new pandas resource

mattmakai · mattmakai · commit 7760b89f6a6a · 2020-10-29T09:38:22.000-04:00
diff --git a/content/pages/03-data/16-pandas.markdown b/content/pages/03-data/16-pandas.markdown
@@ -141,3 +141,9 @@ is a data structures and analysis library.
   [object-relational mapper (ORM)](/object-relational-mappers-orms.html)
   to load the data and perform analysis in pandas.
 
+* Real-world Excel spreadsheets are often a mess of unstructured data, so
+  this tutorial on 
+  [Reading Poorly Structured Excel Files with Pandas](https://pbpython.com/pandas-excel-range.html)
+  gives example code for extracting only part of a file as well
+  as reading ranges and tables.
+
diff --git a/content/pages/examples/flask/flask-app-immutabledict.markdown b/content/pages/examples/flask/flask-app-immutabledict.markdown
@@ -20,7 +20,7 @@ so that values cannot be modified after initially being set.
 and <a href="/flask-app-headers-examples.html">Headers</a>
 are several other callables with code examples from the same `flask.app` package.
 
-These topics are also useful while reading the `ImmutableDict` examples:
+You should read up on these subjects along with these `ImmutableDict` examples:
 
 * [web development](/web-development.html) and [web design](/web-design.html)
 * [Flask](/flask.html) and [web framework](/web-frameworks.html) concepts
diff --git a/content/pages/examples/flask/flask-ctx-after-this-request.markdown b/content/pages/examples/flask/flask-ctx-after-this-request.markdown
@@ -53,7 +53,11 @@ from .decorators import anonymous_user_required, auth_required, unauth_csrf
 from .forms import Form, Required, get_form_field_label
 from .quart_compat import get_quart_status
 from .signals import us_profile_changed, us_security_token_sent
-from .twofactor import is_tf_setup, tf_login
+from .twofactor import (
+    is_tf_setup,
+    tf_login,
+    tf_verify_validility_token,
+)
 from .utils import (
     _,
     SmsSenderFactory,
@@ -63,10 +67,6 @@ from .utils import (
     do_flash,
     find_user,
     get_identity_attributes,
-    get_post_login_redirect,
-    get_post_verify_redirect,
-    get_message,
-    get_url,
 
 
 ## ... source file abbreviated to get to after_this_request examples ...
@@ -127,30 +127,30 @@ def us_signin_send_code():
 ## ... source file abbreviated to get to after_this_request examples ...
 
 
-        else:
-            return redirect(get_post_login_redirect())
-
-    form_class = _security.us_signin_form
-
-    if request.is_json:
-        if request.content_length:
-            form = form_class(MultiDict(request.get_json()), meta=suppress_form_csrf())
-        else:
-            form = form_class(formdata=None, meta=suppress_form_csrf())
-    else:
-        form = form_class(meta=suppress_form_csrf())
-    form.submit.data = True
-
     if form.validate_on_submit():
+
         remember_me = form.remember.data if "remember" in form else None
-        if (
-            config_value("TWO_FACTOR")
-            and form.authn_via in config_value("US_MFA_REQUIRED")
-            and (config_value("TWO_FACTOR_REQUIRED") or is_tf_setup(form.user))
+        if config_value("TWO_FACTOR") and form.authn_via in config_value(
+            "US_MFA_REQUIRED"
         ):
-            return tf_login(
-                form.user, remember=remember_me, primary_authn_via=form.authn_via
+            if request.is_json and request.content_length:
+                tf_validity_token = request.get_json().get("tf_validity_token", None)
+            else:
+                tf_validity_token = request.cookies.get("tf_validity", default=None)
+
+            tf_validity_token_is_valid = tf_verify_validility_token(
+                tf_validity_token, form.user.fs_uniquifier
             )
+            if config_value("TWO_FACTOR_REQUIRED") or is_tf_setup(form.user):
+                if config_value("TWO_FACTOR_ALWAYS_VALIDATE") or (
+                    not tf_validity_token_is_valid
+                ):
+
+                    return tf_login(
+                        form.user,
+                        remember=remember_me,
+                        primary_authn_via=form.authn_via,
+                    )
 
 ~~        after_this_request(_commit)
         login_user(form.user, remember=remember_me, authn_via=[form.authn_via])
@@ -173,10 +173,10 @@ def us_signin_send_code():
         return redirect(get_post_login_redirect())
 
     form.passcode.data = None
-    return _security.render_template(
-        config_value("US_SIGNIN_TEMPLATE"),
-        us_signin_form=form,
-        available_methods=config_value("US_ENABLED_METHODS"),
+
+    if form.requires_confirmation and _security.requires_confirmation_error_view:
+        do_flash(*get_message("CONFIRMATION_REQUIRED"))
+        return redirect(get_url(_security.requires_confirmation_error_view))
 
