linotp.settings module¶
- class linotp.settings.Config¶
Bases:
object- ACTIVE_SECURITY_MODULE = 'default'¶
- ADMIN_PASSWORD = ''¶
- ADMIN_REALM_NAME = 'linotp_admins'¶
- ADMIN_RESOLVER_NAME = 'LinOTP_local_admins'¶
- ADMIN_USERNAME = ''¶
- AUDIT_DATABASE_URI = 'SHARED'¶
- AUDIT_ERROR_ON_TRUNCATION = False¶
- AUDIT_PRIVATE_KEY_FILE = 'audit-private.pem'¶
- AUDIT_PUBLIC_KEY_FILE = 'audit-public.pem'¶
- BABEL_DOMAIN = 'linotp'¶
- BABEL_TRANSLATION_DIRECTORIES = 'i18n'¶
- BACKUP_DIR = 'backup'¶
- BACKUP_FILE_TIME_FORMAT = '%Y-%m-%d_%H-%M'¶
- BEAKER_CACHE_TYPE = 'memory'¶
- CACHE_DIR = 'cache'¶
- CUSTOM_TEMPLATES_DIR = None¶
- DATABASE_URI = 'sqlite:///{}'¶
- DISABLE_CONTROLLERS = 'gettoken'¶
- ENABLE_CONTROLLERS = 'ALL'¶
- GET_CLIENT_ADDRESS_FROM_POST_DATA = True¶
- HELP_URL = 'https://linotp.org/doc/{0}/index.html'¶
- HSM_DEFAULT_CONFIG = {'configHandle': 1, 'crypted': 'FALSE', 'defaultHandle': 0, 'module': 'linotp.lib.security.default.DefaultSecurityModule', 'poolsize': 20, 'tokenHandle': 2, 'valueHandle': 3}¶
- HSM_PKCS11_CONFIG = {'configHandle': None, 'configLabel': '', 'defaultHandle': None, 'defaultLabel': 'default', 'library': 'libCryptoki2_64.so', 'module': 'linotp.lib.security.pkcs11.Pkcs11SecurityModule', 'password': '<your password>', 'poolsize': 10, 'slotid': 0, 'tokenHandle': None, 'tokenLabel': '', 'valueHandle': None, 'valueLabel': ''}¶
- JWT_ACCESS_TOKEN_EXPIRES = 900¶
- JWT_ACCESS_TOKEN_REFRESH = 300¶
- JWT_BLACKLIST_ENABLED = True¶
- JWT_CSRF_CHECK_FORM = True¶
- JWT_SECRET_ITERATIONS = 500000¶
- JWT_SESSION_COOKIE = False¶
- JWT_TOKEN_LOCATION = 'cookies'¶
- LOGGING_LEVEL = 'WARNING'¶
- LOG_CONFIG = None¶
- LOG_CONSOLE_LEVEL = 'DEBUG'¶
- LOG_CONSOLE_LINE_FORMAT = '%(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]'¶
- LOG_FILE_DIR = 'logs'¶
- LOG_FILE_LEVEL = 'DEBUG'¶
- LOG_FILE_LINE_FORMAT = '%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]'¶
- LOG_FILE_MAX_LENGTH = 10485760¶
- LOG_FILE_MAX_VERSIONS = 10¶
- LOG_FILE_NAME = 'linotp.log'¶
- LOG_LEVEL = 'WARNING'¶
- LOG_LEVEL_DB_CLIENT = 'WARNING'¶
- MAINTENANCE_VERIFY_CLIENT_ENV_VAR = ''¶
- MAKO_DEFAULT_FILTERS = ['h']¶
- MAKO_TRANSLATE_EXCEPTIONS = False¶
- PROFILE = False¶
- RADIUS_NAS_IDENTIFIER = 'LinOTP'¶
- ROOT_DIR = ''¶
- SECRET_FILE = 'encKey'¶
- SESSION_COOKIE_SECURE = True¶
- SITE_ROOT_REDIRECT = ''¶
- SQLALCHEMY_TRACK_MODIFICATIONS = False¶
- TLS_CA_CERTIFICATES_FILE = '/etc/ssl/certs/ca-certificates.crt'¶
- TOKEN_MODULES = ''¶
- TRUSTED_PROXIES = []¶
- static init_app(app)¶
- class linotp.settings.ConfigItem(name: str, type: ~typing.Type = <class 'str'>, convert: ~typing.Optional[~typing.Callable[[str], ~typing.Type]] = None, validate: ~typing.Optional[~typing.Callable[[str, ~typing.Any], None]] = None, default: ~typing.Optional[~typing.Any] = None, help: str = '')¶
Bases:
objectThis class represents individual configuration settings. A ConfigSchema is basically a dictionary of ConfigItem instances.
- convert: Callable[[str], Type] = None¶
- default: Any = None¶
- help: str = ''¶
- name: str¶
- type¶
alias of
str
- validate: Callable[[str, Any], None] = None¶
- class linotp.settings.ConfigSchema(schema=None, refuse_unknown=False)¶
Bases:
objectThis class represents a complete schema of configuration settings.
- as_dict()¶
Return the names and default values of the schema as a dictionary. This is useful to populate the configuration with initial values without having to repeat any of the defaults.
- check_item(key, value)¶
Converts a new value for a configuration item to the proper type (according to the ConfigItem data structure for the item) and also applies the validate function if one is defined for the item. We’re only doing the type conversion if the type of the value parameter is str; if people are using different types in their configuration files we assume that they know what they’re doing.
- find_item(key)¶
Returns the ConfigItem instance for the configuration item called key if it exists, otherwise None.
- items()¶
Return the names and schema items of the schema as a dictionary (generator really). Note that this is similar but not identical to the .as_dict() method.
- class linotp.settings.DevelopmentConfig¶
Bases:
Config- DATABASE_URI = 'sqlite:////usr/lib/python3/dist-packages/linotp-dev.sqlite'¶
- DEBUG = True¶
- LOG_FILE_LEVEL = 'DEBUG'¶
- LOG_LEVEL = 'DEBUG'¶
- SESSION_COOKIE_SECURE = False¶
- exception linotp.settings.LinOTPConfigKeyError¶
Bases:
KeyErrorUsed for LinOTP configuration items with invalid names.
- exception linotp.settings.LinOTPConfigValueError¶
Bases:
ValueErrorUsed for out-of-range errors etc. with LinOTP configuration items.
- class linotp.settings.ProductionConfig¶
Bases:
Config- DATABASE_URI = 'sqlite:////usr/lib/python3/dist-packages/linotp.sqlite'¶
- SESSION_COOKIE_SECURE = True¶
- class linotp.settings.TestingConfig¶
Bases:
Config- DATABASE_URI = 'sqlite:////usr/lib/python3/dist-packages/linotp-test.sqlite'¶
- LOG_LEVEL = 'DEBUG'¶
- SESSION_COOKIE_SECURE = False¶
- TESTING = True¶
- linotp.settings.check_absolute_pathname()¶
Factory function that will return a function that ensures that value is an absolute path name. Used to check ROOT_DIR.
- linotp.settings.check_int_in_range(min=None, max=None)¶
Factory function that will return a function that ensures that min <= value <= max. If min or max are not given, the practically default to “negative infinity” and “positive infinity”, respectively.
- linotp.settings.check_json_schema(schema={})¶
Factory function that will return a function that ensures that value agrees to the schema
- linotp.settings.check_membership(allowed={})¶
Factory function that will return a function that ensures that value is contained in allowed (the set of allowed values).