Hugging Face's logo

Spaces:
naotakigawa
/
qatool
Sleeping

App Files
naotakigawa commited on
Commit
231ac24
·
1 Parent(s): bbe0b27

log

Browse files
Files changed (2) hide show
  1. app.py +4 -1
  2. common.py +72 -39
app.py CHANGED
@@ -144,13 +144,16 @@ def get_remote_ip():
144
  # 接続元IP許可判定
145
  def is_allow_ip_address():
146
  remote_ip = get_remote_ip()
147
-
 
148
  # localhost
149
  if remote_ip == "::1":
150
  return True
151
 
152
  # プライベートIP
153
  ipaddr = ipaddress.IPv4Address(remote_ip)
 
 
154
  if ipaddr.is_private:
155
  return True
156
 
 
144
  # 接続元IP許可判定
145
  def is_allow_ip_address():
146
  remote_ip = get_remote_ip()
147
+ logger.info("remote_ip")
148
+ logger.info(remote_ip)
149
  # localhost
150
  if remote_ip == "::1":
151
  return True
152
 
153
  # プライベートIP
154
  ipaddr = ipaddress.IPv4Address(remote_ip)
155
+ logger.info("ipaddr")
156
+ logger.info(ipaddr)
157
  if ipaddr.is_private:
158
  return True
159
 
common.py CHANGED
@@ -1,39 +1,72 @@
1
- # common.py
2
- import extra_streamlit_components as stx
3
- import streamlit as st
4
- import logging
5
- import os
6
-
7
- from time import time
8
- from requests_oauthlib import OAuth2Session
9
-
10
- logging.basicConfig(level=logging.INFO)
11
- logger = logging.getLogger("__name__")
12
- logger.debug("調査用ログ")
13
-
14
- # 接続元制御
15
- ALLOW_IP_ADDRESS = os.environ["ALLOW_IP_ADDRESS"]
16
-
17
- # Azure AD app registration details
18
- CLIENT_ID = os.environ["CLIENT_ID"]
19
- TENANT_ID = os.environ["TENANT_ID"]
20
-
21
- # Azure API
22
- AUTHORITY = f"https://login.microsoftonline.com/{TENANT_ID}"
23
- REDIRECT_PATH = os.environ["REDIRECT_PATH"]
24
- AUTHORIZATION_URL = f"{AUTHORITY}/oauth2/v2.0/authorize"
25
- SCOPES = ["openid", "profile", "User.Read"]
26
-
27
- # 認証用URL取得
28
- def authorization_request():
29
- oauth = OAuth2Session(CLIENT_ID, redirect_uri=REDIRECT_PATH, scope=SCOPES)
30
- authorization_url, state = oauth.authorization_url(AUTHORIZATION_URL)
31
- return authorization_url, state
32
-
33
- #ログインの確認
34
- def check_login():
35
- if "token" not in st.session_state or st.session_state["token"] is None or float(st.session_state["token_expires"]) <= time():
36
- # 認証用リンク表示
37
- authorization_url, st.session_state["authorization_state"] = authorization_request()
38
- st.markdown(f'[Click here to log in]({authorization_url})', unsafe_allow_html=True)
39
- st.stop()
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ # common.py
2
+ import extra_streamlit_components as stx
3
+ import streamlit as st
4
+ import logging
5
+ import os
6
+
7
+ from time import time
8
+ from requests_oauthlib import OAuth2Session
9
+ from streamlit import runtime
10
+ from streamlit.runtime.scriptrunner import get_script_run_ctx
11
+ import ipaddress
12
+
13
+ logging.basicConfig(level=logging.INFO)
14
+ logger = logging.getLogger("__name__")
15
+ logger.debug("調査用ログ")
16
+
17
+ # 接続元制御
18
+ ALLOW_IP_ADDRESS = os.environ["ALLOW_IP_ADDRESS"]
19
+
20
+ # Azure AD app registration details
21
+ CLIENT_ID = os.environ["CLIENT_ID"]
22
+ TENANT_ID = os.environ["TENANT_ID"]
23
+
24
+ # Azure API
25
+ AUTHORITY = f"https://login.microsoftonline.com/{TENANT_ID}"
26
+ REDIRECT_PATH = os.environ["REDIRECT_PATH"]
27
+ AUTHORIZATION_URL = f"{AUTHORITY}/oauth2/v2.0/authorize"
28
+ SCOPES = ["openid", "profile", "User.Read"]
29
+
30
+ # 認証用URL取得
31
+ def authorization_request():
32
+ oauth = OAuth2Session(CLIENT_ID, redirect_uri=REDIRECT_PATH, scope=SCOPES)
33
+ authorization_url, state = oauth.authorization_url(AUTHORIZATION_URL)
34
+ return authorization_url, state
35
+
36
+ # 接続元IP取得
37
+ def get_remote_ip():
38
+ ctx = get_script_run_ctx()
39
+ session_info = runtime.get_instance().get_client(ctx.session_id)
40
+ return session_info.request.remote_ip
41
+
42
+ # 接続元IP許可判定
43
+ def is_allow_ip_address():
44
+ remote_ip = get_remote_ip()
45
+ logger.info("remote_ip")
46
+ logger.info(remote_ip)
47
+ # localhost
48
+ if remote_ip == "::1":
49
+ return True
50
+
51
+ # プライベートIP
52
+ ipaddr = ipaddress.IPv4Address(remote_ip)
53
+ logger.info("ipaddr")
54
+ logger.info(ipaddr)
55
+ if ipaddr.is_private:
56
+ return True
57
+
58
+ # その他(許可リスト判定)
59
+ return remote_ip in ALLOW_IP_ADDRESS
60
+
61
+ #ログインの確認
62
+ def check_login():
63
+ # 接続元IP許可判定
64
+ if not is_allow_ip_address():
65
+ st.title("HTTP 403 Forbidden")
66
+ return
67
+
68
+ if "token" not in st.session_state or st.session_state["token"] is None or float(st.session_state["token_expires"]) <= time():
69
+ # 認証用リンク表示
70
+ authorization_url, st.session_state["authorization_state"] = authorization_request()
71
+ st.markdown(f'[Click here to log in]({authorization_url})', unsafe_allow_html=True)
72
+ st.stop()