implemented 100MB size restriction on file upload

verse/app.py

@@ -19,6 +19,7 @@ def create_app():
     APP.secret_key = 'secret-key'
     APP.config['SQLALCHEMY_DATABASE_URI'] = "sqlite:///data/login.db"
     APP.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = True
+    APP.config['MAX_CONTENT_LENGTH'] = 150 * 1024 * 1024
 
     login_manager.session_protection = "strong"
     login_manager.login_view = "index"

verse/forms/uploadform.py

@@ -1,7 +1,7 @@
 from flask_wtf import FlaskForm
 from flask_wtf.file import FileField, FileAllowed
 from wtforms import validators
-from wtforms.validators import Length
+from wtforms.validators import Length, ValidationError
 from wtforms import (
     SubmitField,
     StringField,
@@ -11,13 +11,27 @@ from wtforms import (
 class UploadForm(FlaskForm):
     """File upload class for a new site in distribusi-verse"""
 
+    def FileSizeLimit(max_size_in_mb):
+        max_bytes = max_size_in_mb * 1024 * 1024
+
+        def file_length_check(form, field):
+            if len(field.data.read()) > max_bytes:
+                raise ValidationError(
+                    "File size must be less than {}MB".format(max_size_in_mb)
+                )
+
+        return file_length_check
+
     sitename = StringField(
         "Name of your website:",
         validators=[validators.InputRequired(), Length(2, 100)],
     )
     zipfile = FileField(
         "Upload your zip file with content here:",
-        validators=[FileAllowed(["zip"], "Zip archives only!")],
+        validators=[
+            FileAllowed(["zip"], "Zip archives only!"),
+            FileSizeLimit(max_size_in_mb=100),
+        ],
     )
 
     submit = SubmitField("Upload")

verse/start.py

@@ -45,6 +45,7 @@ from forms.themeform import ThemeForm
 from forms.editorform import EditorForm
 
 from statuspengguna.helper import AreFilesUploaded
+
 # Tada!
 from distribusi.cli import build_argparser
 from distribusi.distribusi import distribusify
@@ -55,7 +56,7 @@ APP = create_app()
 @APP.before_request
 def session_handler():
     session.permanent = True
-    APP.permanent_session_lifetime = timedelta(minutes=1)
+    APP.permanent_session_lifetime = timedelta(minutes=30)
 
 
 @APP.route("/")
@@ -125,15 +126,19 @@ def register():
             flash("Invalid Entry", "warning")
         except InterfaceError:
             db.session.rollback()
-            registerform.email.errors.append("Error connecting to the database")
+            registerform.email.errors.append(
+                "Error connecting to the database"
+            )
             flash("Error connecting to the database", "danger")
         except DatabaseError:
             db.session.rollback()
-            registerform.email.errors.append("Error connecting to the database")
+            registerform.email.errors.append(
+                "Error connecting to the database"
+            )
             flash("Error connecting to the database", "danger")
         except BuildError:
             db.session.rollback()
-            egisterform.email.errors.append("Unknown error occured!")
+            registerform.email.errors.append("Unknown error occured!")
             flash("An error occured !", "danger")
     return render_template("register.html", registerform=registerform)
 
@@ -244,7 +249,7 @@ def editor():
     if editorform.validate_on_submit():
         userfolder = os.path.join("stash", user.distribusiname)
         cssfilename = "{}.css".format(editorform.cssname.data)
-        with open(os.path.join(userfolder, cssfilename), 'w') as cssfile:
+        with open(os.path.join(userfolder, cssfilename), "w") as cssfile:
             cssfile.write(editorform.css.data)
             cssfile.close
 

verse/static/css/style.css

@@ -92,6 +92,7 @@ input[type="submit"]:disabled:focus {
   background-color: #2D3039;
   color: #d28cff;
 }
+
 .error {
   color: #ff5a5a;
 }