kitoy/pywallter
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Add login_required decorator

Browse Source
This commit is contained in:
kitoy
2025-12-01 02:19:46 +01:00
parent 57c2fb4ce9
commit e14677e701
10 changed files with 569 additions and 584 deletions
Download Patch File Download Diff File Expand all files Collapse all files

275
views/filesupload.py
View File

@@ -9,6 +9,7 @@ import sqlite3
import os
from shutil import move
from tools.filesutils import getFileSizeMo, getFileSizeKo, check_and_create
from tools.utils import login_required
filesupload = Blueprint('filesupload', __name__, template_folder='templates')
@@ -28,163 +29,154 @@ BASE_URL= app.config['BASE_URL']
@filesupload.route( '/filesupload/', methods=['GET', 'POST'])
@login_required
def uploadfiles():
if 'username' in session :
user = '%s'% escape(session['username'])
if request.method == 'POST' :
files = request.files.getlist('fic')
for f in files :
nom = secure_filename(f.filename)
check_and_create(DOSSIER_PERSO+ user + 'files')
check_and_create(DOSSIER_PERSO+ user + 'images')
if os.path.isfile(DOSSIER_PERSO + user + '/files/' + nom) or os.path.isfile(DOSSIER_PERSO + user + '/images/' + nom):
flash(u'Un fichier avec le même nom existe déjà, merci de spécifier un autre nom de fichier', 'error')
else:
file, ext = os.path.splitext(nom)
if ext in extensionimg :
f.save(DOSSIER_PERSO + user + '/images/' + nom)
image = DOSSIER_PERSO + user + '/images/' + nom
with Image.open(image) as img :
img.thumbnail((300,300))
img.save( DOSSIER_PERSO + user + '/images/thumbnails/' + nom )
TIME=time.strftime("%A %d %B %Y %H:%M:%S")
IP=request.environ['REMOTE_ADDR']
CLIENT_PLATFORM=request.headers.get('User-Agent')
log_file=os.path.join(DOSSIER_PERSO, user, "log.txt")
LOG=open(log_file, "a")
LOG.write (TIME + ' - ' + IP + ' - ' + user + ' - ' + CLIENT_PLATFORM + '\n' + '---> ' + nom + '\n')
LOG.close()
flash(u'Image envoyée et traitée avec succés', 'succes')
else:
f.save(DOSSIER_PERSO + user + '/files/' + nom)
TIME=time.strftime("%A %d %B %Y %H:%M:%S")
IP=request.environ['REMOTE_ADDR']
CLIENT_PLATFORM=request.headers.get('User-Agent')
LOG=open("log.txt", "a") # Ouvre fichier log.txt
LOG.write (TIME + ' - ' + IP + ' - ' + user + ' - ' + CLIENT_PLATFORM + '\n' + '---> ' + nom + '\n') # Écrit dans log
LOG.close() # Ferme log.txt
flash(u'Fichier envoyé avec succés', 'succes')
user = '%s'% escape(session['username'])
if request.method == 'POST' :
if 'fic' not in request.files:
flash(u'Mauvais format de ficher', 'error')
return redirect(request.url)
file = request.files['fic']
