77 lines
2.9 KiB
Python
77 lines
2.9 KiB
Python
import os
|
|
from flask import Flask
|
|
from flask_sqlalchemy import SQLAlchemy
|
|
from flask_login import LoginManager
|
|
from flask_migrate import Migrate
|
|
from werkzeug.middleware.proxy_fix import ProxyFix
|
|
|
|
db = SQLAlchemy()
|
|
login_manager = LoginManager()
|
|
migrate = Migrate()
|
|
|
|
|
|
def create_app():
|
|
app = Flask(__name__, template_folder='templates', static_folder='static')
|
|
|
|
# Config
|
|
app.config['SECRET_KEY'] = os.environ['SECRET_KEY']
|
|
app.config['SQLALCHEMY_DATABASE_URI'] = os.environ['DATABASE_URL']
|
|
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
|
|
app.config['BASE_URL'] = os.environ.get('BASE_URL', 'http://localhost')
|
|
app.config['ORG_NAME'] = os.environ.get('ORG_NAME', 'GO! Scholengroep')
|
|
|
|
# OAuth2 config (voor later)
|
|
app.config['MICROSOFT_CLIENT_ID'] = os.environ.get('MICROSOFT_CLIENT_ID')
|
|
app.config['MICROSOFT_CLIENT_SECRET'] = os.environ.get('MICROSOFT_CLIENT_SECRET')
|
|
app.config['MICROSOFT_TENANT_ID'] = os.environ.get('MICROSOFT_TENANT_ID', 'common')
|
|
app.config['GOOGLE_CLIENT_ID'] = os.environ.get('GOOGLE_CLIENT_ID')
|
|
app.config['GOOGLE_CLIENT_SECRET'] = os.environ.get('GOOGLE_CLIENT_SECRET')
|
|
|
|
# ProxyFix: Flask zit achter nginx als reverse proxy.
|
|
# x_for=1, x_proto=1 zorgt dat Flask de echte client IP en https ziet.
|
|
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1)
|
|
|
|
# Extensions
|
|
db.init_app(app)
|
|
migrate.init_app(app, db)
|
|
login_manager.init_app(app)
|
|
login_manager.login_view = 'auth.login'
|
|
login_manager.login_message = 'Gelieve in te loggen.'
|
|
|
|
# Import models (zodat Flask-Migrate ze kent)
|
|
from models import User, School, SchoolYear, Class, TeacherClass, Assessment
|
|
|
|
@login_manager.user_loader
|
|
def load_user(user_id):
|
|
return User.query.get(int(user_id))
|
|
|
|
# Blueprints registreren
|
|
from routes.auth import auth_bp
|
|
from routes.api import api_bp
|
|
from routes.admin import admin_bp
|
|
from routes.pages import pages_bp
|
|
|
|
app.register_blueprint(auth_bp, url_prefix='/auth')
|
|
app.register_blueprint(api_bp, url_prefix='/api')
|
|
app.register_blueprint(admin_bp, url_prefix='/admin')
|
|
app.register_blueprint(pages_bp)
|
|
|
|
# ── Auditlog cleanup (1 jaar bewaren) ─────────────────────────────────────
|
|
@app.cli.command('cleanup-audit')
|
|
def cleanup_audit():
|
|
"""Verwijder auditlog entries ouder dan 1 jaar. Voer uit via cron of handmatig."""
|
|
from models import AuditLog
|
|
from datetime import datetime, timedelta
|
|
cutoff = datetime.utcnow() - timedelta(days=365)
|
|
deleted = AuditLog.query.filter(AuditLog.timestamp < cutoff).delete()
|
|
db.session.commit()
|
|
print(f"Verwijderd: {deleted} audit entries ouder dan {cutoff.date()}")
|
|
|
|
return app
|
|
|
|
|
|
app = create_app()
|
|
|
|
if __name__ == '__main__':
|
|
app.run(debug=True, host='0.0.0.0', port=5000)
|