 
 ## ... source file abbreviated to get to after_this_request examples ...
diff --git a/content/pages/examples/flask/flask-globals-current-app.markdown b/content/pages/examples/flask/flask-globals-current-app.markdown
@@ -1612,7 +1612,7 @@ logger = logging.getLogger(__name__)
 
 def generate_csrf(secret_key=None, token_key=None):
 
-    secret_key = _get_config(
+~~    secret_key = _get_config(
 ~~        secret_key, 'WTF_CSRF_SECRET_KEY', current_app.secret_key,
         message='A secret key is required to use CSRF.'
     )
@@ -1640,7 +1640,7 @@ def generate_csrf(secret_key=None, token_key=None):
 
 def validate_csrf(data, secret_key=None, time_limit=None, token_key=None):
 
-    secret_key = _get_config(
+~~    secret_key = _get_config(
 ~~        secret_key, 'WTF_CSRF_SECRET_KEY', current_app.secret_key,
         message='A secret key is required to use CSRF.'
     )
@@ -1887,6 +1887,7 @@ from .forms import (
 ## ... source file abbreviated to get to current_app examples ...
 
 
+    UnifiedSigninSetupForm,
     UnifiedSigninSetupValidateForm,
     UnifiedVerifyForm,
     us_send_security_token,
@@ -1899,7 +1900,6 @@ from .utils import (
     FsPermNeed,
     csrf_cookie_handler,
     default_want_json,
-    default_password_validator,
     get_config,
     get_identity_attribute,
     get_identity_attributes,
@@ -1927,6 +1927,7 @@ _default_config = {
     "FLASH_MESSAGES": True,
     "I18N_DOMAIN": "flask_security",
     "I18N_DIRNAME": pkg_resources.resource_filename("flask_security", "translations"),
+    "EMAIL_VALIDATOR_ARGS": None,
     "PASSWORD_HASH": "bcrypt",
     "PASSWORD_SALT": None,
     "PASSWORD_SINGLE_HASH": {
@@ -1936,20 +1937,11 @@ _default_config = {
         "django_pbkdf2_sha1",
         "django_bcrypt",
         "django_salted_md5",
-        "django_salted_sha1",
 
 
 ## ... source file abbreviated to get to current_app examples ...
 
 
-    "SEND_CONFIRMATION_TEMPLATE": "security/send_confirmation.html",
-    "SEND_LOGIN_TEMPLATE": "security/send_login.html",
-    "VERIFY_TEMPLATE": "security/verify.html",
-    "TWO_FACTOR_VERIFY_CODE_TEMPLATE": "security/two_factor_verify_code.html",
-    "TWO_FACTOR_SETUP_TEMPLATE": "security/two_factor_setup.html",
-    "CONFIRMABLE": False,
-    "REGISTERABLE": False,
-    "RECOVERABLE": False,
     "TRACKABLE": False,
     "PASSWORDLESS": False,
     "CHANGEABLE": False,
@@ -1962,6 +1954,14 @@ _default_config = {
     "TWO_FACTOR_AUTHENTICATOR_VALIDITY": 120,
     "TWO_FACTOR_MAIL_VALIDITY": 300,
     "TWO_FACTOR_SMS_VALIDITY": 120,
+    "TWO_FACTOR_ALWAYS_VALIDATE": True,
+    "TWO_FACTOR_LOGIN_VALIDITY": "30 days",
+    "TWO_FACTOR_VALIDITY_SALT": "tf-validity-salt",
+    "TWO_FACTOR_VALIDITY_COOKIE": {
+        "httponly": True,
+        "secure": False,
+        "samesite": None,
+    },
     "CONFIRM_EMAIL_WITHIN": "5 days",
     "RESET_PASSWORD_WITHIN": "5 days",
     "LOGIN_WITHOUT_CONFIRMATION": False,
@@ -2073,6 +2073,7 @@ _default_config = {
 
         state._phone_util = state.phone_util_cls(app)
         state._mail_util = state.mail_util_cls(app)
+        state._password_util = state.password_util_cls(app)
 
         app.extensions["security"] = state
 
@@ -2086,7 +2087,6 @@ _default_config = {
 
         for newc, oldc in [
             ("SECURITY_SMS_SERVICE", "SECURITY_TWO_FACTOR_SMS_SERVICE"),
-            ("SECURITY_SMS_SERVICE_CONFIG", "SECURITY_TWO_FACTOR_SMS_SERVICE_CONFIG"),
 
 
 ## ... source file continues with no further current_app examples...
@@ -2144,6 +2144,7 @@ class UserManager(UserManager__Settings, UserManager__Utils, UserManager__Views)
 ## ... source file abbreviated to get to current_app examples ...
 
