This Python app is a simple restaurant review application using the Flask framework. The app uses Azure App Service, Azure Database for PostgreSQL (Flexible Server) relational database service, and Azure Storage. When deployed, Azure managed identity allows the web app hosted in App Service to connect to the database and storage resources without the need to specify sensitive connection info in code or environment variables.
This sample app can be run locally and then deployed to Azure, hosted in a fully managed Azure App Service. For more information on how to use this web app, see Overview: Deploy a Python web app to Azure with managed identity.
If you need an Azure account, you can create on for free.
A Django sample application with similar functionality is at https://github.com/Azure-Samples/msdocs-django-web-app-managed-identity.
The requirements.txt has the following packages:
| Package | Description |
|---|---|
| Flask | Web application framework. |
| SQLAlchemy | Provides a database abstraction layer to communicate with PostgreSQL. |
| Flask-SQLAlchemy | Adds SQLAlchemy support to Flask application by simplifying using SQLAlchemy. Requires SQLAlchemy. |
| Flask-Migrate | SQLAlchemy database migrations for Flask applications using Alembic. Allows functionality parity with Django version of this sample app. |
| pyscopg2 | PostgreSQL database adapter for Python. |
| python-dotenv | Read key-value pairs from .env file and set them as environment variables. In this sample app, environment variables describe how to connect to the database and storage resources. Because managed identity is used no sensitive information is included in environment variables. Flask's dotenv support sets environment variables automatically from an .env file. |
| flask_wtf | Form rendering, validation, and CSRF protection for Flask with WTForms. Uses CSRFProtect extension. |
| azure-blob-storage | Microsoft Azure Storage SDK for Python |
| azure-identity | Microsoft Azure Identity Library for Python |
The DefaultAzureCredential is used in the app.py file. For example:
from azure.identity import DefaultAzureCredential
from azure.storage.blob import BlobServiceClient
azure_credential = DefaultAzureCredential(exclude_shared_token_cache_credential=True)
blob_service_client = BlobServiceClient(
account_url=account_url,
credential=azure_credential)The DefaultAzureCredential is also used to get a token for PostgreSQL in the get_conn.py file when running in Azure.
azure_credential = DefaultAzureCredential()
token = azure_credential.get_token("https://ossrdbms-aad.database.windows.net")
conn = str(current_app.config.get('DATABASE_URI')).replace('PASSWORDORTOKEN', token.token)
![microsoft-github-operations[bot] avatar](https://avatars.githubusercontent.com/in/41902?v=4 "microsoft-github-operations[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent