diff --git a/app/forms/user.py b/app/forms/user.py index 4cd7853..18bf531 100644 --- a/app/forms/user.py +++ b/app/forms/user.py @@ -1,3 +1,5 @@ +import base64 + from flask_wtf import FlaskForm from wtforms import ( StringField, @@ -58,7 +60,7 @@ class NewUserForm(FlaskForm): class EditUserForm(FlaskForm): name = StringField("Name", [DataRequired()]) - avatar_img = FileField("Avatar file (max 200x200px)") + avatar_img = FileField("Avatar file (max 1mb)") submit = SubmitField("Save") def validate_username(self, field): @@ -69,6 +71,16 @@ class EditUserForm(FlaskForm): ): raise ValidationError("This username is taken.") + def validate_avatar_img(self, field): + if field.data: + img_data = field.data.read() + img_data = base64.b64encode(img_data) + img_data = img_data.decode("utf-8") + field.data = img_data + size = len(img_data) / 1000000 + if size > 1: + raise ValidationError("Avatar file size too large") + class ReactivateUserForm(FlaskForm): submit = SubmitField("Save") diff --git a/app/templates/user/edit_profile.html b/app/templates/user/edit_profile.html index 5152997..63085d7 100644 --- a/app/templates/user/edit_profile.html +++ b/app/templates/user/edit_profile.html @@ -35,19 +35,24 @@
{% if current_user.avatar_img %} - user avatar + user avatar {% else %} - + {% endif %}
- + {{form.avatar_img(type='file', class='bg-gray-50 border border-gray-300 text-gray-900 text-sm rounded-lg focus:ring-blue-500 focus:border-blue-500 block w-full p-2.5 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500', id="avatar_img", value=current_user.avatar_img if current_user.avatar_img else "")}}
- +
+
+ +
+ +
diff --git a/app/views/user.py b/app/views/user.py index 0274a91..56649a6 100644 --- a/app/views/user.py +++ b/app/views/user.py @@ -1,5 +1,3 @@ -import base64 - from flask import Blueprint, render_template, request, flash, redirect, url_for, jsonify from flask_login import login_required, current_user, logout_user from app.controllers import create_pagination @@ -40,9 +38,9 @@ def edit_profile(): user: m.User = current_user user.username = form.name.data if form.avatar_img.data: - img_data = form.avatar_img.data.read() - img_data = base64.b64encode(img_data) - current_user.avatar_img = img_data.decode("utf-8") + current_user.avatar_img = ( + form.avatar_img.data + ) # form.avatar_img.data is changed in form validator user.is_activated = True user.save() return redirect(url_for("main.index")) @@ -58,6 +56,17 @@ def edit_profile(): return render_template("user/edit_profile.html", form=form) +@bp.route("/delete_avatar", methods=["POST"]) +@login_required +def delete_avatar(): + user: m.User = current_user + current_user.avatar_img = None + log(log.ERROR, "Delete user [%s] avatar", user) + current_user.save() + + return redirect(url_for("user.edit_profile")) + + @bp.route("//profile") def profile(user_id: int): user: m.User = db.session.get(m.User, user_id) diff --git a/tests/test_users.py b/tests/test_users.py index dbade43..7b0c98e 100644 --- a/tests/test_users.py +++ b/tests/test_users.py @@ -133,6 +133,15 @@ def test_profile(client): assert res.status_code == 200 assert str.encode(new_name) in res.data + # delete_avatar + assert user.avatar_img + res = client.post( + "/user/delete_avatar", + follow_redirects=True, + ) + assert res + assert not user.avatar_img + # delete_profile res = client.post( "/user/profile_delete",