Easy file uploads for Flask.

Overview

Build Status Codacy Badge codecov Documentation Status PyPI version PyPI - Python Version PyPI - License

FlaskFileUpload

Library that works with Flask & SqlAlchemy to store files on your server & in your database

Read the docs: Documentation

Installation

Please install the latest stable release:

pip install flask-file-upload

General Flask config options

(Important: The below configuration variables need to be set before initiating FileUpload)

    # This is the directory that flask-file-upload saves files to. Make sure the UPLOAD_FOLDER is the same as Flasks's static_folder or a child. For example:
    app.config["UPLOAD_FOLDER"] = join(dirname(realpath(__file__)), "static/uploads")
    
    # Other FLASK config varaibles ...
    app.config["ALLOWED_EXTENSIONS"] = ["jpg", "png", "mov", "mp4", "mpg"]
    app.config["MAX_CONTENT_LENGTH"] = 1000 * 1024 * 1024  # 1000mb
    app.config["SQLALCHEMY_DATABASE_URI"] = "postgresql://localhost:5432/blog_db"

Setup

We can either pass the instance to FileUpload(app) or to the init_app(app) method:

from flask_jwt_router import JwtRoutes


app = Flask(__name__, static_folder="static") # IMPORTANT: This is your root directory for serving ALL static content!

db = SQLAlchemy()

file_upload = FileUpload()

# An example using the Flask factory pattern
def create_app():
    db.init_app(app) 
    # Pass the Flask app instance as the 1st arg &
    # the SQLAlchemy object as the 2nd arg to file_upload.init_app.
    file_upload.init_app(app, db)
    
    # If you require importing your SQLAlchemy models then make sure you import
    # your models after calling `file_upload.init_app(app, db)` or `FileUpload(app, db)`. 
    from .model import * 

# Or we can pass the Flask app instance directly & the Flask-SQLAlchemy instance:
db = SQLAlchemy(app)
# Pass the Flask app instance as the 1st arg &
# the SQLAlchemy object as the 2nd arg to FileUpload
file_upload = FileUpload(app, db)
app: Flask = None

Decorate your SqlAlchemy models

Flask-File-Upload (FFU) setup requires each SqlAlchemy model that wants to use FFU library to be decorated with @file_upload.Model .This will enable FFU to update your database with the extra columns required to store files in your database. Declare your attributes as normal but assign a value of file_upload.Column. This is easy if you are using Flask-SqlAlchemy:

from flask_sqlalchemy import SqlAlchemy

db = SqlAlchemy()

Full example:

from my_app import file_upload

@file_upload.Model
class blogModel(db.Model):
   __tablename__ = "blogs"
   id = db.Column(db.Integer, primary_key=True)

   # Use flask-file-upload's `file_upload.Column()` to associate a file with a SQLAlchemy Model:
   my_placeholder = file_upload.Column()
   my_video = file_upload.Column()

define files to be uploaded:

    # A common scenario could be a video with placeholder image.
    # So first lets grab the files from Flask's request object:
    my_video = request.files["my_video"]
    placeholder_img = request.files["placeholder_img"]

Save files

Now we have the files assigned to variables, we can start using the m with flask-file-upload:

    file_upload.save_files(blog_post, files={
        "my_video": my_video,
        "placeholder_img": placeholder_img,
    })
If you followed the setup above you will see the following structure saved to your app:

FlaskFileUpload

Update files

    blog_post = file_upload.update_files(blog_post, files={
        "my_video": new_my_video,
        "placeholder_img": new_placeholder_img,
    })

Delete files

Deleting files from the db & server can be non trivial, especially to keep both in sync. The file_upload.delete_files method can be called with a kwarg of clean_up & then depending of the string value passed it will provide 2 types of clean up functionality:

  • files will clean up files on the server but not update the model
  • model will update the model but not attempt to remove the files from the server. See delete_files Docs for more details
    # Example using a SqlAlchemy model with an appended
    # method that fetches a single `blog`
    blogModel = BlogModel()
    blog_results = blogModel.get_one()
    
    # We pass the blog & files
    blog = file_upload.delete_files(blog_result, files=["my_video"])
    
    # If parent kwarg is set to True then the root primary directory & all its contents will be removed.
    # The model will also get cleaned up by default unless set to `False`.
    blog_result = file_upload.delete_files(blog_result, parent=True, files=["my_video"])


