Spaces:
Sleeping
Sleeping
Add application file
Browse files- app/app.py +19 -3
app/app.py
CHANGED
|
@@ -7,6 +7,7 @@ import json
|
|
| 7 |
import logging
|
| 8 |
import tempfile
|
| 9 |
import threading
|
|
|
|
| 10 |
from flask import Flask, request, jsonify, render_template, send_from_directory, session, redirect, url_for
|
| 11 |
from werkzeug.utils import secure_filename
|
| 12 |
from dotenv import load_dotenv
|
|
@@ -32,8 +33,14 @@ from retrieval.reranker import ReRanker
|
|
| 32 |
# Flask ์ฑ ์ด๊ธฐํ
|
| 33 |
app = Flask(__name__)
|
| 34 |
|
| 35 |
-
# ์ธ์
์ค์
|
| 36 |
-
app.secret_key =
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 37 |
|
| 38 |
# ์ต๋ ํ์ผ ํฌ๊ธฐ ์ค์ (10MB)
|
| 39 |
app.config['MAX_CONTENT_LENGTH'] = 10 * 1024 * 1024
|
|
@@ -70,8 +77,9 @@ def login_required(f):
|
|
| 70 |
@wraps(f)
|
| 71 |
def decorated_function(*args, **kwargs):
|
| 72 |
logger.info(f"----------- ์ธ์ฆ ํ์ ํ์ด์ง ์ ๊ทผ ์๋: {request.path} -----------")
|
|
|
|
| 73 |
logger.info(f"ํ์ฌ ์ธ์
์ํ: logged_in={session.get('logged_in', False)}, username={session.get('username', 'None')}")
|
| 74 |
-
|
| 75 |
if 'logged_in' not in session:
|
| 76 |
logger.warning(f"๋น๋ก๊ทธ์ธ ์ํ์์ {request.path} ์ ๊ทผ ์๋, ๋ก๊ทธ์ธ ํ์ด์ง๋ก ๋ฆฌ๋๋ ์
")
|
| 77 |
return redirect(url_for('login'))
|
|
@@ -215,8 +223,16 @@ def login():
|
|
| 215 |
|
| 216 |
if username == valid_username and password == valid_password:
|
| 217 |
logger.info(f"๋ก๊ทธ์ธ ์ฑ๊ณต: {username}")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 218 |
session['logged_in'] = True
|
| 219 |
session['username'] = username
|
|
|
|
|
|
|
|
|
|
| 220 |
logger.info("์ธ์
์ค์ ์๋ฃ, ๋ฆฌ๋๋ ์
์๋")
|
| 221 |
return redirect(url_for('index'))
|
| 222 |
else:
|
|
|
|
| 7 |
import logging
|
| 8 |
import tempfile
|
| 9 |
import threading
|
| 10 |
+
import datetime
|
| 11 |
from flask import Flask, request, jsonify, render_template, send_from_directory, session, redirect, url_for
|
| 12 |
from werkzeug.utils import secure_filename
|
| 13 |
from dotenv import load_dotenv
|
|
|
|
| 33 |
# Flask ์ฑ ์ด๊ธฐํ
|
| 34 |
app = Flask(__name__)
|
| 35 |
|
| 36 |
+
# ์ธ์
์ค์ - ๊ณ ์ ๋ ์ํฌ๋ฆฟ ํค ์ฌ์ฉ
|
| 37 |
+
app.secret_key = 'rag_chatbot_fixed_secret_key_12345' # ๊ณ ์ ๋ ์ํฌ๋ฆฟ ํค
|
| 38 |
+
|
| 39 |
+
# ์ธ์
์ค์ ์ถ๊ฐ
|
| 40 |
+
app.config['SESSION_COOKIE_SECURE'] = False # HTTPS์์๋ง ์ฟ ํค ์ ์ก (False๋ก ์ค์ ํ์ฌ HTTP์์๋ ์ธ์
์ฌ์ฉ ๊ฐ๋ฅ)
|
| 41 |
+
app.config['SESSION_COOKIE_HTTPONLY'] = True # JavaScript์์ ์ฟ ํค ์ ๊ทผ ๋ฐฉ์ง
|
| 42 |
+
app.config['SESSION_COOKIE_SAMESITE'] = 'Lax' # CSRF ๋ฐฉ์ง
|
| 43 |
+
app.config['PERMANENT_SESSION_LIFETIME'] = datetime.timedelta(hours=5) # ์ธ์
์ ํจ ์๊ฐ
|
| 44 |
|
| 45 |
# ์ต๋ ํ์ผ ํฌ๊ธฐ ์ค์ (10MB)
|
| 46 |
app.config['MAX_CONTENT_LENGTH'] = 10 * 1024 * 1024
|
|
|
|
| 77 |
@wraps(f)
|
| 78 |
def decorated_function(*args, **kwargs):
|
| 79 |
logger.info(f"----------- ์ธ์ฆ ํ์ ํ์ด์ง ์ ๊ทผ ์๋: {request.path} -----------")
|
| 80 |
+
logger.info(f"ํ์ฌ ์ธ์
๊ฐ์ฒด: {session}")
|
| 81 |
logger.info(f"ํ์ฌ ์ธ์
์ํ: logged_in={session.get('logged_in', False)}, username={session.get('username', 'None')}")
|
| 82 |
+
logger.info(f"ํ์ฌ ์ธ์
์ผ์ด: {request.cookies.get('session', 'None')}")
|
| 83 |
if 'logged_in' not in session:
|
| 84 |
logger.warning(f"๋น๋ก๊ทธ์ธ ์ํ์์ {request.path} ์ ๊ทผ ์๋, ๋ก๊ทธ์ธ ํ์ด์ง๋ก ๋ฆฌ๋๋ ์
")
|
| 85 |
return redirect(url_for('login'))
|
|
|
|
| 223 |
|
| 224 |
if username == valid_username and password == valid_password:
|
| 225 |
logger.info(f"๋ก๊ทธ์ธ ์ฑ๊ณต: {username}")
|
| 226 |
+
# ์ธ์
์ํ ํ์ธ ๋ฐ ๋ก๊น
|
| 227 |
+
logger.info(f"์ธ์
์ค์ ์ ํ์ฌ ์ธ์
์ํ: {session}")
|
| 228 |
+
|
| 229 |
+
# ์๊ตฌ ์ธ์
์ผ๋ก ์ค์
|
| 230 |
+
session.permanent = True
|
| 231 |
session['logged_in'] = True
|
| 232 |
session['username'] = username
|
| 233 |
+
|
| 234 |
+
# ์ธ์
์ค์ ํ ๋ก๊น
|
| 235 |
+
logger.info(f"์ธ์
์ค์ ํ ์ธ์
์ํ: {session}")
|
| 236 |
logger.info("์ธ์
์ค์ ์๋ฃ, ๋ฆฌ๋๋ ์
์๋")
|
| 237 |
return redirect(url_for('index'))
|
| 238 |
else:
|