 
+            @app.before_request
             def advance_session_timeout():
                 session.permanent = True    # Timeout after app.permanent_session_lifetime period
                 session.modified = True     # Advance session timeout each time a user visits a page
@@ -2168,7 +2169,7 @@ class UserManager(UserManager__Settings, UserManager__Utils, UserManager__Views)
             def call_or_get(function_or_property):
                 return function_or_property() if callable(function_or_property) else function_or_property
 
-            return dict(
+~~            return dict(
 ~~                user_manager=current_app.user_manager,
                 call_or_get=call_or_get,
             )
diff --git a/content/pages/examples/flask/flask-globals-g.markdown b/content/pages/examples/flask/flask-globals-g.markdown
@@ -919,7 +919,7 @@ from flask_login import current_user
 from flask_login import COOKIE_NAME as REMEMBER_COOKIE_NAME
 from flask_principal import AnonymousIdentity, Identity, identity_changed, Need
 from flask_wtf import csrf
-from wtforms import validators, ValidationError
+from wtforms import ValidationError
 from itsdangerous import BadSignature, SignatureExpired
 from werkzeug.local import LocalProxy
 from werkzeug.datastructures import MultiDict
diff --git a/content/pages/examples/flask/flask-globals-request.markdown b/content/pages/examples/flask/flask-globals-request.markdown
@@ -2204,6 +2204,7 @@ from wtforms import (
     ValidationError,
     validators,
 )
+from wtforms.validators import StopValidation
 
 from .babel import is_lazy_string, make_lazy_string
 from .confirmable import requires_confirmation
@@ -2213,7 +2214,6 @@ from .utils import (
     config_value,
     do_flash,
     find_user,
-    get_identity_attribute,
 
 
 ## ... source file abbreviated to get to request examples ...
@@ -2260,16 +2260,16 @@ class ForgotPasswordForm(Form, UserEmailFormMixin):
 
     submit = SubmitField(get_form_field_label("recover_password"))
 
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.requires_confirmation = False
+
     def validate(self):
         if not super().validate():
             return False
         if not self.user.is_active:
             self.email.errors.append(get_message("DISABLED_ACCOUNT")[0])
             return False
-        if requires_confirmation(self.user):
-            self.email.errors.append(get_message("CONFIRMATION_REQUIRED")[0])
-            return False
-        return True
 
 
 ## ... source file abbreviated to get to request examples ...
@@ -2313,6 +2313,7 @@ class LoginForm(Form, NextFormMixin):
                 )
             )
             self.password.description = html
+        self.requires_confirmation = False
 
     def validate(self):
         if not super().validate():
@@ -2324,7 +2325,6 @@ class LoginForm(Form, NextFormMixin):
             self.email.errors.append(get_message("USER_DOES_NOT_EXIST")[0])
             hash_password(self.password.data)
             return False
-        if not self.user.password:
 
 
 ## ... source file abbreviated to get to request examples ...
@@ -2366,7 +2366,7 @@ class ResetPasswordForm(Form, NewPasswordFormMixin, PasswordConfirmFormMixin):
         if not super().validate():
             return False
 
