Clever Geek Handbook

How do I add a security context to a flask?

I was trying to add security context to a simple flask app

import flask
import ssl

app = flask.Flask(__name__)


@app.route('/', methods=['GET'])
def home():
    return "<h1>THIS IS HOME</h1>"


ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
ctx.load_cert_chain('crt-key-crs/download-system.crt', 'crt-key-crs/download-system.key')

if __name__ == '__main__':
    app.run(debug=True, use_reloader=False, ssl_context=ctx)

and the following error occurred on startup after entering the pass phrase:

Traceback (most recent call last):
  File "flask-test.py", line 16, in <module>
    app.run(debug=True, use_reloader=False, ssl_context=ctx)
  File "/usr/lib/python3/dist-packages/flask/app.py", line 772, in run
    run_simple(host, port, self, **options)
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 710, in run_simple
    inner()
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 692, in inner
    passthrough_errors, ssl_context).serve_forever()
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 486, in make_server
    passthrough_errors, ssl_context)
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 425, in __init__
    self.socket = tsafe.Connection(ssl_context, self.socket)
  File "/usr/lib/python3/dist-packages/OpenSSL/tsafe.py", line 11, in __init__
    self._ssl_conn = apply(_ssl.Connection, args)
NameError: name 'apply' is not defined

Then I found in the docs that applied (function, * args, ** kwargs) was replaced by the function (* args, ** kwargs), so I went to the file /usr/lib/python3/dist-packages/OpenSSL/tsafe.py

and manually changed that line and the following error appeared on startup again:

Traceback (most recent call last):
  File "flask-test.py", line 16, in <module>
    app.run(debug=True, use_reloader=False, ssl_context=ctx)
  File "/usr/lib/python3/dist-packages/flask/app.py", line 772, in run
    run_simple(host, port, self, **options)
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 710, in run_simple
    inner()
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 692, in inner
    passthrough_errors, ssl_context).serve_forever()
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 486, in make_server
    passthrough_errors, ssl_context)
  File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 425, in __init__
    self.socket = tsafe.Connection(ssl_context, self.socket)
  File "/usr/lib/python3/dist-packages/OpenSSL/tsafe.py", line 11, in __init__
    self._ssl_conn = _ssl.Connection(*args)
  File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 804, in __init__
    raise TypeError("context must be a Context instance")
TypeError: context must be a Context instance

After that, and knowing that apply has been completely removed from python3.x, I run my application with python2.7.9 to check if I did something wrong when that line changed, and apparently I didn't, because that the same mistake was repeated. So what do I need to do or change in my code in order to use the security context with my flash application? Thanks in advance.

+3


source to share


1 answer


After a lot of searching and testing, I found the code is fine, the problem was with the Werkzeug server version. I updated sudo pip3 install Werkzeug --upgrade

and now it works fine.



+2


source






More articles:


All Articles