🐛 Backend Update: Refactored app.py and session-manager.js for improved performance & stability. 🚀📚💄

2025-05-30 22:03:36 +02:00
parent 7a54fe7ff3
commit 498078590b
2 changed files with 23 additions and 9 deletions
--- a/backend/app/static/js/session-manager.js
+++ b/backend/app/static/js/session-manager.js
@@ -101,12 +101,22 @@ class SessionManager {
    
    async sendHeartbeat() {
        try {
+            // CSRF-Token aus dem Meta-Tag holen
+            const csrfToken = document.querySelector('meta[name="csrf-token"]')?.getAttribute('content');
+            
+            const headers = {
+                'Content-Type': 'application/json',
+                'X-Requested-With': 'XMLHttpRequest'
+            };
+            
+            // CSRF-Token hinzufügen wenn verfügbar
+            if (csrfToken) {
+                headers['X-CSRF-Token'] = csrfToken;
+            }
+            
            const response = await fetch('/api/session/heartbeat', {
                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    'X-Requested-With': 'XMLHttpRequest'
-                },
+                headers: headers,
                body: JSON.stringify({
                    timestamp: new Date().toISOString(),
                    page: window.location.pathname
@@ -123,6 +133,10 @@ class SessionManager {
                }
            } else if (response.status === 401) {
                this.handleSessionExpired('Heartbeat failed - unauthorized');
+            } else if (response.status === 400) {
+                console.warn('⚠️ CSRF-Token Problem beim Heartbeat - versuche Seite neu zu laden');
+                // Bei CSRF-Problemen die Seite neu laden
+                setTimeout(() => location.reload(), 5000);
            }
        } catch (error) {
            console.error('❌ Heartbeat-Fehler:', error);