forest
672ff49d6d
stripe back button ratchet issue because the only way to use stripe checkout is to run their proprietary JS, and we arent using a SPA, naturally what happens is, when you land on the stripe payment page if you hit the back button it goes back to the same page where you got re-directed to stripe. this commit fixes that.
145 lines
4.8 KiB
Python
145 lines
4.8 KiB
Python
import logging
|
|
from logging.config import dictConfig as logging_dict_config
|
|
|
|
import os
|
|
import hashlib
|
|
|
|
import stripe
|
|
from dotenv import load_dotenv, find_dotenv
|
|
from flask import Flask
|
|
from flask_mail import Mail
|
|
from flask import render_template
|
|
from flask import url_for
|
|
from flask import current_app
|
|
|
|
from capsulflask import virt_model, cli
|
|
from capsulflask.btcpay import client as btcpay
|
|
|
|
load_dotenv(find_dotenv())
|
|
|
|
app = Flask(__name__)
|
|
|
|
app.config.from_mapping(
|
|
BASE_URL=os.environ.get("BASE_URL", default="http://localhost:5000"),
|
|
SECRET_KEY=os.environ.get("SECRET_KEY", default="dev"),
|
|
VIRTUALIZATION_MODEL=os.environ.get("VIRTUALIZATION_MODEL", default="mock"),
|
|
LOG_LEVEL=os.environ.get("LOG_LEVEL", default="INFO"),
|
|
ADMIN_EMAIL_ADDRESSES=os.environ.get("ADMIN_EMAIL_ADDRESSES", default="ops@cyberia.club"),
|
|
|
|
DATABASE_URL=os.environ.get("DATABASE_URL", default="sql://postgres:dev@localhost:5432/postgres"),
|
|
DATABASE_SCHEMA=os.environ.get("DATABASE_SCHEMA", default="public"),
|
|
|
|
MAIL_SERVER=os.environ.get("MAIL_SERVER", default="m1.nullhex.com"),
|
|
MAIL_PORT=os.environ.get("MAIL_PORT", default="587"),
|
|
MAIL_USE_TLS=os.environ.get("MAIL_USE_TLS", default="True").lower() in ['true', '1', 't', 'y', 'yes'],
|
|
MAIL_USERNAME=os.environ.get("MAIL_USERNAME", default="forest@nullhex.com"),
|
|
MAIL_PASSWORD=os.environ.get("MAIL_PASSWORD", default=""),
|
|
MAIL_DEFAULT_SENDER=os.environ.get("MAIL_DEFAULT_SENDER", default="forest@nullhex.com"),
|
|
|
|
PROMETHEUS_URL=os.environ.get("PROMETHEUS_URL", default="https://prometheus.cyberia.club"),
|
|
|
|
STRIPE_API_VERSION=os.environ.get("STRIPE_API_VERSION", default="2020-03-02"),
|
|
STRIPE_SECRET_KEY=os.environ.get("STRIPE_SECRET_KEY", default=""),
|
|
STRIPE_PUBLISHABLE_KEY=os.environ.get("STRIPE_PUBLISHABLE_KEY", default=""),
|
|
#STRIPE_WEBHOOK_SECRET=os.environ.get("STRIPE_WEBHOOK_SECRET", default="")
|
|
|
|
BTCPAY_PRIVATE_KEY=os.environ.get("BTCPAY_PRIVATE_KEY", default="").replace("\\n", "\n"),
|
|
BTCPAY_URL=os.environ.get("BTCPAY_URL", default="https://btcpay.cyberia.club")
|
|
)
|
|
|
|
logging_dict_config({
|
|
'version': 1,
|
|
'formatters': {'default': {
|
|
'format': '[%(asctime)s] %(levelname)s in %(module)s: %(message)s',
|
|
}},
|
|
'handlers': {'wsgi': {
|
|
'class': 'logging.StreamHandler',
|
|
'stream': 'ext://flask.logging.wsgi_errors_stream',
|
|
'formatter': 'default'
|
|
}},
|
|
'root': {
|
|
'level': app.config['LOG_LEVEL'],
|
|
'handlers': ['wsgi']
|
|
}
|
|
})
|
|
|
|
# app.logger.critical("critical")
|
|
# app.logger.error("error")
|
|
# app.logger.warning("warning")
|
|
# app.logger.info("info")
|
|
# app.logger.debug("debug")
|
|
|
|
stripe.api_key = app.config['STRIPE_SECRET_KEY']
|
|
stripe.api_version = app.config['STRIPE_API_VERSION']
|
|
|
|
app.config['FLASK_MAIL_INSTANCE'] = Mail(app)
|
|
|
|
if app.config['VIRTUALIZATION_MODEL'] == "shell_scripts":
|
|
app.config['VIRTUALIZATION_MODEL'] = virt_model.ShellScriptVirtualization()
|
|
else:
|
|
app.config['VIRTUALIZATION_MODEL'] = virt_model.MockVirtualization()
|
|
|
|
app.config['BTCPAY_CLIENT'] = btcpay.Client(api_uri=app.config['BTCPAY_URL'], pem=app.config['BTCPAY_PRIVATE_KEY'])
|
|
|
|
from capsulflask import db
|
|
|
|
db.init_app(app)
|
|
|
|
from capsulflask import auth, landing, console, payment, metrics, cli
|
|
|
|
app.register_blueprint(landing.bp)
|
|
app.register_blueprint(auth.bp)
|
|
app.register_blueprint(console.bp)
|
|
app.register_blueprint(payment.bp)
|
|
app.register_blueprint(metrics.bp)
|
|
app.register_blueprint(cli.bp)
|
|
|
|
app.add_url_rule("/", endpoint="index")
|
|
|
|
@app.after_request
|
|
def security_headers(response):
|
|
response.headers['X-Frame-Options'] = 'SAMEORIGIN'
|
|
if 'Content-Security-Policy' not in response.headers:
|
|
response.headers['Content-Security-Policy'] = "default-src 'self'"
|
|
response.headers['X-Content-Type-Options'] = 'nosniff'
|
|
return response
|
|
|
|
|
|
@app.context_processor
|
|
def override_url_for():
|
|
"""
|
|
override the url_for function built into flask
|
|
with our own custom implementation that busts the cache correctly when files change
|
|
"""
|
|
return dict(url_for=url_for_with_cache_bust)
|
|
|
|
|
|
|
|
def url_for_with_cache_bust(endpoint, **values):
|
|
"""
|
|
Add a query parameter based on the hash of the file, this acts as a cache bust
|
|
"""
|
|
|
|
if endpoint == 'static':
|
|
filename = values.get('filename', None)
|
|
if filename:
|
|
if 'STATIC_FILE_HASH_CACHE' not in current_app.config:
|
|
current_app.config['STATIC_FILE_HASH_CACHE'] = dict()
|
|
|
|
if filename not in current_app.config['STATIC_FILE_HASH_CACHE']:
|
|
filepath = os.path.join(current_app.root_path, endpoint, filename)
|
|
#print(filepath)
|
|
if os.path.isfile(filepath) and os.access(filepath, os.R_OK):
|
|
|
|
with open(filepath, 'rb') as file:
|
|
hasher = hashlib.md5()
|
|
hasher.update(file.read())
|
|
current_app.config['STATIC_FILE_HASH_CACHE'][filename] = hasher.hexdigest()[-6:]
|
|
|
|
values['q'] = current_app.config['STATIC_FILE_HASH_CACHE'][filename]
|
|
|
|
return url_for(endpoint, **values)
|
|
|
|
|
|
|