added seperate users for backend events

2026-01-06 16:25:09 -05:00
parent d7fc3c0cab
commit fd1057662f
11 changed files with 172 additions and 80 deletions
--- a/api/image_api.py
+++ b/api/image_api.py
@@ -3,13 +3,14 @@ import os
 from PIL import Image as PILImage, UnidentifiedImageError
 from flask import Blueprint, request, jsonify, send_file
 from tinydb import Query
+
+from api.utils import get_current_user_id, sanitize_email
 from config.paths import get_user_image_dir

 from db.db import image_db
 from models.image import Image

 image_api = Blueprint('image_api', __name__)
-UPLOAD_FOLDER = get_user_image_dir("user123")
 ALLOWED_EXTENSIONS = {'jpg', 'jpeg', 'png'}
 IMAGE_TYPE_PROFILE = 1
 IMAGE_TYPE_ICON = 2
@@ -20,6 +21,9 @@ def allowed_file(filename):

@image_api.route('/image/upload', methods=['POST'])
 def upload():
+    user_id = get_current_user_id()
+    if not user_id:
+        return jsonify({'error': 'User not authenticated'}), 401
    if 'file' not in request.files:
        return jsonify({'error': 'No file part in the request'}), 400
    file = request.files['file']
@@ -60,13 +64,11 @@ def upload():

    format_extension_map = {'JPEG': '.jpg', 'PNG': '.png'}
    extension = format_extension_map.get(original_format, '.png')
-
-    image_record = Image(extension=extension, permanent=perm, type=image_type, user="user123")
+    image_record = Image(extension=extension, permanent=perm, type=image_type, user=user_id)
    filename = image_record.id + extension
-    filepath = os.path.abspath(os.path.join(UPLOAD_FOLDER, filename))
+    filepath = os.path.abspath(os.path.join(get_user_image_dir(sanitize_email(user_id)), filename))

    try:
-        os.makedirs(UPLOAD_FOLDER, exist_ok=True)
        # Save with appropriate format
        save_params = {}
        if pil_image.format == 'JPEG':