diff --git a/app.py b/app.py index 9c95282..8d89b5f 100644 --- a/app.py +++ b/app.py @@ -35,7 +35,7 @@ def create_app(): @app.context_processor def inject_csrf_token(): - return dict(csrf_token=lambda: generate_csrf()) + return dict(csrf_token=generate_csrf()) @app.context_processor def inject_config(): diff --git a/routes/__pycache__/main.cpython-313.pyc b/routes/__pycache__/main.cpython-313.pyc index 78e2e9f..f22b596 100644 Binary files a/routes/__pycache__/main.cpython-313.pyc and b/routes/__pycache__/main.cpython-313.pyc differ diff --git a/routes/__pycache__/room_files.cpython-313.pyc b/routes/__pycache__/room_files.cpython-313.pyc index 95da95d..21e9e67 100644 Binary files a/routes/__pycache__/room_files.cpython-313.pyc and b/routes/__pycache__/room_files.cpython-313.pyc differ diff --git a/routes/main.py b/routes/main.py index e63c796..ae2f817 100644 --- a/routes/main.py +++ b/routes/main.py @@ -2,7 +2,6 @@ from flask import render_template, Blueprint, redirect, url_for, request, flash, from flask_login import current_user, login_required from models import User, db, Room, RoomFile, RoomMemberPermission, SiteSettings, Event from routes.auth import require_password_change -from utils.event_logger import log_event import os from werkzeug.utils import secure_filename from sqlalchemy import func, case, literal_column, text @@ -361,10 +360,6 @@ def init_routes(main_bp): } logger.debug(f"Preparing to create profile update event with details: {event_details}") - # Create the event - event = log_event('user_update', event_details, current_user.id) - logger.debug("Event object created and added to session") - # Commit all changes db.session.commit() logger.debug("Profile changes and event committed to database successfully") diff --git a/static/js/debugging.js b/static/js/debugging.js index 498c503..4271dd2 100644 --- a/static/js/debugging.js +++ b/static/js/debugging.js @@ -22,7 +22,7 @@ document.getElementById('syncFilesBtn').addEventListener('click', async function method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content') + 'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content') } }); @@ -81,7 +81,7 @@ document.getElementById('verifyDbBtn').addEventListener('click', async function( method: 'GET', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content') + 'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content') } }); @@ -137,7 +137,7 @@ document.getElementById('cleanupOrphanedBtn').addEventListener('click', async fu method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content') + 'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content') } }); diff --git a/static/js/events.js b/static/js/events.js index f33b95e..78cd9e9 100644 --- a/static/js/events.js +++ b/static/js/events.js @@ -52,12 +52,12 @@ document.addEventListener('DOMContentLoaded', function() { // Format the details for display const formattedDetails = { - 'Event ID': data.id, - 'Event Type': data.event_type, - 'Timestamp': new Date(data.timestamp).toLocaleString(), - 'User': data.user ? `${data.user.username} (${data.user.last_name})` : 'N/A', - 'IP Address': data.ip_address || 'N/A', - 'User Agent': data.user_agent || 'N/A' + // 'Event ID': data.id, + // 'Event Type': data.event_type, + // 'Timestamp': new Date(data.timestamp).toLocaleString(), + // 'User': data.user ? `${data.user.username} (${data.user.last_name})` : 'N/A', + // 'IP Address': data.ip_address || 'N/A', + // 'User Agent': data.user_agent || 'N/A' }; // Handle details separately diff --git a/static/js/file-grid.js b/static/js/file-grid.js index 36ffc80..2f7043e 100644 --- a/static/js/file-grid.js +++ b/static/js/file-grid.js @@ -80,7 +80,7 @@ function toggleView(view) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ preferred_view: view }) }) @@ -344,7 +344,7 @@ function toggleStar(filename, path = '', roomId) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: filename, @@ -384,7 +384,7 @@ function restoreFile(filename, path = '', roomId) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: filename, @@ -438,7 +438,7 @@ function permanentDeleteFile() { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: filename, @@ -530,7 +530,7 @@ function emptyTrash() { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken } }) ); diff --git a/static/js/rooms/fileManager.js b/static/js/rooms/fileManager.js index b290ac3..039c3ac 100644 --- a/static/js/rooms/fileManager.js +++ b/static/js/rooms/fileManager.js @@ -89,7 +89,7 @@ export class FileManager { const response = await fetch(url, { method: 'DELETE', headers: { - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken } }); @@ -276,7 +276,7 @@ export class FileManager { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: file.name, @@ -339,7 +339,7 @@ export class FileManager { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: filename, @@ -513,7 +513,7 @@ export class FileManager { try { const response = await fetch(url, { method: 'DELETE', - headers: { 'X-CSRFToken': csrfToken } + headers: { 'X-CSRF-Token': csrfToken } }); const result = await response.json(); if (!result.success) { @@ -536,7 +536,7 @@ export class FileManager { try { const response = await fetch(url, { method: 'DELETE', - headers: { 'X-CSRFToken': csrfToken } + headers: { 'X-CSRF-Token': csrfToken } }); const result = await response.json(); if (result.success) { diff --git a/static/js/rooms/modalManager.js b/static/js/rooms/modalManager.js index fb95cd6..0d62df8 100644 --- a/static/js/rooms/modalManager.js +++ b/static/js/rooms/modalManager.js @@ -319,7 +319,7 @@ export class ModalManager { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ name: folderName, diff --git a/static/js/rooms/uploadManager.js b/static/js/rooms/uploadManager.js index 4522f93..b9de46f 100644 --- a/static/js/rooms/uploadManager.js +++ b/static/js/rooms/uploadManager.js @@ -240,7 +240,7 @@ export class UploadManager { const csrfToken = document.querySelector('meta[name="csrf-token"]').getAttribute('content'); const response = await fetch(`/api/rooms/${this.roomManager.roomId}/files/upload`, { method: 'POST', - headers: { 'X-CSRFToken': csrfToken }, + headers: { 'X-CSRF-Token': csrfToken }, body: formData }); diff --git a/static/js/starred.js b/static/js/starred.js index 7698d27..d36bfa7 100644 --- a/static/js/starred.js +++ b/static/js/starred.js @@ -67,7 +67,7 @@ function toggleView(view) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content') + 'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content') }, body: JSON.stringify({ preferred_view: view }) }) diff --git a/static/js/trash.js b/static/js/trash.js index 3492846..6034cc9 100644 --- a/static/js/trash.js +++ b/static/js/trash.js @@ -70,7 +70,7 @@ window.emptyTrash = function() { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken } }) ); @@ -189,7 +189,7 @@ function toggleView(view) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content') + 'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content') }, body: JSON.stringify({ preferred_view: view }) }) diff --git a/templates/rooms/roombefore.html b/templates/rooms/roombefore.html index e34df3c..5c6630e 100644 --- a/templates/rooms/roombefore.html +++ b/templates/rooms/roombefore.html @@ -611,7 +611,7 @@ function toggleView(view) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': document.querySelector('meta[name="csrf-token"]').getAttribute('content') + 'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content') }, body: JSON.stringify({ preferred_view: view }) }) @@ -974,7 +974,7 @@ if (canDownload === true || canDownload === 'true') { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ items: selectedItems }) }) @@ -1057,7 +1057,7 @@ function deleteFileConfirmed() { if (item.path) url += `?path=${encodeURIComponent(item.path)}`; fetch(url, { method: 'DELETE', - headers: { 'X-CSRFToken': csrfToken } + headers: { 'X-CSRF-Token': csrfToken } }) .then(r => r.json()) .then(() => { @@ -1078,7 +1078,7 @@ function deleteFileConfirmed() { fetch(url, { method: 'DELETE', headers: { - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken } }) .then(r => r.json()) @@ -1140,7 +1140,7 @@ document.getElementById('confirmRenameBtn').addEventListener('click', function() method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ old_name: renameTarget, @@ -1199,7 +1199,7 @@ function toggleStar(filename, path) { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: filename, @@ -1296,7 +1296,7 @@ function moveFileConfirmed() { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ filename: fileToMove, @@ -1368,7 +1368,7 @@ document.addEventListener('DOMContentLoaded', function() { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ name: folderName, @@ -1552,7 +1552,7 @@ document.addEventListener('DOMContentLoaded', function() { const response = await fetch(`/api/rooms/${roomId}/files/upload`, { method: 'POST', - headers: { 'X-CSRFToken': csrfToken }, + headers: { 'X-CSRF-Token': csrfToken }, body: uploadFormData }); @@ -1605,7 +1605,7 @@ document.addEventListener('DOMContentLoaded', function() { uploadFormData.append('overwrite', 'true'); const retryResponse = await fetch(`/api/rooms/${roomId}/files/upload`, { method: 'POST', - headers: { 'X-CSRFToken': csrfToken }, + headers: { 'X-CSRF-Token': csrfToken }, body: uploadFormData }); @@ -1622,7 +1622,7 @@ document.addEventListener('DOMContentLoaded', function() { uploadFormData.append('overwrite', 'true'); const retryResponse = await fetch(`/api/rooms/${roomId}/files/upload`, { method: 'POST', - headers: { 'X-CSRFToken': csrfToken }, + headers: { 'X-CSRF-Token': csrfToken }, body: uploadFormData }); @@ -1658,7 +1658,7 @@ document.addEventListener('DOMContentLoaded', function() { uploadFormData.append('overwrite', 'true'); const retryResponse = await fetch(`/api/rooms/${roomId}/files/upload`, { method: 'POST', - headers: { 'X-CSRFToken': csrfToken }, + headers: { 'X-CSRF-Token': csrfToken }, body: uploadFormData }); @@ -1729,7 +1729,7 @@ if (canRename === true || canRename === 'true') { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ old_name: renameTarget, @@ -1771,7 +1771,7 @@ if (canDownload === true || canDownload === 'true') { method: 'POST', headers: { 'Content-Type': 'application/json', - 'X-CSRFToken': csrfToken + 'X-CSRF-Token': csrfToken }, body: JSON.stringify({ items: selectedItems }) }) diff --git a/utils/__pycache__/__init__.cpython-313.pyc b/utils/__pycache__/__init__.cpython-313.pyc index 56970cb..6b2462b 100644 Binary files a/utils/__pycache__/__init__.cpython-313.pyc and b/utils/__pycache__/__init__.cpython-313.pyc differ