fix: move api_log to server-side store — prevents session cookie overflow on step 4+
All checks were successful
Build and Deploy / deploy (push) Successful in 55s
All checks were successful
Build and Deploy / deploy (push) Successful in 55s
This commit is contained in:
Henrik Jess Nielsen
@@ -72,16 +72,24 @@ def _ctx(request: Request, extra: dict) -> dict:
|
|||||||
|
|
||||||
|
|
||||||
def _logger(sess: dict):
|
def _logger(sess: dict):
|
||||||
"""Returns a callback that appends log entries to sess['api_log']."""
|
"""Returns a callback that appends log entries to server-side store (not cookie)."""
|
||||||
def cb(entry: dict):
|
def cb(entry: dict):
|
||||||
log = sess.setdefault("api_log", [])
|
sid = sess.get("sid", "")
|
||||||
|
if not sid:
|
||||||
|
return
|
||||||
|
store = _token_store.setdefault(sid, {})
|
||||||
|
log = store.setdefault("api_log", [])
|
||||||
log.append(entry)
|
log.append(entry)
|
||||||
# keep last 50 entries
|
|
||||||
if len(log) > 50:
|
if len(log) > 50:
|
||||||
sess["api_log"] = log[-50:]
|
store["api_log"] = log[-50:]
|
||||||
return cb
|
return cb
|
||||||
|
|
||||||
|
|
||||||
|
def _get_api_log(sess: dict) -> list:
|
||||||
|
sid = sess.get("sid", "")
|
||||||
|
return _token_store.get(sid, {}).get("api_log", [])
|
||||||
|
|
||||||
|
|
||||||
# ---------------------------------------------------------------------------
|
# ---------------------------------------------------------------------------
|
||||||
# Landing
|
# Landing
|
||||||
# ---------------------------------------------------------------------------
|
# ---------------------------------------------------------------------------
|
||||||
@@ -111,7 +119,7 @@ async def debug_session(request: Request):
|
|||||||
for k, v in sess.items()
|
for k, v in sess.items()
|
||||||
if k != "api_log"
|
if k != "api_log"
|
||||||
}
|
}
|
||||||
safe["api_log_count"] = len(sess.get("api_log", []))
|
safe["api_log_count"] = len(_get_api_log(sess))
|
||||||
safe["cookie_size_bytes"] = len(str(request.session))
|
safe["cookie_size_bytes"] = len(str(request.session))
|
||||||
return safe
|
return safe
|
||||||
|
|
||||||
@@ -627,7 +635,7 @@ async def step6(request: Request):
|
|||||||
@router.get("/demo/log", response_class=HTMLResponse)
|
@router.get("/demo/log", response_class=HTMLResponse)
|
||||||
async def api_log(request: Request):
|
async def api_log(request: Request):
|
||||||
sess = _session(request)
|
sess = _session(request)
|
||||||
log = sess.get("api_log", [])
|
log = _get_api_log(sess)
|
||||||
return templates.TemplateResponse("log.html", _ctx(request, {
|
return templates.TemplateResponse("log.html", _ctx(request, {
|
||||||
"log": list(reversed(log)), # newest first
|
"log": list(reversed(log)), # newest first
|
||||||
"log_count": len(log),
|
"log_count": len(log),
|
||||||
@@ -637,7 +645,9 @@ async def api_log(request: Request):
|
|||||||
@router.post("/demo/log/clear")
|
@router.post("/demo/log/clear")
|
||||||
async def clear_log(request: Request):
|
async def clear_log(request: Request):
|
||||||
sess = _session(request)
|
sess = _session(request)
|
||||||
sess["api_log"] = []
|
sid = sess.get("sid", "")
|
||||||
|
if sid and sid in _token_store:
|
||||||
|
_token_store[sid].pop("api_log", None)
|
||||||
return RedirectResponse("/demo/log", status_code=303)
|
return RedirectResponse("/demo/log", status_code=303)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user