    # If the kwarg `commit` is not set or set to True then the updates are persisted.
    # to the session. And therefore the session has been commited.
    blog = file_upload.delete_files(blog_result, files=["my_video"])
    
    # Example of cleaning up files but not updating the model:
    blog = file_upload.delete_files(blog_result, files=["my_video"], clean_up="files")

Stream a file

    file_upload.stream_file(blog_post, filename="my_video")

File Url paths

    file_upload.get_file_url(blog_post, filename="placeholder_img")

Example for getting file urls from many objects:

    # If blogs_model are many blogs:
    for blog in blog_models:
        blog_image_url = file_upload.get_file_url(blog, filename="blog_image")
        setattr(blog, "blog_image", blog_image_url)

Set file paths to multiple objects - Available in 0.1.0-rc.6 & v0.1.0

The majority of requests will require many entities to be returned & these entities may have SQLAlchemy backrefs with relationships that may also contain Flask-File-Upload (FFU) modified SQLAlchemy models. To make this trivial, this method will set the appropriate filename urls to your SQLAlchemy model objects (if the transaction hasn't completed then add_file_urls_to_models will complete the transaction by default).

The first argument required by this method is models - the SQLAlchemy model(s).

Then pass in the required kwarg filenames which references the parent's FFU Model values - this is the file_upload.Model decorated SQLALchemy model

  • file_upload.Column() method.

Important! Also take note that each attribute set by this method postfixes a _url tag. e.g blog_image becomes blog_image_url

Example for many SQLAlchemy entity objects (or rows in your table)::

    @file_upload.Model
    class BlogModel(db.Model):

        blog_image = file_upload.Column()

Now we can use the file_upload.add_file_urls_to_models to add file urls to each SQLAlchemy object. For example::

    blogs = add_file_urls_to_models(blogs, filenames="blog_image")

    # Notice that we can get the file path `blog_image` + `_url`
    assert  blogs[0].blog_image_url == "path/to/blogs/1/blog_image_url.png"

To set filename attributes to a a single or multiple SQLAlchemy parent models with backrefs to multiple child SQLAlchemy models, we can assign to the optional backref kwarg the name of the backref model & a list of the file attributes we set with the FFU Model decorated SQLAlchemy model.

To use backrefs we need to declare a kwarg of backref & pass 2 keys: - name: The name of the backref relation - filenames: The FFU attribute values assigned to the backref model

For example::

    # Parent model
    @file_upload.Model
    class BlogModel(db.Model):
        # The backref:
        blog_news = db.relationship("BlogNewsModel", backref="blogs")
        blog_image = file_upload.Column()
        blog_video = file_upload.Column()

    # Model that has a foreign key back up to `BlogModel
    @file_upload.Model
    class BlogNewsModel(db.Model):
        # The foreign key assigned to this model:
        blog_id = db.Column(db.Integer, db.ForeignKey("blogs.blog_id"))
        news_image = file_upload.Column()
        news_video = file_upload.Column()

The kwarg backref keys represent the backref model or entity (in the above example this would be the BlogNewsModel which we have named blog_news. Example::

    blogs = add_file_urls_to_models(blogs, filenames=["blog_image, blog_video"],
        backref={
            "name": "blog_news",`
            "filenames": ["news_image", "news_video],
    })

WARNING: You must not set the relationship kwarg: lazy="dynamic"! If backref is set to "dynamic" then back-referenced entity's filenames will not get set. Example::

    # This will work
    blog_news = db.relationship("BlogNewsModel", backref="blog")

    # this will NOT set filenames on your model class
    blog_news = db.relationship("BlogNewsModel", backref="blog", lazy="dynamic")

Running Flask-Migration After including Flask-File-Upload in your project

The arguments below will also run if you're using vanilla Alembic.

    export FLASK_APP=flask_app.py # Path to your Flask app
    
    # with pip
    flask db stamp head
	flask db migrate
    flask db upgrade

    # with pipenv
    pipenv run flask db stamp head
	pipenv run flask db migrate
    pipenv run flask db upgrade
Comments
  • > So does that set the file size or the filename size? Because I can upload the image 'binder.png':

    > So does that set the file size or the filename size? Because I can upload the image 'binder.png':

    So does that set the file size or the filename size? Because I can upload the image 'binder.png': binder

    And it works great. But if I try to upload '8percenttrimmed_heightmap.png': 8percenttrimmed_heightmap It gives me the error: (pymysql.err.DataError) (1406, "Data too long for column 'image__file_name' at row 1")

    And to test it I changed the config to be: MAX_CONTENT_LENGTH = 1000 * 1000 * 1024 * 1024

    can you past the actual file name . this is actually a MySQL error saying that the string we save in the image__file_name column is too long..

