|
|
@ -35,8 +35,46 @@ try:
|
|
|
|
except ImportError, e:
|
|
|
|
except ImportError, e:
|
|
|
|
use_generic_pdf_cover = True
|
|
|
|
use_generic_pdf_cover = True
|
|
|
|
from shutil import copyfile
|
|
|
|
from shutil import copyfile
|
|
|
|
|
|
|
|
|
|
|
|
from cgi import escape
|
|
|
|
from cgi import escape
|
|
|
|
|
|
|
|
class ReverseProxied(object):
|
|
|
|
|
|
|
|
'''Wrap the application in this middleware and configure the
|
|
|
|
|
|
|
|
front-end server to add these headers, to let you quietly bind
|
|
|
|
|
|
|
|
this to a URL other than / and to an HTTP scheme that is
|
|
|
|
|
|
|
|
different than what is used locally.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Code courtesy of: http://flask.pocoo.org/snippets/35/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In nginx:
|
|
|
|
|
|
|
|
location /myprefix {
|
|
|
|
|
|
|
|
proxy_pass http://127.0.0.1:8083;
|
|
|
|
|
|
|
|
proxy_set_header Host $host;
|
|
|
|
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
|
|
|
proxy_set_header X-Scheme $scheme;
|
|
|
|
|
|
|
|
proxy_set_header X-Script-Name /myprefix;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
'''
|
|
|
|
|
|
|
|
def __init__(self, app):
|
|
|
|
|
|
|
|
self.app = app
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def __call__(self, environ, start_response):
|
|
|
|
|
|
|
|
script_name = environ.get('HTTP_X_SCRIPT_NAME', '')
|
|
|
|
|
|
|
|
if script_name:
|
|
|
|
|
|
|
|
environ['SCRIPT_NAME'] = script_name
|
|
|
|
|
|
|
|
path_info = environ.get('PATH_INFO', '')
|
|
|
|
|
|
|
|
if path_info and path_info.startswith(script_name):
|
|
|
|
|
|
|
|
environ['PATH_INFO'] = path_info[len(script_name):]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
scheme = environ.get('HTTP_X_SCHEME', '')
|
|
|
|
|
|
|
|
if scheme:
|
|
|
|
|
|
|
|
environ['wsgi.url_scheme'] = scheme
|
|
|
|
|
|
|
|
server = environ.get('HTTP_X_FORWARDED_SERVER', '')
|
|
|
|
|
|
|
|
if server:
|
|
|
|
|
|
|
|
environ['HTTP_HOST'] = server
|
|
|
|
|
|
|
|
return self.app(environ, start_response)
|
|
|
|
|
|
|
|
|
|
|
|
app = (Flask(__name__))
|
|
|
|
app = (Flask(__name__))
|
|
|
|
|
|
|
|
app.wsgi_app = ReverseProxied(app.wsgi_app)
|
|
|
|
|
|
|
|
|
|
|
|
formatter = logging.Formatter(
|
|
|
|
formatter = logging.Formatter(
|
|
|
|
"[%(asctime)s] {%(pathname)s:%(lineno)d} %(levelname)s - %(message)s")
|
|
|
|
"[%(asctime)s] {%(pathname)s:%(lineno)d} %(levelname)s - %(message)s")
|
|
|
@ -584,7 +622,7 @@ def register():
|
|
|
|
if not config.PUBLIC_REG:
|
|
|
|
if not config.PUBLIC_REG:
|
|
|
|
abort(404)
|
|
|
|
abort(404)
|
|
|
|
if current_user is not None and current_user.is_authenticated():
|
|
|
|
if current_user is not None and current_user.is_authenticated():
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
|
|
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
if request.method == "POST":
|
|
|
|
to_save = request.form.to_dict()
|
|
|
|
to_save = request.form.to_dict()
|
|
|
@ -608,7 +646,7 @@ def register():
|
|
|
|
flash("An unknown error occured. Please try again later.", category="error")
|
|
|
|
flash("An unknown error occured. Please try again later.", category="error")
|
|
|
|
return render_template('register.html', title="register")
|
|
|
|
return render_template('register.html', title="register")
|
|
|
|
flash("Your account has been created. Please login.", category="success")
|
|
|
|
flash("Your account has been created. Please login.", category="success")
|
|
|
|
return redirect(url_for('login'))
|
|
|
|
return redirect(url_for('login', _external=True))
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
flash("This username or email address is already in use.", category="error")
