reworked structure and improved performance to handle 500 concurrent users

This commit is contained in:
2026-02-20 18:31:16 +01:00
parent 7226c0c698
commit f192355ec6
21 changed files with 1535 additions and 386 deletions

View File

@@ -1,7 +1,7 @@
import os
import logging
from flask import request, session, redirect, url_for, current_app
from flask import request, session, redirect, url_for, current_app, abort, make_response
from typing import cast
from itsdangerous import BadSignature, URLSafeSerializer
from xkcdpass import xkcd_password
@@ -10,6 +10,7 @@ from urllib.parse import urlparse, urljoin
from .models import Deck, InfoBanner, Token, db, Course
# Create a module-level logger per Flask/Python standards
logger = logging.getLogger(__name__)
@@ -96,6 +97,23 @@ def create_token(user_name: str) -> Token:
return token
def set_cookie(token):
next_url = session.pop("next_url", None)
if not next_url:
current_app.logger.debug("next_url not present redirecting to index")
next_url = url_for("main.index")
if not is_safe_url(next_url):
current_app.logger.warning(f"Blocked unsafe redirect attempt to: {next_url}")
return abort(400)
resp = make_response(redirect(next_url))
resp.set_cookie(
"access_token", serialize_token(token), httponly=True, samesite="Lax", path="/", max_age=31536000
)
return resp
def serialize_token(token: Token) -> str:
return serializer.dumps(token.id)