Spaces:

zetarmany
/

Force7

Sleeping

App Files Files Community

zetarmany commited on Mar 11

Commit

fdd0871

verified ·

1 Parent(s): cd37043

Update app.py

Browse files

Files changed (1) hide show

app.py +91 -241

app.py CHANGED Viewed

@@ -6,46 +6,34 @@ from flask_login import LoginManager, UserMixin, login_user, login_required, log
 from werkzeug.security import generate_password_hash, check_password_hash
 from werkzeug.utils import secure_filename
 from datetime import datetime
-import functools
 app = Flask(__name__)
 app.config['SECRET_KEY'] = 'angkatan-rahasia-2024-2026'
 app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///gallery.db'
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 app.config['UPLOAD_FOLDER'] = 'static/uploads'
-app.config['MAX_CONTENT_LENGTH'] = 50 * 1024 * 1024  # 50MB max file size
-app.config['REMEMBER_COOKIE_DURATION'] = 60 * 60 * 24 * 7  # 7 hari
-# Buat folder upload jika belum ada
 os.makedirs(app.config['UPLOAD_FOLDER'], exist_ok=True)
-# Database initialization
 db = SQLAlchemy(app)
 # Login manager
 login_manager = LoginManager()
 login_manager.init_app(app)
-login_manager.login_view = 'login'
-login_manager.login_message = 'Silakan login terlebih dahulu!'
-login_manager.login_message_category = 'warning'
-login_manager.refresh_view = 'login'
-login_manager.needs_refresh_message = 'Sesi habis, silakan login ulang'
-login_manager.needs_refresh_message_category = 'warning'
-# MODELS
 class User(UserMixin, db.Model):
     __tablename__ = 'users'
     id = db.Column(db.Integer, primary_key=True)
     username = db.Column(db.String(80), unique=True, nullable=False)
     password_hash = db.Column(db.String(200), nullable=False)
     is_admin = db.Column(db.Boolean, default=False)
     created_at = db.Column(db.DateTime, default=datetime.utcnow)
-    # Relasi
-    photos = db.relationship('Photo', backref='uploader', lazy=True)
-    likes = db.relationship('Like', backref='user', lazy=True)
     def set_password(self, password):
         self.password_hash = generate_password_hash(password)
@@ -54,7 +42,6 @@ class User(UserMixin, db.Model):
 class Photo(db.Model):
     __tablename__ = 'photos'
     id = db.Column(db.Integer, primary_key=True)
     filename = db.Column(db.String(200), nullable=False)
     caption = db.Column(db.String(500))
@@ -62,341 +49,204 @@ class Photo(db.Model):
     uploader_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False)
     likes_count = db.Column(db.Integer, default=0)
-    # Relasi
-    likes = db.relationship('Like', backref='photo', lazy=True, cascade='all, delete-orphan')
 class Like(db.Model):
     __tablename__ = 'likes'
     id = db.Column(db.Integer, primary_key=True)
     user_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False)
     photo_id = db.Column(db.Integer, db.ForeignKey('photos.id'), nullable=False)
     created_at = db.Column(db.DateTime, default=datetime.utcnow)
-    # Kombinasi user_id dan photo_id harus unik (1 user hanya bisa like 1x per foto)
-    __table_args__ = (db.UniqueConstraint('user_id', 'photo_id', name='unique_user_photo_like'),)
 @login_manager.user_loader
 def load_user(user_id):
-    return db.session.get(User, int(user_id))
-# Buat file lock untuk mencegah multiple workers menjalankan inisialisasi bersamaan
-lock_file = '/tmp/app_initialized.lock'
-# INITIALIZE DATABASE AND ADMIN (HANYA SEKALI)
 with app.app_context():
-    # Buat tables
     db.create_all()
-    print("✅ Database tables created!")
-    # Cek apakah sudah diinisialisasi sebelumnya
-    initialized = False
-    try:
-        if os.path.exists(lock_file):
-            with open(lock_file, 'r') as f:
