mirror of
https://expo.survex.com/repositories/troggle/.git
synced 2024-11-26 01:01:53 +00:00
Require a login if public and check for CSRF cookies for uploading images
This commit is contained in:
parent
24a016e76a
commit
5fbe0b31c2
@ -9,6 +9,9 @@ from pathlib import Path
|
||||
import django.forms as forms
|
||||
import troggle.settings as settings
|
||||
|
||||
from django.views.decorators.csrf import ensure_csrf_cookie
|
||||
from .auth import login_required_if_public
|
||||
|
||||
from troggle.lib import version_control
|
||||
|
||||
MAX_IMAGE_WIDTH = 1000
|
||||
@ -36,6 +39,8 @@ def image_selector(request, path):
|
||||
|
||||
return render(request, 'image_selector.html', {'thumbnails': thumbnails})
|
||||
|
||||
@login_required_if_public
|
||||
@ensure_csrf_cookie
|
||||
def new_image_form(request, path):
|
||||
'''Manages a form to upload new images'''
|
||||
directory = path.rsplit('/', 1)[0]
|
||||
|
Loading…
Reference in New Issue
Block a user