My iOS app need send POST request to Django.
I use "#csrf_exempt" to disable to "CSRF". On local, iOS and Django works very well.
But after I deploy the website to to the "webfaction", the Django can not get the iOS POST request.
My question is how to deal with this problem about CSRF, need I do some other settings to Django?
[Here is my Django code]
__author__ = 'zhaonanli'
from django.views.decorators.csrf import csrf_exempt
from django.http import HttpResponse
import json
from models import *
import umpme.settings
import base64
#csrf_exempt
def upload_image_for_profile(request):
static_dir = umpme.settings.STATIC_ROOT
users_dir = static_dir + 'users/'
back_dic = {}
if request.method == 'POST':
if request.raw_post_data:
try:
json_data_decoding = json.loads(request.raw_post_data)
big_image_raw_data_b64string = json_data_decoding['big_imageb64string']
small_image_raw_data_b64string = json_data_decoding['small_imageb64string']
big_image_raw_data = base64.b64decode(big_image_raw_data_b64string)
small_image_raw_data = base64.b64decode(small_image_raw_data_b64string)
uid = json_data_decoding['uid']
user = UserAccountInfo.objects.get(id=uid)
uemail = user.usignup_email
whole_image_dir = users_dir + 'umpme_' + uemail + '_user/'
bigimage_filename = whole_image_dir + 'bigprofile.jpg'
smallimage_filename = whole_image_dir + 'smallprofile.jpg'
bigimage = open(bigimage_filename, 'wb')
bigimage.write(big_image_raw_data)
bigimage.close()
smallimage = open(smallimage_filename, 'wb')
smallimage.write(small_image_raw_data)
smallimage.close()
back_dic['succ'] = 'yes'
back_dic['error'] = 'nothing'
back_dic['uid'] = uid
except Exception, e:
back_dic['succ'] = 'no'
back_dic['error'] = 'error = ' + str(e)
back_dic['uid'] = 'none'
else:
back_dic['succ'] = 'no'
back_dic['error'] = 'cannotgetrawpostdata'
back_dic['uid'] = 'none'
else:
back_dic['succ'] = 'no'
back_dic['error'] = 'notgetrequest'
back_dic['uid'] = 'none'
return HttpResponse(json.dumps(back_dic), content_type='application/json')
Related
How to download youtube and other website video and audio file through youtube-dl (Front-End download - WEB UI)
Search and download the video through frontend.
i have write a script is python and flask -
from flask import (
Flask, Response,
render_template,
request,
redirect,
flash,
url_for,
send_file,
session,
)
import subprocess
from ydl import get_media, verify, fetch_name
from zipper import zipping
import os
app = Flask(__name__)
app.secret_key = "supposed to be a secret"
#app.route("/return-file/")
def return_file():
import pdb
#pdb.set_trace()
num_choice = session.get("choice")
filename = session.get("filename")
url = session.get("url")
if num_choice == 1:
filename_formatted = filename + ".mp3"
location = "media/Audio downloads/{}.mp3".format(session.get("id"))
if num_choice == 2:
#filename_formatted = filename + ".mp4"
#cc = get_media(url, num_choice)
print(url)
print('==============================================================================')
#"youtube-dl", "--get-url", url
#subprocess.run(["youtube-dl", "--no-check-certificate", "--get-url", url])
#subprocess.run(["youtube-dl", "--no-check-certificate", url])
test = subprocess.run(["youtube-dl", "--no-check-certificate", "--get-filename", url])
print(test)
csv = '1,2,3\n4,5,6\n'
return Response(
csv,
mimetype="text/csv",
headers={"Content-disposition":
"attachment; filename=test"})
#return send_file('', attachment_filename="myplot.csv")
print('==============================================================================')
#subprocess.run(["youtube-dl", "--no-check-certificate", url])
#location = "media/{}.mp4".format(session.get("id"))
#if os.path.isdir(location):
#print('True')
if num_choice == 3 or num_choice == 4:
filename_formatted = filename + ".zip"
location = "media/{}.zip".format(session.get("id"))
#return send_file(
#location, attachment_filename=filename_formatted, as_attachment=True
#)
#app.route("/", methods=["GET", "POST"])
def home_page():
"""
Displaying homepage
"""
title = "YDL | YouTube Downloader"
if request.method == "POST":
attempted_url = request.form["url"]
attempted_choice = int(request.form["submit"])
title = [attempted_url, attempted_choice]
if attempted_url != "":
if verify(attempted_url):
result_id = get_media(attempted_url, attempted_choice)
session["url"] = attempted_url
session["id"] = result_id
session["choice"] = attempted_choice
filename = fetch_name(attempted_url)
session["filename"] = filename
# return render_template('material-life.html', title = "Success {}".format(title))
# return render_template('material-life.html', title = result_id)
return redirect(url_for("return_file"))
else:
return render_template(
"material-life.html", title="YDL | Doesn't belong to YouTube"
)
