16 10:57:44 +08:00			`app.secret_key = config['Security']['flaskSecretKey']`
got rid of flask_restful and using plain flask to handle REST API calls 2017-08-31 11:07:45 +08:00			`app.register_blueprint(tree_api)`
			`app.register_blueprint(notes_api)`
			`app.register_blueprint(notes_move_api)`
verifying password with hash on the backend to make sure we don't decrypt garbage and also to make sure that everything is encrypted with same password/key 2017-09-06 09:22:16 +08:00			`app.register_blueprint(password_api)`
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00
			`class User(UserMixin):`
			`pass`

			`@app.route('/login', methods=['GET'])`
			`def login_form():`
			`return render_template('login.html')`

			`@app.route('/app', methods=['GET'])`
			`@login_required`
			`def show_app():`
			`return render_template('app.html')`

			`@app.route('/logout', methods=['POST'])`
			`@login_required`
			`def logout():`
			`logout_user()`
			`return redirect('login')`

			`user = User()`
			`user.id = config['Login']['username']`

configurable port plus support for SSL 2017-08-15 09:05:01 +08:00			`port = config['Network']['port']`
https can be disabled 2017-08-17 08:48:40 +08:00			`https = config['Network']['https']`
configurable port plus support for SSL 2017-08-15 09:05:01 +08:00			`certPath = config['Network']['certPath']`
			`certKeyPath = config['Network']['certKeyPath']`

path to document file is now configurable, flask secret is now also taken from configuration 2017-08-16 10:57:44 +08:00			`documentPath = config['Document']['documentPath']`

			`connect(documentPath)`

password is loaded on the fly so it's not necessary to restart app for the changes to take place (if no re-encryption is done) 2017-09-10 02:25:35 +08:00			`def verify_password(guessed_password):`
			`hashed_password = binascii.unhexlify(password_provider.getPasswordHash())`
verifying password with hash on the backend to make sure we don't decrypt garbage and also to make sure that everything is encrypted with same password/key 2017-09-06 09:22:16 +08:00
password is moved out of config file into separate generated file 2017-09-10 02:21:57 +08:00			`guess_hashed = my_scrypt.getVerificationHash(guessed_password)`
verifying password with hash on the backend to make sure we don't decrypt garbage and also to make sure that everything is encrypted with same password/key 2017-09-06 09:22:16 +08:00
password is moved out of config file into separate generated file 2017-09-10 02:21:57 +08:00			`return guess_hashed == hashed_password`
verifying password with hash on the backend to make sure we don't decrypt garbage and also to make sure that everything is encrypted with same password/key 2017-09-06 09:22:16 +08:00
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00			`@app.route('/login', methods=['POST'])`
			`def login_post():`
password is moved out of config file into separate generated file 2017-09-10 02:21:57 +08:00			`guessedPassword = request.form['password'].encode('utf-8')`
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00
password is loaded on the fly so it's not necessary to restart app for the changes to take place (if no re-encryption is done) 2017-09-10 02:25:35 +08:00			`if request.form['username'] == user.id and verify_password(guessedPassword):`
app broken up into individual files/modules 2017-08-14 07:43:33 +08:00			`rememberMe = True if 'remember-me' in request.form else False`

			`login_user(user, remember=rememberMe)`

			`return redirect('app')`
			`else:`
			`return render_template('login.html', failedAuth=True)`

			`CORS(app)`

			`@app.route('/stat/<path:path>')`
			`def send_stc(path):`
			`return send_from_directory(os.path.join(os.getcwd(), 'static'), path)`

			`login_manager = LoginManager()`
			`login_manager.init_app(app)`
			`login_manager.login_view = 'login_form'`

			`@login_manager.user_loader`
			`def load_user(user_id):`
			`if user_id == user.id:`
			`return user`
			`else:`
			`return None`

configurable port plus support for SSL 2017-08-15 09:05:01 +08:00			`if __name__ == "__main__":`
https can be disabled 2017-08-17 08:48:40 +08:00			`ssl_context = None`

			`if https == "true":`
			`ssl_context = (certPath, certKeyPath)`

			`app.run(host='0.0.0.0', port=port, ssl_context = ssl_context)`