read configs from env

api/__init__.py

@@ -9,6 +9,8 @@ import importlib
 import requests
 from threading import Lock
 
+import env_provider
+
 _public_key_cache = None
 _lock = Lock()
 
@@ -20,7 +22,7 @@ def keycloak_public_key():
         if _public_key_cache:
             return _public_key_cache
 
-        url = "https://login.hangman-lab.top/realms/Hangman-Lab/protocol/openid-connect/certs"
+        url = f"{env_provider.KC_HOST}/realms/{env_provider.KC_REALM}/protocol/openid-connect/certs"
         response = requests.get(url)
         jwks = response.json()
         public_key = jwks["keys"][0]["x5c"][0]
@@ -33,7 +35,7 @@ def verify_token(token):
             token,
             keycloak_public_key(),
             algorithms=["RS256"],
-            audience="labdev"
+            audience=env_provider.KC_CLIENT_ID
         )
         return decoded
     except ExpiredSignatureError:

api/config.py

@@ -1,18 +0,0 @@
-from flask import Blueprint, jsonify
-
-import env_provider
-from api import limiter
-config_bp = Blueprint('config', __name__, url_prefix='/api/config')
-
-@config_bp.route('/server_host', methods=['GET'])
-@limiter.limit("120 per minute")
-def server_host():
-    print(env_provider.SERVER_HOST)
-    return jsonify({"value": env_provider.SERVER_HOST}), 200
-
-@config_bp.route('/kc_client_id', methods=['GET'])
-@limiter.limit("120 per minute")
-def kc_client_id():
-    print(env_provider.APP_CLIENT_ID)
-    return jsonify({"value": env_provider.APP_CLIENT_ID}), 200
-

app.py

@@ -1,4 +1,6 @@
 # app.py
+from pprint import pprint
+
 from logging_handlers.DatabaseLogHandler import DatabaseLogHandler
 from urllib.parse import urlparse
 from api import limiter
@@ -23,13 +25,13 @@ try:
 except Exception as e:
     print(f"db not ready {e}")
 app = Flask(__name__)
-app.config['SERVER_NAME'] = 'localhost:5000'
+app.config['SERVER_NAME'] = env_provider.BACKEND_HOST
 app.secret_key = env_provider.SESSION_SECRET_KEY
 CORS(app, resources={r"/api/*": {"origins": [
-    "https://login.hangman-lab.top",
-    "https://git.hangman-lab.top",
-    "http://127.0.0.1:3000",
-    "http://localhost:3000",
+    env_provider.KC_HOST,
+    env_provider.FRONTEND_HOST,
+    r"https?://localhost:\d+",
+    r"https?://127\.0\.0\.1:\d+",
 ]}})
 
 limiter.init_app(app)
@@ -45,4 +47,5 @@ def log_request():
 
 if __name__ == '__main__':
     #logger.info("Starting app")
+    pprint(env_provider.summerize())
     app.run(host='0.0.0.0', port=5000)

env_provider.py

@@ -4,8 +4,6 @@ from dotenv import load_dotenv
 
 load_dotenv()
 
-APP_CLIENT_ID = os.getenv("APP_CLIENT_ID")
-CLIENT_SECRET = os.getenv("CLIENT_SECRET")
 
 DB_HOST = os.getenv("DB_HOST")
 DB_PORT = os.getenv("DB_PORT")
@@ -14,5 +12,24 @@ DB_USER = os.getenv("DB_USER")
 DB_PASSWORD = os.getenv("DB_PASSWORD")
 SESSION_SECRET_KEY = os.getenv("SESSION_SECRET_KEY")
 
+KC_HOST = os.getenv("KC_HOST")
+KC_REALM = os.getenv("KC_REALM")
+KC_CLIENT_ID = os.getenv("KC_CLIENT_ID")
 
-SERVER_HOST = os.getenv("SERVER_HOST")
+FRONTEND_HOST = os.getenv("FRONTEND_HOST")
+BACKEND_HOST = os.getenv("BACKEND_HOST")
+
+def summerize():
+    return {
+        'DB_HOST': DB_HOST,
+        'DB_PORT': DB_PORT,
+        'DB_NAME': DB_NAME,
+        'DB_USER': DB_USER,
+        'DB_PASSWORD': DB_PASSWORD,
+        'SESSION_SECRET_KEY': SESSION_SECRET_KEY,
+        'KC_HOST': KC_HOST,
+        'KC_REALM': KC_REALM,
+        'KC_CLIENT_ID': KC_CLIENT_ID,
+        'FRONTEND_HOST': FRONTEND_HOST,
+        'BACKEND_HOST': BACKEND_HOST,
+    }