    Originally posted by @joegasewicz in https://github.com/joegasewicz/Flask-File-Upload/issues/46#issuecomment-571023066

    bug help wanted good first issue 
    opened by joegasewicz 19
  • Wrong path when deleting files

    Wrong path when deleting files

    I'm not able to delete files due to the filename not being correct. It's showing as image.image/png but the real file I uploaded is called 'binder.png'. I use 'image' on the form as name='image' as well as in the model file and the dict when saving the file originally.

    I updated my config to:

    UPLOAD_FOLDER = Path.cwd().joinpath("smartHomeDevicesForDisabled", "smartify", "static", "uploads")

    The error I'm getting when trying to delete:

    INFO in routes: Device could not be deleted. [2020-01-01 18:22:24,918] INFO in routes: [Errno 2] No such file or directory: '/home/laurin/Projects/smartHomeDevicesForDisabled/smartify/static/uploads/device/7/image.image/png'

    How I'm trying to delete:

    def deleteDevice(id):
    	try: 
    		device = Device.query.get(id)
    		file_upload.delete_files(device, db=db, files=["image"])
    		db.session.delete(device)
    		db.session.commit() 
    		flash('Device successfully deleted.', 'success')
    		app.logger.info('Device deleted.')
    	except Exception as e: 
    		flash('Device could not be deleted.', 'danger')
    		app.logger.info('Device could not be deleted.')
    		app.logger.info(e)
    	
    	return redirect(url_for('editDevices'))
    

    How I'm originally saving the files:

    device = Device(name=form.name.data, 
    			description=form.description.data, 
    			price=form.price.data,
    			recurring_price=form.recurring_price.data,
    			payment_occurence_id=po.id, 
    			link=form.link.data,
    			category_id=dc.id, 
    			rating=form.rating.data,
    			narrative=form.narrative.data
    			)
    image = request.files["image"]
    device = file_upload.save_files(device, files={
    	"image": image
    })
    

    Is this a bug or am I doing something wrong?

    opened by Dev-Laurin 19
  • Initalizing file_upload with subclassed SQLAlchemy instance?

    Initalizing file_upload with subclassed SQLAlchemy instance?

    Hi Joe,

    First, thank you for developing this. Provided I can get it working in my project, it'd be perfect for my needs. I'm working on an image manager feature for an existing Flask application with a rather large/complex MySQL database setup that serves as a REST API. While the database itself is a beast, for this project I'm really only dealing with a single table that has no relationships.

    The database had been set up using raw SQLAlchemy, but I reconfigured it using Flask-SQLAlchemy, in hopes to get it working with flask-file-upload. So far though, I'm having trouble initializing it, getting the following error:

    Traceback (most recent call last): File "/Users/aglane/Box Sync/Git/flora-DEV/herbflask/__init__.py", line 1, in <module> from application import create_app File "/Users/aglane/Box Sync/Git/flora-DEV/herbflask/application/__init__.py", line 32, in <module> from .db.miflora import MIFloraDB File "/Users/aglane/Box Sync/Git/flora-DEV/herbflask/application/db/miflora.py", line 1113, in <module> class ImagesDev(MIFLORA_BASE): File "/Users/aglane/Box Sync/Git/flora-DEV/env/lib/python3.7/site-packages/flask_file_upload/model.py", line 50, in __new__ new_cols_list, filenames_list = _ModelUtils.get_attr_from_model(instance, new_cols, filenames, db) File "/Users/aglane/Box Sync/Git/flora-DEV/env/lib/python3.7/site-packages/flask_file_upload/_model_utils.py", line 123, in get_attr_from_model new_cols.append(_ModelUtils.columns_dict(attr, db)) File "/Users/aglane/Box Sync/Git/flora-DEV/env/lib/python3.7/site-packages/flask_file_upload/_model_utils.py", line 90, in columns_dict create_col File "/Users/aglane/Box Sync/Git/flora-DEV/env/lib/python3.7/site-packages/flask_file_upload/_model_utils.py", line 36, in create_keys col_dict[key] = fn(key, key) File "/Users/aglane/Box Sync/Git/flora-DEV/env/lib/python3.7/site-packages/flask_file_upload/_model_utils.py", line 86, in create_col return db.Column(db.String(str_len), key=key, name=name) AttributeError: 'NoneType' object has no attribute 'Column'

    It seems as though the database isn't being recognized as an SQLAlchemy instance?

