Revert "Try moving the redirect to the app layer."

This reverts commit 0cba17efe3.
2013-10-01 16:54:05 -04:00 · 2013-10-01 16:54:05 -04:00 · 540815b943
commit 540815b943
parent 9c32770250
3 changed files with 4 additions and 24 deletions
--- a/config.py
+++ b/config.py
@ -60,7 +60,6 @@ class DebugConfig(FlaskConfig, MailConfig, LocalStorage, SQLiteDB):
    'level': logging.DEBUG,
    'format': LOG_FORMAT
  }
-  SECURE_REDIRECT = False


 class ProductionConfig(FlaskConfig, MailConfig, S3Storage, RDSMySQL):
@ -70,4 +69,3 @@ class ProductionConfig(FlaskConfig, MailConfig, S3Storage, RDSMySQL):
    'level': logging.DEBUG,
    'format': LOG_FORMAT,
  }
-  SECURE_REDIRECT = True
--- a/endpoints/web.py
+++ b/endpoints/web.py
@ -1,11 +1,9 @@
 import logging
-import urlparse

 from flask import (abort, send_file, redirect, request, url_for,
                   render_template)
 from flask.ext.login import login_user, UserMixin, login_required, logout_user
 from flask.ext.principal import identity_changed, Identity, AnonymousIdentity
-from functools import wraps

 from data import model
 from app import app, login_manager
@ -25,20 +23,6 @@ class _LoginWrappedDBUser(UserMixin):
    return unicode(self.db_user.username)


-def secure_required(f):
-  @wraps(f)
-  def decorated_view(*args, **kwargs):
-    if (app.config['SECURE_REDIRECT'] and 
-        request.environ['wsgi.url_scheme'] == 'http'):
-
-      logger.debug('Redirecting http url to https.')
-      parsed = urlparse.urlparse(request.url)
-      location = urlparse.urlunparse(('https',) + parsed[1:])
-      return redirect(location)
-    return f(*args, **kwargs)
-  return decorated_view
-
-
@login_manager.user_loader
 def load_user(username):
  logger.debug('Loading user: %s' % username)
@ -50,7 +34,6 @@ def load_user(username):


@app.route('/', methods=['GET'])
-@secure_required
 def index():
  return send_file('templates/index.html')

@ -67,13 +50,11 @@ def common_login(db_user):


@app.route('/signin', methods=['GET'])
-@secure_required
 def render_signin_page():
  return render_template('signin.html')


@app.route('/signin', methods=['POST'])
-@secure_required
 def signin():
  username = request.form['username']
  password = request.form['password']
@ -94,7 +75,6 @@ def signin():


@app.route('/confirm', methods=['GET'])
-@secure_required
 def confirm_email():
  code = request.values['code']
  user = model.confirm_user_email(code)
@ -105,13 +85,11 @@ def confirm_email():


@app.route('/reset', methods=['GET'])
-@secure_required
 def password_reset():
  pass


@app.route("/signout")
-@secure_required
@login_required
 def logout():
    logout_user()
--- a/wsgi.conf
+++ b/wsgi.conf
@ -8,6 +8,10 @@ WSGIPassAuthorization On
 <VirtualHost *:80>
  SetEnvIf X-Forwarded-Proto https HTTPS=1

+  RewriteEngine On
+  RewriteCond %{HTTP:X-Forwarded-Proto} !https
+  RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
+
  Alias /static /opt/python/current/app/static/
  <Directory /opt/python/current/app/>
    Order allow,deny