-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathold_server.py
More file actions
87 lines (73 loc) · 2.62 KB
/
old_server.py
File metadata and controls
87 lines (73 loc) · 2.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
from flask import Flask, send_from_directory, request, redirect, url_for, render_template
from flask_login import LoginManager, UserMixin, login_user, logout_user, login_required, current_user
from flask_uploads import UploadSet, configure_uploads, ALL
from werkzeug.utils import secure_filename
import os
import logging
logging.basicConfig(level=logging.DEBUG)
app = Flask(__name__)
app.secret_key = 'secret'
login_manager = LoginManager()
login_manager.init_app(app)
# Configure Flask-Uploads
files = UploadSet('files', ALL)
app.config['UPLOADED_FILES_DEST'] = 'file_storage'
configure_uploads(app, files)
# User data
class User(UserMixin):
def __init__(self, id, permission='read', password=None):
self.id = id
self.password = password
self.permission = permission
users = {
'admin': User('admin', permission='edit', password='admin'),
'user': User('user', permission='download' password='user'),
'guest': User('guest', permission='read', password='guest')
}
@login_manager.user_loader
def load_user(user_id):
return users.get(user_id)
# Routes
@app.route('/')
def home():
return redirect(url_for('login'))
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
username = request.form['username']
password = request.form['password']
user = users.get(username)
if user and user.password == password:
login_user(user)
return redirect(url_for('upload'))
return render_template('login.html')
@app.route('/logout')
def logout():
logout_user()
return redirect(url_for('login'))
@app.route('/upload', methods=['GET', 'POST'])
@login_required
def upload():
if current_user.permission != 'edit':
return "Permission Denied"
if request.method == 'POST':
uploaded_file = request.files['file']
if uploaded_file.filename != '':
secure_name = secure_filename(uploaded_file.filename)
uploaded_file.save(os.path.join('file_storage', secure_name))
return f"File {secure_name} uploaded."
return render_template('upload.html')
@app.route('/files')
@login_required
def files():
files = os.listdir('file_storage')
return render_template('files.html', files=files, permission=current_user.permission)
@app.route('/files/<path:filename>', methods=['GET'])
@login_required
def download_file(filename):
if current_user.permission in ['download', 'edit']:
return send_from_directory(directory='file_storage', filename=filename)
else:
return "Permission Denied"
if __name__ == '__main__':
app.run(host='0.0.0.0', port=5000)