Add login_required decorator

2025-12-01 02:19:46 +01:00
parent 57c2fb4ce9
commit e14677e701
10 changed files with 569 additions and 584 deletions
--- a/views/gallery.py
+++ b/views/gallery.py
@@ -8,6 +8,7 @@ import time
 import sqlite3
 import os
 from tools.filesutils import check_and_create
+from tools.utils import login_required

 mygallery = Blueprint('mygallery', __name__, template_folder='templates')

@@ -25,61 +26,56 @@ DATABASE = app.config['DATABASE']
 #################################################################################################

@mygallery.route( '/gallery/')
+@login_required
 def gallery():
-    if 'username' in session :
-        user ='%s' % escape(session['username'])
-        check_and_create(DOSSIER_PUBLIC + user + '/images/')
-        check_and_create(DOSSIER_PUBLIC + user + '/images/thumbnails/')
-        check_and_create(DOSSIER_PERSO + user + '/images/')
-        check_and_create(DOSSIER_PERSO + user + '/images/thumbnails/')
-        THUMBNAILS=DOSSIER_PERSO + user + '/images/thumbnails/'
-        fichiers = [fich for fich in os.listdir(THUMBNAILS)]
-        return render_template('gallery.html',
-                               section='Gallery',
-                               THUMBNAILS=THUMBNAILS,
-                               fichiers=fichiers)
-    else :
-       return redirect(url_for('loginlogout.login'), code=401)
+    user ='%s' % escape(session['username'])
+    check_and_create(DOSSIER_PUBLIC + user + '/images/')
+    check_and_create(DOSSIER_PUBLIC + user + '/images/thumbnails/')
+    check_and_create(DOSSIER_PERSO + user + '/images/')
+    check_and_create(DOSSIER_PERSO + user + '/images/thumbnails/')
+    THUMBNAILS=DOSSIER_PERSO + user + '/images/thumbnails/'
+    fichiers = [fich for fich in os.listdir(THUMBNAILS)]
+    return render_template('gallery.html',
+                           section='Gallery',
+                           THUMBNAILS=THUMBNAILS,
+                           fichiers=fichiers)
+

@mygallery.route('/myfiles/images/<filename>')
+@login_required
 def myimg(filename):
-    if 'username' in session :
-        UTILISATEUR='%s' % escape(session['username'])
-        return send_from_directory(
-            os.path.join(DOSSIER_PERSO, UTILISATEUR, 'images'), filename )
-    else :
-        return redirect(BASE_URL, code=401)
+    UTILISATEUR='%s' % escape(session['username'])
+    return send_from_directory(
+        os.path.join(DOSSIER_PERSO, UTILISATEUR, 'images'), filename )

@mygallery.route('/myfiles/images/thumbnails/<filename>')
+@login_required
 def mythumbnails(filename):
-    if 'username' in session :
-        UTILISATEUR='%s' % escape(session['username'])
-        return send_from_directory(
-            os.path.join(DOSSIER_PERSO, UTILISATEUR, 'images/thumbnails'), filename )
-    else :
-        return redirect(BASE_URL, code=401)
+    UTILISATEUR='%s' % escape(session['username'])
+    return send_from_directory(
+        os.path.join(DOSSIER_PERSO, UTILISATEUR, 'images/thumbnails'), filename )

@mygallery.route('/remove_privateImage/<filename>')
+@login_required
 def remove_privateImage(filename):
-    if 'username' in session :
-        user = '%s' % escape(session['username'])
-        filename = secure_filename(filename)    
-        try:
-            os.remove(DOSSIER_PERSO + user + '/images/thumbnails/' + filename) # on le supprime
-            os.remove(DOSSIER_PERSO + user + '/images/' + filename) # on le supprime
-        except FileNotFoundError:
-            flash(u'Image {filename} inexistante.'.format(filename=filename), 'error')
-        return redirect(url_for('mygallery.gallery'))
+    user = '%s' % escape(session['username'])
+    filename = secure_filename(filename)    
+    try:
+        os.remove(DOSSIER_PERSO + user + '/images/thumbnails/' + filename) # on le supprime
+        os.remove(DOSSIER_PERSO + user + '/images/' + filename) # on le supprime
+    except FileNotFoundError:
+        flash(u'Image {filename} inexistante.'.format(filename=filename), 'error')
+    return redirect(url_for('mygallery.gallery'))
              

@mygallery.route('/remove_publicImage/<filename>')
+@login_required
 def remove_publicImage(filename):
-    if 'username' in session :
-        user = '%s' % escape(session['username'])
-        filename = secure_filename(filename)    
-        try:
-            os.remove(DOSSIER_PUBLIC + user + '/images/thumbnails/' + filename) # on le supprime
-            os.remove(DOSSIER_PUBLIC + user + '/images/' + filename) # on le supprime
-        except FileNotFoundError:
-            flash(u'Image {filename} inexistante.'.format(filename=filename), 'error')
-        return redirect(url_for('mygallery.gallery'))
+    user = '%s' % escape(session['username'])
+    filename = secure_filename(filename)    
+    try:
+        os.remove(DOSSIER_PUBLIC + user + '/images/thumbnails/' + filename) # on le supprime
+        os.remove(DOSSIER_PUBLIC + user + '/images/' + filename) # on le supprime
+    except FileNotFoundError:
+        flash(u'Image {filename} inexistante.'.format(filename=filename), 'error')
+    return redirect(url_for('mygallery.gallery'))