-                if f.read().strip() == 'initialized':
-                    initialized = True
-                    print("📌 Database already initialized by another worker")
-    except:
-        pass
-    if not initialized:
-        # DAFTAR LENGKAP 11 ADMIN DARI SOAL
-        admins = [
-            {'username': 'Hilbraaaam', 'password': 'Ketua Angkatan 24-26'},
-            {'username': 'Hudzaifahh', 'password': 'Wakil ketua Angkatan 24-26'},
-            {'username': 'Rafasyahh', 'password': 'Humas Kesayangan'},
-            {'username': 'Elazzam', 'password': 'Eos 800 D'},
-            {'username': 'Azzam Diq', 'password': 'Shidiq'},
-            {'username': 'Dzikrii', 'password': 'Bayar woe'},
-            {'username': 'Ibrahim', 'password': 'Mboh'},
-            {'username': 'Yusupp', 'password': 'Bangun'},
-            {'username': 'Azzam JR', 'password': 'Saturn'},
-            {'username': 'MK Azzam', 'password': 'Aneka Gold'},
-            {'username': 'Sami abd', 'password': 'TamTam'}
-        ]
-        # CEK ADMIN YANG SUDAH ADA
-        existing_admins = {admin.username for admin in User.query.filter_by(is_admin=True).all()}
-        print(f"📊 Admin yang sudah ada: {len(existing_admins)}")
-        # TAMBAHKAN ADMIN YANG BELUM ADA
-        new_admin_count = 0
-        for admin_data in admins:
-            if admin_data['username'] not in existing_admins:
-                try:
-                    admin = User(
-                        username=admin_data['username'],
-                        is_admin=True
-                    )
-                    admin.set_password(admin_data['password'])
-                    db.session.add(admin)
-                    new_admin_count += 1
-                    print(f"  ✓ Admin baru: {admin_data['username']}")
-                except Exception as e:
-                    print(f"  ❌ Gagal menambahkan {admin_data['username']}: {e}")
-        if new_admin_count > 0:
-            try:
-                db.session.commit()
-                print(f"✅ Berhasil menambahkan {new_admin_count} admin baru")
-                # Buat file lock
-                try:
-                    with open(lock_file, 'w') as f:
-                        f.write('initialized')
-                except:
-                    pass
-            except Exception as e:
-                db.session.rollback()
-                print(f"❌ Error saat commit: {e}")
-        else:
-            print("⚠️ Tidak ada admin baru yang ditambahkan")
-        # TAMPILKAN STATISTIK FINAL
-        total_admins = User.query.filter_by(is_admin=True).count()
-        total_users = User.query.count()
-        print(f"\n📊 Final stats:")
-        print(f"  ✅ Total admin: {total_admins}")
-        print(f"  ✅ Total user: {total_users}")
-# ROUTES
 @app.route('/')
 def index():
-    # Halaman publik - tidak perlu login
-    page = request.args.get('page', 1, type=int)
-    per_page = 12
-    photos = Photo.query.order_by(Photo.upload_date.desc()).paginate(page=page, per_page=per_page, error_out=False)
-    # Ambil trending (3 foto dengan like terbanyak)
     trending = Photo.query.order_by(Photo.likes_count.desc()).limit(3).all()
     return render_template('index.html', photos=photos, trending=trending)
 @app.route('/login', methods=['GET', 'POST'])
 def login():
     # Kalau sudah login, redirect ke home
     if current_user.is_authenticated:
-        if current_user.is_admin:
-            return redirect(url_for('admin_dashboard'))
         return redirect(url_for('index'))
     if request.method == 'POST':
         username = request.form.get('username')
         password = request.form.get('password')
