def get_unique_filename(filename):
"""
Create unique filename using given name to ensure that
it's not already present in database. This method simply
adds a counter to original filename.
:param str filename:
:rtype str:
"""
filename = secure_filename(filename)
final_name = filename
db_session = get_db_session()
success = False
retries = 0
while not success:
try:
db_session.query(Image).filter(Image.name == final_name).one()
retries += 1
fname, ext = os.path.splitext(filename)
final_name = '{}({}){}'.format(fname, retries, ext)
except NoResultFound:
success = True
return final_name
def login():
# Redirect user directly to dashboard if already authorized
if g.user:
return redirect(url_for('auth.dashboard'))
form = LoginForm()
error = None
if form.validate_on_submit():
db_session = get_db_session()
try:
user = db_session.query(User).filter(
User.username == form.username.data).one()
except NoResultFound:
user = None
if user is None or not check_password_hash(user.password,
form.password.data):
error = 'Invalid login credentials'
else:
session.clear()
session['user_id'] = user.id
return redirect(url_for('auth.dashboard'))
return render_template('auth/login.html', form=form, error=error)
def test_register(self, app, client):
assert client.get(self._register_url).status_code == 200
data = {
'username': '******',
'email': '*****@*****.**',
'password': '******',
'password_repeat': 'otherpassword',
}
response = client.post(self._register_url, data=data)
assert response.headers['location'].endswith('/auth/login')
with app.app_context():
db_session = get_db_session()
# We'll get an error if user does not exist
db_session.query(User).filter(User.username == 'otheruser').one()
db_session.close()
def register():
if current_app.config.get('REGISTRATION_DISABLED'):
abort(404)
# Redirect user directly to dashboard if already authorized
if g.user:
return redirect(url_for('auth.dashboard'))
form = RegisterForm()
if form.validate_on_submit():
db_session = get_db_session()
user = User(
username=form.username.data,
email=form.email.data,
password=generate_password_hash(form.password.data),
)
db_session.add(user)
db_session.commit()
return redirect(url_for('auth.login'))
return render_template('auth/register.html', form=form)
def delete(image_id):
db_session = get_db_session()
try:
obj = db_session.query(Image).filter(Image.id == image_id).one()
except NoResultFound:
abort(404)
if obj.author != g.user:
abort(403)
# Remove files associated with Image object instance
os.unlink(os.path.join(current_app.config['UPLOAD_PATH'], obj.name))
os.unlink(
os.path.join(current_app.config['UPLOAD_PATH'], 'thumbs', obj.name))
os.unlink(
os.path.join(current_app.config['UPLOAD_PATH'], 'previews', obj.name))
# Remove Image instance from database
db_session.delete(obj)
db_session.commit()
flash('Object removed', 'info')
return redirect(url_for('auth.dashboard'))
def upload():
form = UploadForm()
if form.validate_on_submit():
image = Image(
name=get_unique_filename(form.image.data.filename),
description=form.description.data,
author_id=g.user.id,
)
# Create normalized image and thumbnail
img = PILImage.open(form.image.data)
img = smart_resize(img)
# Create new entry in database
image.width, image.height = img.size
db_session = get_db_session()
db_session.add(image)
db_session.commit()
# Save both images - resized version and thumbnail
img.save(os.path.join(current_app.config['UPLOAD_PATH'], image.name),
img.format)
img.thumbnail((250, 250))
img.save(
os.path.join(current_app.config['UPLOAD_PATH'], 'thumbs',
image.name), img.format)
img.thumbnail((100, 100))
img.save(
os.path.join(current_app.config['UPLOAD_PATH'], 'previews',
image.name), img.format)
flash('Image uploaded successfully', 'success')
return redirect(url_for('auth.dashboard'))
return render_template('image/upload.html', form=form)
def index():
images = get_db_session().query(Image).order_by(Image.id).all()
return render_template('index.html', images=images)
