"""Фабрика Flask-приложения. Этап 1: E1.0 — фундамент (БД-пул, sessions, base.html). E1.1 — авторизация (cookie-сессии Flask, bcrypt + Werkzeug, опц. HR_AUTH). """ from __future__ import annotations import os import secrets from datetime import timedelta from flask import Flask, jsonify, render_template, request def create_app() -> Flask: app = Flask( __name__, instance_relative_config=True, template_folder='templates', static_folder='static', static_url_path='/static', ) sk = (os.environ.get('SECRET_KEY') or '').strip() app.config['SECRET_KEY'] = sk or secrets.token_hex(32) app.config['MAX_CONTENT_LENGTH'] = 16 * 1024 * 1024 # 16 MB upload limit app.config.update( SESSION_COOKIE_NAME='testing_session', SESSION_COOKIE_HTTPONLY=True, SESSION_COOKIE_SAMESITE='Lax', SESSION_COOKIE_SECURE=(os.environ.get('FLASK_ENV') == 'production'), PERMANENT_SESSION_LIFETIME=timedelta(days=7), ) from .blueprints.main import main_bp from .blueprints.settings import settings_bp from .auth import auth_bp from .tests import tests_bp app.register_blueprint(main_bp) app.register_blueprint(auth_bp) app.register_blueprint(tests_bp) app.register_blueprint(settings_bp) from .config import is_assignment_feature_enabled, is_dev_ui, is_hr_auth_enabled from .auth.decorators import current_user as _current_user @app.context_processor def _inject_globals(): return { 'current_user': _current_user(), 'hr_auth_enabled': is_hr_auth_enabled(), 'dev_ui': is_dev_ui(), 'assignment_ui': is_assignment_feature_enabled(), } @app.errorhandler(404) def _not_found(_e): if _is_api_path(): return jsonify(error='not_found'), 404 return render_template('404.html'), 404 @app.errorhandler(500) def _internal_error(_e): if _is_api_path(): return jsonify(error='internal_error'), 500 return render_template('500.html'), 500 return app def _is_api_path() -> bool: return request.path.startswith('/api/')