-
Notifications
You must be signed in to change notification settings - Fork 0
/
application.py
238 lines (185 loc) · 8.58 KB
/
application.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
import os
from flask import Flask, render_template, request, redirect, url_for, send_from_directory
from flask_session import Session
from passlib.apps import custom_app_context as pwd_context
from tempfile import mkdtemp
from cs50 import SQL
from werkzeug.utils import secure_filename
from helpers import *
UPLOAD_FOLDER = os.getcwd() + '/uploads'
ALLOWED_EXTENSIONS = set(['txt', 'pdf', 'png', 'jpg', 'jpeg', 'gif'])
app = Flask(__name__)
app.config['UPLOAD_FOLDER'] = UPLOAD_FOLDER
# ensure responses aren't cached
if app.config["DEBUG"]:
@app.after_request
def after_request(response):
response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate"
response.headers["Expires"] = 0
response.headers["Pragma"] = "no-cache"
return response
# configure session to use filesystem (instead of signed cookies)
app.config["SESSION_FILE_DIR"] = mkdtemp()
app.config["SESSION_PERMANENT"] = False
app.config["SESSION_TYPE"] = "filesystem"
Session(app)
# configure CS50 Library to use SQLite database
db = SQL("sqlite:///project.db")
@app.route('/', methods=["GET", "POST"])
@login_required
def index():
""" Index Page of User. """
# ensure if user reached via route GET
if request.method == "GET":
fileList = list()
# check if directory for the user exists
check_path = os.path.exists(os.path.join(app.config["UPLOAD_FOLDER"] + "/{}".format(session['user_id'])))
# if directory does not exist; make a new directory
if not check_path:
os.mkdir(os.path.join(app.config['UPLOAD_FOLDER'], "{}/".format(session["user_id"])))
# list all files in the user directory
for filename in os.listdir(UPLOAD_FOLDER + "/{}".format(session['user_id'])):
fileList.append(filename)
return render_template("index.html", filenames = fileList)
@app.route('/index_stud')
@login_required
def index_stud():
# get shared folder
result = db.execute('SELECT folder_id from shared_folder WHERE shared_user_id = :user_id', user_id = session['user_id'])
if not result:
return render_template('index_stud.html')
else:
fileList = []
for row in result:
for filename in os.listdir(app.config['UPLOAD_FOLDER'] + "/{}".format(row['folder_id'])):
fileList.append(filename)
# result = result[0]['folder_id']
# session['folder_id'] = result
# fileList = list()
# # list all files in the directory
# for filename in os.listdir(UPLOAD_FOLDER + "/{}".format(result)):
# fileList.append(filename)
return render_template('index_stud.html', filenames = fileList)
@app.route('/register_student', methods=["GET", "POST"])
def register_student():
""" Register User in Database. """
# if user reached via route POST
if request.method == "POST":
email_id = request.form.get('email_id')
stud_name = request.form.get('stud_name')
stud_roll_no = request.form.get('stud_roll_no')
yofstudy = request.form.get('yofstudy')
passw = request.form.get("password")
