Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
securelearn/helpers.py
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
85 lines (68 sloc)
3.21 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import logging | |
from datetime import datetime, timezone | |
from models.PageView import PageView | |
def custom_logger(name, log_file, level=logging.INFO): | |
""" | |
Returns a new logger object with the given name and level. Needs to be run at root level of the project. | |
:param name: The name of the logger e.g. 'db_initialisation' | |
:param log_file: the filename to log, assuming it is already being placed in the logs/ directory e.g. 'db_init.log' | |
:param level: the level of logging e.g. logging.INFO. Defaults to logging.INFO | |
:return: A configured Python logger object | |
""" | |
script_dir = os.path.dirname(os.path.abspath(__file__)) # C:\...\securelearn\helpers.py | |
logs_dir = os.path.join(script_dir, 'logs') # C:\...\securelearn\logs | |
if not os.path.exists(logs_dir): | |
os.makedirs(logs_dir) | |
console_out = logging.StreamHandler() | |
console_out.setLevel(level) | |
handler = logging.FileHandler(os.path.join(logs_dir, log_file)) | |
handler.setLevel(level) | |
formatter = logging.Formatter(' [%(asctime)s] [%(levelname)s] in %(module)s: %(message)s', | |
datefmt='%Y-%m-%d %H:%M:%S') | |
handler.setFormatter(formatter) | |
logger = logging.getLogger(name) | |
if not logger.handlers: | |
logger.setLevel(level) | |
logger.addHandler(handler) | |
logger.addHandler(console_out) | |
return logger | |
def add_pageview(db, current_user, request, response): | |
""" | |
Adds a page view to the database for tracking user activity. | |
:param response: the response object from flask to get the status code | |
:param db: SQLalchemy database object | |
:param current_user: the current_user object from flask_login | |
:param request: the request object from flask to get the ip, page and method | |
:return: true if successful, false if not | |
""" | |
# Only tracking page views for registered users | |
if current_user.is_authenticated: | |
user_id = current_user.id | |
# print(f'User {user_id} viewed {page}') | |
else: | |
return False | |
page = request.path | |
method = request.method | |
timestamp = datetime.now(timezone.utc) | |
status = response.status_code | |
ip = request.remote_addr | |
try: | |
db.session.add(PageView(user_id=user_id, page=page, timestamp=timestamp, method=method, status=status, ip=ip)) | |
db.session.commit() | |
return True | |
except Exception as e: | |
logger = custom_logger('pageview', 'pageview.log', level=logging.ERROR) | |
logger.error(f'Error adding page view to pageviews table: {e}') | |
return False | |
def load_deny_list(): | |
""" | |
Loads an open-source list of common passwords into a set. The list is sourced from https://github.com/dropbox/zxcvbn/blob/master/data/passwords.txt. Note that the better way would be to use something like zxcvbn-python but today is Sunday and need to get this done for the report, in fact why on earth am I even writing this? I should be writing the report. | |
:return: a set containing strings of common passwords | |
""" | |
deny_list = set() | |
with open("common_passwords.txt", 'r') as file: | |
for line in file: | |
password = line.split()[0] # We only need the password, not the count. | |
deny_list.add(password) | |
return deny_list |