Hellas-Wawi

bjoern/Hellas-Wawi

Fork 0

Commit Graph

Author	SHA1	Message	Date
Bjoern Welker	fd3f49a2e1	feat: add automatic image optimization and thumbnails Image Processing: - Add Pillow dependency for image manipulation - Auto-create optimized versions on upload - Generate main image (max 800x800, 85% quality) - Generate thumbnail (max 400x400, 80% quality) - Delete original after optimization Quality Improvements: - Auto-correct EXIF orientation (photos from phones) - Convert RGBA/transparency to RGB with white background - Use LANCZOS resampling for high-quality downscaling - Optimize JPEG compression Performance: - Smaller file sizes = faster page loads - Thumbnails for product listings - Optimized full-size for detail views - Reduced storage usage Fallback: - Graceful degradation if Pillow not installed - Error handling preserves original on failure - Logging for monitoring optimization success Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-06 08:22:11 +01:00
Bjoern Welker	e062a1e836	security: add CSRF protection to all forms - Add Flask-WTF dependency for CSRF protection - Initialize CSRFProtect in app.py - Add CSRF tokens to all POST forms in templates - Exempt /order JSON API endpoint (uses API key instead) This protects against Cross-Site Request Forgery attacks on all admin and user management operations. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-02-06 08:01:22 +01:00

Author

SHA1

Message

Date

Bjoern Welker

fd3f49a2e1

feat: add automatic image optimization and thumbnails

Image Processing:
- Add Pillow dependency for image manipulation
- Auto-create optimized versions on upload
- Generate main image (max 800x800, 85% quality)
- Generate thumbnail (max 400x400, 80% quality)
- Delete original after optimization

Quality Improvements:
- Auto-correct EXIF orientation (photos from phones)
- Convert RGBA/transparency to RGB with white background
- Use LANCZOS resampling for high-quality downscaling
- Optimize JPEG compression

Performance:
- Smaller file sizes = faster page loads
- Thumbnails for product listings
- Optimized full-size for detail views
- Reduced storage usage

Fallback:
- Graceful degradation if Pillow not installed
- Error handling preserves original on failure
- Logging for monitoring optimization success

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-06 08:22:11 +01:00

Bjoern Welker

e062a1e836

security: add CSRF protection to all forms

- Add Flask-WTF dependency for CSRF protection
- Initialize CSRFProtect in app.py
- Add CSRF tokens to all POST forms in templates
- Exempt /order JSON API endpoint (uses API key instead)

This protects against Cross-Site Request Forgery attacks on all
admin and user management operations.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-02-06 08:01:22 +01:00

2 Commits