Browse Source

Working on integrating pylint and pydocstyle into the build process

merge-requests/1/head
Drew Short 6 years ago
parent
commit
f7b6586a61
  1. 4
      .gitlab-ci.yml
  2. 547
      server/.pylintrc
  3. 2
      server/Pipfile
  4. 94
      server/Pipfile.lock
  5. 62
      server/atheneum/__init__.py
  6. 5
      server/atheneum/api/__init__.py
  7. 12
      server/atheneum/api/authentication_api.py
  8. 10
      server/atheneum/api/decorators.py
  9. 9
      server/atheneum/api/model.py
  10. 4
      server/atheneum/default_settings.py
  11. 70
      server/atheneum/middleware/authentication_middleware.py
  12. 3
      server/atheneum/model/__init__.py
  13. 13
      server/atheneum/model/user_model.py
  14. 14
      server/atheneum/service/authentication_service.py
  15. 40
      server/atheneum/service/user_service.py
  16. 16
      server/atheneum/service/user_token_service.py
  17. 18
      server/atheneum/utility.py
  18. 6
      server/manage.py
  19. 6
      server/run_tests.sh

4
.gitlab-ci.yml

@ -11,9 +11,11 @@ Atheneum:Tests:
- python3 -m pipenv --version
- cd server
- pipenv install --dev --system
- pycodestyle atheneum tests
- pylint atheneum
- mypy atheneum tests
- PYTHONPATH=$(pwd) coverage run --source atheneum -m pytest
- coverage report --fail-under=85 -m --skip-covered
- pycodestyle atheneum tests
- pydocstyle atheneum
tags:
- docker

