-
Notifications
You must be signed in to change notification settings - Fork 451
/
Copy path__init__.py
51 lines (40 loc) · 1.43 KB
/
__init__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import os
import sqlite3
from pathlib import Path
from flask import Flask, g
DB_FILENAME = "database.db"
def query_db(query, args=(), one=False, commit=False):
with sqlite3.connect(DB_FILENAME) as conn:
# vulnerability: Sensitive Data Exposure
conn.set_trace_callback(print)
cur = conn.cursor().execute(query, args)
if commit:
conn.commit()
return cur.fetchone() if one else cur.fetchall()
def create_app():
app = Flask(__name__)
app.secret_key = "aeZ1iwoh2ree2mo0Eereireong4baitixaixu5Ee"
db_path = Path(DB_FILENAME)
if db_path.exists():
db_path.unlink()
conn = sqlite3.connect(DB_FILENAME)
create_table_query = """CREATE TABLE IF NOT EXISTS user
(id INTEGER PRIMARY KEY, username TEXT, password TEXT, access_level INTEGER)"""
conn.execute(create_table_query)
insert_admin_query = """INSERT INTO user (id, username, password, access_level)
VALUES (1, 'admin', 'maximumentropy', 0)"""
conn.execute(insert_admin_query)
conn.commit()
conn.close()
with app.app_context():
from . import actions
from . import auth
from . import status
from . import ui
from . import users
app.register_blueprint(actions.bp)
app.register_blueprint(auth.bp)
app.register_blueprint(status.bp)
app.register_blueprint(ui.bp)
app.register_blueprint(users.bp)
return app