Marijn/mvl-flask
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

secret key!

Browse Source
This commit is contained in:
Marijn Jansen
2019-03-22 16:28:47 +01:00
parent 9b16c9a87a
commit b137cdc522
2 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
app.py
View File

@@ -1,6 +1,6 @@
import os import os
from flask import Flask, render_template, jsonify, abort, send_file, request, redirect from flask import Flask, render_template, jsonify, abort, send_file, request, redirect, flash
from sqlalchemy import func from sqlalchemy import func
from base64 import standard_b64decode, standard_b64encode from base64 import standard_b64decode, standard_b64encode
from io import BytesIO from io import BytesIO
@@ -8,7 +8,7 @@ from io import BytesIO
from model import db, Post, Category, ImageBase64 from model import db, Post, Category, ImageBase64
# Check for environment variable # Check for environment variable
env_vars = ["DATABASE_URL", "PASSWORD"] env_vars = ["DATABASE_URL", "PASSWORD", 'SECRET_KEY']
for env_var in env_vars: for env_var in env_vars:
if not os.getenv(env_var): if not os.getenv(env_var):
raise RuntimeError(f"{env_var} is not set") raise RuntimeError(f"{env_var} is not set")
@@ -18,6 +18,7 @@ app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv("DATABASE_URL") app.config['SQLALCHEMY_DATABASE_URI'] = os.getenv("DATABASE_URL")
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['JSON_SORT_KEYS'] = False app.config['JSON_SORT_KEYS'] = False
app.secret_key = os.getenv('SECRET_KEY')
# Bind db to application # Bind db to application
db.init_app(app) db.init_app(app)
@@ -68,33 +69,23 @@ def get_image(filename):
def file_uploaded(): def file_uploaded():
if request.method == 'POST': if request.method == 'POST':
if not request.form.get('password') == os.getenv('PASSWORD'): if not request.form.get('password') == os.getenv('PASSWORD'):
abort(401) flash("Wrong Password")
return redirect("/adm/uploadfile")
# check if the post request has the file part # check if the post request has the file part
if 'files' not in request.files: if 'files' not in request.files:
# flash('No file part') return redirect("/adm/uploadfile")
return abort(400)
# return redirect(request.url)
files = request.files.getlist('files') files = request.files.getlist('files')
# if user does not select file, browser also # if user does not select file, browser also
# submit an empty part without filename # submit an empty part without filename
print(files)
for file in files: for file in files:
if file.filename == '': if file.filename == '':
# flash('No selected file') flash("No files")
return redirect(request.url) return redirect("/adm/uploadfile")
data = standard_b64encode(file.read()).decode()
if file: database_object = ImageBase64(filename=file.filename, mimetype=file.mimetype, data=data)
data = standard_b64encode(file.read()).decode() db.session.add(database_object)
print(file.filename, file.mimetype)
database_object = ImageBase64(filename=file.filename, mimetype=file.mimetype, data=data)
db.session.add(database_object)
db.session.commit() db.session.commit()
# if file and allowed_file(file.filename):
# filename = secure_filename(file.filename)
# file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
# return redirect(url_for('uploaded_file',
# filename=filename))
return render_template("adm/uploadfile.html") return render_template("adm/uploadfile.html")

5
templates/adm/uploadfile.html
View File

@@ -3,6 +3,11 @@
Upload File - mvl Upload File - mvl
{% endblock %} {% endblock %}
{% block main %} {% block main %}
{% if get_flashed_messages() %}
<div class="alert alert-primary border text-center" role="alert">
{{ get_flashed_messages() | join(" ") }}
</div>
{% endif %}
<main class="container"> <main class="container">
<h1>Upload new Photo</h1> <h1>Upload new Photo</h1>
<form class="" method=post enctype=multipart/form-data> <form class="" method=post enctype=multipart/form-data>