Allowed the ability to provide a static SECRET_KEY for use with CSRF protection (fixes #128)
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
from __future__ import unicode_literals
|
||||
from __future__ import absolute_import
|
||||
|
||||
import os
|
||||
import logging
|
||||
import collections
|
||||
try:
|
||||
@@ -15,6 +14,7 @@ from flask import (
|
||||
Response, stream_with_context, redirect,
|
||||
request
|
||||
)
|
||||
from flask_wtf.csrf import CsrfProtect
|
||||
|
||||
from pypuppetdb import connect
|
||||
|
||||
@@ -26,11 +26,13 @@ from puppetboard.utils import (
|
||||
|
||||
|
||||
app = Flask(__name__)
|
||||
CsrfProtect(app)
|
||||
|
||||
app.config.from_object('puppetboard.default_settings')
|
||||
graph_facts = app.config['GRAPH_FACTS']
|
||||
app.config.from_envvar('PUPPETBOARD_SETTINGS', silent=True)
|
||||
graph_facts += app.config['GRAPH_FACTS']
|
||||
app.secret_key = os.urandom(24)
|
||||
app.secret_key = app.config['SECRET_KEY']
|
||||
|
||||
app.jinja_env.filters['jsonprint'] = jsonprint
|
||||
|
||||
|
||||
@@ -1,9 +1,12 @@
|
||||
import os
|
||||
|
||||
PUPPETDB_HOST = 'localhost'
|
||||
PUPPETDB_PORT = 8080
|
||||
PUPPETDB_SSL_VERIFY = True
|
||||
PUPPETDB_KEY = None
|
||||
PUPPETDB_CERT = None
|
||||
PUPPETDB_TIMEOUT = 20
|
||||
SECRET_KEY = os.urandom(24)
|
||||
DEV_LISTEN_HOST = '127.0.0.1'
|
||||
DEV_LISTEN_PORT = 5000
|
||||
DEV_COFFEE_LOCATION = 'coffee'
|
||||
|
||||
@@ -4,29 +4,28 @@
|
||||
{% with messages = get_flashed_messages(with_categories=true) %}
|
||||
{% if messages %}
|
||||
{% for category, message in messages %}
|
||||
<div class="ui {{category}} message">
|
||||
{{message}}
|
||||
<div class="ui {{ category }} message">
|
||||
{{ message }}
|
||||
</div>
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% endwith %}
|
||||
<div class="ui form">
|
||||
<form method="POST" action="{{ url_for('query')}}"
|
||||
<form method="POST" action="{{ url_for('query') }}">
|
||||
{{ form.csrf_token }}
|
||||
<div class="field {% if form.query.errors %} error {% endif %}">
|
||||
{{form.query(autofocus="autofocus", rows=5, placeholder="Enter your query: [\"=\", \"name\", \"hostname\"]. You may omit the opening and closing bracket.")}}
|
||||
{{ form.query(autofocus="autofocus", rows=5, placeholder="Enter your query: [\"=\", \"name\", \"hostname\"]. You may omit the opening and closing bracket.") }}
|
||||
</div>
|
||||
<div class="inline fields">
|
||||
{% for subfield in form.endpoints %}
|
||||
<div class="field">
|
||||
<div class="ui radio checkbox">
|
||||
{{subfield }}
|
||||
{{subfield.label}}
|
||||
{{ subfield }}
|
||||
{{ subfield.label }}
|
||||
</div>
|
||||
</div>
|
||||
{% endfor %}
|
||||
</div>
|
||||
{{ form.hidden_tag() }}
|
||||
<input type=submit class="ui submit button" value='Submit'>
|
||||
<input type=reset class="ui red submit button" value='Cancel'>
|
||||
</form>
|
||||
@@ -36,7 +35,7 @@
|
||||
<div class="row">
|
||||
<div class="span12">
|
||||
<h2>Result</h2>
|
||||
<pre><code>{{result|jsonprint}}</code></pre>
|
||||
<pre><code>{{ result|jsonprint }}</code></pre>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
Reference in New Issue
Block a user