-        remember = True if request.form.get('remember') else False
-        print(f"🔐 Login attempt: {username}")  # Debug
         user = User.query.filter_by(username=username).first()
         if user and user.check_password(password):
-            login_user(user, remember=remember)
-            flash(f'✅ Login berhasil! Selamat datang {username}', 'success')
-            print(f"  ✅ Login successful for {username}")  # Debug
-            next_page = request.args.get('next')
-            if next_page and next_page != url_for('login'):
-                return redirect(next_page)
             if user.is_admin:
-                return redirect(url_for('admin_dashboard'))
             return redirect(url_for('index'))
         else:
-            print(f"  ❌ Login failed for {username}")  # Debug
-            flash('❌ Username atau password salah!', 'error')
     return render_template('login.html')
 @app.route('/logout')
 def logout():
     logout_user()
-    flash('👋 Anda telah logout', 'info')
     return redirect(url_for('index'))
 @app.route('/admin')
-def admin_dashboard():
-    # Cek login manual untuk hindari redirect loop
     if not current_user.is_authenticated:
-        flash('Silakan login terlebih dahulu!', 'warning')
-        return redirect(url_for('login', next=request.url))
     if not current_user.is_admin:
-        flash('⛔ Akses ditolak! Halaman ini hanya untuk admin', 'error')
         return redirect(url_for('index'))
     photos = Photo.query.order_by(Photo.upload_date.desc()).all()
-    total_photos = Photo.query.count()
-    total_likes = db.session.query(db.func.sum(Photo.likes_count)).scalar() or 0
-    return render_template('admin.html',
-                         photos=photos,
-                         total_photos=total_photos,
-                         total_likes=total_likes)
 @app.route('/upload', methods=['POST'])
-def upload_photo():
-    # Cek login manual
-    if not current_user.is_authenticated:
-        flash('Silakan login terlebih dahulu!', 'warning')
-        return redirect(url_for('login'))
-    if not current_user.is_admin:
-        flash('⛔ Akses ditolak!', 'error')
         return redirect(url_for('index'))
     if 'photo' not in request.files:
-        flash('❌ Tidak ada file yang dipilih', 'error')
-        return redirect(url_for('admin_dashboard'))
     file = request.files['photo']
     caption = request.form.get('caption', '')
     if file.filename == '':
-        flash('❌ Tidak ada file yang dipilih', 'error')
-        return redirect(url_for('admin_dashboard'))
-    # Cek ekstensi file
-    allowed_extensions = {'png', 'jpg', 'jpeg', 'gif', 'webp'}
-    if '.' not in file.filename or file.filename.rsplit('.', 1)[1].lower() not in allowed_extensions:
-        flash('❌ Format file tidak didukung! Gunakan: PNG, JPG, JPEG, GIF, WEBP', 'error')
-        return redirect(url_for('admin_dashboard'))
-    if file:
-        # Simpan file dengan nama yang aman
-        filename = secure_filename(file.filename)
-        # Tambahkan timestamp untuk menghindari nama duplikat
-        timestamp = datetime.now().strftime('%Y%m%d_%H%M%S_')
-        filename = timestamp + filename
-        filepath = os.path.join(app.config['UPLOAD_FOLDER'], filename)
-        file.save(filepath)
-        # Simpan ke database
-        photo = Photo(
-            filename=filename,
-            caption=caption,
-            uploader_id=current_user.id
-        )
-        db.session.add(photo)
-        db.session.commit()
-        flash(f'✅ Foto berhasil diupload!', 'success')
-        print(f"✅ Photo uploaded by {current_user.username}: {filename}")
