I have created a program on elastic beanstalk which would be used internally in my office. It is easier to host it rather than run it locally with firewalls.
On the office network, we have a server that holds reports that would be processed in my program. but they are around 12 clicks to access through a file prompt. I have tried using a Transport Adapter to no avail. Is there a way to do this using a post request without needing to actually choose the file?
Thanks for the help! (I am new at this)
Related
thanks in advance
I have a nginx server in which i am running python tornado application server. My tornado server conatins api endpoints(Handler), Models (DB table models) and the code for their respective services. We are using it as a backend service for an app that sells goods. Recently, we have implemented a complain feature that lets you upload image for the products.
I have to write code in python to convert base64 image into actual jpg/png (which is done), and then upload it to a different windows server(i m stuck in uploading part). I have been researching about it and found a few ways like
FTP
by RemoteDesktopConnection (it is clearly not for me)
and a few more.
if there is any better way to do this plz tell. i am not really experienced so plz explain your answers in a bit detail. Thank you for your time.
previously i was storing it in my application server which is clearly not a good thing to do and i was not able to expose the url for images also.
If it just needs to be a file in a directory on the other windows server, one could turn on file sharing for the specific directory on the other windows server and then smb mount that directory onto your application server. Then your python code could simply write a file to that directory.
A fairly good guide for doing this can be found here
Note that in a final production environment you want to be sure that the security is set appropriately (which is beyond the scope of this question).
I'd like to build a GUI for a few Python functions I've written that pull data from MS SQL Server. My boss wants me to share the magic of Python & SQL with the rest of the team, without them having to learn any coding.
I've decided to go down the route of using Flask to create a webapp and creating an executable file using pyinstaller. I'd like it to work similarly to Jupyter Notebook, where you click on the file and it opens the notebook in your browser.
I was able to hack together some code to get a working prototype of the GUI. The issue is I don't know how to deploy it. I need the GUI/Webapp to only run on the local computer for the user I sent the file to, and I don't want it accessible via the internet (because of proprietary company data, security issues, etc).
The only documentation I've been able to find for deploying Flask is going the routine route of a web server.
So the question is, can anyone provide any guidance on how to deploy my GUI WebApp so that it's only available to the user who has the file, and not on the world wide web?
Thank you!
So, a few assumptions-- since you're a business and you're rocking a SQLServer-- you likely have Active Directory, and the computers that you care to access this app are all hooked into that domain (so, in reality, you, or your system admin does have full control over those computers).
Also, the primary function of the app is to access a SQLServer to populate itself with data before doing something with that data. If you're deploying that app, I'm guessing you're probably also including the SQLServer login details along with it.
With that in mind, I would just serve the Flask app on the network on it's own machine (maybe even the SQLServer machine if you have the choice), and then either implement security within the app that feeds off AD to authenticate, or just have a simple user/pass authentication you can distribute to users. By default random computers online aren't going to be able to access that app unless you've set your firewalls to deliberately route WAN traffic to it.
That way, you control the Flask server-- updates only have to occur at one point, making development easier, and users simply have to open up a link in an email you send, or a shortcut you leave on their desktop.
Unfortunately, you do not have control over a give users computer.
You are using flask, so your application is a web application which will be exposing your data to some port. I believe the default flask port is 5000.
Regardless, if your user opens the given port in their firewall, and this is also open on whatever router you are connected to, then your application will be publicly visible.
There is nothing that you can do from your python application code to prevent this.
Having said all of that, if you are running on 5000, it is highly unlikely your user will have this port publicly exposed. If you are running on port 80 or 8080, then the chances are higher that you might be exposing something.
A follow up question would be where is the database your web app is connecting to? Is it also on your users machine? If not, and your web app can connect to it regardless of whose machine you run it on, I would be more concerned about your DB being publicly exposed.
I am working on a Python WebSocket server. I initiate it by running the python server.py command in Terminal. After this, the server runs fine and actually pretty well for what I'm using it for. The server runs on port 8000.
My question is, if I keep the server.py file outside of my localhost directory or any sub-directory, can the Python file be read and the code viewed by anyone else?
Thanks.
It is hard to give a definite yes or no answer, because there are a million ways in which your server may expose the .py file. The crucial point is though, that your server needs to actively expose the file to the outside world. A computer with no network-enabled services running does not expose anything on the network, period. Only physical access to the computer would allow you access to the file.
From this absolute point, it's a slow erosion of security with every additional service that offers a network component. Your Python server itself (presumably) doesn't expose its own source code; it only offers the services it's programmed to offer. However, you may have other servers running on the machine which actively do offer the file for download, or perhaps can be tricked into doing so. That's where an absolute "No" is hard to give, because one would need to run a full audit of your machine to be able to give a definitive answer.
Suffice it to say that a properly configured server without gaping security holes will not enable users to download the underlying source code through the network.
I am newbie to python and django, but this time I need a fast solution. I've got a problems, using hosting where my django application is deployed so I need to migrate to another server, but I have no ssh or telnet to server, only ftp connection for this server. I need to export data from django database. I wanted to write a script and put it somewhere in django application for data export, but when I put my modification on server behavior does not change(as nothing changed). Also when I remove .pyc files from djagno (for example. views.pyc) - no changes, and when I remove .py file - nothings changes (for example views.py).
As far as I read about django, it is possible that server is running with option "-noreload".
So question is it any possible way to dump database only via ftp and django/python?
(remote connection via mysql is disabled)
ftp stands for "file transfer protocol", not for "remote shell", so no, you cannot use ftp to execute a command / program / script / whatever. But why don't you just ask your hosting how to get a dump of your data ?
I'm pretty new to Python but have been running a few programs locally using Komodo edit, and then uploading the results manually to my website's MySQL database.
I'm looking into letting Python do this on it's own, but as i understand it i have to open my MySQL database to anyone regardless of if they are running scripts on my server or not if I'm to do this.
I'm guessing this is due to with security reasons, but i don't know how vulnerable this can make my site? Is it a bad idea to do it this way, or would it be better to run my python program from the server itself? (I've never run python code from my server, and my python code too, might be insecure)
If you have a access to the entire server (i.e. not just the hosting directory as is common on some shared hosting setups), and can ssh into the server, then your safest (though not easiest) option is to place the script on the server outside of the web hosting folder. This will stop anyone from remotely accessing the script, and will let you connect to the db without enabling remote connections.
You could enable remote connections if your hosting server set up allows it (not sure if any hosting companies disable, or prevent it, though you may have to enable it from the start when you create the database) Just select a nice strong password. Then you can use your script locally, and you'd be as secure as your password.