🐛 Backend Update: Refactored app.py and session-manager.js for improved performance & stability. 🚀📚💄

2025-05-30 22:03:36 +02:00 · 2025-05-30 22:03:36 +02:00 · 498078590b
commit 498078590b
parent 7a54fe7ff3
2 changed files with 23 additions and 9 deletions
--- a/backend/app/app.py
+++ b/backend/app/app.py
@ -1992,7 +1992,7 @@ def check_waiting_jobs():
        
        for job in waiting_jobs:
            # Drucker-Status prüfen
-            printer = db_session.query(Printer).get(job.printer_id)
+            printer = db_session.get(Printer, job.printer_id)
            if printer and printer.plug_ip:
                status, active = check_printer_status(printer.plug_ip)
                
@ -2107,7 +2107,7 @@ def create_job():
        db_session = get_db_session()
        
        # Prüfen, ob der Drucker existiert
-        printer = db_session.query(Printer).get(printer_id)
+        printer = db_session.get(Printer, printer_id)
        if not printer:
            db_session.close()
            return jsonify({"error": "Drucker nicht gefunden"}), 404
@ -2218,7 +2218,7 @@ def extend_job(job_id):
            return jsonify({"error": "Zusätzliche Minuten müssen größer als 0 sein"}), 400
        
        db_session = get_db_session()
-        job = db_session.query(Job).get(job_id)
+        job = db_session.get(Job, job_id)
        
        if not job:
            db_session.close()
@ -2259,7 +2259,7 @@ def finish_job(job_id):
            return jsonify({"error": "Nur Administratoren können Jobs manuell beenden"}), 403
        
        db_session = get_db_session()
-        job = db_session.query(Job).options(joinedload(Job.printer)).get(job_id)
+        job = db_session.query(Job).options(joinedload(Job.printer)).filter(Job.id == job_id).first()
        
        if not job:
            db_session.close()
@ -2300,7 +2300,7 @@ def cancel_job(job_id):
    """Bricht einen Job ab."""
    try:
        db_session = get_db_session()
-        job = db_session.query(Job).get(job_id)
+        job = db_session.get(Job, job_id)
        
        if not job:
            db_session.close()
--- a/backend/app/static/js/session-manager.js
+++ b/backend/app/static/js/session-manager.js
@ -101,12 +101,22 @@ class SessionManager {
    
    async sendHeartbeat() {
        try {
+            // CSRF-Token aus dem Meta-Tag holen
+            const csrfToken = document.querySelector('meta[name="csrf-token"]')?.getAttribute('content');
+            
+            const headers = {
+                'Content-Type': 'application/json',
+                'X-Requested-With': 'XMLHttpRequest'
+            };
+            
+            // CSRF-Token hinzufügen wenn verfügbar
+            if (csrfToken) {
+                headers['X-CSRF-Token'] = csrfToken;
+            }
+            
            const response = await fetch('/api/session/heartbeat', {
                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    'X-Requested-With': 'XMLHttpRequest'
-                },
+                headers: headers,
                body: JSON.stringify({
                    timestamp: new Date().toISOString(),
                    page: window.location.pathname
@ -123,6 +133,10 @@ class SessionManager {
                }
            } else if (response.status === 401) {
                this.handleSessionExpired('Heartbeat failed - unauthorized');
+            } else if (response.status === 400) {
+                console.warn('⚠️ CSRF-Token Problem beim Heartbeat - versuche Seite neu zu laden');
+                // Bei CSRF-Problemen die Seite neu laden
+                setTimeout(() => location.reload(), 5000);
            }
        } catch (error) {
            console.error('❌ Heartbeat-Fehler:', error);