How do I get App Engine to generate the URL of the server it is currently running on?
If the application is running on development server it should return
http://localhost:8080/
and if the application is running on Google's servers it should return
http://application-name.appspot.com
You can get the URL that was used to make the current request from within your webapp handler via self.request.url or you could piece it together using the self.request.environ dict (which you can read about on the WebOb docs - request inherits from webob)
You can't "get the url for the server" itself, as many urls could be used to point to the same instance.
If your aim is really to just discover wether you are in development or production then use:
'Development' in os.environ['SERVER_SOFTWARE']
Here is an alternative answer.
from google.appengine.api import app_identity
server_url = app_identity.get_default_version_hostname()
On the dev appserver this would show:
localhost:8080
and on appengine
your_app_id.appspot.com
If you're using webapp2 as framework chances are that you already using URI routing in you web application.
http://webapp2.readthedocs.io/en/latest/guide/routing.html
app = webapp2.WSGIApplication([
webapp2.Route('/', handler=HomeHandler, name='home'),
])
When building URIs with webapp2.uri_for() just pass _full=True attribute to generate absolute URI including current domain, port and protocol according to current runtime environment.
uri = uri_for('home')
# /
uri = uri_for('home', _full=True)
# http://localhost:8080/
# http://application-name.appspot.com/
# https://application-name.appspot.com/
# http://your-custom-domain.com/
This function can be used in your Python code or directly from templating engine (if you register it) - very handy.
Check webapp2.Router.build() in the API reference for a complete explanation of the parameters used to build URIs.
Related
I can get my signalr code to connect + work no problem in my local environment by setting host with web url
"Host": {
"LocalHttpPort": 7070,
"CORS": "http://localhost:4200",
"CORSCredentials": true
}
Then I deploy it to the portal and go to CORS and add the web url that my storage blob static website is hosted on inside CORS for the signalr function app. When I login to my app with the web url matching cors value I get this for some reason
Also according to the docs (bottom part of page) I have to enable Access-Control-Allow-Crendentials
but it seems that a function app running on python doesn't have that option
How can I enable Access-Control-Allow-Crendentials in a python function app?
Yes, there is no way to set it on azure portal. Not only 'Access-Control-Allow-Crendentials', but also many other config settings cannot set by using azure portal when you are based on linux web app.
To achieve that you want, you can use below cmd in powershell:(It works when you are based on azure web app. azure function is based on web app sandbox, so below cmd also works on function.)
az resource update --name web --resource-group yourresoursegroupname --namespace Microsoft.Web --resource-type config --parent sites/yourfunctionname --set properties.cors.supportCredentials=true
This is the offcial doc:
https://learn.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-rest-api#enable-cors
If your app requires credentials such as cookies or authentication
tokens to be sent, the browser may require the
ACCESS-CONTROL-ALLOW-CREDENTIALS header on the response. To enable
this in App Service, set properties.cors.supportCredentials to true in
your CORS config. This cannot be enabled when allowedOrigins includes
'*'.
On my side, I can change the config setting. Let me know whether you can change the config.:)
I'm trying to set up Google sign-in using Flask dance for a flask based website:
from flask_dance.contrib.google import make_google_blueprint, google
blueprint = make_google_blueprint(
client_id= "CLIENT_ID",
client_secret="CLIENT_SECRET",
scope=[
"https://www.googleapis.com/auth/plus.me",
"https://www.googleapis.com/auth/userinfo.email",
]
)
app.register_blueprint(blueprint, url_prefix="/google_login")
And as the documentation suggests, I have the view set up like this:
#app.route('/google_login')
def google_login():
if not google.authorized:
return redirect(url_for("google.login"))
resp = google.get("/oauth2/v2/userinfo")
assert resp.ok, resp.text
return "You are {email} on Google".format(email=resp.json()["email"])
When I was testing I set the environment variable, OAUTHLIB_INSECURE_TRANSPORT to 1 by using
export OAUTHLIB_INSECURE_TRANSPORT=1
And now even after I've removed the environment variable, for some reason the Flaskdance seems to always resolve the URI to a http instead of HTTPS.
This is evident from the redirect uri mismatch error I'm getting (here website refers to the domain name):
The redirect URI in the request,
http://"website"/google_login/google/authorized, does not match
the ones authorized for the OAuth client.