547
server/.pylintrc

@ -0,0 +1,547 @@
[MASTER]
# A comma-separated list of package or module names from where C extensions may
# be loaded. Extensions are loading into the active Python interpreter and may
# run arbitrary code
extension-pkg-whitelist=
# Add files or directories to the blacklist. They should be base names, not
# paths.
ignore=CVS
# Add files or directories matching the regex patterns to the blacklist. The
# regex matches against base names, not paths.
ignore-patterns=
# Python code to execute, usually for sys.path manipulation such as
# pygtk.require().
#init-hook=
# Use multiple processes to speed up Pylint.
jobs=1
# List of plugins (as comma separated values of python modules names) to load,
# usually to register additional checkers.
load-plugins=
# Pickle collected data for later comparisons.
persistent=yes
# Specify a configuration file.
#rcfile=
# When enabled, pylint would attempt to guess common misconfiguration and emit
# user-friendly hints instead of false-positive error messages
suggestion-mode=yes
# Allow loading of arbitrary C extensions. Extensions are imported into the
# active Python interpreter and may run arbitrary code.
unsafe-load-any-extension=no
[MESSAGES CONTROL]
# Only show warnings with the listed confidence levels. Leave empty to show
# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED
confidence=
# Disable the message, report, category or checker with the given id(s). You
# can either give multiple identifiers separated by comma (,) or put this
# option multiple times (only on the command line, not in the configuration
# file where it should appear only once).You can also use "--disable=all" to
# disable everything first and then reenable specific checks. For example, if
# you want to run only the similarities checker, you can use "--disable=all
# --enable=similarities". If you want to run only the classes checker, but have
# no Warning level messages displayed, use"--disable=all --enable=classes
# --disable=W"
disable=print-statement,
parameter-unpacking,
unpacking-in-except,
old-raise-syntax,
backtick,
long-suffix,
old-ne-operator,
old-octal-literal,
import-star-module-level,
non-ascii-bytes-literal,
invalid-unicode-literal,
raw-checker-failed,
bad-inline-option,
locally-disabled,
locally-enabled,
file-ignored,
suppressed-message,
useless-suppression,
deprecated-pragma,
apply-builtin,
basestring-builtin,
buffer-builtin,
cmp-builtin,
coerce-builtin,
execfile-builtin,
file-builtin,
long-builtin,
raw_input-builtin,
reduce-builtin,
standarderror-builtin,
unicode-builtin,
xrange-builtin,
coerce-method,
delslice-method,
getslice-method,
setslice-method,
no-absolute-import,
old-division,
dict-iter-method,
dict-view-method,
next-method-called,
metaclass-assignment,
indexing-exception,
raising-string,
reload-builtin,
oct-method,
hex-method,
nonzero-method,
cmp-method,
input-builtin,
round-builtin,
intern-builtin,
unichr-builtin,
map-builtin-not-iterating,
zip-builtin-not-iterating,
range-builtin-not-iterating,
filter-builtin-not-iterating,
using-cmp-argument,
eq-without-hash,
div-method,
idiv-method,
rdiv-method,
exception-message-attribute,
invalid-str-codec,
sys-max-int,
bad-python3-import,
deprecated-string-function,
deprecated-str-translate-call,
deprecated-itertools-function,
deprecated-types-field,
next-method-defined,
dict-items-not-iterating,
dict-keys-not-iterating,
dict-values-not-iterating,
deprecated-operator-function,
deprecated-urllib-function,
xreadlines-attribute,
deprecated-sys-function,
exception-escape,
comprehension-escape
# Enable the message, report, category or checker with the given id(s). You can
# either give multiple identifier separated by comma (,) or put this option
# multiple time (only on the command line, not in the configuration file where
# it should appear only once). See also the "--disable" option for examples.
enable=c-extension-no-member
[REPORTS]
# Python expression which should return a note less than 10 (10 is the highest
# note). You have access to the variables errors warning, statement which
# respectively contain the number of errors / warnings messages and the total
# number of statements analyzed. This is used by the global evaluation report
# (RP0004).
evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10)
# Template used to display messages. This is a python new-style format string
# used to format the message information. See doc for all details
#msg-template={path}:{line}: [{msg_id}({symbol}), {obj}] {msg}
msg-template={C}:{line:3d},{column:2d}: {msg} [({symbol}) {msg_id}]
# Set the output format. Available formats are text, parseable, colorized, json
# and msvs (visual studio).You can also give a reporter class, eg
# mypackage.mymodule.MyReporterClass.
output-format=text
# Tells whether to display a full report or only the messages
reports=yes
# Activate the evaluation score.
score=yes
[REFACTORING]
# Maximum number of nested blocks for function / method body
max-nested-blocks=5
# Complete name of functions that never returns. When checking for
# inconsistent-return-statements if a never returning function is called then
# it will be considered as an explicit return statement and no message will be
# printed.
never-returning-functions=optparse.Values,sys.exit