# If the user does not select a file, the browser submits an
# empty file without a filename.
if file.filename == '':
flash(u'Vous avez oubliez de selectionner un fichier', 'error' )
return redirect(request.url)
files = request.files.getlist('fic')
for f in files :
nom = secure_filename(f.filename)
check_and_create(DOSSIER_PERSO+ user + 'files')
check_and_create(DOSSIER_PERSO+ user + 'images')
if os.path.isfile(DOSSIER_PERSO + user + '/files/' + nom) or os.path.isfile(DOSSIER_PERSO + user + '/images/' + nom):
flash(u'Un fichier avec le même nom existe déjà, merci de spécifier un autre nom de fichier', 'error')
else:
file, ext = os.path.splitext(nom)
if ext in extensionimg :
f.save(DOSSIER_PERSO + user + '/images/' + nom)
image = DOSSIER_PERSO + user + '/images/' + nom
with Image.open(image) as img :
img.thumbnail((300,300))
img.save( DOSSIER_PERSO + user + '/images/thumbnails/' + nom )
TIME=time.strftime("%A %d %B %Y %H:%M:%S")
IP=request.environ['REMOTE_ADDR']
CLIENT_PLATFORM=request.headers.get('User-Agent')
log_file=os.path.join(DOSSIER_PERSO, user, "log.txt")
LOG=open(log_file, "a")
LOG.write (TIME + ' - ' + IP + ' - ' + user + ' - ' + CLIENT_PLATFORM + '\n' + '---> ' + nom + '\n')
LOG.close()
flash(u'Image envoyée et traitée avec succés', 'succes')
else:
f.save(DOSSIER_PERSO + user + '/files/' + nom)
TIME=time.strftime("%A %d %B %Y %H:%M:%S")
IP=request.environ['REMOTE_ADDR']
CLIENT_PLATFORM=request.headers.get('User-Agent')
LOG=open("log.txt", "a") # Ouvre fichier log.txt
LOG.write (TIME + ' - ' + IP + ' - ' + user + ' - ' + CLIENT_PLATFORM + '\n' + '---> ' + nom + '\n') # Écrit dans log
LOG.close() # Ferme log.txt
flash(u'Fichier envoyé avec succés', 'succes')
else:
flash(u'Error : Vous avez oublié le fichier !', 'error')
return redirect(url_for('filesupload.uploadfiles'))
resp = make_response(render_template('up_up.html', section="Upload"))
resp.set_cookie('username', session['username'])
return resp
else :
return redirect(BASE_URL, code=401)
resp = make_response(render_template('up_up.html', section="Upload"))
resp.set_cookie('username', session['username'])
return resp
@filesupload.route('/view/')
@login_required
def list():
if 'username' in session :
user = '%s'% escape(session['username'])
check_and_create(DOSSIER_PUBLIC + user + '/files/')
check_and_create(DOSSIER_PERSO + user + '/files/')
files_public = os.listdir(DOSSIER_PUBLIC + user + '/files/')
files_private = os.listdir(DOSSIER_PERSO + user + '/files/')
listFilesPublic = []
listFilesPrivate = []
nb_pv = 0
size=0
if files_private:
for fich in files_private:
nb_pv += 1
size = getFileSizeMo(DOSSIER_PERSO + user + '/files/' + fich) # size = taille des fichiers
listFilesPrivate.append([nb_pv, fich, size]) # On implémente la listeFichiers avec le num le ficier et sa taille
nb_pu = 0
if files_public:
for fich in files_public:
nb_pu += 1
size = getFileSizeMo(DOSSIER_PUBLIC + user + '/files/' + fich) # size = taille des fichiers
listFilesPublic.append([nb_pu, fich, size])
return render_template('up_list.html',
section="Files",
size=size,
username=user,
nb_pv=nb_pv,
nb_pu=nb_pu,
listFilesPrivate=listFilesPrivate,
listFilesPublic=listFilesPublic)
user = '%s'% escape(session['username'])
else :
return redirect(BASE_URL, code=401)
check_and_create(DOSSIER_PUBLIC + user + '/files/')
check_and_create(DOSSIER_PERSO + user + '/files/')
files_public = os.listdir(DOSSIER_PUBLIC + user + '/files/')
files_private = os.listdir(DOSSIER_PERSO + user + '/files/')
listFilesPublic = []
listFilesPrivate = []
nb_pv = 0
size=0
if files_private:
for fich in files_private:
nb_pv += 1
size = getFileSizeMo(DOSSIER_PERSO + user + '/files/' + fich) # size = taille des fichiers
listFilesPrivate.append([nb_pv, fich, size]) # On implémente la listeFichiers avec le num le ficier et sa taille
nb_pu = 0
if files_public:
for fich in files_public:
nb_pu += 1
size = getFileSizeMo(DOSSIER_PUBLIC + user + '/files/' + fich) # size = taille des fichiers
listFilesPublic.append([nb_pu, fich, size])
return render_template('up_list.html',
section="Files",
size=size,
username=user,
nb_pv=nb_pv,
nb_pu=nb_pu,
listFilesPrivate=listFilesPrivate,
listFilesPublic=listFilesPublic)
@filesupload.route('/myfiles/<username>/<filename>')
@login_required
def myfiles(username, filename):
if 'username' in session :