    I'm wondering whether this may be because I've subclassed the SQLAlchemy instance with a MIFloraDB class, which handles all the query logic for the REST API - e.g.

    from flask_sqlalchemy import SQLAlchemy

    class MIFloraDB(SQLAlchemy): ...

    Which I then import into my application (app factory) to create the SQLAlchemy instance:

    flora_db = MIFloraDB()

    def create_app():

    with app.app_context():

    flora_db.init_app(app)

    file_upload.init_app(app, flora_db)

    return app

    Everything else seems to be configured properly, so that's my best guess at this point, but any thoughts/suggestions very much appreciated!

    enhancement question 
    opened by GhastlyParadox 9
  • MySQL compatibility

    MySQL compatibility

    sqlalchemy is giving me:

    VARCHAR requires a length on dialect mysql

    I'm assuming it is as simple as adding a length when connecting to flask sql alchemy. Could you please put this in a release soon?

    bug help wanted good first issue 
    opened by Dev-Laurin 4
  •  How to render multiple files uploaded using a single form field via MultipleFileField.

    How to render multiple files uploaded using a single form field via MultipleFileField.

    Limitations

    I have a question: I want to build an application with Flask and I use flask-file-upload to save the files in the database but I am limited by the possibilities of flask-file-upload. So here is the model:

    @file_upload.Model
    class Personne(db.Model):
        __tablename__ = "personnes"
        id = db.Column(db.Integer(), primary_key=True)
        last_name = db.Column(db.String(100), nullable=False)
        first_name = db.Column(db.String(100), nullable=False)
        sexe = db.Column(db.String(20), nullable=False)
        age = db.Column(db.Integer(), nullable=False)
        fonction = db.Column(db.String(50), nullable=False)
        file = file_upload.Column()
        date = db.Column(db.DateTime(), default=datetime.utcnow())
    
        def __str__(self):
            return f"{self.last_name} {self.first_name}"
    
    SEXE = ["Femme", "Homme"]
    
    class PersonneForm(FlaskForm):
        last_name = StringField(label="Votre nom", validators=[DataRequired()])
        first_name = StringField(label="Votre prénom", validators=[DataRequired()])
        sexe = SelectField(label="Sexe", choices=SEXE)
        age = IntegerField(label="Age", validators=[DataRequired()])
        fonction = StringField(label="Fonction", validators=[DataRequired()])
        file = MultipleFileField(label="Fichiers", validators=[DataRequired()])
        submit = SubmitField(label="Créer")
    

    Here is the code that allows me to create the objects in the database and it works because I get to download the files and save them to the database.

    @app.route("/create/", methods=("GET", "POST"))
    def create_personne():
        form = PersonneForm()
        if request.method == "POST":
            last_name = form.last_name.data
            first_name = form.first_name.data
            sexe = form.sexe.data
            age = form.age.data
            fonction = form.fonction.data
            file = form.file.data
    
            new_personne = Personne(
                last_name=last_name,
                first_name=first_name,
                sexe=sexe,
                age = form.age.data,
                fonction=fonction,
            )
            
            file_upload.save_files(new_personne, files={"file": file})
    
            flash(f"{last_name} {first_name} ajouté avec succès", "success")
    
            db.session.add(new_personne)
            db.session.commit()
    
            return redirect(url_for("create_personne"))
        else:
            form = PersonneForm()
        return render_template('create_personne.html', form=form)
    

    So my question is this: how to render these files in the templates? Because the explanations provided, it is necessary to use:

    {{ file_upload.get_file_url(personne, filename='file') }}
    

    This only works for one file. Me, I uploaded several files using the MultipleFileField of the Flask-WTF. Here is my the template of my form.

