diff --git a/app.py b/app.py index 708eb07..9e512ad 100644 --- a/app.py +++ b/app.py @@ -81,11 +81,16 @@ def answer_post(target_post_id): return render_template("answer-post.html", target_post_id=target_post_id) +ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif', 'mp4', 'webm', 'webp'} +def allowed_file(filename): + return '.' in filename and \ + filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS @app.route('/post_to_another_post/', methods=['POST']) def post_to_post(post_key): + #### TODO allow only imgs, videos, and gifs if 'file' in request.files: @@ -95,10 +100,12 @@ def post_to_post(post_key): files = request.files.getlist("file") for file in files: size = os.fstat(file.fileno()).st_size - - minioClient.put_object( - bucket_name, file.filename, file, size - ) + if allowed_file(file.filename): + minioClient.put_object( + bucket_name, file.filename, file, size + ) + else: + print(f'somebody tried to put this inside minio: {file.filename} size: {size}') postos = db.collection('posts') @@ -142,7 +149,9 @@ def post_to_post(post_key): - +#### TODO websockets +#### TODO kafka +#### TODO shards if __name__ == "__main__": app.run(debug=True, host='0.0.0.0') \ No newline at end of file