user = '%s' % escape(session['username'])
return send_from_directory(
os.path.join(DOSSIER_PERSO, username, 'files'), filename )
else :
return redirect(BASE_URL, code=401)
@filesupload.route('/make_public/<filename>')
def move_public(filename):
if 'username' in session:
user = '%s' % escape(session['username'])
check_and_create(DOSSIER_PUBLIC + user + '/files/')
check_and_create(DOSSIER_PERSO + user + '/files/')
src = os.path.join(DOSSIER_PERSO, user, 'files', filename)
dst = os.path.join(DOSSIER_PUBLIC, user, 'files/')
move (src, dst)
return redirect(url_for('filesupload.list', _external=True))
else:
return redirect(BASE_URL, code=401)
@filesupload.route('/make_private/<filename>')
def move_private(filename):
if 'username' in session:
user = '%s' % escape(session['username'])
check_and_create(DOSSIER_PUBLIC + user + '/files/')
check_and_create(DOSSIER_PERSO + user + '/files/')
src = os.path.join(DOSSIER_PUBLIC, user, 'files', filename)
dst = os.path.join(DOSSIER_PERSO, user, 'files/')
move (src, dst)
return redirect(url_for('filesupload.list', _external=True))
else:
return redirect(BASE_URL, code=401)
@filesupload.route('/public/<username>/<filename>')
def publicfiles(username, filename):
user = '%s' % escape(session['username'])
return send_from_directory(
os.path.join(DOSSIER_PUBLIC, username, 'files'), filename )
os.path.join(DOSSIER_PERSO, username, 'files'), filename )
@filesupload.route('/make_public/<filename>')
@login_required
def move_public(filename):
user = '%s' % escape(session['username'])
check_and_create(DOSSIER_PUBLIC + user + '/files/')
check_and_create(DOSSIER_PERSO + user + '/files/')
src = os.path.join(DOSSIER_PERSO, user, 'files', filename)
dst = os.path.join(DOSSIER_PUBLIC, user, 'files/')
move (src, dst)
return redirect(url_for('filesupload.list', _external=True))
@filesupload.route('/make_private/<filename>')
@login_required
def move_private(filename):
user = '%s' % escape(session['username'])
check_and_create(DOSSIER_PUBLIC + user + '/files/')
check_and_create(DOSSIER_PERSO + user + '/files/')
src = os.path.join(DOSSIER_PUBLIC, user, 'files', filename)
dst = os.path.join(DOSSIER_PERSO, user, 'files/')
move (src, dst)
return redirect(url_for('filesupload.list', _external=True))
@filesupload.route('/remove_privateFile/<filename>')
@login_required
def remove_privateFile(filename):
if 'username' in session :
user = '%s' % escape(session['username'])
filename = secure_filename(filename)
try:
os.remove(DOSSIER_PERSO + user + '/files/' + filename) # on le supprime
except FileNotFoundError:
flash(u'Fichier {filename} inexistant.'.format(filename=filename), 'error')
return redirect(url_for('filesupload.list', _external=True))
else :
return redirect(BASE_URL, code=401)
user = '%s' % escape(session['username'])
filename = secure_filename(filename)
try:
os.remove(DOSSIER_PERSO + user + '/files/' + filename) # on le supprime
except FileNotFoundError:
flash(u'Fichier {filename} inexistant.'.format(filename=filename), 'error')
return redirect(url_for('filesupload.list', _external=True))
@filesupload.route('/remove_publicFile/<filename>')
@login_required
def remove_publicFile(filename):
if 'username' in session :
user = '%s' % escape(session['username'])
filename = secure_filename(filename)
try:
os.remove(DOSSIER_PUBLIC + user + '/files/' + filename) # on le supprime
except FileNotFoundError:
flash(u'Fichier {filename} inexistant.'.format(filename=filename), 'error')
return redirect(url_for('filesupload.list', _external=True))
else :
return redirect(BASE_URL, code=401)
user = '%s' % escape(session['username'])
filename = secure_filename(filename)
try:
os.remove(DOSSIER_PUBLIC + user + '/files/' + filename) # on le supprime
except FileNotFoundError:
flash(u'Fichier {filename} inexistant.'.format(filename=filename), 'error')
return redirect(url_for('filesupload.list', _external=True))
@filesupload.route('/theme.min.css')
def theme():
if 'username' in session:
@@ -193,3 +185,8 @@ def theme():
return send_file(DOSSIER_PERSO+ user +'/theme.min.css', mimetype='text/css')
else:
return send_file("static/default.min.css", mimetype='text/css')
@filesupload.route('/public/<username>/<filename>')
def publicfiles(username, filename):
return send_from_directory(
os.path.join(DOSSIER_PUBLIC, username, 'files'), filename )