[MISCELLANEOUS]
# List of note tags to take in consideration, separated by a comma.
notes=FIXME,
XXX,
TODO
[FORMAT]
# Expected format of line ending, e.g. empty (any line ending), LF or CRLF.
expected-line-ending-format=
# Regexp for a line that is allowed to be longer than the limit.
ignore-long-lines=^\s*(# )?<?https?://\S+>?$
# Number of spaces of indent required inside a hanging or continued line.
indent-after-paren=4
# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1
# tab).
indent-string=' '
# Maximum number of characters on a single line.
max-line-length=80
# Maximum number of lines in a module
max-module-lines=1000
# List of optional constructs for which whitespace checking is disabled. `dict-
# separator` is used to allow tabulation in dicts, etc.: {1 : 1,\n222: 2}.
# `trailing-comma` allows a space between comma and closing bracket: (a, ).
# `empty-line` allows space-only lines.
no-space-check=trailing-comma,
dict-separator
# Allow the body of a class to be on the same line as the declaration if body
# contains single statement.
single-line-class-stmt=no
# Allow the body of an if to be on the same line as the test if there is no
# else.
single-line-if-stmt=no
[LOGGING]
# Logging modules to check that the string format arguments are in logging
# function parameter format
logging-modules=logging
[TYPECHECK]
# List of decorators that produce context managers, such as
# contextlib.contextmanager. Add to this list to register other decorators that
# produce valid context managers.
contextmanager-decorators=contextlib.contextmanager
# List of members which are set dynamically and missed by pylint inference
# system, and so shouldn't trigger E1101 when accessed. Python regular
# expressions are accepted.
generated-members=
# Tells whether missing members accessed in mixin class should be ignored. A
# mixin class is detected if its name ends with "mixin" (case insensitive).
ignore-mixin-members=yes
# This flag controls whether pylint should warn about no-member and similar
# checks whenever an opaque object is returned when inferring. The inference
# can return multiple potential results while evaluating a Python object, but
# some branches might not be evaluated, which results in partial inference. In
# that case, it might be useful to still emit no-member and other checks for
# the rest of the inferred objects.
ignore-on-opaque-inference=yes
# List of class names for which member attributes should not be checked (useful
# for classes with dynamically set attributes). This supports the use of
# qualified names.
ignored-classes=optparse.Values,thread._local,_thread._local,SQLAlchemy,scoped_session,logger
# List of module names for which member attributes should not be checked
# (useful for modules/projects where namespaces are manipulated during runtime
# and thus existing member attributes cannot be deduced by static analysis. It
# supports qualified module names, as well as Unix pattern matching.
ignored-modules=
# Show a hint with possible names when a member name was not found. The aspect
# of finding the hint is based on edit distance.
missing-member-hint=yes
# The minimum edit distance a name should have in order to be considered a
# similar match for a missing member name.
missing-member-hint-distance=1
# The total number of similar names that should be taken in consideration when
# showing a hint for a missing member.
missing-member-max-choices=1
[SIMILARITIES]
# Ignore comments when computing similarities.
ignore-comments=yes
# Ignore docstrings when computing similarities.
ignore-docstrings=yes
# Ignore imports when computing similarities.
ignore-imports=no
# Minimum lines number of a similarity.
min-similarity-lines=4
[VARIABLES]
# List of additional names supposed to be defined in builtins. Remember that
# you should avoid to define new builtins when possible.
additional-builtins=
# Tells whether unused global variables should be treated as a violation.
allow-global-unused-variables=yes
# List of strings which can identify a callback function by name. A callback
# name must start or end with one of those strings.
callbacks=cb_,
_cb
# A regular expression matching the name of dummy variables (i.e. expectedly
# not used).
dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_
# Argument names that match this expression will be ignored. Default to name
# with leading underscore
ignored-argument-names=_.*|^ignored_|^unused_
# Tells whether we should check for unused import in __init__ files.
init-import=no
# List of qualified module names which can have objects that can redefine
# builtins.
redefining-builtins-modules=six.moves,past.builtins,future.builtins,io,builtins
[BASIC]
# Naming style matching correct argument names
argument-naming-style=snake_case
# Regular expression matching correct argument names. Overrides argument-
# naming-style
#argument-rgx=
# Naming style matching correct attribute names
attr-naming-style=snake_case
# Regular expression matching correct attribute names. Overrides attr-naming-
# style
#attr-rgx=
# Bad variable names which should always be refused, separated by a comma
bad-names=foo,
bar,
baz,
toto,
tutu,
tata
