From ac79aefa36d70b570a7fdcd2b758e2ffaa32f45d Mon Sep 17 00:00:00 2001
From: winet <tolya.bogomolov2019@gmail.com>
Date: Sun, 11 Feb 2024 22:22:18 +1000
Subject: [PATCH] sessions archive uploading handling

---
 .gitignore                               |  1 +
 app/blueprints/api/sessions/routes.py    | 60 +++++++++++++++++++-----
 app/blueprints/frontend/templates/add.j2 |  9 ++--
 config.py                                |  3 +-
 4 files changed, 57 insertions(+), 16 deletions(-)

diff --git a/.gitignore b/.gitignore
index 92ab989..01c2c5a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -164,3 +164,4 @@ cython_debug/
 *.session
 .vscode/settings.json
 *session_journal
+uploads
\ No newline at end of file
diff --git a/app/blueprints/api/sessions/routes.py b/app/blueprints/api/sessions/routes.py
index ce749e4..a4f56b5 100644
--- a/app/blueprints/api/sessions/routes.py
+++ b/app/blueprints/api/sessions/routes.py
@@ -1,16 +1,23 @@
-from flask import Blueprint, Response, jsonify, request
+import os
+
+from flask import Blueprint, jsonify, request, current_app, redirect
+from werkzeug.utils import secure_filename
 
 from app.extensions import db
 from app.models.session import Session
-from app.models.task import Task
 from paper.errors import NeedPasswordException
 from paper.parser import PaperParser
 
 sessions = Blueprint("sessions", __name__, url_prefix="/sessions")
 
-@sessions.route("/", methods=["POST"])
-async def create_session(**kwargs):
-    data = kwargs or request.json or request.form
+ALLOWED_EXTENSIONS = ['zip']
+
+def allowed_file(filename):
+    return '.' in filename and \
+           filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
+
+async def create_session_form():
+    data = request.json
     data["name"] = data["name"].replace("/", "").replace("\\", "") 
 
     session = Session.query.filter_by(name=data.get("name")).first()
@@ -54,9 +61,39 @@ async def create_session(**kwargs):
         
         finally:
             db.session.commit()
-
+    
     return jsonify(response)
 
+def create_session_from_file():
+    archive = request.files['archive']
+    
+    if archive.filename == '':
+        return 'Not Found', 404
+    
+    if not allowed_file(archive.filename):
+        return 'File Extension Not Allowed', 406
+    
+    session_upload_path = os.path.join(current_app.config['UPLOAD_DIR'], "sessions")
+    
+    if not os.path.exists(session_upload_path):
+        os.makedirs(session_upload_path)
+    
+    filename = secure_filename(archive.filename)
+    file_path = os.path.join(session_upload_path, filename)
+    
+    archive.save(file_path)
+    
+    return 'Ok', 200
+    # return redirect('/')
+
+@sessions.route("/", methods=["POST"])
+async def create_session():
+    files = request.files
+    if not 'archive' in files:
+        return await create_session_form()
+    else:
+        return create_session_from_file()
+
 @sessions.route("/", methods=["GET"])
 def get_sessions(**kwargs):
     return Session.query.filter_by(authorized=True).all()
@@ -72,10 +109,11 @@ async def remove_session(id: int):
         try:
             await parser.client.log_out()
         
+            db.session.delete(session)
+            db.session.commit()
+                
         except Exception as e:
-            return Response(e, 500)
+            return str(e), 500
         
-    db.session.delete(session)
-    db.session.commit()
-    
-    return Response('ok', status=200)
\ No newline at end of file
+    return 'ok', 200
+    
\ No newline at end of file
diff --git a/app/blueprints/frontend/templates/add.j2 b/app/blueprints/frontend/templates/add.j2
index e407810..9e91f09 100644
--- a/app/blueprints/frontend/templates/add.j2
+++ b/app/blueprints/frontend/templates/add.j2
@@ -91,10 +91,11 @@ PaperParser: Вход в аккаунт
         <button type="submit" class="btn btn-primary">Отправить код</button>
     </form>
     <hr>
-    <form action="/api/sessions/file" method="POST">
-        <label for="open-file-btn" class="form-label">Архив с аккаунтом (или .session файл)</label>
-        <div class="mb-3">
-            <button id="open-file-btn" type="submit" class="btn btn-secondary mt-3 disabled">Открыть файл</button>
+    <form hx-post="/api/sessions" hx-encoding='multipart/form-data' hx-swap="none">
+        <label for="open-file-btn" class="form-label">Архив с аккаунтом</label>
+        <div class="input-group mb-3">
+            <input class="form-control" type="file" name="archive" accept=".zip">
+            <button class="btn btn-primary" type="submit">Отправить</button>
         </div>
     </form>
 </div>
diff --git a/config.py b/config.py
index cddcf06..3f7ee55 100644
--- a/config.py
+++ b/config.py
@@ -13,8 +13,9 @@ class ProductionConfig:
     )
 
 class DebugConfig:
-    SQLALCHEMY_DATABASE_URI = f"postgresql://postgres:123456789@localhost:5432/paper"
+    SQLALCHEMY_DATABASE_URI = f"postgresql://paper:123456789@localhost:5432/paper"
     SQLALCHEMY_TRACK_MODIFICATIONS = False
+    UPLOAD_DIR = 'uploads'
     CELERY = dict(
         broker_url="redis://localhost:6379/0",
         result_backend="redis://localhost:6379/0",