    {% extends "base.html" %}
    
    {% from 'bootstrap/form.html' import render_form %}
    {% from 'bootstrap/utils.html' import render_messages %}
    
    {% block main %}
        <div class="container">
            {{ render_messages() }}
            <form method="post" enctype="multipart/form-data">
                {{ render_form(form) }}
            </form>
        </div>
    {% endblock %}
    

    By reading the explanations, one of the solutions would be to create a field for each file to upload and then to render it one by one in the templates.

    In the view:

    file_upload.save_files(new_personne, files={"file1": file1, "file2": file2})
    

    In the template:

    <img src="{{ file_upload.get_file_url(personne, filename='file1') }}" class="img-fluid rounded-circle" alt="photo">
    
    <img src="{{ file_upload.get_file_url(personne, filename='file2') }}" class="img-fluid rounded-circle" alt="photo">
    

    Is this the only solution? If not, can you tell me how to render them with uploaded files using a single MultipleFileField.

    Thanks for your help.

    enhancement 
    opened by puludisumpia 3
  • FileUpload object has no attribute 'Model'

    FileUpload object has no attribute 'Model'

    AttributeError: 'FileUpload' object has no attribute 'Model'

    @file_upload.Model
    class Post(db.Model):
    	id = db.Column(db.Integer, primary_key=True)
    	....
    	image = file_upload.Column(db)
    	image_alt = db.Column(db.String(100))
    	....
    
    	def __repr__(self):
    		return '<Post %r>' % self.title 
    
    opened by Dev-Laurin 2
  • Delete files only method

    Delete files only method

    Delete files only method would be more useful when the user wants to drop a row from the db containing the file data but afterwards needs to cleanup the files from the server.

    enhancement help wanted good first issue 
    opened by joegasewicz 2
  • Saving Uploaded Image to Server

    Saving Uploaded Image to Server

    Hello again, you fixed compatibility with MySQL - thanks!

    However I am having a new problem. I believe I'm almost to a fully working solution with this last hurdle. The error I'm getting is:

    INFO in routes: [FLASK_FILE_UPLOAD_ERROR]: Couldn't create file path: /static/uploads/device/9/binder.png

    My configuration is: UPLOAD_FOLDER = '/static/uploads' ALLOWED_EXTENSIONS = ["jpg", "png"] MAX_CONTENT_LENGTH = 1000 * 1000 * 1024 * 1024

    In my models.py:

    @file_upload.Model
    class Device(db.Model):
        image = file_upload.Column(db)
    

    In my routes.py:

    image = request.files["image"]
    device = file_upload.save_files(device, files={
    	"image": image
    })
    

    init.py:

    db = SQLAlchemy()
    file_upload = FileUpload(db=db)
    
    def create_app():
    	#create and configure the app 
    	app = Flask(__name__, instance_relative_config=True, 
    		template_folder="templates", static_folder="static")
    	app.config.from_envvar('APP_CONFIG_FILE')
    
    	db.init_app(app)
    	file_upload.init_app(app)	
    
    opened by Dev-Laurin 2
  • Error with flask-file-upload

    Error with flask-file-upload

    Traceback (most recent call last):
      File "/usr/local/lib/python3.8/site-packages/flask/_compat.py", line 39, in reraise
        raise value
      File "/code/app.py", line 12, in <module>
        from galactic_api.views import category_view
      File "/code/galactic_api/views.py", line 8, in <module>
        from .models import Category, file_upload
      File "/code/galactic_api/models.py", line 14, in <module>
        class Category(BasicModel):
      File "/usr/local/lib/python3.8/site-packages/flask_file_upload/model.py", line 50, in __new__
        new_cols_list, filenames_list = _ModelUtils.get_attr_from_model(instance, new_cols, filenames, db)
      File "/usr/local/lib/python3.8/site-packages/flask_file_upload/_model_utils.py", line 123, in get_attr_from_model
        new_cols.append(_ModelUtils.columns_dict(attr, db))
      File "/usr/local/lib/python3.8/site-packages/flask_file_upload/_model_utils.py", line 87, in columns_dict
        return _ModelUtils.create_keys(
      File "/usr/local/lib/python3.8/site-packages/flask_file_upload/_model_utils.py", line 36, in create_keys
        col_dict[key] = fn(key, key)
      File "/usr/local/lib/python3.8/site-packages/flask_file_upload/_model_utils.py", line 86, in create_col
        return db.Column(db.String(str_len), key=key, name=name)
    AttributeError: 'NoneType' object has no attribute 'Column'
    