# Naming style matching correct class attribute names
class-attribute-naming-style=any
# Regular expression matching correct class attribute names. Overrides class-
# attribute-naming-style
#class-attribute-rgx=
# Naming style matching correct class names
class-naming-style=PascalCase
# Regular expression matching correct class names. Overrides class-naming-style
#class-rgx=
# Naming style matching correct constant names
const-naming-style=UPPER_CASE
# Regular expression matching correct constant names. Overrides const-naming-
# style
#const-rgx=
# Minimum line length for functions/classes that require docstrings, shorter
# ones are exempt.
docstring-min-length=-1
# Naming style matching correct function names
function-naming-style=snake_case
# Regular expression matching correct function names. Overrides function-
# naming-style
#function-rgx=
# Good variable names which should always be accepted, separated by a comma
good-names=i,
j,
k,
ex,
Run,
_
# Include a hint for the correct naming format with invalid-name
include-naming-hint=no
# Naming style matching correct inline iteration names
inlinevar-naming-style=any
# Regular expression matching correct inline iteration names. Overrides
# inlinevar-naming-style
#inlinevar-rgx=
# Naming style matching correct method names
method-naming-style=snake_case
# Regular expression matching correct method names. Overrides method-naming-
# style
#method-rgx=
# Naming style matching correct module names
module-naming-style=snake_case
# Regular expression matching correct module names. Overrides module-naming-
# style
#module-rgx=
# Colon-delimited sets of names that determine each other's naming style when
# the name regexes allow several styles.
name-group=
# Regular expression which should only match function or class names that do
# not require a docstring.
no-docstring-rgx=^_
# List of decorators that produce properties, such as abc.abstractproperty. Add
# to this list to register other decorators that produce valid properties.
property-classes=abc.abstractproperty
# Naming style matching correct variable names
variable-naming-style=snake_case
# Regular expression matching correct variable names. Overrides variable-
# naming-style
#variable-rgx=
[SPELLING]
# Limits count of emitted suggestions for spelling mistakes
max-spelling-suggestions=4
# Spelling dictionary name. Available dictionaries: none. To make it working
# install python-enchant package.
spelling-dict=
# List of comma separated words that should not be checked.
spelling-ignore-words=
# A path to a file that contains private dictionary; one word per line.
spelling-private-dict-file=
# Tells whether to store unknown words to indicated private dictionary in
# --spelling-private-dict-file option instead of raising a message.
spelling-store-unknown-words=no
[DESIGN]
# Maximum number of arguments for function / method
max-args=5
# Maximum number of attributes for a class (see R0902).
max-attributes=7
# Maximum number of boolean expressions in a if statement
max-bool-expr=5
# Maximum number of branch for function / method body
max-branches=12
# Maximum number of locals for function / method body
max-locals=15
# Maximum number of parents for a class (see R0901).
max-parents=7
# Maximum number of public methods for a class (see R0904).
max-public-methods=20
# Maximum number of return / yield for function / method body
max-returns=6
# Maximum number of statements in function / method body
max-statements=50
# Minimum number of public methods for a class (see R0903).
min-public-methods=2
[IMPORTS]
# Allow wildcard imports from modules that define __all__.
allow-wildcard-with-all=no
# Analyse import fallback blocks. This can be used to support both Python 2 and
# 3 compatible code, which means that the block might have code that exists
# only in one or another interpreter, leading to false positives when analysed.
analyse-fallback-blocks=no
# Deprecated modules which should not be used, separated by a comma
deprecated-modules=optparse,tkinter.tix
# Create a graph of external dependencies in the given file (report RP0402 must
# not be disabled)
ext-import-graph=
# Create a graph of every (i.e. internal and external) dependencies in the
# given file (report RP0402 must not be disabled)
import-graph=
# Create a graph of internal dependencies in the given file (report RP0402 must
# not be disabled)
int-import-graph=
# Force import order to recognize a module as part of the standard
# compatibility libraries.
known-standard-library=
# Force import order to recognize a module as part of a third party library.
known-third-party=enchant
[CLASSES]
# List of method names used to declare (i.e. assign) instance attributes.
defining-attr-methods=__init__,
__new__,
setUp
# List of member names, which should be excluded from the protected access
# warning.
exclude-protected=_asdict,
_fields,
_replace,
_source,
_make
# List of valid names for the first argument in a class method.
valid-classmethod-first-arg=cls
# List of valid names for the first argument in a metaclass class method.
valid-metaclass-classmethod-first-arg=mcs
[EXCEPTIONS]
# Exceptions that will emit a warning when being caught. Defaults to
# "Exception"
overgeneral-exceptions=Exception

