2
0
mirror of https://expo.survex.com/repositories/troggle/.git synced 2024-11-26 01:01:53 +00:00

Require a login if public and check for CSRF cookies for uploading images

This commit is contained in:
Martin Green 2022-06-26 01:15:00 +01:00
parent 24a016e76a
commit 5fbe0b31c2

View File

@ -9,6 +9,9 @@ from pathlib import Path
import django.forms as forms
import troggle.settings as settings
from django.views.decorators.csrf import ensure_csrf_cookie
from .auth import login_required_if_public
from troggle.lib import version_control
MAX_IMAGE_WIDTH = 1000
@ -36,6 +39,8 @@ def image_selector(request, path):
return render(request, 'image_selector.html', {'thumbnails': thumbnails})
@login_required_if_public
@ensure_csrf_cookie
def new_image_form(request, path):
'''Manages a form to upload new images'''
directory = path.rsplit('/', 1)[0]