    My app.py file looks like this:

    ...
    from core.models import db, ma, file_upload
    ...
    
    def create_app():
        POSTGRES_URL = get_env_variable("POSTGRES_URL")
        POSTGRES_USER = get_env_variable("POSTGRES_USER")
        POSTGRES_PW = get_env_variable("POSTGRES_PW")
        POSTGRES_DB = get_env_variable("POSTGRES_DB")
    
        DB_URL = 'postgresql+psycopg2://{user}:{pw}@{url}/{db}'.format(
            user=POSTGRES_USER,pw=POSTGRES_PW,url=POSTGRES_URL,db=POSTGRES_DB)
    
    
        app = Flask(__name__, static_folder='static')
        app.register_blueprint(admin_teacher_view)
        app.register_blueprint(student_view)
        app.register_blueprint(category_view)
        redis = Redis(host='redis', port=6379)
        app.config['SQLALCHEMY_DATABASE_URI'] = DB_URL
        app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
        app.config['SECRET_KEY'] = 'some_secret'
        app.config['JWT_AUTH_USERNAME_KEY'] = 'email'
        app.config['JWT_EXPIRATION_DELTA'] = datetime.timedelta(hours=24)
        app.config["UPLOAD_FOLDER"] = os.path.join(os.path.dirname(
            os.path.realpath(__file__)), "static/uploads")
        app.config["ALLOWED_EXTENSIONS"] = ["jpg", "png", "mov", "mp4", "mpg"]
        app.config["MAX_CONTENT_LENGTH"] = 1000 * 1024
    
        jwt = JWT(app, authenticate, identity)
        db.init_app(app)
        ma.init_app(app)
        file_upload.init_app(app, db)
        return app
    
    
    if __name__ == "__main__":
        app = create_app()
        app.run(host="0.0.0.0", debug=True)
    
    bug 
    opened by kylowrobelek 1
  • Bump bleach from 3.1.2 to 3.1.4

    Bump bleach from 3.1.2 to 3.1.4

    Bumps bleach from 3.1.2 to 3.1.4.

    Changelog

    Sourced from bleach's changelog.

    Version 3.1.4 (March 24th, 2020)

    Security fixes

    • bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS).

      Calls to bleach.clean with an allowed tag with an allowed style attribute were vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

      This issue was confirmed in Bleach versions v3.1.3, v3.1.2, v3.1.1, v3.1.0, v3.0.0, v2.1.4, and v2.1.3. Earlier versions used a similar regular expression and should be considered vulnerable too.

      Anyone using Bleach <=v3.1.3 is encouraged to upgrade.

      https://bugzilla.mozilla.org/show_bug.cgi?id=1623633

    Backwards incompatible changes

    • Style attributes with dashes, or single or double quoted values are cleaned instead of passed through.

    Features

    None

    Bug fixes

    None

    Version 3.1.3 (March 17th, 2020)

    Security fixes

    None

    Backwards incompatible changes

    None

    Features

    • Add relative link to code of conduct. (#442)

    • Drop deprecated 'setup.py test' support. (#507)

    ... (truncated)
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump bleach from 3.1.1 to 3.1.2

    Bump bleach from 3.1.1 to 3.1.2

    Bumps bleach from 3.1.1 to 3.1.2.

    Changelog

    Sourced from bleach's changelog.

    Version 3.1.2 (March 11th, 2020)

    Security fixes

    • bleach.clean behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS.

      Calls to bleach.clean with strip=False and math or svg tags and one or more of the RCDATA tags script, noscript, style, noframes, iframe, noembed, or xmp in the allowed tags whitelist were vulnerable to a mutation XSS.

      This security issue was confirmed in Bleach version v3.1.1. Earlier versions are likely affected too.

      Anyone using Bleach <=v3.1.1 is encouraged to upgrade.

      https://bugzilla.mozilla.org/show_bug.cgi?id=1621692

    Backwards incompatible changes

    None

    Features

    None

    Bug fixes

    None

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump wheel from 0.36.2 to 0.38.1

    Bump wheel from 0.36.2 to 0.38.1

    Bumps wheel from 0.36.2 to 0.38.1.