2
server/Pipfile

@ -18,6 +18,8 @@ coverage = "*"
pycodestyle = "*"
mypy = "*"
mock = "*"
pylint = "*"
pydocstyle = "*"
[requires]
python_version = "3.6"

94
server/Pipfile.lock

@ -1,7 +1,7 @@
{
"_meta": {
"hash": {
"sha256": "a8ad1b3822122643e380c48cefa0ab6356d268b7b9756f55d8040466825fea25"
"sha256": "5f2e59b2a44c07b72414512802099dc64544fc8e724f5e5b033d627ac0a20626"
},
"pipfile-spec": 6,
"requires": {
@ -202,6 +202,13 @@
}
},
"develop": {
"astroid": {
"hashes": [
"sha256:0ef2bf9f07c3150929b25e8e61b5198c27b0dca195e156f0e4d5bdd89185ca1a",
"sha256:fc9b582dba0366e63540982c3944a9230cbc6f303641c51483fa547dcc22393a"
],
"version": "==1.6.5"
},
"atomicwrites": {
"hashes": [
"sha256:240831ea22da9ab882b551b31d4225591e5e447a68c5e188db5b89ca1d487585",
@ -258,6 +265,55 @@
"index": "pypi",
"version": "==4.5.1"
},
"isort": {
"hashes": [
"sha256:1153601da39a25b14ddc54955dbbacbb6b2d19135386699e2ad58517953b34af",
"sha256:b9c40e9750f3d77e6e4d441d8b0266cf555e7cdabdcff33c4fd06366ca761ef8",
"sha256:ec9ef8f4a9bc6f71eec99e1806bfa2de401650d996c59330782b89a5555c1497"
],
"version": "==4.3.4"
},
"lazy-object-proxy": {
"hashes": [
"sha256:0ce34342b419bd8f018e6666bfef729aec3edf62345a53b537a4dcc115746a33",
"sha256:1b668120716eb7ee21d8a38815e5eb3bb8211117d9a90b0f8e21722c0758cc39",
"sha256:209615b0fe4624d79e50220ce3310ca1a9445fd8e6d3572a896e7f9146bbf019",
"sha256:27bf62cb2b1a2068d443ff7097ee33393f8483b570b475db8ebf7e1cba64f088",
"sha256:27ea6fd1c02dcc78172a82fc37fcc0992a94e4cecf53cb6d73f11749825bd98b",
"sha256:2c1b21b44ac9beb0fc848d3993924147ba45c4ebc24be19825e57aabbe74a99e",
"sha256:2df72ab12046a3496a92476020a1a0abf78b2a7db9ff4dc2036b8dd980203ae6",
"sha256:320ffd3de9699d3892048baee45ebfbbf9388a7d65d832d7e580243ade426d2b",
"sha256:50e3b9a464d5d08cc5227413db0d1c4707b6172e4d4d915c1c70e4de0bbff1f5",
"sha256:5276db7ff62bb7b52f77f1f51ed58850e315154249aceb42e7f4c611f0f847ff",
"sha256:61a6cf00dcb1a7f0c773ed4acc509cb636af2d6337a08f362413c76b2b47a8dd",
"sha256:6ae6c4cb59f199d8827c5a07546b2ab7e85d262acaccaacd49b62f53f7c456f7",
"sha256:7661d401d60d8bf15bb5da39e4dd72f5d764c5aff5a86ef52a042506e3e970ff",
"sha256:7bd527f36a605c914efca5d3d014170b2cb184723e423d26b1fb2fd9108e264d",
"sha256:7cb54db3535c8686ea12e9535eb087d32421184eacc6939ef15ef50f83a5e7e2",
"sha256:7f3a2d740291f7f2c111d86a1c4851b70fb000a6c8883a59660d95ad57b9df35",
"sha256:81304b7d8e9c824d058087dcb89144842c8e0dea6d281c031f59f0acf66963d4",
"sha256:933947e8b4fbe617a51528b09851685138b49d511af0b6c0da2539115d6d4514",
"sha256:94223d7f060301b3a8c09c9b3bc3294b56b2188e7d8179c762a1cda72c979252",
"sha256:ab3ca49afcb47058393b0122428358d2fbe0408cf99f1b58b295cfeb4ed39109",
"sha256:bd6292f565ca46dee4e737ebcc20742e3b5be2b01556dafe169f6c65d088875f",
"sha256:cb924aa3e4a3fb644d0c463cad5bc2572649a6a3f68a7f8e4fbe44aaa6d77e4c",
"sha256:d0fc7a286feac9077ec52a927fc9fe8fe2fabab95426722be4c953c9a8bede92",
"sha256:ddc34786490a6e4ec0a855d401034cbd1242ef186c20d79d2166d6a4bd449577",
"sha256:e34b155e36fa9da7e1b7c738ed7767fc9491a62ec6af70fe9da4a057759edc2d",
"sha256:e5b9e8f6bda48460b7b143c3821b21b452cb3a835e6bbd5dd33aa0c8d3f5137d",
"sha256:e81ebf6c5ee9684be8f2c87563880f93eedd56dd2b6146d8a725b50b7e5adb0f",
"sha256:eb91be369f945f10d3a49f5f9be8b3d0b93a4c2be8f8a5b83b0571b8123e0a7a",
"sha256:f460d1ceb0e4a5dcb2a652db0904224f367c9b3c1470d5a7683c0480e582468b"
],
"version": "==1.3.1"
},
"mccabe": {
"hashes": [
"sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42",
"sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f"
],
"version": "==0.6.1"
},
"mock": {
"hashes": [
"sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1",
@ -284,10 +340,10 @@
},
"pbr": {
"hashes": [
"sha256:3747c6f017f2dc099986c325239661948f9f5176f6880d9fdef164cb664cd665",
"sha256:a9c27eb8f0e24e786e544b2dbaedb729c9d8546342b5a6818d8eda098ad4340d"
"sha256:4f2b11d95917af76e936811be8361b2b19616e5ef3b55956a429ec7864378e0c",
"sha256:e0f23b61ec42473723b2fec2f33fb12558ff221ee551962f01dd4de9053c2055"
],
"version": "==4.0.4"
"version": "==4.1.0"
},
"pluggy": {
"hashes": [
@ -313,6 +369,23 @@
"index": "pypi",
"version": "==2.4.0"
},
"pydocstyle": {
"hashes": [
"sha256:08a870edc94508264ed90510db466c6357c7192e0e866561d740624a8fc7d90c",
"sha256:4d5bcde961107873bae621f3d580c3e35a426d3687ffc6f8fb356f6628da5a97",
"sha256:af9fcccb303899b83bec82dc9a1d56c60fc369973223a5e80c3dfa9bdf984405"
],
"index": "pypi",
"version": "==2.1.1"
},
"pylint": {
"hashes": [
"sha256:a48070545c12430cfc4e865bf62f5ad367784765681b3db442d8230f0960aa3c",
"sha256:fff220bcb996b4f7e2b0f6812fd81507b72ca4d8c4d05daf2655c333800cb9b3"
],
"index": "pypi",
"version": "==1.9.2"
},
"pytest": {
"hashes": [
"sha256:0453c8676c2bee6feb0434748b068d5510273a916295fd61d306c4f22fbfd752",
@ -336,6 +409,13 @@
],
"version": "==1.11.0"
},
"snowballstemmer": {
"hashes": [
"sha256:919f26a68b2c17a7634da993d91339e288964f93c274f1343e3bbbe2096e1128",
"sha256:9f3bcd3c401c3e862ec0ebe6d2c069ebc012ce142cce209c098ccb5b09136e89"
],
"version": "==1.2.1"
},
"typed-ast": {
"hashes": [
"sha256:0948004fa228ae071054f5208840a1e88747a357ec1101c17217bfe99b299d58",
@ -363,6 +443,12 @@
"sha256:f19f2a4f547505fe9072e15f6f4ae714af51b5a681a97f187971f50c283193b6"
],
"version": "==1.1.0"
},
"wrapt": {
"hashes": [
"sha256:d4d560d479f2c21e1b5443bbd15fe7ec4b37fe7e53d335d3b9b0a7b1226fe3c6"
],
"version": "==1.10.11"
}
}
}