else:
return render_template(
"material-life.html", title="YDL | URL shouldn't be empty"
)
return render_template("material-life.html", title=title)
#app.errorhandler(404)
def page_not_found(error):
"""
for anyone trying different links or searching for images within the server
"""
return (
render_template(
"error_template.html",
title="404 bud",
message="Time to make the chimi-fuckin'-changas. ",
subline="404, not there",
image_location=url_for("static", filename="images/deadpool-funny.jpg"),
),
404,
)
#app.errorhandler(400)
def bad_request(error):
"""
For handling situations where the server doesn't know what to do with the browser's request
"""
return (
render_template(
"error_template.html",
title="Aaaah ...",
message="나는 이해하지 못한다.",
subline="Yeah, the server couldn't understand what you asked for, Sorry",
image_location=url_for("static", filename="images/simpson-gangam.jpg"),
),
400,
)
if __name__ == "__main__":
app.run(debug=True)
its working on console base download... but i want to download through front end... without save - direct download
You can use pytube module, which depends on youtube-dl.
You seem to be building an app, but with the video's url, you can use the below one-liner to download the video:
from pytube import YouTube
YouTube(video_url).streams.first().download(filename='file_name')
I've created a form with an optional WTForms File field to upload a file. The form works... but after submission, my view.py code is always trying to process the uploaded file, regardless of whether it was submitted or not.
How do I determine if a file has been uploaded or not? I'd like my code to only process the upload if something was uploaded.
Right now, I haven't found the correct way to validate, so my code is handling the uploaded file, even when no file has been uploaded.
I'm currently trying this in my views.py to distinguish, but it doesn't work (see below):
attachFile = False
if attachment:
attachFile = True
I've also tried the following to try to make something happen (these are commented out in the full code in views.py):
First attempt: if form.attachment.data is not str:
Second attempt: if not attachment.filename == "":
Third attempt: if (isinstance(attachment,str) == False):
(Fourth (and current) attempt is above)
I've also tried the following, but get the following error when a file is not uploaded:
if attachment.data:
attachFile = True
## AttributeError: 'str' object has no attribute 'data'
forms.py:
from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, BooleanField,
SubmitField, TextAreaField, FileField
from wtforms.fields.html5 import EmailField
from wtforms.validators import DataRequired, Email
class MailerForm(FlaskForm):
fromName = StringField('fromName', validators=[DataRequired()])
fromEmail = EmailField('fromEmail', validators=[DataRequired(), Email()])
subject = StringField('Subject', validators=[DataRequired()])
toAddress = TextAreaField('toAddress', validators=[DataRequired()])
message = TextAreaField('message', validators=[DataRequired()])
attachment = FileField('attachment')
submit = SubmitField('Send Email')
views.py
#app.route('/mailer/', methods=['GET','POST'])
def mailer():
# compiled regex to quick and dirty email validation
EMAIL_REGEX = re.compile(r"(^[a-zA-Z0-9_.+-]+#[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$)")
form = MailerForm()
if form.validate_on_submit():
fromName = form.fromName.data
fromEmail = form.fromEmail.data
subject = form.subject.data
toAddress = form.toAddress.data
messageBody = form.message.data
attachment = form.attachment.data
newFileName = ""
attachFile = False
if attachment:
attachFile = True
basedir = os.path.abspath(os.path.dirname(__file__))
## lists to track successful and unsuccessful email addresses submitted
success = []
failure = []
##
## split email address
##
addresses = toAddress.split("\n")
##
## iterate through email addresses, validate, and send
##
for address in addresses:
address = address.strip()
if EMAIL_REGEX.match(address):
##if (isinstance(attachment,str) == False):
##if not attachment.filename == "":
if attachFile == True:
filename = os.path.join(basedir + "/static/" + app.config['UPLOAD_FOLDER'], attachment.filename)
attachment.save(filename)
msg = Message(subject)
msg.sender = (fromName,fromEmail)
msg.recipients = [address]
msg.body = messageBody
#if form.attachment.data is not str:
#if not attachment.filename == "":
#if (isinstance(attachment,str) == False):
if attachFile == True:
newFileName = attachment.filename
with app.open_resource(filename) as fp:
msg.attach(
newFileName,
"application/octet-stream",
fp.read())
mail.send(msg)
success.append(address)
else:
failure.append(address)
print("Failed:" + address)
else:
"""Renders index page."""
