upload is maybe working

.gitignore

@@ -1,2 +1,3 @@
 __pycache__
 venv
+pdfs

app.py

@@ -1,7 +1,11 @@
-from flask import Flask, render_template
+import os
+from pathlib import Path
+
+from flask import Flask, redirect, render_template, url_for
 from flask_wtf import FlaskForm
 from flask_wtf.csrf import CSRFProtect
-from flask_wtf.file import FileField, FileRequired
+from flask_wtf.file import FileAllowed, FileField, FileRequired
+from werkzeug.utils import secure_filename
 from wtforms import StringField
 from wtforms.validators import DataRequired
 
@@ -10,11 +14,25 @@ app.config["SECRET_KEY"] = "foo"
 app.config["WTF_CSRF_SECRET_KEY"] = "bar"
 
 
+CWD = Path().resolve()
+
+
 class UploadForm(FlaskForm):
-    pdf = FileField(validators=[FileRequired()])
+    pdf = FileField(validators=[FileAllowed(["pdf"], "PDFs only!"), FileRequired()])
 
 
 @app.route("/")
 def home():
     form = UploadForm()
     return render_template("index.html", form=form)
+
+
+@app.route("/upload", methods=["POST"])
+def upload():
+    form = UploadForm()
+    if form.validate_on_submit():
+        f = form.pdf.data
+        filename = secure_filename(f.filename)
+        f.save(os.path.join(CWD, "pdfs", filename))
+        return redirect(url_for("home"))
+    return render_template("index.html", form=form)

templates/index.html

@@ -6,10 +6,17 @@
     <title>THIS IS A TITLE</title>
   </head>
   <body>
-    <form method="POST" action="/submit" enctype="multipart/form-data">
-      {{ form.csrf_token }}
-      <input type="file" name="file" />
+    <form method="POST" action="/upload" enctype="multipart/form-data">
+      {{ form.csrf_token }} {{ form.pdf }}
       <input type="submit" value="Go" />
     </form>
+
+    {% if form.pdf.errors %}
+    <ul class="errors">
+      {% for error in form.pdf.errors %}
+      <li>{{ error }}</li>
+      {% endfor %}
+    </ul>
+    {% endif %}
   </body>
 </html>