|
|
|
|
flash("This username or email address is already in use.", category="error")
|
|
|
|
return render_template('register.html', title="register")
|
|
|
|
return render_template('register.html', title="register")
|
|
|
@ -620,7 +658,7 @@ def login():
|
|
|
|
error = None
|
|
|
|
error = None
|
|
|
|
|
|
|
|
|
|
|
|
if current_user is not None and current_user.is_authenticated():
|
|
|
|
if current_user is not None and current_user.is_authenticated():
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
|
|
|
|
|
|
|
|
if request.method == "POST":
|
|
|
|
if request.method == "POST":
|
|
|
|
form = request.form.to_dict()
|
|
|
|
form = request.form.to_dict()
|
|
|
@ -629,7 +667,7 @@ def login():
|
|
|
|
if user and check_password_hash(user.password, form['password']):
|
|
|
|
if user and check_password_hash(user.password, form['password']):
|
|
|
|
login_user(user, remember = True)
|
|
|
|
login_user(user, remember = True)
|
|
|
|
flash("you are now logged in as: '%s'" % user.nickname, category="success")
|
|
|
|
flash("you are now logged in as: '%s'" % user.nickname, category="success")
|
|
|
|
return redirect(request.args.get("next") or url_for("index"))
|
|
|
|
return redirect(request.args.get("next") or url_for("index", _external=True))
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
flash("Wrong Username or Password", category="error")
|
|
|
|
flash("Wrong Username or Password", category="error")
|
|
|
|
|
|
|
|
|
|
|
@ -640,7 +678,7 @@ def login():
|
|
|
|
def logout():
|
|
|
|
def logout():
|
|
|
|
if current_user is not None and current_user.is_authenticated():
|
|
|
|
if current_user is not None and current_user.is_authenticated():
|
|
|
|
logout_user()
|
|
|
|
logout_user()
|
|
|
|
return redirect(request.args.get("next") or url_for("index"))
|
|
|
|
return redirect(request.args.get("next") or url_for("index", _external=True))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@app.route('/send/<int:book_id>')
|
|
|
|
@app.route('/send/<int:book_id>')
|
|
|
@ -667,7 +705,7 @@ def add_to_shelf(shelf_id, book_id):
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
if not shelf.is_public and not shelf.user_id == int(current_user.id):
|
|
|
|
if not shelf.is_public and not shelf.user_id == int(current_user.id):
|
|
|
|
flash("Sorry you are not allowed to add a book to the the shelf: %s" % shelf.name)
|
|
|
|
flash("Sorry you are not allowed to add a book to the the shelf: %s" % shelf.name)
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
|
|
|
|
|
|
|
|
ins = ub.BookShelf(shelf=shelf.id, book_id=book_id)
|
|
|
|
ins = ub.BookShelf(shelf=shelf.id, book_id=book_id)
|
|
|
|
ub.session.add(ins)
|
|
|
|
ub.session.add(ins)
|
|
|
@ -684,7 +722,7 @@ def remove_from_shelf(shelf_id, book_id):
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
shelf = ub.session.query(ub.Shelf).filter(ub.Shelf.id == shelf_id).first()
|
|
|
|
if not shelf.is_public and not shelf.user_id == int(current_user.id):
|
|
|
|
if not shelf.is_public and not shelf.user_id == int(current_user.id):
|
|
|
|
flash("Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name)
|
|
|
|
flash("Sorry you are not allowed to remove a book from this shelf: %s" % shelf.name)
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
|
|
|
|
|
|
|
|
book_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id, ub.BookShelf.book_id == book_id).first()
|
|
|
|
book_shelf = ub.session.query(ub.BookShelf).filter(ub.BookShelf.shelf == shelf_id, ub.BookShelf.book_id == book_id).first()
|
|
|
|
|
|
|
|
|
|
|
@ -795,7 +833,7 @@ def new_user():
|
|
|
|
ub.session.add(content)
|
|
|
|
ub.session.add(content)
