def get_unique_filename(filename): """ Create unique filename using given name to ensure that it's not already present in database. This method simply adds a counter to original filename. :param str filename: :rtype str: """ filename = secure_filename(filename) final_name = filename db_session = get_db_session() success = False retries = 0 while not success: try: db_session.query(Image).filter(Image.name == final_name).one() retries += 1 fname, ext = os.path.splitext(filename) final_name = '{}({}){}'.format(fname, retries, ext) except NoResultFound: success = True return final_name
def login(): # Redirect user directly to dashboard if already authorized if g.user: return redirect(url_for('auth.dashboard')) form = LoginForm() error = None if form.validate_on_submit(): db_session = get_db_session() try: user = db_session.query(User).filter( User.username == form.username.data).one() except NoResultFound: user = None if user is None or not check_password_hash(user.password, form.password.data): error = 'Invalid login credentials' else: session.clear() session['user_id'] = user.id return redirect(url_for('auth.dashboard')) return render_template('auth/login.html', form=form, error=error)
def test_register(self, app, client): assert client.get(self._register_url).status_code == 200 data = { 'username': '******', 'email': '*****@*****.**', 'password': '******', 'password_repeat': 'otherpassword', } response = client.post(self._register_url, data=data) assert response.headers['location'].endswith('/auth/login') with app.app_context(): db_session = get_db_session() # We'll get an error if user does not exist db_session.query(User).filter(User.username == 'otheruser').one() db_session.close()
def register(): if current_app.config.get('REGISTRATION_DISABLED'): abort(404) # Redirect user directly to dashboard if already authorized if g.user: return redirect(url_for('auth.dashboard')) form = RegisterForm() if form.validate_on_submit(): db_session = get_db_session() user = User( username=form.username.data, email=form.email.data, password=generate_password_hash(form.password.data), ) db_session.add(user) db_session.commit() return redirect(url_for('auth.login')) return render_template('auth/register.html', form=form)
def delete(image_id): db_session = get_db_session() try: obj = db_session.query(Image).filter(Image.id == image_id).one() except NoResultFound: abort(404) if obj.author != g.user: abort(403) # Remove files associated with Image object instance os.unlink(os.path.join(current_app.config['UPLOAD_PATH'], obj.name)) os.unlink( os.path.join(current_app.config['UPLOAD_PATH'], 'thumbs', obj.name)) os.unlink( os.path.join(current_app.config['UPLOAD_PATH'], 'previews', obj.name)) # Remove Image instance from database db_session.delete(obj) db_session.commit() flash('Object removed', 'info') return redirect(url_for('auth.dashboard'))
def upload(): form = UploadForm() if form.validate_on_submit(): image = Image( name=get_unique_filename(form.image.data.filename), description=form.description.data, author_id=g.user.id, ) # Create normalized image and thumbnail img = PILImage.open(form.image.data) img = smart_resize(img) # Create new entry in database image.width, image.height = img.size db_session = get_db_session() db_session.add(image) db_session.commit() # Save both images - resized version and thumbnail img.save(os.path.join(current_app.config['UPLOAD_PATH'], image.name), img.format) img.thumbnail((250, 250)) img.save( os.path.join(current_app.config['UPLOAD_PATH'], 'thumbs', image.name), img.format) img.thumbnail((100, 100)) img.save( os.path.join(current_app.config['UPLOAD_PATH'], 'previews', image.name), img.format) flash('Image uploaded successfully', 'success') return redirect(url_for('auth.dashboard')) return render_template('image/upload.html', form=form)
def index(): images = get_db_session().query(Image).order_by(Image.id).all() return render_template('index.html', images=images)