From 287aa02b9cafa835e3ce0ad061a186e9241a11d2 Mon Sep 17 00:00:00 2001
From: Dominic DiTaranto <me@domdit.com>
Date: Thu, 23 Oct 2025 11:13:56 -0400
Subject: [PATCH] init

---
 TODO.txt                   |  5 ++++-
 web/forms.py               |  3 +--
 web/templates/base.html    |  4 ++--
 web/templates/profile.html | 32 ++++++++++++++++++++++++++++++--
 web/templates/thread.html  |  1 +
 web/views.py               | 29 +++++++++++++++++++++++++++--
 6 files changed, 65 insertions(+), 9 deletions(-)

diff --git a/TODO.txt b/TODO.txt
index a250844..9e4cca8 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -1,10 +1,13 @@
 [x] login page
 [x] logout
 [ ] change password
-[ ] member profile update and avatar
+[x] member profile update and avatar
 [x] forum
+[ ] view other's profiles, add links in forums
 [x] member type
 [ ] nav bar
+[ ] users must be authed
+[ ] signup must redirect NOT auto grant users access, and MUST give them some info on what to expect
 [ ] determine where which pages should live where
 [ ] easier way to handle sites var, API endpoint?
 [ ] send out emails to existing users letting them know they have a password and to change it
diff --git a/web/forms.py b/web/forms.py
index 87fa7a3..1ba2fe7 100644
--- a/web/forms.py
+++ b/web/forms.py
@@ -32,12 +32,11 @@ class SignupForm(UserCreationForm):
 
 
 class EditProfileForm(forms.Form):
-    avatar = forms.ImageField(allow_empty_file=True, validators=)
+    avatar = forms.ImageField(allow_empty_file=True, required=False)
     url = forms.URLField(max_length=200, help_text='Required')
     description = forms.CharField(widget=forms.Textarea)
     
 
-
 class ThreadPostForm(forms.Form):
     content = MarkdownxFormField()
 
diff --git a/web/templates/base.html b/web/templates/base.html
index f4d642a..704d85a 100644
--- a/web/templates/base.html
+++ b/web/templates/base.html
@@ -126,8 +126,8 @@
         </div>
         <div class="container nav" style="margin-top:-10px;">
             <center>
-                <a href="#">Forum</a>
-                <a href="#">Profile</a>
+        <a href="{% url 'forum_threads' %}">Forum</a>
+                <a href="{% url 'profile' %}">Profile</a>
                 <a href="{% url 'custom_logout' %}">Logout</a>
             </center>
         </div>
diff --git a/web/templates/profile.html b/web/templates/profile.html
index 7ea931a..9fcdd60 100644
--- a/web/templates/profile.html
+++ b/web/templates/profile.html
@@ -2,8 +2,36 @@
 {% extends "base.html" %}
 {% block content %}
     <h2>{{ user.username }}'s Profile</h2>
-    <img src="{{user.avatar}}">
-    <form method="post">
+    <img src="{{ user.avatar }}">
+    <form method="post" enctype='multipart/form-data'>
+        <p>
+            <label for="id_avatar">Avatar:</label>
+            <br>
+            <input type="file" name="avatar" accept="image/*">
+            <br>
+        </p>
+        <p>
+            <label for="id_url">Url:</label>
+            <br>
+            <small style="color: grey">Required</small>
+            <br>
+            <input type="url"
+                   name="url"
+                   maxlength="200"
+                   required
+                   aria-describedby="id_url_helptext"
+                   id="id_url"
+                   value="{{ user.url }}">
+            <br>
+        </p>
+        <p>
+            <label for="id_description">Description:</label>
+            <br>
+            <textarea name="description" cols="40" rows="10" required id="id_description">{{user.description}}
+</textarea>
+            <br>
+        </p>
+        <button type="submit">Save</button>
         {% csrf_token %}
     </form>
 {% endblock %}
diff --git a/web/templates/thread.html b/web/templates/thread.html
index e927a61..6fce93f 100644
--- a/web/templates/thread.html
+++ b/web/templates/thread.html
@@ -13,6 +13,7 @@
         {% for post in posts %}
             <tr>
                 <td>
+                    <img src="{{post.created_by.avatar}}" alt="">
                     <small>
                         <b>{{ post.created_by }}</b> ({{ post.created_by.flair }})
                         <br>
diff --git a/web/views.py b/web/views.py
index 028be4c..2b8e7df 100644
--- a/web/views.py
+++ b/web/views.py
@@ -1,7 +1,11 @@
+import base64
+from io import BytesIO
+from PIL import Image
 from django.shortcuts import render, redirect, get_object_or_404
 from django.contrib.auth import login, logout
+
 from django.urls import reverse
-from web.forms import SignupForm, ThreadPostForm
+from web.forms import SignupForm, ThreadPostForm, EditProfileForm
 from web.models.forum_subcategory import ForumSubcategory
 from web.models.forum_post import ForumPost
 
@@ -88,7 +92,28 @@ def custom_logout(request):
 
 
 def profile(request):
+    if request.method == 'POST':
+        form = EditProfileForm(request.POST)
+        if form.is_valid():
+            if request.FILES:
+                avatar_size = 200, 200
+                image = Image.open(request.FILES['avatar'])
+                image.thumbnail(avatar_size, Image.Resampling.LANCZOS)
+
+                buffered = BytesIO()
+                image.save(buffered, format="png")
+                img_str = base64.b64encode(buffered.getvalue())
+                img_base64 = bytes("data:image/png;base64,", encoding='utf-8') + img_str
+                request.user.avatar = img_base64.decode('utf-8')
+
+            request.user.description = request.POST['description']
+            request.user.url = request.POST['url']
+            request.user.save()
+
+    form = EditProfileForm()
+
     context = {
-        'user': request.user
+        'user': request.user,
+        'form': form,
     }
     return render(request, 'profile.html', context)