|
|
|
|
ub.session.commit()
|
|
|
|
ub.session.commit()
|
|
|
|
flash("User '%s' created" % content.nickname, category="success")
|
|
|
|
flash("User '%s' created" % content.nickname, category="success")
|
|
|
|
return redirect(url_for('user_list'))
|
|
|
|
return redirect(url_for('user_list', _external=True))
|
|
|
|
except IntegrityError:
|
|
|
|
except IntegrityError:
|
|
|
|
ub.session.rollback()
|
|
|
|
ub.session.rollback()
|
|
|
|
flash("Found an existing account for this email address or nickname.", category="error")
|
|
|
|
flash("Found an existing account for this email address or nickname.", category="error")
|
|
|
@ -837,7 +875,7 @@ def edit_user(user_id):
|
|
|
|
if "delete" in to_save:
|
|
|
|
if "delete" in to_save:
|
|
|
|
ub.session.delete(content)
|
|
|
|
ub.session.delete(content)
|
|
|
|
flash("User '%s' deleted" % content.nickname, category="success")
|
|
|
|
flash("User '%s' deleted" % content.nickname, category="success")
|
|
|
|
return redirect(url_for('user_list'))
|
|
|
|
return redirect(url_for('user_list', _external=True))
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
if to_save["password"]:
|
|
|
|
if to_save["password"]:
|
|
|
|
content.password = generate_password_hash(to_save["password"])
|
|
|
|
content.password = generate_password_hash(to_save["password"])
|
|
|
@ -1112,7 +1150,7 @@ def edit_book(book_id):
|
|
|
|
for b in edited_books_id:
|
|
|
|
for b in edited_books_id:
|
|
|
|
helper.update_dir_stucture(b)
|
|
|
|
helper.update_dir_stucture(b)
|
|
|
|
if "detail_view" in to_save:
|
|
|
|
if "detail_view" in to_save:
|
|
|
|
return redirect(url_for('show_book', id=book.id))
|
|
|
|
return redirect(url_for('show_book', id=book.id, _external=True))
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
return render_template('edit_book.html', book=book, authors=author_names, cc=cc)
|
|
|
|
return render_template('edit_book.html', book=book, authors=author_names, cc=cc)
|
|
|
|
else:
|
|
|
|
else:
|
|
|
@ -1136,7 +1174,7 @@ def upload():
|
|
|
|
author = "Unknown"
|
|
|
|
author = "Unknown"
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
flash("Upload is only available for PDF files", category="error")
|
|
|
|
flash("Upload is only available for PDF files", category="error")
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
|
|
|
|
|
|
|
|
title_dir = helper.get_valid_filename(title, False)
|
|
|
|
title_dir = helper.get_valid_filename(title, False)
|
|
|
|
author_dir = helper.get_valid_filename(author.decode('utf-8'), False)
|
|
|
|
author_dir = helper.get_valid_filename(author.decode('utf-8'), False)
|
|
|
@ -1148,12 +1186,12 @@ def upload():
|
|
|
|
os.makedirs(filepath)
|
|
|
|
os.makedirs(filepath)
|
|
|
|
except OSError:
|
|
|
|
except OSError:
|
|
|
|
flash("Failed to create path %s (Permission denied)." % filepath, category="error")
|
|
|
|
flash("Failed to create path %s (Permission denied)." % filepath, category="error")
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
try:
|
|
|
|
try:
|
|
|
|
file.save(saved_filename)
|
|
|
|
file.save(saved_filename)
|
|
|
|
except OSError:
|
|
|
|
except OSError:
|
|
|
|
flash("Failed to store file %s (Permission denied)." % saved_filename, category="error")
|
|
|
|
flash("Failed to store file %s (Permission denied)." % saved_filename, category="error")
|
|
|
|
return redirect(url_for('index'))
|
|
|
|
return redirect(url_for('index', _external=True))
|
|
|
|
file_size = os.path.getsize(saved_filename)
|
|
|
|
file_size = os.path.getsize(saved_filename)
|
|
|
|
has_cover = 0
|
|
|
|
has_cover = 0
|
|
|
|
if fileextension.upper() == ".PDF":
|
|
|
|
if fileextension.upper() == ".PDF":
|
|
|
|