-        pbad = _security._password_validator(
+        pbad, self.password.data = _security._password_util.validate(
             self.password.data, False, user=current_user
         )
         if pbad:
diff --git a/content/pages/examples/flask/flask-globals-session.markdown b/content/pages/examples/flask/flask-globals-session.markdown
@@ -927,8 +927,10 @@ from werkzeug.local import LocalProxy
 from .utils import (
     SmsSenderFactory,
     base_render_json,
+    check_and_get_token_status,
     config_value,
     do_flash,
+    get_within_delta,
     login_user,
     json_error_response,
     send_mail,
diff --git a/content/pages/examples/flask/flask-helpers-flash.markdown b/content/pages/examples/flask/flask-helpers-flash.markdown
@@ -959,7 +959,7 @@ from flask_login import current_user
 from flask_login import COOKIE_NAME as REMEMBER_COOKIE_NAME
 from flask_principal import AnonymousIdentity, Identity, identity_changed, Need
 from flask_wtf import csrf
-from wtforms import validators, ValidationError
+from wtforms import ValidationError
 from itsdangerous import BadSignature, SignatureExpired
 from werkzeug.local import LocalProxy
 from werkzeug.datastructures import MultiDict
diff --git a/content/pages/examples/flask/flask-helpers-make-response.markdown b/content/pages/examples/flask/flask-helpers-make-response.markdown
@@ -323,6 +323,7 @@ The Flask-Security-Too project is provided as open source under the
 ```python
 # views.py
 
+from functools import partial
 import time
 
 from flask import (
@@ -356,7 +357,6 @@ from .unified_signin import (
     us_verify,
     us_verify_link,
     us_verify_send_code,
-)
 
 
 ## ... source file abbreviated to get to make_response examples ...
diff --git a/content/pages/examples/flask/flask-helpers-url-for.markdown b/content/pages/examples/flask/flask-helpers-url-for.markdown
@@ -936,7 +936,7 @@ from flask_login import current_user
 from flask_login import COOKIE_NAME as REMEMBER_COOKIE_NAME
 from flask_principal import AnonymousIdentity, Identity, identity_changed, Need
 from flask_wtf import csrf
-from wtforms import validators, ValidationError
+from wtforms import ValidationError
 from itsdangerous import BadSignature, SignatureExpired
 from werkzeug.local import LocalProxy
 from werkzeug.datastructures import MultiDict
@@ -1238,9 +1238,9 @@ class Role(db.Model):
     def to_json(self):
         json_user = {
 ~~            'url': url_for('api.get_user', id=self.id),
-            'username': self.username,
-            'member_since': self.member_since,
-            'last_seen': self.last_seen,
+~~            'username': self.username,
+~~            'member_since': self.member_since,
+~~            'last_seen': self.last_seen,
 ~~            'posts_url': url_for('api.get_user_posts', id=self.id),
 ~~            'followed_posts_url': url_for('api.get_user_followed_posts',
                                           id=self.id),
@@ -1298,9 +1298,9 @@ class Post(db.Model):
     def to_json(self):
         json_post = {
 ~~            'url': url_for('api.get_post', id=self.id),
-            'body': self.body,
-            'body_html': self.body_html,
-            'timestamp': self.timestamp,
+~~            'body': self.body,
+~~            'body_html': self.body_html,
+~~            'timestamp': self.timestamp,
 ~~            'author_url': url_for('api.get_user', id=self.author_id),
 ~~            'comments_url': url_for('api.get_post_comments', id=self.id),
             'comment_count': self.comments.count()
@@ -1340,9 +1340,9 @@ class Comment(db.Model):
         json_comment = {
 ~~            'url': url_for('api.get_comment', id=self.id),
 ~~            'post_url': url_for('api.get_post', id=self.post_id),
-            'body': self.body,
-            'body_html': self.body_html,
-            'timestamp': self.timestamp,
+~~            'body': self.body,
+~~            'body_html': self.body_html,
+~~            'timestamp': self.timestamp,
 ~~            'author_url': url_for('api.get_user', id=self.author_id),
         }
         return json_comment
diff --git a/content/pages/examples/flask/flask-json-jsonencoder.markdown b/content/pages/examples/flask/flask-json-jsonencoder.markdown
@@ -58,7 +58,7 @@ from flask_login import current_user
 from flask_login import COOKIE_NAME as REMEMBER_COOKIE_NAME
 from flask_principal import AnonymousIdentity, Identity, identity_changed, Need
 from flask_wtf import csrf
-from wtforms import validators, ValidationError
+from wtforms import ValidationError
 from itsdangerous import BadSignature, SignatureExpired
 from werkzeug.local import LocalProxy
 from werkzeug.datastructures import MultiDict
diff --git a/content/pages/examples/flask/flask-json-jsonify.markdown b/content/pages/examples/flask/flask-json-jsonify.markdown
diff --git a/content/pages/examples/flask/flask-sessions-badsignature.markdown b/content/pages/examples/flask/flask-sessions-badsignature.markdown
diff --git a/content/pages/examples/flask/flask-templating-render-template.markdown b/content/pages/examples/flask/flask-templating-render-template.markdown
diff --git a/content/pages/examples/flask/flask-views-methodview.markdown b/content/pages/examples/flask/flask-views-methodview.markdown
diff --git a/content/pages/examples/flask/flask-views-view.markdown b/content/pages/examples/flask/flask-views-view.markdown
