|
|
@ -1,3 +1,8 @@ |
|
|
|
""" |
|
|
|
Environment variables: |
|
|
|
- SQLALCHEMY_DATABASE_URI: path to sqlite file, starting with "sqlite:////" |
|
|
|
- ADMIN_PASSWORD: password for admin user for sensitive endpoints |
|
|
|
""" |
|
|
|
|
|
|
|
from typing import Dict, Tuple, Union, Optional |
|
|
|
from flask import Flask, request, jsonify, Response |
|
|
@ -14,10 +19,10 @@ import os |
|
|
|
import threading |
|
|
|
import time |
|
|
|
|
|
|
|
app = Flask(__name__) |
|
|
|
|
|
|
|
CONTACT_EMAIL = "mailto:info@timesafari.app" |
|
|
|
|
|
|
|
app = Flask(__name__) |
|
|
|
|
|
|
|
class WebPushService(): |
|
|
|
""" |
|
|
|
This class provides services for sending web push notifications. |
|
|
@ -210,6 +215,7 @@ class WebPushService(): |
|
|
|
|
|
|
|
URL: /web-push/regenerate_vapid |
|
|
|
Method: POST |
|
|
|
Header: Authentication: Basic ... |
|
|
|
|
|
|
|
Returns: |
|
|
|
- Tuple[str, int]: A JSON response indicating the success or failure of the operation, along with the appropriate HTTP status code. |
|
|
@ -219,6 +225,19 @@ class WebPushService(): |
|
|
|
- If there's an error during the operation, a JSON response with the error message is returned with a 500 status code. |
|
|
|
""" |
|
|
|
|
|
|
|
envPassword = os.getenv('ADMIN_PASSWORD') |
|
|
|
auth = request.authorization |
|
|
|
if (auth is None |
|
|
|
or auth.username is None |
|
|
|
or auth.username != 'admin' |
|
|
|
or auth.password is None |
|
|
|
or auth.password != envPassword): |
|
|
|
return ( |
|
|
|
jsonify(error='Wrong password'), |
|
|
|
401, |
|
|
|
{'WWW-Authenticate': 'Basic realm="Login Required"'} |
|
|
|
) |
|
|
|
|
|
|
|
# Creating a context for the application to enable database operations |
|
|
|
try: |
|
|
|
with self.app.app_context(): |
|
|
|