# insert into students registrants to table.
rows = db.execute("INSERT \
INTO stud_registrants (stud_email, stud_name, stud_roll_no, stud_yofstudy , hash) \
VALUES (:email, :stud_name, :stud_roll_no, :stud_yofstudy , :hash)", email = email_id, stud_name=stud_name, stud_roll_no=stud_roll_no, stud_yofstudy=yofstudy , hash = pwd_context.hash(passw))
if not rows:
return None
else:
get_id = db.execute("SELECT id FROM stud_registrants WHERE stud_email = :email", email = email_id)[0]["id"]
session["user_id"] = get_id
return redirect(url_for('index_stud'))
else:
return render_template('register.html')
@app.route('/login_teacher', methods=["GET", "POST"])
def login_teacher():
""" Login User and redirect to index page. """
# forget any user
session.clear()
# if user reached via route POST
if request.method == "POST":
# check user credentials
email_id = request.form.get("email_id")
passw = request.form.get("password")
result = db.execute("SELECT * FROM registrants WHERE email_id = :email", email = email_id)
if len(result) != 1 or not pwd_context.verify(passw, result[0]['hash']):
return "INVALID USERNAME/PASSWORD"
else:
folder_id = db.execute('SELECT folder_id FROM shared_folder WHERE user_id = :user_id', user_id = result[0]['id'])
print(folder_id)
session["user_id"] = result[0]["id"]
session['folder_id'] = folder_id[0]['folder_id']
return redirect(url_for('index'))
else:
return render_template('login.html')
@app.route('/login_student', methods=["GET", "POST"])
def login_student():
if request.method == "GET":
return render_template('login_students.html')
else:
# check user credentials
email_id = request.form.get("email_id")
passw = request.form.get("password")
result = db.execute("SELECT * FROM stud_registrants WHERE stud_email = :email", email = email_id)
if len(result) != 1 or not pwd_context.verify(passw, result[0]['hash']):
return "INVALID USERNAME/PASSWORD"
else:
session["user_id"] = result[0]["id"]
return redirect(url_for('index_stud'))
@app.route('/upload_file', methods=["GET", "POST"])
def upload_file():
""" Upload File on Server. """
# ensure if user reached via route POST
if request.method == "POST":
# get file from the form
file = request.files["fileToUpload"]
# check if file is selected
if not file:
return "Please Select file to upload"
filename = secure_filename(file.filename)
# check if user directory exists
result = os.path.exists(os.path.join(app.config['UPLOAD_FOLDER'] + "/{}".format(session["user_id"])))
# if user directory exists save in filesystem; or make new directory and save file
if result:
file.save(os.path.join(app.config['UPLOAD_FOLDER'], "{}/{}".format(session["user_id"], filename)))
else:
os.mkdir(os.path.join(app.config['UPLOAD_FOLDER'], "{}/".format(session["user_id"])))
file.save(os.path.join(app.config['UPLOAD_FOLDER'], "{}/{}".format(session["user_id"], filename)))
return redirect(url_for('index'))
@app.route('/uploads')
def uploads():
""" Show the uploaded files. """
fileList = list()
# list all files in the directory
for filename in os.listdir(UPLOAD_FOLDER + "/{}".format(session['user_id'])):
fileList.append(filename)
return render_template("uploads.html", filenames=fileList)
@app.route('/delete_file', methods=["GET", "POST"])
def delete_file():
""" Delete User Requested File. """
# ensure if user reached via POST
if request.method == "POST":
# remove requested file from the directory
os.remove(os.path.join(app.config["UPLOAD_FOLDER"] + "/{}".format(session['user_id']), request.form.get('fileName')))
return redirect(url_for('index'))
@app.route('/send_file/<filename>')
def send(filename):
return send_from_directory(app.config["UPLOAD_FOLDER"] + "/{}".format(session['user_id']), filename)
@app.route('/download_file', methods=["GET", "POST"])
def download_file():
""" Download Requested File. """
# ensure if user reached via POST
if request.method == "POST":
# get file name
fileName = request.form.get('fileName')
# send file to the client
return send_from_directory(app.config["UPLOAD_FOLDER"] + "/{}".format(session['folder_id']), fileName, as_attachment=True)
@app.route('/shareFolder', methods=["GET", "POST"])
def shareFolder():
if request.method == "POST":
# get user credentials
email_id = request.form.get('email_id')
# get shared_user_id
shared_user_id = db.execute('SELECT id from stud_registrants WHERE stud_email = :email', email = email_id)[0]['id']
# insert into shareFolder table
result = db.execute("INSERT \
INTO shared_folder (user_id, shared_email, shared_user_id, folder_id) \
VALUES (:user_id, :shared_email, :shared_user_id, :folder_id)", user_id = session["user_id"] ,shared_user_id = shared_user_id, shared_email=email_id, folder_id=session['user_id'])
return redirect(url_for('index'))
@app.route("/logout")
def logout():
""" Logout Current User. """
# clear user id
session.clear()
return redirect(url_for('index'))