Merge branch 'raunz-session_type_sqlalchemy' into dev

configs/development.py

@@ -24,7 +24,7 @@ CAPTCHA_SESSION_KEY = 'captcha_image'
 
 #Server side sessions tracking
 #Set to TRUE for CAPTCHA, or enable another stateful session tracking system
-FILESYSTEM_SESSIONS_ENABLED = True
+SESSION_TYPE = 'sqlalchemy'
 
 ### DATABASE - MySQL
 #SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(

configs/docker_config.py

@@ -4,7 +4,7 @@ PORT = 80
 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True
-FILESYSTEM_SESSIONS_ENABLED = True
+SESSION_TYPE = 'sqlalchemy'
 
 legal_envvars = (
     'SECRET_KEY',
@@ -27,6 +27,7 @@ legal_envvars = (
     'SALT',
     'SQLALCHEMY_TRACK_MODIFICATIONS',
     'SQLALCHEMY_DATABASE_URI',
+    'SQLALCHEMY_ENGINE_OPTIONS',
     'MAIL_SERVER',
     'MAIL_PORT',
     'MAIL_DEBUG',
@@ -68,7 +69,7 @@ legal_envvars = (
     'LDAP_ENABLED',
     'SAML_CERT',
     'SAML_KEY',
-    'FILESYSTEM_SESSIONS_ENABLED',
+    'SESSION_TYPE',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
     'CAPTCHA_ENABLE',
@@ -93,20 +94,30 @@ legal_envvars_bool = (
     'SIGNUP_ENABLED',
     'LOCAL_DB_ENABLED',
     'LDAP_ENABLED',
-    'FILESYSTEM_SESSIONS_ENABLED',
     'SESSION_COOKIE_SECURE',
     'CSRF_COOKIE_SECURE',
     'CAPTCHA_ENABLE',
 )
 
+legal_envvars_dict = (
+    'SQLALCHEMY_ENGINE_OPTIONS',
+)
+
 # import everything from environment variables
 import os
 import sys
-
+import json
 
 def str2bool(v):
     return v.lower() in ("true", "yes", "1")
 
+def dictfromstr(v,ret):
+    try:
+        return json.loads(ret)
+    except Exception as e:
+        print('Cannot parse json {} for variable {}'.format(ret, v))
+        print(e)
+        raise ValueError
 
 for v in legal_envvars:
 
@@ -130,4 +141,6 @@ for v in legal_envvars:
             ret = str2bool(ret)
         if v in legal_envvars_int:
             ret = int(ret)
+        if v in legal_envvars_dict:
+            ret = dictfromstr(v, ret)
         sys.modules[__name__].__dict__[v] = ret

docs/wiki/configuration/Environment-variables.md

@@ -4,7 +4,7 @@
 | ---------| ----------- | -------- | ------------- |
 | BIND_ADDRESS | 
 | CSRF_COOKIE_SECURE | 
-| FILESYSTEM_SESSIONS_ENABLED | 
+| SESSION_TYPE | null|filesystem|sqlalchemy |  | filesystem | 
 | LDAP_ENABLED | 
 | LOCAL_DB_ENABLED | 
 | LOG_LEVEL | 
@@ -57,6 +57,8 @@
 | SESSION_COOKIE_SECURE | 
 | SIGNUP_ENABLED | 
 | SQLALCHEMY_DATABASE_URI | SQL Alchemy URI to connect to database | N | no default |
-| SQLALCHEMY_TRACK_MODIFICATIONS | 
+| SQLALCHEMY_TRACK_MODIFICATIONS |
+| SQLALCHEMY_ENGINE_OPTIONS | json string. e.g. '{"pool_recycle":600,"echo":1}' [^2] |
 
 [^1]: Flask secret key (see https://flask.palletsprojects.com/en/1.1.x/config/#SECRET_KEY for how to generate)
+[^2]: See Flask-SQLAlchemy Documentation for all engine options.

powerdnsadmin/__init__.py

@@ -56,10 +56,15 @@ def create_app(config=None):
         _sslify = SSLify(app)  # lgtm [py/unused-local-variable]
 
     # Load Flask-Session
-    if app.config.get('FILESYSTEM_SESSIONS_ENABLED'):
-        app.config['SESSION_TYPE'] = 'filesystem'
-        sess = Session()
-        sess.init_app(app)
+    app.config['SESSION_TYPE'] = app.config.get('SESSION_TYPE')
+    if 'SESSION_TYPE' in os.environ:
+        app.config['SESSION_TYPE'] = os.environ.get('SESSION_TYPE')
+
+    sess = Session(app)
+
+    # create sessions table if using sqlalchemy backend
+    if os.environ.get('SESSION_TYPE') == 'sqlalchemy':
+        sess.app.session_interface.db.create_all()
 
     # SMTP
     app.mail = Mail(app)

powerdnsadmin/default_config.py

@@ -8,7 +8,8 @@ SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
 BIND_ADDRESS = '0.0.0.0'
 PORT = 9191
 HSTS_ENABLED = False
-FILESYSTEM_SESSIONS_ENABLED = True
+
+SESSION_TYPE = 'sqlalchemy'
 SESSION_COOKIE_SAMESITE = 'Lax'
 CSRF_COOKIE_HTTPONLY = True