62
server/atheneum/__init__.py

@ -1,3 +1,6 @@
"""
Atheneum Flask Application
"""
import os
from logging.config import dictConfig
@ -27,51 +30,64 @@ dictConfig({
def create_app(test_config: dict = None) -> Flask:
app = Flask(__name__, instance_relative_config=True)
app.logger.debug('Creating Atheneum Server')
"""
Create an instance of Atheneum
:param test_config:
:return:
"""
atheneum_app = Flask(__name__, instance_relative_config=True)
logger = atheneum_app.logger()
logger.debug('Creating Atheneum Server')
data_directory = os.getenv('ATHENEUM_DATA_DIRECTORY', '/tmp')
app.logger.debug('Atheneum Data Directory: %s', data_directory)
logger.debug('Atheneum Data Directory: %s', data_directory)
default_database_uri = 'sqlite:///{}/atheneum.db'.format(data_directory)
app.config.from_mapping(
atheneum_app.config.from_mapping(
SECRET_KEY='dev',
SQLALCHEMY_DATABASE_URI=default_database_uri,
SQLALCHEMY_TRACK_MODIFICATIONS=False
)
if test_config is None:
app.logger.debug('Loading configurations')
app.config.from_object('atheneum.default_settings')
app.config.from_pyfile('config.py', silent=True)
logger.debug('Loading configurations')
atheneum_app.config.from_object('atheneum.default_settings')
atheneum_app.config.from_pyfile('config.py', silent=True)
if os.getenv('ATHENEUM_SETTINGS', None):
app.config.from_envvar('ATHENEUM_SETTINGS')
atheneum_app.config.from_envvar('ATHENEUM_SETTINGS')
else:
app.logger.debug('Loading test configuration')
app.config.from_object(test_config)
logger.debug('Loading test configuration')
atheneum_app.config.from_object(test_config)
try:
os.makedirs(app.instance_path)
os.makedirs(atheneum_app.instance_path)
except OSError:
pass
app.json_encoder = utility.CustomJSONEncoder
atheneum_app.json_encoder = utility.CustomJSONEncoder
logger.debug('Initializing Application')
db.init_app(atheneum_app)
logger.debug('Registering Database Models')
Migrate(atheneum_app, db)
app.logger.debug('Initializing Application')
db.init_app(app)
app.logger.debug('Registering Database Models')
Migrate(app, db)
return atheneum_app
return app
def register_blueprints(atheneum_app: Flask) -> None:
"""
Register blueprints for the application
def register_blueprints(app: Flask) -> None:
from atheneum.api import auth_blueprint
app.register_blueprint(auth_blueprint)
:param atheneum_app:
:return:
"""
from atheneum.api import AUTH_BLUEPRINT
atheneum_app.register_blueprint(AUTH_BLUEPRINT)
app = create_app()
register_blueprints(app)
APP = create_app()
register_blueprints(APP)
def init_db() -> None:
@ -80,4 +96,4 @@ def init_db() -> None:
if __name__ == "__main__":
app.run()
APP.run()

5
server/atheneum/api/__init__.py

@ -1 +1,4 @@
from atheneum.api.authentication_api import auth_blueprint
"""
API blueprint exports
"""
from atheneum.api.authentication_api import AUTH_BLUEPRINT

12
server/atheneum/api/authentication_api.py

@ -1,3 +1,7 @@
"""
Authentication API blueprint and endpoint definitions
"""
from flask import Blueprint, g
from atheneum.api.decorators import return_json
@ -5,11 +9,11 @@ from atheneum.api.model import APIResponse
from atheneum.middleware import authentication_middleware
from atheneum.service import user_token_service, authentication_service
auth_blueprint = Blueprint(
AUTH_BLUEPRINT = Blueprint(
name='auth', import_name=__name__, url_prefix='/auth')
@auth_blueprint.route('/login', methods=['POST'])
@AUTH_BLUEPRINT.route('/login', methods=['POST'])
@return_json
@authentication_middleware.require_basic_auth
def login() -> APIResponse:
@ -21,7 +25,7 @@ def login() -> APIResponse:
return APIResponse({'token': user_token.token}, 200)
@auth_blueprint.route('/bump', methods=['POST'])
@AUTH_BLUEPRINT.route('/bump', methods=['POST'])
@return_json
@authentication_middleware.require_token_auth
def login_bump() -> APIResponse:
@ -33,7 +37,7 @@ def login_bump() -> APIResponse:
return APIResponse({'last_login_time': g.user.last_login_time}, 200)
@auth_blueprint.route('/logout', methods=['POST'])
@AUTH_BLUEPRINT.route('/logout', methods=['POST'])
@return_json
@authentication_middleware.require_token_auth
def logout() -> APIResponse:

10
server/atheneum/api/decorators.py

@ -1,3 +1,7 @@
"""
Decorators to be used in the api module
"""
from functools import wraps
from typing import Callable, Any
@ -15,6 +19,12 @@ def return_json(func: Callable) -> Callable:
@wraps(func)
def decorate(*args: list, **kwargs: dict) -> Any:
"""
Make sure that the return of the function is jsonified into a Response
:param args:
:param kwargs:
:return:
"""
result = func(*args, **kwargs)
if isinstance(result, Response):
return result

