From 498078590b2f682d7a4a7da3f11a5b5c8445d989 Mon Sep 17 00:00:00 2001 From: Till Tomczak Date: Fri, 30 May 2025 22:03:36 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Backend=20Update:=20Refactored?= =?UTF-8?q?=20app.py=20and=20session-manager.js=20for=20improved=20perform?= =?UTF-8?q?ance=20&=20stability.=20=F0=9F=9A=80=F0=9F=93=9A=F0=9F=92=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/app/app.py | 10 +++++----- backend/app/static/js/session-manager.js | 22 ++++++++++++++++++---- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/backend/app/app.py b/backend/app/app.py index cd59be89..086a922c 100644 --- a/backend/app/app.py +++ b/backend/app/app.py @@ -1992,7 +1992,7 @@ def check_waiting_jobs(): for job in waiting_jobs: # Drucker-Status prüfen - printer = db_session.query(Printer).get(job.printer_id) + printer = db_session.get(Printer, job.printer_id) if printer and printer.plug_ip: status, active = check_printer_status(printer.plug_ip) @@ -2107,7 +2107,7 @@ def create_job(): db_session = get_db_session() # Prüfen, ob der Drucker existiert - printer = db_session.query(Printer).get(printer_id) + printer = db_session.get(Printer, printer_id) if not printer: db_session.close() return jsonify({"error": "Drucker nicht gefunden"}), 404 @@ -2218,7 +2218,7 @@ def extend_job(job_id): return jsonify({"error": "Zusätzliche Minuten müssen größer als 0 sein"}), 400 db_session = get_db_session() - job = db_session.query(Job).get(job_id) + job = db_session.get(Job, job_id) if not job: db_session.close() @@ -2259,7 +2259,7 @@ def finish_job(job_id): return jsonify({"error": "Nur Administratoren können Jobs manuell beenden"}), 403 db_session = get_db_session() - job = db_session.query(Job).options(joinedload(Job.printer)).get(job_id) + job = db_session.query(Job).options(joinedload(Job.printer)).filter(Job.id == job_id).first() if not job: db_session.close() @@ -2300,7 +2300,7 @@ def cancel_job(job_id): """Bricht einen Job ab.""" try: db_session = get_db_session() - job = db_session.query(Job).get(job_id) + job = db_session.get(Job, job_id) if not job: db_session.close() diff --git a/backend/app/static/js/session-manager.js b/backend/app/static/js/session-manager.js index 1f6ae427..188c1d7c 100644 --- a/backend/app/static/js/session-manager.js +++ b/backend/app/static/js/session-manager.js @@ -101,12 +101,22 @@ class SessionManager { async sendHeartbeat() { try { + // CSRF-Token aus dem Meta-Tag holen + const csrfToken = document.querySelector('meta[name="csrf-token"]')?.getAttribute('content'); + + const headers = { + 'Content-Type': 'application/json', + 'X-Requested-With': 'XMLHttpRequest' + }; + + // CSRF-Token hinzufügen wenn verfügbar + if (csrfToken) { + headers['X-CSRF-Token'] = csrfToken; + } + const response = await fetch('/api/session/heartbeat', { method: 'POST', - headers: { - 'Content-Type': 'application/json', - 'X-Requested-With': 'XMLHttpRequest' - }, + headers: headers, body: JSON.stringify({ timestamp: new Date().toISOString(), page: window.location.pathname @@ -123,6 +133,10 @@ class SessionManager { } } else if (response.status === 401) { this.handleSessionExpired('Heartbeat failed - unauthorized'); + } else if (response.status === 400) { + console.warn('⚠️ CSRF-Token Problem beim Heartbeat - versuche Seite neu zu laden'); + // Bei CSRF-Problemen die Seite neu laden + setTimeout(() => location.reload(), 5000); } } catch (error) { console.error('❌ Heartbeat-Fehler:', error);