return render_template(
'mailer/mailer.html',
form = form
)
##
## Successfully emailed, time to nuke the temp attachment
##
os.system('rm ' + basedir + "/static/" + app.config['UPLOAD_FOLDER'] + "/'" + newFileName + "'")
##
##
##
return render_template(
'mailer/mailerCompleted.html',
form = form,
success = success,
failure = failure
)
You can also use not:
if not form.attachment.data:
print('no files has been uploaded')
not A is true when A is empty or None.
So, it triggers when no files are attached(form.attachment.data == None)
Add FileRequired() to validators:
from flask_wtf.file import FileField, FileRequired
...
attachment = FileField('attachment' , validators=[FileRequired()])
File is required and form will not validate if file is not submitted.
EDIT:
If you want file to be optional, remove validators=[FileRequired()] and check if file is passed:
if form.attachment.data is None:
print("File is empty")
# Code if file is empty
else:
# Code if file is passed
Using Flask-WTF==0.14.3, wtforms==2.3.3
The is None test does not work. The =='' test is works.
with a form definition using FileField
class ProfileForm(FlaskForm):
# other fields
photo = FileField('Profile photo')
when form is submitted
def profile():
form = ProfileForm()
if form.validate_on_submit():
print('form.photo.data: [{}]'.format(form.photo.data))
print('is None test: [{}]'.format(form.photo.data is None))
print('==\'\' test: [{}]'.format(form.photo.data == ''))
if form.photo.data is None:
# will NOT work
flash('you should upload a profile photo')
if form.photo.data == '':
# will work
flash('profile photo is highly recommended')
return render_template('profile.html', form=form)
I use this script to get a list of all file updates to a certain directory. I then parse that list to get a list of time slots I have been active in that directory. That way I can quickly see how much time I have spent on the project and know what to charge my client.
I have written a small python script, adapted from this: https://github.com/jncraton/PythonDropboxUploader
I added the bottom function to retrieve a specific events page from https://www.dropbox.com/events?ns=false&n=50
I have used the script before 2 months ago and it worked well, but now I am getting 403: forbidden errors on:
eventSrc = self.browser.open(req).read()
Probably DropBox tries to block scrapers like mine to push programmers to use their API instead, but unfortunately the API doesn't support listing the events.
Can anybody help me out to get it working again?
