Merge branch 'security'
Conflicts: endpoints/api.py endpoints/web.py
This commit is contained in:
yackob03
commit
845985c859
10 changed files with 202 additions and 153 deletions
|
|
@ -3,7 +3,7 @@ import requests
|
|||
import stripe
|
||||
|
||||
from flask import (abort, redirect, request, url_for, render_template,
|
||||
make_response, Response)
|
||||
make_response, Response, Blueprint)
|
||||
from flask.ext.login import login_required, current_user
|
||||
from urlparse import urlparse
|
||||
|
||||
|
|
@ -19,23 +19,28 @@ from endpoints.common import common_login
|
|||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
web = Blueprint('web', __name__)
|
||||
|
||||
|
||||
def render_page_template(name, **kwargs):
|
||||
return make_response(render_template(name, route_data=get_route_data(),
|
||||
|
||||
resp = make_response(render_template(name, route_data=get_route_data(),
|
||||
**kwargs))
|
||||
resp.headers['X-FRAME-OPTIONS'] = 'DENY'
|
||||
return resp
|
||||
|
||||
|
||||
@app.route('/', methods=['GET'], defaults={'path': ''})
|
||||
@app.route('/repository/<path:path>', methods=['GET'])
|
||||
@app.route('/organization/<path:path>', methods=['GET'])
|
||||
@web.route('/', methods=['GET'], defaults={'path': ''})
|
||||
@web.route('/repository/<path:path>', methods=['GET'])
|
||||
@web.route('/organization/<path:path>', methods=['GET'])
|
||||
@no_cache
|
||||
def index(path):
|
||||
return render_page_template('index.html')
|
||||
|
||||
|
||||
@app.route('/snapshot', methods=['GET'])
|
||||
@app.route('/snapshot/', methods=['GET'])
|
||||
@app.route('/snapshot/<path:path>', methods=['GET'])
|
||||
@web.route('/snapshot', methods=['GET'])
|
||||
@web.route('/snapshot/', methods=['GET'])
|
||||
@web.route('/snapshot/<path:path>', methods=['GET'])
|
||||
def snapshot(path = ''):
|
||||
parsed = urlparse(request.url)
|
||||
final_url = '%s://%s/%s' % (parsed.scheme, 'localhost', path)
|
||||
|
|
@ -46,92 +51,93 @@ def snapshot(path = ''):
|
|||
abort(404)
|
||||
|
||||
|
||||
@app.route('/plans/')
|
||||
@web.route('/plans/')
|
||||
@no_cache
|
||||
def plans():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/guide/')
|
||||
@web.route('/guide/')
|
||||
@no_cache
|
||||
def guide():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/organizations/')
|
||||
@app.route('/organizations/new/')
|
||||
@web.route('/organizations/')
|
||||
@web.route('/organizations/new/')
|
||||
@no_cache
|
||||
def organizations():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/user/')
|
||||
@web.route('/user/')
|
||||
@no_cache
|
||||
def user():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/signin/')
|
||||
@web.route('/signin/')
|
||||
@no_cache
|
||||
def signin():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/contact/')
|
||||
@web.route('/contact/')
|
||||
@no_cache
|
||||
def contact():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/new/')
|
||||
@web.route('/new/')
|
||||
@no_cache
|
||||
def new():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/repository/')
|
||||
@web.route('/repository/')
|
||||
@no_cache
|
||||
def repository():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/security/')
|
||||
@web.route('/security/')
|
||||
@no_cache
|
||||
def security():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/v1')
|
||||
@app.route('/v1/')
|
||||
@web.route('/v1')
|
||||
@web.route('/v1/')
|
||||
@no_cache
|
||||
def v1():
|
||||
return index('')
|
||||
|
||||
|
||||
@app.route('/status', methods=['GET'])
|
||||
@web.route('/status', methods=['GET'])
|
||||
@no_cache
|
||||
def status():
|
||||
return make_response('Healthy')
|
||||
|
||||
|
||||
@app.route('/tos', methods=['GET'])
|
||||
@web.route('/tos', methods=['GET'])
|
||||
@no_cache
|
||||
def tos():
|
||||
return render_page_template('tos.html')
|
||||
|
||||
|
||||
@app.route('/disclaimer', methods=['GET'])
|
||||
@web.route('/disclaimer', methods=['GET'])
|
||||
@no_cache
|
||||
def disclaimer():
|
||||
return render_page_template('disclaimer.html')
|
||||
|
||||
|
||||
@app.route('/privacy', methods=['GET'])
|
||||
@web.route('/privacy', methods=['GET'])
|
||||
@no_cache
|
||||
def privacy():
|
||||
return render_page_template('privacy.html')
|
||||
|
||||
|
||||
@app.route('/receipt', methods=['GET'])
|
||||
@web.route('/receipt', methods=['GET'])
|
||||
def receipt():
|
||||
if not current_user.is_authenticated():
|
||||
abort(401)
|
||||
|
|
@ -188,7 +194,7 @@ def get_github_user(token):
|
|||
return get_user.json()
|
||||
|
||||
|
||||
@app.route('/oauth2/github/callback', methods=['GET'])
|
||||
@web.route('/oauth2/github/callback', methods=['GET'])
|
||||
def github_oauth_callback():
|
||||
error = request.args.get('error', None)
|
||||
if error:
|
||||
|
|
@ -241,7 +247,7 @@ def github_oauth_callback():
|
|||
return render_page_template('githuberror.html')
|
||||
|
||||
|
||||
@app.route('/oauth2/github/callback/attach', methods=['GET'])
|
||||
@web.route('/oauth2/github/callback/attach', methods=['GET'])
|
||||
@login_required
|
||||
def github_oauth_attach():
|
||||
token = exchange_github_code_for_token(request.args.get('code'))
|
||||
|
|
@ -252,7 +258,7 @@ def github_oauth_attach():
|
|||
return redirect(url_for('user'))
|
||||
|
||||
|
||||
@app.route('/confirm', methods=['GET'])
|
||||
@web.route('/confirm', methods=['GET'])
|
||||
def confirm_email():
|
||||
code = request.values['code']
|
||||
user = None
|
||||
|
|
@ -268,7 +274,7 @@ def confirm_email():
|
|||
return redirect(url_for('user', tab='email') if new_email else url_for('index'))
|
||||
|
||||
|
||||
@app.route('/recovery', methods=['GET'])
|
||||
@web.route('/recovery', methods=['GET'])
|
||||
def confirm_recovery():
|
||||
code = request.values['code']
|
||||
user = model.validate_reset_code(code)
|
||||
|
|
|
|||
Reference in a new issue