    Changelog

    Sourced from wheel's changelog.

    Release Notes

    UNRELEASED

    • Updated vendored packaging to 22.0

    0.38.4 (2022-11-09)

    • Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

    0.38.3 (2022-11-08)

    • Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

    0.38.2 (2022-11-05)

    • Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

    0.38.1 (2022-11-04)

    • Removed install dependency on setuptools
    • The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

    0.38.0 (2022-10-21)

    • Dropped support for Python < 3.7
    • Updated vendored packaging to 21.3
    • Replaced all uses of distutils with setuptools
    • The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.
    • Fixed potential DoS attack via the WHEEL_INFO_RE regular expression
    • Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

    0.37.1 (2021-12-22)

    • Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)
    • Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

    0.37.0 (2021-08-09)

    • Added official Python 3.10 support
    • Updated vendored packaging library to v20.9

    ... (truncated)

    Commits
    • 6f1608d Created a new release
    • cf8f5ef Moved news item from PR #484 to its proper place
    • 9ec2016 Removed install dependency on setuptools (#483)
    • 747e1f6 Fixed PyPy SOABI parsing (#484)
    • 7627548 [pre-commit.ci] pre-commit autoupdate (#480)
    • 7b9e8e1 Test on Python 3.11 final
    • a04dfef Updated the pypi-publish action
    • 94bb62c Fixed docs not building due to code style changes
    • d635664 Updated the codecov action to the latest version
    • fcb94cd Updated version to match the release
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump certifi from 2021.5.30 to 2022.12.7

    Bump certifi from 2021.5.30 to 2022.12.7

    Bumps certifi from 2021.5.30 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • sample javascript to check file size before upload and resize.

    sample javascript to check file size before upload and resize.

    found this on reddit(hi again)

    these javascript examples should be useful in promoting adoption.

    https://stackoverflow.com/questions/3717793/javascript-file-upload-size-validation/3717847

    https://stackoverflow.com/questions/23945494/use-html5-to-resize-an-image-before-upload

    thanks for posting the code.

    documentation 
    opened by aspiringguru 0
  • Switch from os.path to pathlib

    Switch from os.path to pathlib

    os.path is far inferior and worse to the newer pathlib.

    pathlib is a class based way of handling file paths, that works platform independently as it tries to translate paths.

    enhancement 
    opened by laundmo 1
  • Stores Files as 0 byte files

    Stores Files as 0 byte files

    Not sure if I am not using file_upload.save_files correctly, but the files that it saves are 0 bytes but have the correct name.

    Here is how I am using save_files:

    userFileModel = UserFiles(userId=current_user.id) userFile = file_upload.save_files(userFileModel, files={ "userFile": file, })

    And here is my UserFiles model:

    @file_upload.Model class UserFiles(db.Model): __tablename __ = "UserFiles" id = db.Column(db.Integer, primary_key=True) userFile = file_upload.Column() userId = db.Column(db.Integer, db.ForeignKey("User.id"))

    Here is my upload folder configuration: app = Flask(name) app.config["ALLOWED_EXTENSIONS"] = ["jpg", "png", "mov", "mp4", "mpg"] app.config["MAX_CONTENT_LENGTH"] = 1000 * 1024 * 1024 # 1000mb app.config["UPLOAD_FOLDER"] = os.path.join(basedir,"./static/uploads") db = SQLAlchemy(app) file_upload = FileUpload(app, db)

    Not sure if this is a bug or an error on my end, but I have read through the documentation and it seems like this should yield files stored on static/uploads with their full data, but instead they are empty.

    question 
    opened by lcundiff 1
Releases(02.1)
Owner
Joe Gasewicz
Hi! I'm a Python, Typescript & C Developer. I'm also a Jazz bassist. I'm based in London, UK & available for contracts in mid April 2021
Joe Gasewicz
Open-source Flask Sample built on top of flask-dance library

Open-source Flask Sample built on top of flask-dance library. The project implements the social login for Github and Twitter - Originally coded by TestDriven.IO.

App Generator 4 Jul 26, 2022
A simple demo of using aiogram + async sqlalchemy 1.4+

aiogram-and-sqlalchemy-demo A simple demo of using aiogram + async sqlalchemy 1.4+ Used tech: aiogram SQLAlchemy 1.4+ PostgreSQL as database asyncpg a

Aleksandr 68 Dec 31, 2022
iloveflask is a Python library to collect functions that help a flask developer generate reports, config files and repeat code.

