Added some requests, more details in long description.

- Files are now hashed, when you upload a file with an existing hash you will get the existing file in return (will fix adding files to your account at a later time). - Username can be used instead of uid for cookies, hashing for the identifier works the same way as before, but with username instead of uid if username is used. - Add api=1 to get machine-readable responses, details in are found on the help page.
author: Jon Bergli Heier <snakebite@jvnv.net> 2011-02-26 22:39:22 +0100
committer: Jon Bergli Heier <snakebite@jvnv.net> 2011-02-26 22:39:22 +0100
commit: 7a5d729859a2f667658532303c2616a38f781dd2 (patch)
tree: 189dae579b027ad0a22153e40e5b74ae5210ff20 /fbin.py
parent: 2b1d2bc45cb09e0df180bcbfdf30859b5ea142c7 (diff)
1 files changed, 54 insertions, 11 deletions
diff --git a/fbin.py b/fbin.py
index 39ae6d8..3d1c2e5 100755
--- a/fbin.py
+++ b/fbin.py
@@ -20,6 +20,24 @@ class Application(object):
 
 		return user
 
+	def get_user_by_name(self, username):
+		session = db.Session()
+		try:
+			return session.query(db.User).filter(db.User.username == username).one()
+		except db.NoResultFound:
+			return None
+		finally:
+			session.close()
+
+	def get_user_by_id(self, uid):
+		session = db.Session()
+		try:
+			return session.query(db.User).filter(db.User.id == uid).one()
+		except db.NoResultFound:
+			return None
+		finally:
+			session.close()
+
 	def add_user(self, username, password):
 		session = db.Session()
 		try:
@@ -44,14 +62,14 @@ class Application(object):
 
 		return os.path.join(settings.file_directory, hash + os.path.splitext(file.filename)[1])
 
-	def add_file(self, path, filename, user = None):
+	def add_file(self, path, filename, file_hash, user = None):
 		hash = ''.join(random.choice(base62_alphabet) for x in xrange(5))
 		new_path = os.path.join(settings.file_directory, hash + os.path.splitext(filename)[1])
 		shutil.copyfile(path, new_path)
 
 		session = db.Session()
 		try:
-			file = db.File(hash, filename, datetime.datetime.utcnow(), user.id if user else None)
+			file = db.File(hash, file_hash, filename, datetime.datetime.utcnow(), user.id if user else None)
 			session.add(file)
 			session.commit()
 		finally:
@@ -74,20 +92,32 @@ class Application(object):
 	def validate_cookie(self, cookie):
 		if not cookie:
 			return None
-		uid = int(cookie['uid'].value)
+
 		identifier = cookie['identifier'].value
 
+		if 'username' in cookie:
+			user = self.get_user_by_name(cookie['username'].value)
+			if not user:
+				return None
+			digest = hashlib.sha1(user.username + user.password).hexdigest()
+			return user if (digest == identifier) else None
+
+		user = self.get_user_by_id(cookie['uid'].value)
+		if not user:
+			return None
+
+		digest = hashlib.sha1(str(user.id) + user.password).hexdigest()
+		return user if (digest == identifier) else None
+
+	def get_file_by_file_hash(self, file_hash):
 		session = db.Session()
 		try:
-			user = session.query(db.User).filter(db.User.id == uid).one()
+			return session.query(db.File).filter(db.File.file_hash == file_hash).one()
 		except db.NoResultFound:
 			return None
 		finally:
 			session.close()
 
-		digest = hashlib.sha1(str(uid) + user.password).hexdigest()
-		return user if (digest == identifier) else None
-
 	def file(self, environ, start_response, path):
 		hash = path[1]
 		if '.' in hash:
@@ -116,13 +146,26 @@ class Application(object):
 		temp.write(form.getvalue('file'))
 		temp.flush()
 
-		hash = self.add_file(temp.name, filename, user)
+		m = hashlib.md5()
+		with open(temp.name) as f:
+			s = f.read(128)
+			while len(s):
+				m.update(s)
+				s = f.read(128)
+		file_hash = m.hexdigest()
+
+		f = self.get_file_by_file_hash(file_hash)
+		# TODO: Currently users uploading existing files won't get their files added to their account.
+		if f:
+			hash = f.hash
+		else:
+			hash = self.add_file(temp.name, filename, file_hash, user)
 
 		temp.close()
 
-		if 'redir' in form:
-			start_response('302 Found', [('Content-Type', 'text/html'), ('Location', '/f/{0}/{1}'.format(hash, filename))])
-			return ['<a href="/f/{0}/{1}">{1}</a>'.format(hash, filename)]
+		if 'api' in form:
+			start_response('200 OK', [('Content-Type', 'text/plain')])
+			return ['OK {hash}'.format(hash = hash)]
 		else:
 			start_response('200 OK', [('Content-Type', 'text/html')])
 			return str(templates.uploaded(searchList = {
author	Jon Bergli Heier <snakebite@jvnv.net>	2011-02-26 22:39:22 +0100
committer	Jon Bergli Heier <snakebite@jvnv.net>	2011-02-26 22:39:22 +0100
commit	7a5d729859a2f667658532303c2616a38f781dd2 (patch)
tree	189dae579b027ad0a22153e40e5b74ae5210ff20 /fbin.py
parent	2b1d2bc45cb09e0df180bcbfdf30859b5ea142c7 (diff)