9
server/atheneum/api/model.py

@ -1,6 +1,13 @@
"""
Model definitions for the api module
"""
from typing import Any, NamedTuple
class APIResponse(NamedTuple):
class APIResponse(NamedTuple): # pylint: disable=too-few-public-methods
"""
Custom class to wrap api responses
"""
payload: Any
status: int

4
server/atheneum/default_settings.py

@ -1,3 +1,7 @@
"""
Default settings for atheneum
"""
DEBUG = False
SECRET_KEY = b'\xb4\x89\x0f\x0f\xe5\x88\x97\xfe\x8d<\x0b@d\xe9\xa5\x87%' \
b'\xc6\xf0@l1\xe3\x90g\xfaA.?u=s' # CHANGE ME IN REAL CONFIG

70
server/atheneum/middleware/authentication_middleware.py

@ -1,7 +1,11 @@
"""
Middleware to handle authentication
"""
import base64
from functools import wraps
from typing import Optional, Callable, Any
import binascii
from flask import request, Response, g
from werkzeug.datastructures import Authorization
from werkzeug.http import bytes_to_wsgi, wsgi_to_bytes
@ -14,6 +18,13 @@ from atheneum.service import (
def authenticate_with_password(name: str, password: str) -> bool:
"""
Authenticate a username and a password
:param name:
:param password:
:return:
"""
user = user_service.find_by_name(name)
if user is not None \
and authentication_service.is_valid_password(user, password):
@ -23,6 +34,13 @@ def authenticate_with_password(name: str, password: str) -> bool:
def authenticate_with_token(name: str, token: str) -> bool:
"""
Authenticate a username and a token
:param name:
:param token:
:return:
"""
user = user_service.find_by_name(name)
if user is not None:
user_token = user_token_service.find_by_user_and_token(user, token)
@ -35,6 +53,12 @@ def authenticate_with_token(name: str, token: str) -> bool:
def authentication_failed(auth_type: str) -> Response:
"""
Return a correct response for failed authentication
:param auth_type:
:return:
"""
return Response(
status=401,
headers={
@ -42,8 +66,14 @@ def authentication_failed(auth_type: str) -> Response:
})
def parse_token_authorization_header(
def parse_token_header(
header_value: str) -> Optional[Authorization]:
"""
Parse the Authorization: Token header for the username and token
:param header_value:
:return:
"""
if not header_value:
return None
value = wsgi_to_bytes(header_value)
@ -55,7 +85,7 @@ def parse_token_authorization_header(
if auth_type == b'token':
try:
username, token = base64.b64decode(auth_info).split(b':', 1)
except Exception:
except binascii.Error:
return None
return Authorization('token', {'username': bytes_to_wsgi(username),
'password': bytes_to_wsgi(token)})
@ -63,25 +93,51 @@ def parse_token_authorization_header(
def require_basic_auth(func: Callable) -> Callable:
"""
Decorator to require inline basic auth
:param func:
:return:
"""
@wraps(func)
def decorate(*args: list, **kwargs: dict) -> Any:
"""
authenticate with password from basic auth before calling wrapped
function
:param args:
:param kwargs:
:return:
"""
auth = request.authorization
if auth and authenticate_with_password(auth.username, auth.password):
return func(*args, **kwargs)
else:
return authentication_failed('Basic')
return authentication_failed('Basic')
return decorate
def require_token_auth(func: Callable) -> Callable:
"""
Decorator to require inline token auth
:param func:
:return:
"""
@wraps(func)
def decorate(*args: list, **kwargs: dict) -> Any:
token = parse_token_authorization_header(
"""
Authenticate with a token from token auth before calling wrapped
function
:param args:
:param kwargs:
:return:
"""
token = parse_token_header(
request.headers.get('Authorization', None))
if token and authenticate_with_token(token.username, token.password):
return func(*args, **kwargs)
else:
return authentication_failed('Bearer')
return authentication_failed('Bearer')
return decorate

3
server/atheneum/model/__init__.py

@ -1 +1,4 @@
"""
Expose models to be used in Atheneum
"""
from atheneum.model.user_model import User, UserToken

13
server/atheneum/model/user_model.py

@ -1,7 +1,13 @@
"""
User related SQLALchemy models
"""
from atheneum import db
class User(db.Model):
class User(db.Model): # pylint: disable=too-few-public-methods
"""
Represents a user in the system
"""
__tablename__ = 'user'
ROLE_USER = 'USER'
@ -22,7 +28,10 @@ class User(db.Model):
version = db.Column('version', db.Integer, default=1, nullable=False)
class UserToken(db.Model):
class UserToken(db.Model): # pylint: disable=too-few-public-methods
"""
Represents a token used alongside a user to authenticate operations
"""
__tablename__ = 'user_token'
user_token_id = db.Column('id', db.Integer, primary_key=True)

