From 897b7154e3e31db33496f879d8b469e417fe9f4f Mon Sep 17 00:00:00 2001 From: Drew Short Date: Sat, 7 Jul 2018 21:46:35 -0500 Subject: [PATCH] Disable sessions --- server/atheneum/__init__.py | 3 ++- server/atheneum/utility/session_utility.py | 16 ++++++++++++++++ server/manage.py | 10 +++++++++- 3 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 server/atheneum/utility/session_utility.py diff --git a/server/atheneum/__init__.py b/server/atheneum/__init__.py index 1b4acf0..7432e8c 100644 --- a/server/atheneum/__init__.py +++ b/server/atheneum/__init__.py @@ -6,7 +6,7 @@ from flask import Flask from flask_migrate import Migrate from atheneum.db import db -from atheneum.utility import json_utility +from atheneum.utility import json_utility, session_utility dictConfig({ 'version': 1, @@ -61,6 +61,7 @@ def create_app(test_config: dict = None) -> Flask: pass app.json_encoder = json_utility.CustomJSONEncoder + app.session_interface = session_utility.DisableSessionInterface() app.logger.debug('Initializing Application') db.init_app(app) diff --git a/server/atheneum/utility/session_utility.py b/server/atheneum/utility/session_utility.py new file mode 100644 index 0000000..9359ccc --- /dev/null +++ b/server/atheneum/utility/session_utility.py @@ -0,0 +1,16 @@ +"""Session specific utilities.""" +from typing import Any + +from flask.sessions import SecureCookieSessionInterface + + +class DisableSessionInterface(SecureCookieSessionInterface): + """Make sure no session data is transmitted or stored.""" + + def should_set_cookie(self, app: Any, session: Any) -> bool: + """Disable default cookie generation.""" + return False + + def save_session(self, app: Any, session: Any, response: Any) -> Any: + """Prevent creating session from requests.""" + return None diff --git a/server/manage.py b/server/manage.py index e5407ec..5604d12 100644 --- a/server/manage.py +++ b/server/manage.py @@ -1,8 +1,9 @@ +import base64 import logging import random import string -from typing import Optional from os import path +from typing import Optional import click from click import Context @@ -111,7 +112,14 @@ def list_users(): [click.echo(user.name) for user in all_users] +@click.command(name='base64') +@click.argument('text') +def convert_to_base64(text: str): + print(base64.b64encode(text.encode('utf8')).decode('utf8')) + + main.add_command(user_command_group) +main.add_command(convert_to_base64) user_command_group.add_command(register_user) user_command_group.add_command(register_admin_user) user_command_group.add_command(delete_user)