-    return redirect(url_for('admin_dashboard'))
 @app.route('/delete/<int:photo_id>')
-def delete_photo(photo_id):
-    # Cek login manual
-    if not current_user.is_authenticated:
-        flash('Silakan login terlebih dahulu!', 'warning')
-        return redirect(url_for('login'))
-    if not current_user.is_admin:
-        flash('⛔ Akses ditolak!', 'error')
         return redirect(url_for('index'))
     photo = Photo.query.get(photo_id)
     if photo:
-        # Hapus file fisik
         filepath = os.path.join(app.config['UPLOAD_FOLDER'], photo.filename)
         if os.path.exists(filepath):
             os.remove(filepath)
-            print(f"✅ File deleted: {photo.filename}")
-        # Hapus dari database
         db.session.delete(photo)
         db.session.commit()
-        flash('✅ Foto berhasil dihapus!', 'success')
-    else:
-        flash('❌ Foto tidak ditemukan!', 'error')
-    return redirect(url_for('admin_dashboard'))
 @app.route('/like/<int:photo_id>', methods=['POST'])
-def like_photo(photo_id):
-    # Cek login manual
     if not current_user.is_authenticated:
-        return jsonify({'error': 'Silakan login terlebih dahulu'}), 401
     photo = Photo.query.get(photo_id)
     if not photo:
-        return jsonify({'error': 'Foto tidak ditemukan'}), 404
-    # Cek apakah user sudah like
     like = Like.query.filter_by(user_id=current_user.id, photo_id=photo_id).first()
     if like:
-        # Unlike
         db.session.delete(like)
         photo.likes_count -= 1
         liked = False
     else:
-        # Like
         like = Like(user_id=current_user.id, photo_id=photo_id)
         db.session.add(like)
         photo.likes_count += 1
         liked = True
     db.session.commit()
-    return jsonify({
-        'liked': liked,
-        'likes': photo.likes_count
-    })
 @app.route('/download/<int:photo_id>')
-def download_photo(photo_id):
     photo = Photo.query.get(photo_id)
     if photo:
         filepath = os.path.join(app.config['UPLOAD_FOLDER'], photo.filename)
         if os.path.exists(filepath):
             return send_file(filepath, as_attachment=True, download_name=photo.filename)
-    flash('❌ File tidak ditemukan!', 'error')
     return redirect(url_for('index'))
-@app.route('/slideshow_photos')
-def slideshow_photos():
-    # Ambil 10 foto terbaru untuk slideshow loading
     photos = Photo.query.order_by(Photo.upload_date.desc()).limit(10).all()
-    photos_data = [{'filename': photo.filename, 'caption': photo.caption} for photo in photos]
-    return jsonify(photos_data)
-@app.route('/list_admins')
-def list_admins():
-    """Route publik untuk melihat daftar admin (tanpa password)"""
     admins = User.query.filter_by(is_admin=True).all()
-    admin_list = [{'username': a.username, 'is_admin': a.is_admin} for a in admins]
     return jsonify({
-        'total_admins': len(admin_list),
-        'admins': admin_list
     })
-@app.route('/health')
-def health():
-    return jsonify({'status': 'ok', 'time': datetime.now().isoformat()})
-# Error handlers
-@app.errorhandler(404)
-def not_found_error(error):
-    flash('Halaman tidak ditemukan!', 'error')
-    return redirect(url_for('index'))
-@app.errorhandler(500)
-def internal_error(error):
-    db.session.rollback()
-    flash('Terjadi kesalahan internal server!', 'error')
-    return redirect(url_for('index'))
-@app.errorhandler(413)
-def too_large_error(error):
-    flash('File terlalu besar! Maksimal 50MB', 'error')
-    return redirect(url_for('admin_dashboard'))
-# Untuk Hugging Face
-if __name__ == "__main__":
     port = int(os.environ.get('PORT', 7860))
     app.run(host='0.0.0.0', port=port, debug=False)