This is the python code to create the connection:
import mechanize
import urllib
import re
import json
class DropboxConnection:
""" Creates a connection to Dropbox """
email = ""
password = ""
root_ns = ""
token = ""
browser = None
def __init__(self, email, password):
self.email = email
self.password = password
self.login()
self.get_constants()
def login(self):
""" Login to Dropbox and return mechanize browser instance """
# Fire up a browser using mechanize
self.browser = mechanize.Browser()
self.browser.set_handle_equiv(False)
self.browser.set_handle_redirect(True)
self.browser.set_handle_referer(True)
self.browser.set_handle_robots(False)
self.browser.addheaders = [('User-agent', 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:14.0) Gecko/20120722 Firefox/14.0.1')]
# Browse to the login page
self.browser.open('https://www.dropbox.com/login')
# Enter the username and password into the login form
isLoginForm = lambda l: l.action == "https://www.dropbox.com/login" and l.method == "POST"
try:
self.browser.select_form(predicate=isLoginForm)
except:
self.browser = None
raise(Exception('Unable to find login form'))
self.browser['login_email'] = self.email
self.browser['login_password'] = self.password
self.browser['t'] = "1230"
# Send the form
response = self.browser.submit()
def get_constants(self):
""" Load constants from page """
home_src = self.browser.open('https://www.dropbox.com/home').read()
try:
self.root_ns = re.findall(r"root_ns: (\d+)", home_src)[0]
self.token = re.findall(r"TOKEN: '(.+)'", home_src)[0]
except:
raise(Exception("Unable to find constants for AJAX requests"))
def upload_file(self, local_file, remote_dir, remote_file):
""" Upload a local file to Dropbox """
if(not self.is_logged_in()):
raise(Exception("Can't upload when not logged in"))
self.browser.open('https://www.dropbox.com/')
# Add our file upload to the upload form
isUploadForm = lambda u: u.action == "https://dl-web.dropbox.com/upload" and u.method == "POST"
try:
self.browser.select_form(predicate=isUploadForm)
except:
raise(Exception('Unable to find upload form'))
self.browser.form.find_control("dest").readonly = False
self.browser.form.set_value(remote_dir, "dest")
self.browser.form.add_file(open(local_file, "rb"), "", remote_file)
# Submit the form with the file
self.browser.submit()
def get_dir_list(self, remote_dir):
""" Get file info for a directory """
if(not self.is_logged_in()):
raise(Exception("Can't download when not logged in"))
req_vars = "ns_id=" + self.root_ns + "&referrer=&t=" + self.token
req = urllib2.Request('https://www.dropbox.com/browse' + remote_dir, data=req_vars)
req.add_header('Referer', 'https://www.dropbox.com/home' + remote_dir)
dir_info = json.loads(self.browser.open(req).read())
dir_list = {}
for item in dir_info['file_info']:
# Eliminate directories
if(item[0] == False):
# get local filename
absolute_filename = item[3]
local_filename = re.findall(r".*\/(.*)", absolute_filename)[0]
# get file URL and add it to the dictionary
file_url = item[8]
dir_list[local_filename] = file_url
return dir_list
def get_download_url(self, remote_dir, remote_file):
""" Get the URL to download a file """
return self.get_dir_list(remote_dir)[remote_file]
def download_file(self, remote_dir, remote_file, local_file):
""" Download a file and save it locally """
fh = open(local_file, "wb")
fh.write(self.browser.open(self.get_download_url(remote_dir, remote_file)).read())
fh.close()
def is_logged_in(self):
""" Checks if a login has been established """
if(self.browser):
return True
else:
return False
def getEventsPage(self, n):
if(not self.is_logged_in()):
raise(Exception("Can't get event page when not logged in"))
url = 'https://www.dropbox.com/next_events'
values = {'cur_page': n, 'ns_id': 'false'}
data = urllib.urlencode(values)
req = mechanize.Request(url, data)
# print url + '?' + data
eventSrc = self.browser.open(req).read()
return eventSrc
And this is the loop that parses the events pages:
from dbupload import DropboxConnection
from getpass import getpass
from bs4 import BeautifulSoup
import re
import parsedatetime.parsedatetime as pdt
import parsedatetime.parsedatetime_consts as pdc
c = pdc.Constants()
p = pdt.Calendar(c)
email = "myemail#gmail.com" # raw_input("Enter Dropbox email address:")
password = getpass("Enter Dropbox password:")
dateFile = open('all_file_updates.txt', "wb")
try:
# Create the connection
conn = DropboxConnection(email, password)
except:
print("Connection failed")
else:
print("Connection succesful")
n = 250
found = 0
while(n >= 0):
eventsPageSrc = conn.getEventsPage(n)
soup = BeautifulSoup(eventsPageSrc)
table = soup.find("table", {"id": "events"})
for row in table.findAll('tr'):
link = row.find("a", href=re.compile('^https://dl-web.dropbox.com/get/ProjectName'))
if(link != None):
dateString = row.find("td", attrs={'class': 'modified'}).string
date = p.parse(dateString)
dateFile.write('Date: ' + str(date) + ' file: ' + link.string + '\n')
found = found + 1
n = n - 1
print 'page: ' + str(n) + ' Total found: ' + str(found)
In def get_constants(self): change
self.token = re.findall(r"TOKEN: '(.+)'", home_src)[0]
to
self.token = re.findall(r'TOKEN: "(.+)"', home_src)[0]
dropbox has changed the way it stores constants
Hope it helps.
