From: Chris Fulljames Date: Wed, 19 Feb 2025 01:21:41 +0000 (-0500) Subject: Use header instead of url params X-Git-Url: https://littlesong.place/gitweb/gitweb.cgi?a=commitdiff_plain;h=ef3211bec9e1b4f97ea4aeaf7358c7c083fc1af4;p=littlesongplace.git Use header instead of url params --- diff --git a/main.py b/main.py index ce82110..d6b28e4 100644 --- a/main.py +++ b/main.py @@ -97,7 +97,7 @@ def signup_post(): if error: app.logger.info("Failed signup attempt") - return auto_redirect(request.referrer) + return redirect(request.referrer) password = bcrypt.hashpw(password.encode(), bcrypt.gensalt()) timestamp = datetime.now(timezone.utc).isoformat() @@ -107,7 +107,7 @@ def signup_post(): flash("User created. Please sign in to continue.", "success") app.logger.info(f"Created user {username}") - return auto_redirect("/login") + return redirect("/login") @app.get("/login") def login_get(): @@ -127,7 +127,7 @@ def login_post(): session.permanent = True app.logger.info(f"{username} logged in") - return auto_redirect(f"/users/{username}") + return redirect(f"/users/{username}") flash("Invalid username/password", "error") app.logger.info(f"Failed login for {username}") @@ -142,7 +142,7 @@ def logout(): if "userid" in session: session.pop("userid") - return auto_redirect("/") + return redirect("/") @app.get("/users/") def users_profile(profile_username): @@ -228,7 +228,7 @@ def edit_profile(): app.logger.info(f"{session['username']} updated bio") - return auto_redirect(f"/users/{session['username']}") + return redirect(f"/users/{session['username']}") @app.get("/pfp/") def pfp(userid): @@ -237,7 +237,7 @@ def pfp(userid): @app.get("/edit-song") def edit_song(): if not "userid" in session: - return auto_redirect("/login") # Must be logged in to edit + return redirect("/login") # Must be logged in to edit song = None @@ -265,7 +265,7 @@ def edit_song(): @app.post("/upload-song") def upload_song(): if not "userid" in session: - return auto_redirect("/login") # Must be logged in to edit + return redirect("/login") # Must be logged in to edit error = validate_song_form() @@ -279,12 +279,12 @@ def upload_song(): if not error: username = session["username"] app.logger.info(f"{username} uploaded/modified a song") - return auto_redirect(f"/users/{username}") + return redirect(f"/users/{username}") else: username = session["username"] app.logger.info(f"Failed song update - {username}") - return auto_redirect(request.referrer) + return redirect(request.referrer) def validate_song_form(): title = request.form["title"] @@ -505,7 +505,7 @@ def delete_song(songid): app.logger.info(f"{session['username']} deleted song: {song_data['title']}") flash_and_log(f"Deleted '{song_data['title']}'", "success") - return auto_redirect(request.referrer) + return redirect(request.referrer) @app.get("/song//") def song(userid, songid): @@ -551,7 +551,7 @@ def songs(): @app.route("/comment", methods=["GET", "POST"]) def comment(): if not "userid" in session: - return auto_redirect("/login") + return redirect("/login") if not "songid" in request.args: abort(400) # Must have songid @@ -630,12 +630,12 @@ def redirect_to_previous_page(): if "previous_page" in session: previous_page = session["previous_page"] session.pop("previous_page") - return auto_redirect(previous_page) + return redirect(previous_page) @app.get("/delete-comment/") def comment_delete(commentid): if "userid" not in session: - return auto_redirect("/login") + return redirect("/login") comment = query_db("select c.userid as comment_user, s.userid as song_user from song_comments as c inner join songs as s on c.songid == s.songid where commentid = ?", [commentid], one=True) if not comment: @@ -649,12 +649,12 @@ def comment_delete(commentid): query_db("delete from song_comments where (commentid = ?) or (replytoid = ?)", [commentid, commentid]) get_db().commit() - return auto_redirect(request.referrer) + return redirect(request.referrer) @app.get("/activity") def activity(): if not "userid" in session: - return auto_redirect("/login") + return redirect("/login") # Get comment notifications comments = query_db( @@ -708,12 +708,12 @@ def site_news(): @app.post("/create-playlist") def create_playlist(): if not "userid" in session: - return auto_redirect("/login") + return redirect("/login") name = request.form["name"] if not name or len(name) > 200: flash_and_log("Playlist must have a name", "error") - return auto_redirect(request.referrer) + return redirect(request.referrer) timestamp = datetime.now(timezone.utc).isoformat() @@ -731,7 +731,7 @@ def create_playlist(): ) get_db().commit() flash_and_log(f"Created playlist {name}", "success") - return auto_redirect(request.referrer) + return redirect(request.referrer) @app.get("/delete-playlist/") def delete_playlist(playlistid): @@ -752,7 +752,7 @@ def delete_playlist(playlistid): get_db().commit() flash_and_log(f"Deleted playlist {plist_data['name']}", "success") - return auto_redirect(f"/users/{session['username']}") + return redirect(f"/users/{session['username']}") @app.post("/append-to-playlist") def append_to_playlist(): @@ -794,7 +794,7 @@ def append_to_playlist(): flash_and_log(f"Added '{song_data['title']}' to {plist_data['name']}", "success") - return auto_redirect(request.referrer) + return redirect(request.referrer) @app.post("/edit-playlist/") def edit_playlist_post(playlistid): @@ -814,7 +814,7 @@ def edit_playlist_post(playlistid): name = request.form["name"] if not name or len(name) > 200: flash_and_log("Playlist must have a name", "error") - return auto_redirect(request.referrer) + return redirect(request.referrer) # Make sure all songs are valid songids = [] @@ -845,7 +845,7 @@ def edit_playlist_post(playlistid): get_db().commit() flash_and_log("Playlist updated", "success") - return auto_redirect(request.referrer) + return redirect(request.referrer) @app.get("/playlists/") def playlists(playlistid): @@ -928,15 +928,9 @@ def get_current_user_playlists(): return plist_data -def auto_redirect(url): - if request.args.get("request-type", None) == "ajax": - return redirect(url + "?request-type=ajax") - else: - return redirect(url) - @app.context_processor def inject_global_vars(): - use_json = request.args.get("request-type", None) == "ajax" + use_json = request.headers["Accept"] == "application/json" return dict( gif_data=get_gif_data(), current_user_playlists=get_current_user_playlists(), diff --git a/templates/base.html b/templates/base.html index 69b1a9d..be0e150 100644 --- a/templates/base.html +++ b/templates/base.html @@ -25,14 +25,11 @@ event.preventDefault(); - // Add AJAX type specifier to URL params - targetUrl.searchParams.set("request-type", "ajax") - // Update HTML getPageAjax(targetUrl); - }); + }) async function getPageAjax(url) { - fetch(url, {redirect: "follow"}).then(async (response) => { + fetch(url, {redirect: "follow", headers: {"Accept": "application/json"}}).then(async (response) => { // Update URL in browser window, minus request-type field var url = new URL(response.url); url.searchParams.delete("request-type"); diff --git a/todo.txt b/todo.txt index a6b7902..5867d39 100644 --- a/todo.txt +++ b/todo.txt @@ -3,6 +3,7 @@ NOW - Forms - Back (history stack) - Update page colors + - Use correct content type header for response - Break up main.py, test_offline.py - Pinned profile playlists