 from werkzeug.security import generate_password_hash, check_password_hash
 from werkzeug.utils import secure_filename
 from datetime import datetime
 app = Flask(__name__)
 app.config['SECRET_KEY'] = 'angkatan-rahasia-2024-2026'
 app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///gallery.db'
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 app.config['UPLOAD_FOLDER'] = 'static/uploads'
+app.config['MAX_CONTENT_LENGTH'] = 50 * 1024 * 1024
+# Buat folder upload
 os.makedirs(app.config['UPLOAD_FOLDER'], exist_ok=True)
+# Database
 db = SQLAlchemy(app)
 # Login manager
 login_manager = LoginManager()
 login_manager.init_app(app)
+login_manager.login_view = 'login'  # Penting!
+# Models
 class User(UserMixin, db.Model):
     __tablename__ = 'users'
     id = db.Column(db.Integer, primary_key=True)
     username = db.Column(db.String(80), unique=True, nullable=False)
     password_hash = db.Column(db.String(200), nullable=False)
     is_admin = db.Column(db.Boolean, default=False)
     created_at = db.Column(db.DateTime, default=datetime.utcnow)
     def set_password(self, password):
         self.password_hash = generate_password_hash(password)
 class Photo(db.Model):
     __tablename__ = 'photos'
     id = db.Column(db.Integer, primary_key=True)
     filename = db.Column(db.String(200), nullable=False)
     caption = db.Column(db.String(500))
     uploader_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False)
     likes_count = db.Column(db.Integer, default=0)
+    uploader = db.relationship('User', backref='photos')
+    likes = db.relationship('Like', backref='photo', cascade='all, delete-orphan')
 class Like(db.Model):
     __tablename__ = 'likes'
     id = db.Column(db.Integer, primary_key=True)
     user_id = db.Column(db.Integer, db.ForeignKey('users.id'), nullable=False)
     photo_id = db.Column(db.Integer, db.ForeignKey('photos.id'), nullable=False)
     created_at = db.Column(db.DateTime, default=datetime.utcnow)
+    __table_args__ = (db.UniqueConstraint('user_id', 'photo_id'),)
 @login_manager.user_loader
 def load_user(user_id):
+    return User.query.get(int(user_id))
+# CREATE ADMIN USERS (11 admin)
 with app.app_context():
     db.create_all()
+    print("✅ Database siap!")
+    admins = [
+        {'username': 'Hilbraaaam', 'password': 'Ketua Angkatan 24-26'},
+        {'username': 'Hudzaifahh', 'password': 'Wakil ketua Angkatan 24-26'},
+        {'username': 'Rafasyahh', 'password': 'Humas Kesayangan'},
+        {'username': 'Elazzam', 'password': 'Eos 800 D'},
+        {'username': 'Azzam Diq', 'password': 'Shidiq'},
+        {'username': 'Dzikrii', 'password': 'Bayar woe'},
+        {'username': 'Ibrahim', 'password': 'Mboh'},
+        {'username': 'Yusupp', 'password': 'Bangun'},
+        {'username': 'Azzam JR', 'password': 'Saturn'},
+        {'username': 'MK Azzam', 'password': 'Aneka Gold'},
+        {'username': 'Sami abd', 'password': 'TamTam'}
+    ]
+    for admin_data in admins:
+        existing = User.query.filter_by(username=admin_data['username']).first()
+        if not existing:
+            admin = User(username=admin_data['username'], is_admin=True)
+            admin.set_password(admin_data['password'])
+            db.session.add(admin)
+            print(f"✓ Admin: {admin_data['username']}")
+    db.session.commit()
+    print(f"✅ Total admin: {User.query.filter_by(is_admin=True).count()}")
+# ROUTES - SEDERHANA SAJA
 @app.route('/')
 def index():
+    photos = Photo.query.order_by(Photo.upload_date.desc()).all()
     trending = Photo.query.order_by(Photo.likes_count.desc()).limit(3).all()
     return render_template('index.html', photos=photos, trending=trending)
 @app.route('/login', methods=['GET', 'POST'])
 def login():
     # Kalau sudah login, redirect ke home
     if current_user.is_authenticated:
         return redirect(url_for('index'))
     if request.method == 'POST':
         username = request.form.get('username')
         password = request.form.get('password')
         user = User.query.filter_by(username=username).first()
         if user and user.check_password(password):
+            login_user(user)
+            flash('Login berhasil!', 'success')
