Portal¶

Portal module

portal.factories.app.configure_app(app, config)¶: Load successive configs - overriding defaults

portal.factories.app.configure_blueprints(app, blueprints)¶: Register blueprints with application

portal.factories.app.configure_cache(app)¶: Configure requests-cache

portal.factories.app.configure_csrf(app)¶

Initialize CSRF protection

See csrf.csrf_protect() for implementation. Not using default as OAuth API use needs exclusion.

portal.factories.app.configure_dogpile(app)¶: Initialize dogpile cache with config values

portal.factories.app.configure_extensions(app)¶: Bind extensions to application

portal.factories.app.configure_healthcheck(app)¶: Configure the API used to check the health of our dependencies

portal.factories.app.configure_logging(app)¶: Configure logging.

portal.factories.app.configure_metadata(app)¶: Add distribution metadata for display in templates

portal.factories.app.create_app(config=None, app_name=None, blueprints=None)¶: Returns the configured flask app

AUDIT module

Maintain a log exclusively used for recording auditable events.

Any action deemed an auditable event should make a call to auditable_event()

Audit data is also persisted in the database audit table.

portal.audit.auditable_event(message, user_id, subject_id, context='other')¶

Record auditable event

message: The message to record, i.e. “log in via facebook” user_id: The authenticated user id performing the action subject_id: The user id upon which the action was performed

portal.audit.configure_audit_log(app)¶

Configure audit logging.

The audit log is only active when running as a service (not during database updates, etc.) It should only received auditable events and never be rotated out.

Extensions used at application level

Generally the objects instantiated here are needed for imports throughout the system, but require factory pattern initialization once the flask app comes to life.

Defined here to break the circular dependencies. See app.py for additional configuration of most objects defined herein.

class portal.extensions.OAuthOrAlternateAuth(app=None)¶

Specialize OAuth2Provider with alternate authorization

require_oauth(*scopes)¶

Specialze the superclass decorator with alternates

This method is intended to be in lock step with the super class, with the following two exceptions:

if actively “TESTING”, skip oauth and return the function, effectively undecorated.
if the user appears to be locally logged in (i.e. browser session cookie with a valid user.id), return the effecively undecorated function.

Namespace module to house system URIs for use in FHIR