I am currently using OAuth 1 for auth with the Reporting API with GData and Python. Is it possible to use OAuth 2, I can't find a reference that this is doable?
I wasn't able to find any reference for the OAuth 2 and the Reporting api but by following samples for the GData libraries (http://code.google.com/p/gdata-python-client/source/browse/#hg%2Fsamples%2Fapps) I was able to cobble this together:
#!/usr/bin/python
import sys
import os
import time
import gdata.gauth
import gdata.client
import httplib2
import oauth2client.file
import oauth2client.tools
REPORTING_URI = 'https://www.google.com/hosted/services/v1.0/reports/ReportingData'
REPORTING_XML_TEMPLATE = '''<?xml version="1.0" encoding="UTF-8"?>
<rest xmlns="google:accounts:rest:protocol"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<type>Report</type>
<domain>%s</domain>
<date>%s</date>
<page>%s</page>
<reportType>daily</reportType>
<reportName>%s</reportName>
</rest>'''
OAUTH2FILENAME = 'oauth_20.dat'
OAUTH2JSONFILE = 'client_secrets.json'
OAUTH2SCOPES = 'https://www.google.com/hosted/services/v1.0/reports/ReportingData'
OAUTH2USERAGENT = 'REPORTING'
CLIENTSOURCE = 'REPORTING'
MISSING_OAUTHJSON_FILE_MESSAGE = """
WARNING: Please configure OAuth 2.0
To continue you will need to populate the client_secrets.json file:
%s
with information from the APIs Console <https://code.google.com/apis/console>.
""" % os.path.join(os.path.dirname(__file__), OAUTH2JSONFILE)
### Reporting
def RunReport (http_object, domain, report=None, date=None):
if date is None:
now = time.time()
report_time = time.gmtime(now)
date = time.strftime("%Y-%m-%d",report_time)
if report is None:
report='accounts'
report_data = RequestReport(http_object,domain=domain,report=report,date=date)
if not report_data:
print 'No report data'
return report_data
def RequestReport (http_object, domain=None, report=None, date=None):
"""Retrieves a report
Args:
domain: string
report: string: accounts, activity, disk_space, email_clients, summary
date: string: YYYY-MM-DD
Returns:
String, the report data
"""
report_data = ''
uri = REPORTING_URI
if not report or report is None:
return report_data
if not date or date is None:
return report_data
if not domain or domain is None:
domain = self.domain
page = 1
while True:
report_xml = REPORTING_XML_TEMPLATE %(domain, date, page, report)
response = ''
report_page = ''
try:
response, report_page = http_object.request(
uri,method='POST',body=report_xml)
except Exception, rexcept:
print 'Exception: ',rexcept
report_page = ''
break
if response.status != 200:
print 'Error: ',response.status
report_page = ''
break
if not report_page or report_page == 'End-Of-Report':
break
else:
report_data += report_page
page = page + 1
return report_data
scopes = OAUTH2SCOPES
user_agent = OAUTH2USERAGENT
client_source = CLIENTSOURCE
str_oauth2file = OAUTH2FILENAME
str_oauthjsonfile = OAUTH2JSONFILE
domain = 'somedomain'
report_name = 'accounts'
client_id = 'string'
client_secret = 'string'
report_data = ''
oauth2_flow = ''
now = time.time()
report_time = time.gmtime(now)
report_date = time.strftime("%Y-%m-%d",report_time)
if not os.path.isfile(str_oauth2file):
token = gdata.gauth.OAuth2Token(client_id=client_id,
client_secret=client_secret, scope=scopes, user_agent=user_agent)
uri = token.generate_authorize_url()
print 'Please visit this URL to authorize the application:'