14
server/atheneum/service/authentication_service.py

@ -1,3 +1,6 @@
"""
Service to handle authentication
"""
import uuid
from datetime import datetime
from typing import Optional, Tuple
@ -10,6 +13,10 @@ from atheneum.service import user_service, user_token_service
def generate_token() -> uuid.UUID:
"""
Generate a unique token
:return:
"""
return uuid.uuid4()
@ -24,6 +31,13 @@ def get_password_hash(password: str) -> Tuple[str, int]:
def is_valid_password(user: User, password: str) -> bool:
"""
User password must pass pwhash verify
:param user:
:param password:
:return:
"""
assert user
try:

40
server/atheneum/service/user_service.py

@ -1,12 +1,23 @@
"""
Service to handle user operations
"""
from datetime import datetime
from typing import Optional
from atheneum import app, db
from atheneum import APP, db
from atheneum.model import User
from atheneum.service import authentication_service
def register(name: str, password: str, role: str) -> User:
"""
Register a new user
:param name: Desired user name. Must be unique and not already registered
:param password: Password to be hashed and stored for the user
:param role: Role to assign the user [ROLE_USER, ROLE_ADMIN]
:return:
"""
pw_hash, pw_revision = authentication_service.get_password_hash(password)
new_user = User(
@ -19,11 +30,17 @@ def register(name: str, password: str, role: str) -> User:
db.session.add(new_user)
db.session.commit()
app.logger.info('Registered new user: %s with role: %s', name, role)
APP.logger.info('Registered new user: %s with role: %s', name, role)
return new_user
def delete(user: User) -> bool:
"""
Delete a user
:param user:
:return:
"""
existing_user = db.session.delete(user)
if existing_user is None:
db.session.commit()
@ -32,11 +49,24 @@ def delete(user: User) -> bool:
def update_last_login_time(user: User) -> None:
"""
Bump the last login time for the user
:param user:
:return:
"""
user.last_login_time = datetime.now()
db.session.commit()
def update_password(user: User, password: str) -> None:
"""
Change the user password
:param user:
:param password:
:return:
"""
pw_hash, pw_revision = authentication_service.get_password_hash(
password)
user.password_hash = pw_hash
@ -45,4 +75,10 @@ def update_password(user: User, password: str) -> None:
def find_by_name(name: str) -> Optional[User]:
"""
Find a user by name
:param name:
:return:
"""
return User.query.filter_by(name=name).first()

16
server/atheneum/service/user_token_service.py

@ -1,3 +1,6 @@
"""
Service to handle user_token operations
"""
from datetime import datetime
from typing import Optional
@ -41,6 +44,12 @@ def create(
def delete(user_token: UserToken) -> bool:
"""
Delete a user_token
:param user_token:
:return:
"""
existing_user_token = db.session.delete(user_token)
if existing_user_token is None:
db.session.commit()
@ -49,4 +58,11 @@ def delete(user_token: UserToken) -> bool:
def find_by_user_and_token(user: User, token: str) -> Optional[UserToken]:
"""
Lookup a user_token by user and token string
:param user:
:param token:
:return:
"""
return UserToken.query.filter_by(user_id=user.id, token=token).first()

18
server/atheneum/utility.py

@ -1,3 +1,8 @@
"""
Utility classes for Atheneum
"""
from datetime import date
from typing import Any
@ -6,13 +11,16 @@ from flask.json import JSONEncoder
class CustomJSONEncoder(JSONEncoder):
def default(self, obj: Any) -> Any:
"""
Ensure that datetime values are serialized correctly
"""
def default(self, o: Any) -> Any: # pylint: disable=E0202
try:
if isinstance(obj, date):
return rfc3339.format(obj)
iterable = iter(obj)
if isinstance(o, date):
return rfc3339.format(o)
iterable = iter(o)
except TypeError:
pass
else:
return list(iterable)
return JSONEncoder.default(self, obj)
return JSONEncoder.default(self, o)

6
server/manage.py

@ -7,7 +7,7 @@ from os import path
import click
from click import Context
from atheneum import app
from atheneum import APP
from atheneum.model import User
from atheneum.service import user_service
@ -119,6 +119,6 @@ user_command_group.add_command(reset_user_password)
user_command_group.add_command(list_users)
if __name__ == '__main__':
logging.debug('Managing: %s', app.name)
with app.app_context():
logging.debug('Managing: %s', APP.name)
with APP.app_context():
main()

6
server/run_tests.sh

@ -3,7 +3,9 @@
set -e
set -x
pycodestyle atheneum tests
pylint atheneum
mypy atheneum tests
PYTHONPATH=$(pwd) coverage run --source atheneum -m pytest
coverage report --fail-under=85 -m --skip-covered
coverage report --fail-under=85 -m --skip-covered
pycodestyle atheneum tests
pydocstyle atheneum
Loading…
Cancel
Save