Add "verify" field to request to not save image

This makes it easy for the user to debug authentication.
Change file extension check to be case-insensitive
2020-09-05 18:55:56 -05:00 · 2020-09-05 16:21:50 -05:00 · 2020-09-05 15:43:36 -05:00
1 changed files with 10 additions and 10 deletions
--- a/imgupload.py
+++ b/imgupload.py
@ -4,7 +4,7 @@ imgupload.py

 Flask application for processing images uploaded through POST requests.
 """
-from flask import Flask, request, jsonify, abort, Response
+from flask import Flask, request, jsonify, Response
 from flask_api import status
 from pathlib import Path
 import os
@ -17,7 +17,7 @@ app = Flask(__name__)  # app is the app


 def allowed_extension(testext):
-    if testext in settings.ALLOWED_EXTENSIONS:
+    if testext.lower() in settings.ALLOWED_EXTENSIONS:
        return True
    else:
        return False
@ -49,6 +49,11 @@ def upload():
            if request.form["uploadKey"] in validkeys:  # check if uploadKey is valid
                print("Key is valid!")

+                if "verify" in request.form.keys():
+                    if request.form["verify"] == "true":
+                        print("Request is asking if key is valid (it is)")
+                        return jsonify({'status': 'key_valid'})
+
                if "imageUpload" in request.files:  # check if image to upload was provided
                    f = request.files["imageUpload"]  # f is the image to upload
                else:
@ -81,21 +86,16 @@ def upload():

                else:  # if the extension was invalid
                    print("Uploaded extension is invalid!")
-                    abort(415)
+                    return jsonify({'status': 'error', 'error': 'INVALID_EXTENSION'}), status.HTTP_415_UNSUPPORTED_MEDIA_TYPE

            else:  # if the key was not valid
                print("Key is invalid!")
                print("Request key: {0}".format(request.form["uploadKey"]))
-                abort(401)
+                return jsonify({'status': 'error', 'error': 'UNAUTHORIZED'}), status.HTTP_401_UNAUTHORIZED

        else:  # if uploadKey was not found in request body
            print("No uploadKey found in request!")
-            abort(401)
-
-
-    else:  # if the request method wasn't post
-        print("Request method was not POST!")
-        abort(405)
+            return jsonify({'status': 'error', 'error': 'UNAUTHORIZED'}), status.HTTP_401_UNAUTHORIZED

 if __name__ == "__main__":
    print("Run with `flask` or a WSGI server!")
Author	SHA1	Message	Date
BBaoVanC	7c1f449bce	Add "verify" field to request to not save image This makes it easy for the user to debug authentication.	2020-09-05 18:55:56 -05:00
BBaoVanC	0dbcc0e380	Change file extension check to be case-insensitive	2020-09-05 16:21:50 -05:00
BBaoVanC	b8b5a2518c	Change abort() calls to JSON responses This makes the responses more consistent. Now, all responses are JSON.	2020-09-05 15:43:36 -05:00