Overwatch Web App Package (overwatch.webApp)

General information from the README is available immediately below. Further module specific documentation is available further below in the package reference, with the modules listed below.

Package reference

overwatch.webApp.auth module

Contains auth functions.

For user authentication, https://exploreflask.com/users.html was extensively used as a guide.

class overwatch.webApp.auth.User(username, password)[source]

Bases: flask_login.mixins.UserMixin

A basic user class to manage authentication.

Inherits from UserMixin, which implements a basic class for use with login_manger().

New users should be added into the external config file. This class provides no ability to store new users dynamically and assumes that passwords passed to it are already hashed by bcrypt.generate_password_hash(password, BCRYPT_LOG_ROUNDS).

The login_manager stores this class to manage users.

Note

There are also a few attributes inherited from UserMixin

Parameters:
  • username (str) – Username of new user
  • password (str) – Hashed password of new user. Password should be hashed with bcrypt.generate_password_hash(desiredPassword, BCRYPT_LOG_ROUNDS)
users

Contains all valid users with hashed passwords. Loaded from an extra config file.

Type:dict
id

The username of the instance of the object

Type:str
password

The password of the instance of the object. Note: This must be hashed by the user before passing to this object!

Type:str
checkPassword(plainTextPassword)[source]

Check a plain text password against a hashed password.

Parameters:plainTextPassword (str) – The plain text password to test.
Returns:True if the password matches the instance of the user.
Return type:bool
static getUser(username, db)[source]

Retrieve the username and password of a user.

Used by load_user() to maintain a logged in user session.

Parameters:username (str) – Username to retrieve
Returns:
Returns an instance of the User class if the user exists. Otherwise, it
returns None.
Return type:User
overwatch.webApp.auth.authenticateUser(username, password, db)[source]

Checks whether the user credentials are correct.

Parameters:
  • username (str) – username of the attempted user.
  • password (str) – plain text password of the attempted user.
Returns:

If the credentials were valid, an instance of the User class is returned so that the login_manager

can store that object and track which user is logged in. Otherwise, it returns None.
Return type:

User

overwatch.webApp.routing module

Contains routing functions.

Contains functions to ensure safe routing and redirection of the next URL. These functions are from http://flask.pocoo.org/snippets/62/, and were written by the author of Flask.

Slight modifications were made to redirectBack() to ensure that a login-logout loop was avoided under particular circumstances.

overwatch.webApp.routing.getRedirectTarget()[source]

Extracts the Next target and checks its safety.

Note

Relies on the flask.request object.

Parameters:None
Returns:URL if the target is safe.
Return type:str
overwatch.webApp.routing.isSafeUrl(target)[source]

Checks URL for safety to ensure that it does not redirect unexpectedly.

Note

Relies on the flask.request object.

Parameters:target (str) – URL for the target to test.
Returns:True if the URL is safe.
Return type:bool
overwatch.webApp.routing.redirectBack(endpoint, **values)[source]

Handles safe redirection.

It extracts the value of Next from flask.request. If the target is not safe, then redirect back to endpoint instead.

Note

Relies on the request.form dict.

Parameters:
  • endpoint (str) – Where to redirect in case the Next url is not safe
  • **values (dict) – Arguments to pass to url_for() in case of needing to redirect to endpoint instead.
Returns:

Redirect is called on the next URL if it is safe. Redirects to the

given endpoint if the URL is not safe.
Return type:

redirect to NextUrl