September 14, 2020

Uploading files to AWS S3 with Flask

One way to upload files using Flask is to literally create a route that accepts HTTP POST and saves bytes received on the disk. And with horizontal scaling you need to mount an external storage to every running instance that supports replication. Another option is to use object storage - like AWS S3 - and upload files directly from the frontend. In that case Flask will have a route that just generates and URL a frontend will upload to. Read more

July 9, 2020

Accepting payments in Flask with Stripe

Introduction In this article you’ll learn how to use Stripe Checkout to accept one time payments in Flask application. THe example will be a webshop, that has a single page for selling 5$ T-shirts. Main page Create a Flask route that serves the webshop page. The page loads some JavaScript as well: - a Stripe JS - jQuery for AJAX call - some custom JavaScript @app.route('/') def webshop(): return """<html> <head></head> <body> <a href="#" id="checkout">Buy T-shirt for 5$</a> <script src="https://code. Read more

May 7, 2020

How to increase Flask performance

When Flask app runs slow we need to identify what is the bottleneck. It can be an overloaded database, unresponsive external API, or heavy, CPU-intensive computation. This is the whole recipe on how to speed up Flask - find the source of sluggish performance. After the bottleneck is identified you can fight an underlying cause. And here I assume that the underlying platform that runs Flask has enough resources to do so. Read more

April 12, 2020

5 ways to deploy Flask

In this post, I’m going to explore 5 ways to deploy a Flask application. In all examples I’m going to use a simple app from Flask docs: app.py from flask import Flask app = Flask(__name__) @app.route('/') def hello_world(): return 'Hello, World!' if __name__ == '__main__': app.run() Local machine This option is used when you need to test your application on a local machine. By simply running app.py you spin up a server and can call the endpoints locally, but this particular scenario help when you need to integrate your app with external service. Read more

October 23, 2019

Run Flask on AWS ECS (Fargate)

There is an alternative to run Flask on AWS Elastic Beanstalk that allow numerous customization options - run Flask on ECS Fargate. This serverless (you don’t have to manage a cluster of EC2) solution runs Docker images and can run Flask web server. There is a lot of AWS resources involved to make it work. I’m sharing CloudFormation templates that will create them automatically.Source code Here are the details of these templates: Read more

December 12, 2018

Streaming timeseries with Flask and Plotly

This post describes simple app for streaming cpu utilization to a web page. It uses Flask as websockets server (flask-socketio plugin), socket.io as client library and plotly.js for visualization. Flask app Follow flask-socketio doc to create a flask app. SocketIO is going to use Redis as message broker as there will be a separate process that pushes messages to clients. Flask websocket server and this process will communicate through Redis. Read more

November 27, 2018

Background jobs with Flask

Basic request lifecycle with Flask goes like this: Flask gets a request is parses input parameters does necessary calculations and finally returns the result This synchronous task is fine when a user needs the result of calculation immediately. Another use case is when the result is not relevant right now and the user just wants to schedule an execution of the task asynchronously. Such scenarios include: sending an email creating thumbnails from uploaded images starting a calculation for a long CPU intensive task Common implementation Asynchronous tasks are usually implemented like this: Read more

October 26, 2018

Multitenancy with Flask

What is multi-tenancy Consider a SaaS platform that provide access to multiple client organizations. These organizations - tenants - may have each its own database for safety and data protection reasons. It can be a database on a single RDBMS server or physically different servers. Usually additional central database (i.e., General) stores metadata and list of available tenants. Flask-SQLAlchemy Flask-SQLAlchemy provides interface only to one database. Flask app configuration defines SQLALCHEMY_DATABASE_URI for connection information for it. Read more

September 27, 2018

Flask pagination macro

In this post you’ll find out how to create a pagination with Jinja macro feature. Requirements: show preconfigured limited number of pages at once collapse invisible pages under ... provide previous/next navigation buttons Jinja templates for Bootstrap4 I’ve created 3 tier structure of Jinja templates to use Bootstrap4. First - bootstrap4_base.html - loads css and js files from CDN and defines major blocks: head - holds content of the <head> tag and defines title, metas, styles body - holds content of the <body> tag and defines navbar, content, scripts navbar - for navigation bar content - for boostrap container (tag with class="container") scripts - goes in the end of the body, here is why Blocks may be extended or/and overwritten in the later templatesThis template follows Bootstrap4 intro guide Read more

August 13, 2018

Running Flask in production with Docker

Google top for running Flask with Docker is full of posts where Flask runs in debug mode. That what logs look like when Flask is in development mode: * Serving Flask app "app" (lazy loading) * Environment: production WARNING: Do not use the development server in a production environment. Use a production WSGI server instead. * Debug mode: on * Running on http://0.0.0.0:5555/ (Press CTRL+C to quit) I’d like to make a tutorial on how to run it with uwsgi in Docker using common Docker images. Read more

July 11, 2018

Securing Flask web applications

In this post I’d like to investigate security mechanisms available in Flask. I’ll go through different types of possible vulnerabilities and the way they can be mitigated. XSS Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. source Exploit Consider a form asking for a user input. <form method="post" action="/"> <input type="text" name="tweet"><br> <input type="submit"> </form> And a template to show tweets by other users where user input from above form passed unprocessed: Read more

© Alexey Smirnov 2021