Use bytes to determine file types as a default (#14)

Fixe issue #13

Author: codingedward

Pipfile

@@ -14,6 +14,7 @@ pytz = "*"
 flask = "*"
 pillow = ">=7.1.0"
 werkzeug = "*"
+filetype = "*"
 
 [requires]
 python_version = "*"

Pipfile.lock

@@ -7,6 +7,7 @@
 import pytz
 import operator
 import requests
+import filetype
 
 from PIL import Image
 from dateutil.parser import parse as dateparse
@@ -231,7 +232,11 @@ def validate_extension(self, value, params, **kwargs):
         if not self.validate_file(value):
             return False
         self._assert_params_size(size=1, params=params, rule='extension')
-        return value.filename.split('.')[-1].lower() == params[0]
+        kind = filetype.guess(value.stream.read(512))
+        value.seek(0)
+        if kind is None:
+            return value.filename.split('.')[-1].lower() == params[0]
+        return kind.extension in params
 
     @staticmethod
     def validate_file(value, **kwargs):
@@ -375,7 +380,11 @@ def validate_mime_types(self, value, params, **kwargs):
         if not self.validate_file(value):
             return False
         self._assert_params_size(size=1, params=params, rule='mime_types')
-        return value.mimetype in params
+        kind = filetype.guess(value.stream.read(512))
+        value.seek(0)
+        if kind is None:
+            return value.mimetype in params
+        return kind.mime in params
 
     def validate_min(self, value, params, **kwargs):
         self._assert_params_size(size=1, params=params, rule='min')

flask_sieve/rules_processor.py

@@ -4,6 +4,7 @@ click==7.1.2
 coverage==5.2.1
 coveralls==2.1.2
 docopt==0.6.2
+filetype==1.0.7
 Flask==1.1.2
 idna==2.10
 itsdangerous==1.1.0

requirements.txt

@@ -5,7 +5,7 @@
     name='flask-sieve',
     description='A Laravel inspired requests validator for Flask',
     long_description='Find the documentation at https://flask-sieve.readthedocs.io/en/latest/',
-    version='1.1.2',
+    version='1.1.3',
     url='https://github.com/codingedward/flask-sieve',
     license='BSD-2',
     author='Edward Njoroge',
@@ -18,6 +18,7 @@
         'python-dateutil',
         'pytz',
         'requests',
+        'filetype',
     ],
     classifiers=[
         'Development Status :: 5 - Production/Stable',

setup.py

@@ -6,6 +6,16 @@
 from flask_sieve.parser import Parser
 from flask_sieve.rules_processor import RulesProcessor
 
+class FakeFileStream:
+    def __init__(self, buf):
+       self.buf = buf
+
+    def read(self, buf_size):
+        return self.buf[:buf_size]
+
+    def seek(self, value):
+        pass
+
 
 class TestRulesProcessor(unittest.TestCase):
     def setUp(self):
@@ -19,7 +29,7 @@ def setUp(self):
             name='image'
         )
         self.invalid_file = FileStorage(
-            stream=self.stream,
+            stream=FakeFileStream(bytearray([0xFE, 0x58, 0x8F, 0x00, 0x08])),
             filename='invalid.png'
         )
 
@@ -285,6 +295,10 @@ def test_validates_dimensions(self):
             rules={'field': ['dimensions:2x1']},
             request={'field': 'not a file'}
         )
+        self.assert_fails(
+            rules={'field': ['dimensions:1x1']},
+            request={'field': self.invalid_file}
+        )
 
     def test_validates_distinct(self):
         self.assert_passes(
@@ -327,6 +341,10 @@ def test_validates_extension(self):
             rules={'field': ['extension:png']},
             request={'field': 1}
         )
+        self.assert_fails(
+            rules={'field': ['extension:tnp']},
+            request={'field': self.invalid_file}
+        )
 
     def test_validates_email(self):
         self.assert_passes(
@@ -565,6 +583,10 @@ def test_validates_mime_types(self):
             rules={'field': ['mime_types:image/png']},
             request={'field': 1}
         )
+        self.assert_fails(
+            rules={'field': ['mime_types:image/xpng']},
+            request={'field': self.invalid_file}
+        )
 
     def test_validates_min(self):
         self.assert_passes(