def create_profile(self, request, user):
if self.avatar_file.data:
upload_file = request.files[self.avatar_file.name]
if upload_file and allowed_file(upload_file.filename):
# Don't trust any input, we use a random string as filename.
# or use secure_filename:
# http://flask.pocoo.org/docs/patterns/fileuploads/
user_upload_dir = os.path.join(current_app.config['UPLOAD_FOLDER'],
"user_%s" % user.id)
current_app.logger.debug(user_upload_dir)
make_dir(user_upload_dir)
root, ext = os.path.splitext(upload_file.filename)
today = datetime.now().strftime('_%Y-%m-%d')
# Hash file content as filename.
hash_filename = hashlib.sha1(upload_file.read()).hexdigest() + "_" + today + ext
user.avatar = hash_filename
avatar_ab_path = os.path.join(user_upload_dir, user.avatar)
# Reset file curso since we used read()
upload_file.seek(0)
upload_file.save(avatar_ab_path)
self.populate_obj(user)
self.populate_obj(user.user_detail)
db.session.add(user)
db.session.commit()
def avatar():
user = User.query.filter_by(name=current_user.name).first_or_404()
form = AvatarForm(
next = request.args.get('next'),
)
if form.validate_on_submit():
if form.avatar.data:
file = request.files[form.avatar.name]
if file and allowed_file(file.filename):
filename = secure_filename(file.filename)
fn, ext = os.path.splitext(filename)
avatar_filename = os.path.join(current_app.config['USER_IMG_UPLOAD_PATH'], user.name+ext)
file.save(avatar_filename)
user.avatar = os.path.join(user.name+ext)
db.session.add(user)
db.session.commit()
flash('Avatar updated.', 'success')
return render_template('settings/avatar.html', user=user, active="avatar", form=form)
def validate_avatar_file(form, field):
if field.data and not allowed_file(field.data.filename):
raise ValidationError("Please upload files with extensions: %s" %
"/".join(ALLOWED_AVATAR_EXTENSIONS))
def validate_avatar_file(form, field):
if field.data and not allowed_file(field.data.filename):
raise ValidationError("Please upload files with extensions: %s" %
"/".join(ALLOWED_AVATAR_EXTENSIONS))