print uri
# Get the verification code from the standard input.
code = raw_input('What is the verification code? ').strip()
token.get_access_token(code)
oauth2_flow = oauth2client.client.flow_from_clientsecrets(str_oauthjsonfile,
scope=scopes,message=MISSING_OAUTHJSON_FILE_MESSAGE)
storage = oauth2client.file.Storage(str_oauth2file)
oauth2_credentials = storage.get()
if oauth2_credentials is None or oauth2_credentials.invalid:
if not oauth2_flow:
oauth2_flow = oauth2client.client.flow_from_clientsecrets(str_oauthjsonfile,
scope=scopes,message=MISSING_OAUTHJSON_FILE_MESSAGE)
print '\nYou must authorize access to the request APIS.\n'
# Save the credentials in storage to be used in subsequent runs.
oauth2_credentials = oauth2client.tools.run(oauth2_flow, storage)
http_oauth2_object = httplib2.Http()
http_oauth2_object = oauth2_credentials.authorize(http_oauth2_object)
report_data = RunReport(
http_oauth2_object,domain,report=report_name,date=report_date)
if report_data:
print report_data
sys.exit(0)
I am using from social_auth.signals import socialauth_registered for new registered user in my project. and I have noticed that when I try to sign-up on facebook to my project. my project did not get the profile pic of my facebook, instead it gets the profile pic of my gravatar.com account.
this is my code :
from django.db import models
from django.utils.translation import ugettext_lazy as _
from django.contrib.auth.models import User
from userena.models import *
from social_auth.signals import pre_update
from social_auth.backends.facebook import FacebookBackend
from social_auth.backends import google
from social_auth.signals import socialauth_registered
import datetime
def new_users_handler(sender, user, response, details, **kwargs):
user.is_new = True
print "hello"
if user.is_new:
print "world"
if "id" in response:
print "police"
from urllib2 import urlopen, HTTPError
from django.template.defaultfilters import slugify
from django.core.files.base import ContentFile
try:
url = None
if sender == FacebookBackend:
url = "http://graph.facebook.com/%s/picture?type=large" \
% response["id"]
elif sender == google.GoogleOAuth2Backend and "picture" in response:
url = response["picture"]
print url
if url:
avatar = urlopen(url)
#profile = UserProfile(user=user)
print "again"
print user
fileName = "media/mugshots/"+ str(user) + ".jpg"
print "okss"
print fileName
try:
profile = Profile.objects.get(user=user)
except:
profile = Profile.objects.create(user=user)
localFile = open(fileName, 'w')
localFile.write(avatar.read())
localFile.close()
profile.mugshot = fileName
print "save=ing profile"
#profile.mugshot.save(slugify(user.username + " social") + '.jpg',
# ContentFile(avatar.read()))
profile.save()
except HTTPError:
pass
return False
socialauth_registered.connect(new_users_handler, sender=None)
but my code did not work on saving the facebook profile pic to `media/mudshots/ dir.
my question is, how can I get the profile pic of a facebook account and save it in media/mudshots/ dir in my django project?
can anyone can help me about my case?
thanks in advance ..
i get it... i use this ..
import datetime
import urllib
import string
import random
import os
avatar = urlopen(url)
try:
profile = Profile.objects.get(user=user)
except:
profile = Profile.objects.create(user=user)
print profile
print "sdfffffffffffffffffffff"
filename_charset = string.ascii_letters + string.digits
filename_length = 10
file_save_dir = 'media/mugshots/'
filename = ''.join(random.choice(filename_charset)
for s in range(filename_length))
urllib.urlretrieve (url, os.path.join(file_save_dir, filename + '.png'))
profile.mugshot = 'mugshots/'+filename + '.png'
profile.save()