Доработки, разработка call2api

2026-06-11 13:18:22 +03:00
parent 5ad2da7af8
commit 28c6f09767
3 changed files with 98 additions and 17 deletions
@@ -112,6 +112,7 @@ class FileServerHandler(BaseHTTPRequestHandler):
        self.send_html(content)

    def handle_login_page(self):
+        cursor = database.DB_CONN.cursor()
        if self.path == "/login" and self.command == "POST":
            content_length = int(self.headers.get("Content-Length", 0))
            post_data = self.rfile.read(content_length).decode("utf-8")
@@ -119,7 +120,6 @@ class FileServerHandler(BaseHTTPRequestHandler):
            username = params.get("username", [""])[0]
            password = params.get("password", [""])[0]

-            cursor = database.DB_CONN.cursor()
            cursor.execute(
                "SELECT password_hash FROM users WHERE username = ?", (username,)
            )
@@ -146,10 +146,16 @@ class FileServerHandler(BaseHTTPRequestHandler):
                self.send_html(content, 401)
                return

+        # Check if user already authorized
        username = self.get_session_user()
        if username:
-            self.send_redirect("/files")
-            return
+            # Check if user really exist
+            cursor.execute("SELECT username FROM users WHERE username = ?", (username,))
+            username_row = cursor.fetchone()
+            if username_row:
+                self.send_redirect("/files")
+                return
+
        content = self.render_login_form()
        self.send_html(content)

@@ -191,6 +197,13 @@ class FileServerHandler(BaseHTTPRequestHandler):

        used_mb = get_user_used_space(username)
        cursor = database.DB_CONN.cursor()
+        cursor.execute("SELECT quota_mb FROM users WHERE username = ?", (username,))
+        available_mb_row = cursor.fetchone()
+        # If user not authorized
+        if not available_mb_row:
+            self.send_redirect("/login")
+            return
+        available_mb = available_mb_row[0]
        cursor.execute(
            "UPDATE users SET used_mb = ? WHERE username = ?", (used_mb, username)
        )
@@ -230,7 +243,7 @@ class FileServerHandler(BaseHTTPRequestHandler):
    <h1><a href="/">SimpliestFS</a></h1>
    <h2>My Files</h2>
    <div class="quota-info">
-        Quota: {CONFIG["storage"]["default_quota_mb"]} MB | Used: {used_mb:.2f} MB
+        Quota: {available_mb} MB | Used: {used_mb:.2f} MB
    </div>
    <form method="POST" enctype="multipart/form-data" action="/upload">
        <input type="file" name="file" required>