reworked structure and improved performance to handle 500 concurrent users
This commit is contained in:
20
app/utils.py
20
app/utils.py
@@ -1,7 +1,7 @@
|
||||
import os
|
||||
import logging
|
||||
|
||||
from flask import request, session, redirect, url_for, current_app
|
||||
from flask import request, session, redirect, url_for, current_app, abort, make_response
|
||||
from typing import cast
|
||||
from itsdangerous import BadSignature, URLSafeSerializer
|
||||
from xkcdpass import xkcd_password
|
||||
@@ -10,6 +10,7 @@ from urllib.parse import urlparse, urljoin
|
||||
|
||||
from .models import Deck, InfoBanner, Token, db, Course
|
||||
|
||||
|
||||
# Create a module-level logger per Flask/Python standards
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
@@ -96,6 +97,23 @@ def create_token(user_name: str) -> Token:
|
||||
return token
|
||||
|
||||
|
||||
def set_cookie(token):
|
||||
next_url = session.pop("next_url", None)
|
||||
if not next_url:
|
||||
current_app.logger.debug("next_url not present redirecting to index")
|
||||
next_url = url_for("main.index")
|
||||
|
||||
if not is_safe_url(next_url):
|
||||
current_app.logger.warning(f"Blocked unsafe redirect attempt to: {next_url}")
|
||||
return abort(400)
|
||||
|
||||
resp = make_response(redirect(next_url))
|
||||
resp.set_cookie(
|
||||
"access_token", serialize_token(token), httponly=True, samesite="Lax", path="/", max_age=31536000
|
||||
)
|
||||
return resp
|
||||
|
||||
|
||||
def serialize_token(token: Token) -> str:
|
||||
return serializer.dumps(token.id)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user