And here are the authorized redirect URIs I've set up in my Google cloud console:
https://"website"/google_login/google/authorized
https://www."website"/google_login/google/authorized
I tried unsetting the environment variable using this command:
unset OAUTHLIB_INSECURE_TRANSPORT
What am I missing here? Any help would be appreciated.
If Flask-Dance is generating http URLs instead of https, that indicates that Flask (not Flask-Dance, but Flask itself) is confused about whether the incoming request is an https request or not. Flask-Dance has some documentation about how to resolve this problem, and the most likely cause is a proxy server that handles the HTTPS separately from your application server.
The fix is to use a middleware like werkzeug's ProxyFix to teach Flask that it's behind a proxy server. Here's how you can use it:
from werkzeug.middleware.proxy_fix import ProxyFix
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1)
I had the same problem and in my case adding this to my Apache VirtualHost config solved it:
RequestHeader set X-Forwarded-Proto "https"
My Flask is running behind an Apache proxy but Nginx would also have similar issues, potentially.
I'm building a Flask application and I would like to know if there is an arg on module start_http_server (from prometheus_client) that allow me to set a specific metrics endpoint instead /.
Thanks!
When using the Prometheus client with flask, you don't need to start the http server on your own but you can enable the wsgi middleware and specify the route you want to serve your metrics on your existing app.
app = Flask(__name__)
app_dispatch = DispatcherMiddleware(app, {
'/metrics': make_wsgi_app()
})
For the full example how to do this, just check out the python prometheus_client docs on flask.
I would like to find a way to restrict a view (request handler) to only be called from within the Google App Engine internal network from within my view and not within app.yaml.
For example, I have a view to handle inbound email within my Flask application
#app.route('/_ah/mail/notifications#example.appspotmail.com', methods=['POST'])
def inbound_notification_email():
from google.appengine.api import mail
message = mail.InboundEmailMessage(request.data)
...
return '' # 200 OK
While I know I could put all my mail handlers in their own file / wsgi instance like so:
handlers:
- url: /_ah/mail/.+
script: inbound_mail.app
login: admin
I would prefer not to have to do this as I'm using Flask instead of Webapp. Right now the request works as setup above, but it is exposed to the world.
Inspecting the request to my inbound_notification_email() view, I see X-App-Country in the request header is set to ZZ and the request's remote address is 0.1.0.20. I know the 0.x.x.x IP range is IANA reserved for local networks so it seems logical that checking if request.remote_address starts with "0." would work, but I'm not sure if all internal requests within App Engine are always handled this way (push queues and xmpp come to mind).
One thing I was surprised to see was users.is_current_user_admin() returns False within inbound_notification_mail() even though you're to set login: admin when using Webapp.
Can python cgi scripts write and read data to the session? If so how? Is there a high-level API or must I roll my own classes?
There's no "session" on cgi. You must roll your own session handling code if you're using raw cgi.
Basically, sessions work by creating a unique cookie number and sending it on a response header to the client, and then checking for this cookie on every connection. Store the session data somewhere on the server (memory, database, disk) and use the cookie number as a key to retrieve it on every request made by the client.
However cgi is not how you develop applications for the web in python. Use wsgi. Use a web framework.
Here's a quick example using cherrypy. cherrypy.tools.sessions is a cherrypy tool that handles cookie setting/retrieving and association with data automatically:
import cherrypy
class HelloSessionWorld(object):
#cherrypy.tools.sessions()
def index(self):
if 'data' in cherrypy.session:
return "You have a cookie! It says: %r" % cherrypy.session['data']
else:
return "You don't have a cookie. <a href='getcookie'>Get one</a>."
index.exposed = True
#cherrypy.tools.sessions()
def getcookie(self):
cherrypy.session['data'] = 'Hello World'
return "Done. Please <a href='..'>return</a> to see it"
getcookie.exposed = True
application = cherrypy.tree.mount(HelloSessionWorld(), '/')
if __name__ == '__main__':
cherrypy.quickstart(application)
Note that this code is a wsgi application, in the sense that you can publish it to any wsgi-enabled web server (apache has mod_wsgi). Also, cherrypy has its own wsgi server, so you can just run the code with python and it will start serving on http://localhost:8080/
My 'low-cost' web hosting plan don't permit use wsgi. The 'mod_wsgi' apache module can't be used because is a shared apache server. I am developing my own class.
To not start from zero, I am experimenting the implementation of a session class available in this site: http://cgi.tutorial.codepoint.net/a-session-class