aboutsummaryrefslogtreecommitdiffstats
path: root/routes
diff options
context:
space:
mode:
Diffstat (limited to 'routes')
-rw-r--r--routes/__init__.py4
-rw-r--r--routes/__pycache__/__init__.cpython-37.pycbin0 -> 185 bytes
-rw-r--r--routes/__pycache__/auth.cpython-37.pycbin0 -> 812 bytes
-rw-r--r--routes/__pycache__/media.cpython-37.pycbin0 -> 1110 bytes
-rw-r--r--routes/__pycache__/uploads.cpython-37.pycbin0 -> 4475 bytes
-rw-r--r--routes/auth.py18
-rw-r--r--routes/media.py39
-rw-r--r--routes/uploads.py153
8 files changed, 178 insertions, 36 deletions
diff --git a/routes/__init__.py b/routes/__init__.py
index a92e40a..034e4d0 100644
--- a/routes/__init__.py
+++ b/routes/__init__.py
@@ -12,6 +12,6 @@
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-from .uploads import *
-from .media import *
from .auth import *
+from .media import *
+from .uploads import *
diff --git a/routes/__pycache__/__init__.cpython-37.pyc b/routes/__pycache__/__init__.cpython-37.pyc
new file mode 100644
index 0000000..b48be50
--- /dev/null
+++ b/routes/__pycache__/__init__.cpython-37.pyc
Binary files differ
diff --git a/routes/__pycache__/auth.cpython-37.pyc b/routes/__pycache__/auth.cpython-37.pyc
new file mode 100644
index 0000000..22ab737
--- /dev/null
+++ b/routes/__pycache__/auth.cpython-37.pyc
Binary files differ
diff --git a/routes/__pycache__/media.cpython-37.pyc b/routes/__pycache__/media.cpython-37.pyc
new file mode 100644
index 0000000..1c53de3
--- /dev/null
+++ b/routes/__pycache__/media.cpython-37.pyc
Binary files differ
diff --git a/routes/__pycache__/uploads.cpython-37.pyc b/routes/__pycache__/uploads.cpython-37.pyc
new file mode 100644
index 0000000..4ebc636
--- /dev/null
+++ b/routes/__pycache__/uploads.cpython-37.pyc
Binary files differ
diff --git a/routes/auth.py b/routes/auth.py
index ebf52c0..a34aaa5 100644
--- a/routes/auth.py
+++ b/routes/auth.py
@@ -15,5 +15,19 @@
from ..helpers import *
@route("/api/auth", method="POST")
-def post_auth():
- raise HTTPResponse(status=501)
+def post_auth_new():
+ session = DBSession()
+ try:
+ username = request.forms.username
+ password = request.forms.password
+ except KeyError as e:
+ raise HTTPResponse("Username or password missing", 400)
+
+ hash = calculateUserHash(username, password).hexdigest()
+ try:
+ session.query(User).filter(User.name == username or User.hash == hash).one()
+ raise HTTPResponse("User already exists", status=410)
+ except db.orm.exc.NoResultFound:
+ session.add(User(name=username, hash=hash))
+ session.commit()
+ return HTTPResponse(status=201)
diff --git a/routes/media.py b/routes/media.py
index 6c3c831..b9828a8 100644
--- a/routes/media.py
+++ b/routes/media.py
@@ -19,31 +19,24 @@ from datetime import datetime
def get_media():
notAllowed()
-@route("/api/media", method="POST")
-def post_media():
- try:
- entry = database["entries"][request.forms["id"]]
- except KeyError as e:
- raise HTTPResponse("Invalid id", 400) from e
-
- for f in request.files:
- entry["files"].append({})
-
- id = ObjectId()
@route("/api/media/<id>")
def get_media_id(id):
- for entry in database["entries"].values():
- for file in entry["files"]:
- if file["_id"] == id:
- response.set_header("Content-Type", file["content-type"])
- response.set_header("Content-Length", file["length"])
- response.set_header("Date", datetime.fromisoformat(file["uploadDate"]).strftime("%a, %d %b %Y %H:%M:%S GMT"))
- response.set_header("Content-Disposition", f"attachment; filename=\"{file['filename']}\"")
- if request.method == "GET":
- if "downloadURL" in file["metadata"]:
- return HTTPResponse(status=302, headers={"Location" : file["metadata"]["downloadURL"]})
- else:
- return static_file(file["filename"], root=f"media/{id}")
+ session = DBSession()
+ try:
+ file = session.query(File).filter_by(id=id).one()
+ except db.orm.exc.NoResultFound:
+ raise HTTPResponse(status=404)
+
+ response.set_header("Content-Type", file.content_type)
+ response.set_header("Content-Length", file.length)
+ response.set_header("Date", file.date.strftime("%a, %d %b %Y %H:%M:%S GMT"))
+ response.set_header("Content-Disposition", f"attachment; filename=\"{file.name}\"")
+ if request.method == "GET":
+ if file.download_url:
+ #return requests.request(request.method, file.download_url, allow_redirects=True)
+ return HTTPResponse(status=302, headers={"Location" : file.download_url})
+ else:
+ return static_file(file.id, os.path.join(os.getcwd(), "media"), file.content_type, file.name)
raise HTTPResponse(status=404)
diff --git a/routes/uploads.py b/routes/uploads.py
index 703d3d1..391827d 100644
--- a/routes/uploads.py
+++ b/routes/uploads.py
