Maciej Pienczyn
66856a697d
Phase 1 of app.py refactoring - reducing from ~14,455 to ~13,699 lines.
New structure:
- blueprints/reports/ - 4 routes (/raporty/*)
- blueprints/community/contacts/ - 6 routes (/kontakty/*)
- blueprints/community/classifieds/ - 4 routes (/tablica/*)
- blueprints/community/calendar/ - 3 routes (/kalendarz/*)
- utils/ - decorators, helpers, notifications, analytics
- extensions.py - Flask extensions (csrf, login_manager, limiter)
- config.py - environment configurations
Updated templates with blueprint-prefixed url_for() calls.
⚠️ DO NOT DEPLOY before presentation on 2026-01-30 19:00
Tested on DEV: all endpoints working correctly.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
97 lines
2.5 KiB
Python
97 lines
2.5 KiB
Python
"""
|
|
Flask Configuration
|
|
===================
|
|
|
|
Configuration classes for different environments.
|
|
"""
|
|
|
|
import os
|
|
from datetime import timedelta
|
|
|
|
|
|
class Config:
|
|
"""Base configuration with common settings."""
|
|
|
|
# Security: Require strong SECRET_KEY
|
|
SECRET_KEY = os.getenv('SECRET_KEY')
|
|
|
|
# Session configuration
|
|
PERMANENT_SESSION_LIFETIME = timedelta(days=7)
|
|
|
|
# CSRF configuration
|
|
WTF_CSRF_ENABLED = True
|
|
WTF_CSRF_TIME_LIMIT = None # No time limit for CSRF tokens
|
|
|
|
# Cookie security
|
|
SESSION_COOKIE_HTTPONLY = True
|
|
SESSION_COOKIE_SAMESITE = 'Lax'
|
|
|
|
# Rate limiting
|
|
RATELIMIT_STORAGE_URI = "memory://"
|
|
RATELIMIT_DEFAULT = ["200 per day", "50 per hour"]
|
|
|
|
@staticmethod
|
|
def init_app(app):
|
|
"""Initialize application-specific configuration."""
|
|
pass
|
|
|
|
|
|
class DevelopmentConfig(Config):
|
|
"""Development environment configuration."""
|
|
|
|
DEBUG = True
|
|
SESSION_COOKIE_SECURE = False # Allow HTTP in development
|
|
|
|
# Try Redis for rate limiting, fallback to memory
|
|
@staticmethod
|
|
def init_app(app):
|
|
try:
|
|
import redis
|
|
redis_client = redis.Redis(host='localhost', port=6379, db=0)
|
|
redis_client.ping()
|
|
app.config['RATELIMIT_STORAGE_URI'] = "redis://localhost:6379/0"
|
|
except Exception:
|
|
app.config['RATELIMIT_STORAGE_URI'] = "memory://"
|
|
|
|
|
|
class ProductionConfig(Config):
|
|
"""Production environment configuration."""
|
|
|
|
DEBUG = False
|
|
SESSION_COOKIE_SECURE = True # HTTPS only
|
|
|
|
@staticmethod
|
|
def init_app(app):
|
|
# Use Redis for persistent rate limiting across restarts
|
|
try:
|
|
import redis
|
|
redis_client = redis.Redis(host='localhost', port=6379, db=0)
|
|
redis_client.ping()
|
|
app.config['RATELIMIT_STORAGE_URI'] = "redis://localhost:6379/0"
|
|
except Exception:
|
|
import logging
|
|
logging.warning("Redis unavailable, rate limiter using memory storage")
|
|
app.config['RATELIMIT_STORAGE_URI'] = "memory://"
|
|
|
|
|
|
class TestingConfig(Config):
|
|
"""Testing environment configuration."""
|
|
|
|
TESTING = True
|
|
WTF_CSRF_ENABLED = False
|
|
SESSION_COOKIE_SECURE = False
|
|
|
|
|
|
config = {
|
|
'development': DevelopmentConfig,
|
|
'production': ProductionConfig,
|
|
'testing': TestingConfig,
|
|
'default': DevelopmentConfig
|
|
}
|
|
|
|
|
|
def get_config():
|
|
"""Get configuration class based on FLASK_ENV environment variable."""
|
|
env = os.getenv('FLASK_ENV', 'development')
|
|
return config.get(env, config['default'])
|