I Love Flask iloveflask is a Python library to collect functions that help a flask developer generate reports, config files and repeat code. Installat

2 Dec 29, 2021
retorna informações de pessoas que não existem

random-person-api API que entrega dados aleatórios sobre pessoas que (provavelmente) não existem. Como usar? Copie o link abaixo https://random-person

Miguel 3 Aug 09, 2022
Paid roles for discord using Stripe, Python, Flask & Docker

Welcome to Paycord Paid roles for discord using Stripe, Python, Flask & Docker. Setup Production On stripe dashboard, go Developers ➡️ Webhooks ➡️ Add

Ward 12 Dec 28, 2022
A flask template with Bootstrap 4, asset bundling+minification with webpack, starter templates, and registration/authentication.

cookiecutter-flask A Flask template for cookiecutter. (Supports Python ≥ 3.6) See this repo for an example project generated from the most recent vers

4.3k Jan 06, 2023
Example Flask application illustrating some of my common practices

Overholt Overholt is an example Flask application illustrating some of my common practices Development Environment At the bare minimum you'll need the

Matt Wright 1.6k Dec 15, 2022
Boilerplate code for basic flask web apps

Flask Boilerplate This repository contains boilerplate code to start a project instantly It's mainly for projects which you plan to ship in less than

Abhishek 6 Sep 27, 2021
A basic CRUD application built in flask using postgres as database

flask-postgres-CRUD A basic CRUD application built in flask using postgres as database Taks list Dockerfile Initial docker-compose - It is working Dat

Pablo Emídio S.S 9 Sep 25, 2022
Track requests to your Flask website with Matomo

Flask-Matomo Flask-Matomo is a library which lets you track the requests of your Flask website using Matomo (Piwik). Installation pip install flask-ma

Lucas Hild 13 Jul 14, 2022
PatientDB is a flask app to store patient information.

PatientDB PatientDB on Heroku "PatientDB is a simple web app that stores patient information, able to edit the information, and able to query the data

rbb 2 Jan 31, 2022
SQL Alchemy dialect for Neo4j

SQL Alchemy dialect for Neo4j This package provides the SQL dialect for Neo4j, using the official JDBC driver (the Neo4j "BI Connector" ) Installation

Beni Ben zikry 8 Jan 02, 2023
Flask-Starter is a boilerplate starter template designed to help you quickstart your Flask web application development.

Flask-Starter Flask-Starter is a boilerplate starter template designed to help you quickstart your Flask web application development. It has all the r

Kundan Singh 259 Dec 26, 2022
Live Corona statistics and information site with flask.

Flask Live Corona Info Live Corona statistics and information site with flask. Tools Flask Scrapy Matplotlib How to Run Project Download Codes git clo

Mohammad Dori 5 Jul 15, 2022
Companion code to my O'Reilly book "Flask Web Development", second edition.

Flasky This repository contains the source code examples for the second edition of my O'Reilly book Flask Web Development. The commits and tags in thi

Miguel Grinberg 8k Dec 27, 2022
Browsable web APIs for Flask.

Flask API Browsable web APIs for Flask. Status: This project is in maintenance mode. The original author (Tom Christie) has shifted his focus to API S

Flask API 1.3k Jan 05, 2023
Free casino website. Madden just for learning / fun

Website Casino Free casino website. Madden just for learning / fun. Uses Jinja2 (HTML), Flask, JavaScript, etc. Dice game Preview

Kirill Zhosul 0 Jun 22, 2022
With Flask. Everything in a JSON.

Little Library REST API py 3.10 The only one requeriment it's to have Flask installed. To run this, in ./src/(if you're in PS): $env:FLASK_APP="app

Luis Quiñones Requelme 1 Dec 15, 2021
flask extension for integration with the awesome pydantic package

Flask-Pydantic Flask extension for integration of the awesome pydantic package with Flask. Installation python3 -m pip install Flask-Pydantic Basics v

249 Jan 06, 2023
A simple FastAPI web service + Vue.js based UI over a rclip-style clip embedding database.

Explore CLIP Embeddings in a rclip database A simple FastAPI web service + Vue.js based UI over a rclip-style clip embedding database. A live demo of

18 Oct 15, 2022