Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The base configuration file is located on the config dir.
For enabling ssl encryption within the application, you will need to add in the "SERVER_ENV" key entry in the config file
SSL:
Certificate: "path to the cer file (public key)"
PrivateKey: "path to the pki file (private key)"
You can add default database using only the configuration file.
...
DATABASE:
default: mysql
mysql:
driver: mysql+pymysql
user: "replace this with your database user"
password: "replace this with your database user's password"
database: "replace this with your database name"
address: "replace this with your hostname"
models: "mysql (python module that require to be put under Models.Persistent module)"
readonly: false
...
...
DATABASE:
informix:
driver: informix
user: "replace this with your database user"
password: "replace this with your database user's password"
database: "replace this with your database name"
address: "replace this with your hostname"
models: "informix (python module that require to be put under Models.Persistent module)"
params:
SERVER: "replace with your server name"
CLIENT_LOCALE: "replace with your client locale"
DB_LOCALE: "replace with your server locale"
dialects:
informix:
module: IfxAlchemy.IfxPy
class: IfxDialect_IfxPy
informix.IfxPy:
module: IfxAlchemy.IfxPy
class: IfxDialect_IfxPy
informix.pyodbc:
module: IfxAlchemy.pyodbc
class: IfxDialect_pyodbc
readonly: false
...
"params" are parameters that need to be send within the connection to the database. In that example using informix database "SERVER", "CLIENT_LOCALE" and "DB_LOCALE" are required parameters for the connection to the database.
"dialects" are the python modules configuration to translate models into sql statements to query the database
...
DATABASE:
db01:
...
db02:
...
...
To enable sessions in the server you need to add "APP_KEY" and "SESSION" into the "SERVER_DATA" section in the configuration file
"APP_KEY" : random string value (keep that secret)
"SESSION" : string value, possible values are ["filesystem", "memcahed", "redis", "mongodb", "sqlalchemy"]
...
SERVICES:
redis:
HOST: localhost
PORT: 6379
filesystem:
PATH: sessions
memcached:
HOST: localhost
PORT: 11211
mongodb:
driver: mongodb
user: "replace this with your database user"
password: "replace this with your database user's password"
database: "replace this with your database name"
address: "replace this with your hostname"
collection: "replace this with your collection name for the sessions"
Session based on sqlalchemy will use the default configured database
...
DATABASES:
default: mysql
mysql:
driver: mysql+pymysql
user: "replace this with your database user"
password: "replace this with your database user's password"
database: "replace this with your database name"
address: "replace this with your hostname"
models: "mysql (python module that require to be put under Models.Persistent module)"
readonly: false
...
...
FLASK:
CONFIG:
CORS_ORIGINS:
- "http://localhost"
CORS_ALLOW_HEADERS:
- Content-Type
- Authorization
CORS_ALWAYS_SEND: true
CORS_AUTOMATIC_OPTIONS: true
CORS_EXPOSE_HEADERS: Authorization
CORS_INTERCEPT_EXCEPTIONS: true
CORS_MAX_AGE: null
CORS_METHODS:
- GET
- HEAD
- POST
- OPTIONS
CORS_SEND_WILDCARD: false
CORS_SUPPORTS_CREDENTIALS: true
CORS_VARY_HEADER: true
...
...
There are 3 files where you could register your flask server routes, You could find these file under the src/Server folder:
All the server http error code must be registered inside the init method of the ErrorHandler.py file.
Example:
server.register_error_handler(500, Controllers.Web.HTTP50XController.error500)
All the web based http routes must be registered inside the init method of the Web.py file.
Example:
server.add_url_rule('/', 'home', Controllers.Web.HomeController.index, methods=['GET'])
All the Rest API based routes must be registered inside the init method of the WS.py file.
Example:
server.add_url_rule('/api/', 'api', Controllers.WS.ApiController.index, methods=['GET'])
All web based http file controllers must be placed under the Controllers.Web
module.
The class based controllers that you register into the app must be imported into the __init__.py
file of the Controller.Web
module.
The file based that contain your view functions must must also be inmported into the __init__.py
file of the Controller.Web
module.
All Rest API based controllers must be placed under the src/Controllers/WS folder.
The class based controllers that you register into the app must be imported into the __init__.py
file of the Controller.Web
module.
The file based that contain your view functions must must also be inmported into the __init__.py
file of the Controller.Web
module.
you can create SQLAlchemy models by creating a new module under the Models.Persistent
module and place each models inside your module that you previously created.
The models that you register into the app must be an Database.Model
or Database.get_models_by_name('replace that with your database connection name')
object, you could import this object using the following line into your database model:
from Database import Database
All models must be imported inside the __init__.py
of your base module and you must import this module in the __init__.py
of the Models.Persistent
module
Tasks are some python code that are running at specific interval time. These task must be placed inside the src/Task folder. After that you must add these line inside the src/server.py file to enable your task function:
Server.Process.add_task("Task.YourFileOrClass.YourStaticMethodOrClassMethod", second=30)
Note the task you are registering must be before the line:
Server.Process.start(args)
The src/static folder contains all static file for your web based application.
The src/template folder contains layouts and templates file for your web based application. Those files are content configurable, you can also import layout inside the your template file, it allow you to have only content editable part into your template file.
docker-compose up
docker-compose start
docker-compose restart
docker-compose stop
We assume that your system already had python v3+ and pip v3+ installed.
git clone https://github.com/frederickney/flask-framework.git
cd flask-framework
pip3 install
or
pip install flask-framework-mvc
python -m flask_framework.cli -h
python -m flask_framework.cli -cp <your project>
or
python -m flask_framework.cli --create-project <your project>
When the project is created, more command can be used when the env "CONFIG_FILE" is set and can be run through
python -m flask_framework.app
see -h for usages
Setup the configuration as seen bellow in the screenshots
[!NOTE] "LOG_DIR" and "LOG_FILE" env are no longer mandatory for starting the process
[!WARNING] Issue raised, it is no longer working attached to ide using flask module: link to issue
export CONFIG_FILE=config/config.yml
python -m flask_framework.server
python -m flask_framework.wsgi
FAQs
Flask MVC framework
We found that flask-framework-mvc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.