def create_profile(self,request,user):
if self.avatar_file.data:
upload_file = request.files[self.avatar_file.name]
if upload_file and allowed_file(upload_file.filename):
# Don't trust any input, we use a random string as filename.
# or use secure_filename:
# http://flask.pocoo.org/docs/patterns/fileuploads/
user_upload_dir = os.path.join(current_app.config['UPLOAD_FOLDER'], "user_%s" % user.id)
current_app.logger.debug(user_upload_dir)
make_dir(user_upload_dir)
root, ext = os.path.splitext(upload_file.filename)
today = datetime.now().strftime('_%Y-%m-%d')
# Hash file content as filename.
hash_filename = hashlib.sha1(upload_file.read()).hexdigest() + "_" + today + ext
user.avatar = hash_filename
avatar_ab_path = os.path.join(user_upload_dir, user.avatar)
# Reset file curso since we used read()
upload_file.seek(0)
upload_file.save(avatar_ab_path)
self.populate_obj(user)
self.populate_obj(user.user_detail)
db.session.add(user)
db.session.commit()
def validate_avatar_file(form, field):
if field.data and not allowed_file(field.data.filename):
raise ValidationError(_("Please upload files with extensions:")+" %s" % "/".join(ALLOWED_AVATAR_EXTENSIONS))