+            # Redirect berdasarkan role
             if user.is_admin:
+                return redirect(url_for('admin'))
             return redirect(url_for('index'))
         else:
+            flash('Username atau password salah!', 'error')
     return render_template('login.html')
 @app.route('/logout')
 def logout():
     logout_user()
+    flash('Anda telah logout', 'info')
     return redirect(url_for('index'))
 @app.route('/admin')
+def admin():
+    # Proteksi manual
     if not current_user.is_authenticated:
+        flash('Silakan login dulu!', 'warning')
+        return redirect(url_for('login'))
     if not current_user.is_admin:
+        flash('Halaman khusus admin!', 'error')
         return redirect(url_for('index'))
     photos = Photo.query.order_by(Photo.upload_date.desc()).all()
+    return render_template('admin.html', photos=photos)
 @app.route('/upload', methods=['POST'])
+def upload():
+    # Proteksi manual
+    if not current_user.is_authenticated or not current_user.is_admin:
+        flash('Akses ditolak!', 'error')
         return redirect(url_for('index'))
     if 'photo' not in request.files:
+        flash('Pilih file dulu!', 'error')
+        return redirect(url_for('admin'))
     file = request.files['photo']
     caption = request.form.get('caption', '')
     if file.filename == '':
+        flash('Pilih file dulu!', 'error')
+        return redirect(url_for('admin'))
+    # Simpan file
+    filename = secure_filename(file.filename)
+    timestamp = datetime.now().strftime('%Y%m%d_%H%M%S_')
+    filename = timestamp + filename
+    file.save(os.path.join(app.config['UPLOAD_FOLDER'], filename))
+    # Simpan ke DB
+    photo = Photo(filename=filename, caption=caption, uploader_id=current_user.id)
+    db.session.add(photo)
+    db.session.commit()
+    flash('Foto berhasil diupload!', 'success')
+    return redirect(url_for('admin'))
 @app.route('/delete/<int:photo_id>')
+def delete(photo_id):
+    # Proteksi manual
+    if not current_user.is_authenticated or not current_user.is_admin:
+        flash('Akses ditolak!', 'error')
         return redirect(url_for('index'))
     photo = Photo.query.get(photo_id)
     if photo:
+        # Hapus file
         filepath = os.path.join(app.config['UPLOAD_FOLDER'], photo.filename)
         if os.path.exists(filepath):
             os.remove(filepath)
         db.session.delete(photo)
         db.session.commit()
+        flash('Foto dihapus!', 'success')
+    return redirect(url_for('admin'))
 @app.route('/like/<int:photo_id>', methods=['POST'])
+def like(photo_id):
     if not current_user.is_authenticated:
+        return jsonify({'error': 'Login dulu'}), 401
     photo = Photo.query.get(photo_id)
     if not photo:
+        return jsonify({'error': 'Foto tidak ada'}), 404
     like = Like.query.filter_by(user_id=current_user.id, photo_id=photo_id).first()
     if like:
         db.session.delete(like)
         photo.likes_count -= 1
         liked = False
     else:
         like = Like(user_id=current_user.id, photo_id=photo_id)
         db.session.add(like)
         photo.likes_count += 1
         liked = True
     db.session.commit()
+    return jsonify({'liked': liked, 'likes': photo.likes_count})
 @app.route('/download/<int:photo_id>')
+def download(photo_id):
     photo = Photo.query.get(photo_id)
     if photo:
         filepath = os.path.join(app.config['UPLOAD_FOLDER'], photo.filename)
         if os.path.exists(filepath):
             return send_file(filepath, as_attachment=True, download_name=photo.filename)
+    flash('File tidak ada!', 'error')
     return redirect(url_for('index'))
+@app.route('/slideshow')
+def slideshow():
     photos = Photo.query.order_by(Photo.upload_date.desc()).limit(10).all()
+    return jsonify([{'filename': p.filename} for p in photos])
+@app.route('/cek_admin')
+def cek_admin():
     admins = User.query.filter_by(is_admin=True).all()
     return jsonify({
+        'total': len(admins),
+        'usernames': [a.username for a in admins]
     })
+if __name__ == '__main__':
     port = int(os.environ.get('PORT', 7860))
     app.run(host='0.0.0.0', port=port, debug=False)