-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathexample.py
More file actions
72 lines (57 loc) · 2.64 KB
/
Copy pathexample.py
File metadata and controls
72 lines (57 loc) · 2.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
'''
Working example usage based on README.md. No python deps required. Just run it.
'''
import getpass
from cincoconfig import *
# first, define the configuration's schema -- the fields available that
# customize the application's or library's behavior
schema = Schema()
schema.mode = ApplicationModeField(default='production')
# nested configurations are built on the fly
# http is now a subconfig
schema.http.port = PortField(default=8080, required=True)
# each field has its own validation rules that are run anytime the config
# value is loaded from disk or modified by the user.
# here, this field only accepts IPv4 network addresses and the user is
# required to define this field in the configuration file.
schema.http.address = IPv4AddressField(default='127.0.0.1', required=True)
schema.http.ssl.enabled = BoolField(default=False)
schema.http.ssl.cafile = FilenameField()
schema.http.ssl.keyfile = FilenameField()
schema.http.ssl.certfile = FilenameField()
schema.db.host = HostnameField(allow_ipv4=True, required=True, default='localhost')
schema.db.port = PortField(default=27017, required=True)
schema.db.name = StringField(default='my_app', required=True)
schema.db.user = StringField()
# some configuration values are sensitive, such as credentials, so
# cincoconfig provides config value encryption when the value is
# saved to disk via the SecureField
schema.db.password = SecureField()
# some configuration values are sensitive and do not need to be
# stored in the clear. For example, for a user's application access
# password. For this, cincoconfig provides ChallengeField where the
# value is securely stored as a hash
schema.app.admin_password = ChallengeField()
# once a schema is defined, build the actual configuration object
# that can load config files from disk and interact with the values
config = schema()
# print the set http port
print("Port:", config.http.port)
# set a config value manually
if config.mode == 'production':
config.db.name = config.db.name + '_production'
config.db.user = "admin"
config.db.password = "mydbpassword"
config.app.admin_password = getpass.getpass("Create your application access password: ")
# value is secure at runtime and when written to disk.
# The clear-text data is never stored for a challenge field.
print("Admin password hash: ", config.app.admin_password)
# Check a user's input against a ChallengeField
try:
config.app.admin_password.challenge(getpass.getpass("Enter the same password to test: "))
except ValueError:
print("That password didn't match! Access denied!")
else:
print("Password match! Challenge passed.")
print("Full config:")
print(config.dumps(format='json', pretty=True).decode())