@@ -13,6 +13,66 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
from ..helpers import *
+import string, magic
+
+def _add_upload(entry : Upload, session : DBSession):
+ return {
+ "voting" : {
+ "sum" : 0,
+ "count" : 0,
+ "votes" : None
+ },
+ "id" : entry.id,
+ "title" : entry.title,
+ "author" : {
+ "id" : entry.author.id if entry.author is not None else "0" * 24,
+ "username" : entry.author.username if entry.author is not None else "N/A"
+ },
+ "tags" : entry.tags,
+ "files" : [{
+ "metadata" : {
+ "hashes" : {
+ "sha1" : file.hash
+ }
+ },
+ "aliases" : None,
+ "deleted" : False,
+ "id" : file.id,
+ "filename" : file.name,
+ "content-type" : file.content_type,
+ "length" : file.length,
+ "chunkSize" : BLOCKSIZE,
+ "uploadData" : file.date.isoformat()
+ } for file in session.query(File).filter_by(upload=entry)
+ ],
+ "dependencies" : [], #TODO
+ "deleted" : False,
+ "description" : entry.description,
+ "pic" : None, #TODO
+ "slug" : entry.slug,
+ "createdAt" : entry.created_at.isoformat(),
+ "updatedAt" : entry.updated_at.isoformat(),
+ "__v" : entry._v,
+ "comments" : [{
+ "voting" : {
+ "sum" : 0,
+ "count" : 0,
+ "votes" : None
+ },
+ "deleted" : False,
+ "id" : comment.id,
+ "body" : comment.body,
+ "author" : {
+ "id" : comment.author.id,
+ "username" : comment.author.username
+ },
+ "upload" : comment.upload.id,
+ "createdAt" : comment.created_at.isoformat(),
+ "updatedAt" : comment.updated_at.isoformat()
+ } for comment in session.query(Comment).filter_by(upload=entry)
+ ]
+ }
+
@route("/api/uploads")
def get_uploads():
@@ -26,12 +86,10 @@ def get_uploads():
"uploads" : []
}
- for entry in database["entries"].values():
- if "__intern" in entry:
- entry = entry.copy()
- del entry["__intern"]
-
- ret["uploads"].append(entry)
+ session = DBSession()
+ for entry in session.query(Upload).order_by(Upload.updated_at.desc()):
+ ret["uploads"].append(_add_upload(entry, session))
+
ret["pagination"]["total"] = ret["pagination"]["limit"] = len(ret["uploads"])
@@ -39,11 +97,88 @@ def get_uploads():
@route("/api/uploads/<id>")
def get_upload(id):
- if id in database["entries"]:
- return database["entries"][id]
+ session = DBSession()
+ entry = session.query(Upload).get(id)
+ if entry is not None:
+ return _add_upload(entry, session)
else:
raise HTTPResponse(status=404)
@route("/api/uploads", method="POST")
+@auth_basic
def post_upload():
- raise HTTPResponse(status=501)
+ try:
+ session = DBSession()
+ if len(session.query(Upload).filter_by(title=requests.forms.title).all()):
+ raise HTTPResponse("An entry with the specified title already exists", 410)
+
+ entry = Upload(
+ title=request.forms.title,
+ author=session.query(User).filter_by(username=request.forms.username),
+ description=request.forms.description,
+ slug="".join(i for i in requests.forms.title.lower() if i in string.ascii_letters),
+ tags=request.forms.tags.split(";") if "tags" in request.forms else []
+ )
+
+ session.add(entry)
+
+ try:
+ os.mkdir(os.path.join(os.getcwd(), "media"))
+ except FileExistsError:
+ pass
+
+ for file in request.files.values():
+ f = File(
+ name=file.filename,
+ upload=entry
+ )
+
+ path = os.path.join(os.getcwd(), "media", f["id"])
+ file.save(path)
+
+ with open(path, "rb") as fobj:
+ f.hash = calculateHashForFile(fobj).hexdigest()
+ f.length = fobj.tell()
+
+ f.content_type = magic.from_file(path, mime=True)
+ session.add(f)
+
+ except KeyError as e:
+ session.rollback()
+ raise HTTPResponse(f"Missing form value: {e.args[0]}", 400)
+
+ session.commit()
+ return HTTPResponse(status=201)
+
+@route("/api/uploads/<id>/comments", method="POST")
+@auth_basic
+def post_comments(id):
+ session = DBSession()
+ try:
+ session.query(Upload).filter_by(id=id).one()
+ except db.orm.exc.NoResultFound:
+ raise HTTPResponse("Invalid upload id", 404)
+
+ try:
+ session.add(Comment(
+ body=request.forms.body,
+ author=session.query(User).filter_by(username=request.forms.username).one()
+ ))
+ except KeyError as e:
+ raise HTTPResponse(f"Missing form value: {e.args[0]}", 400)
+
+ session.commit()
+ return HTTPResponse(status=201)
+
+@route("/api/uploads/<id>/comments/<comment_id>", method="DELETE")
+@auth_basic
+def delete_comments(id, comment_id):
+ session = DBSession()
+ try:
+ comment = session.query(Comment).filter_by(id=comment_id, author=session.query(User).filter_by(username).one(), upload=session.query(Upload).filter_by(id=id).one()).one()
+ except db.orm.exc.NoResultFound:
+ raise HTTPResponse("Requested comment not found", 404)
+
+ session.delete(comment)
+ session.commit()
+ return HTTPResponse(status=204)
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2026-01-12 22:53:08 +0000