v1.0.3 — 修复 gunicorn 多 worker session 丢失
- secret_key 从 os.urandom() 改为固定值/环境变量 - deploy.sh 首次部署自动生成 .env 并持久化 - 解决多 worker 下 session 解密失败导致保存 302
This commit is contained in:
3
app.py
3
app.py
@@ -9,7 +9,8 @@ from werkzeug.security import generate_password_hash, check_password_hash
|
|||||||
from database import init_db, get_checkin, save_checkin, delete_checkin, get_all_checkins
|
from database import init_db, get_checkin, save_checkin, delete_checkin, get_all_checkins
|
||||||
|
|
||||||
app = Flask(__name__)
|
app = Flask(__name__)
|
||||||
app.secret_key = os.urandom(24)
|
# 固定密钥确保 gunicorn 多 worker 下 session 可互通
|
||||||
|
app.secret_key = os.environ.get('SECRET_KEY', 'ziwei-power-secret-2026')
|
||||||
|
|
||||||
# 会话持久化:30 天
|
# 会话持久化:30 天
|
||||||
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(days=30)
|
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(days=30)
|
||||||
|
|||||||
13
deploy.sh
13
deploy.sh
@@ -1,6 +1,9 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# ziwei-power 一键部署脚本
|
# ziwei-power 一键部署脚本
|
||||||
# 用法: bash deploy.sh [port]
|
# 用法: bash deploy.sh [port]
|
||||||
|
#
|
||||||
|
# 首次运行: 自动生成 .env (SECRET_KEY),之后不变
|
||||||
|
# 多 worker 安全: 所有 worker 共享同一密钥
|
||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
@@ -30,7 +33,15 @@ fi
|
|||||||
echo "安装依赖..."
|
echo "安装依赖..."
|
||||||
venv/bin/pip install -q -r requirements.txt
|
venv/bin/pip install -q -r requirements.txt
|
||||||
|
|
||||||
# 3. 自动建表(首次运行)
|
# 3. 生成/读取固定 SECRET_KEY(多 worker 共享)
|
||||||
|
if [ ! -f ".env" ]; then
|
||||||
|
echo "生成 SECRET_KEY..."
|
||||||
|
python3 -c "import os; print('SECRET_KEY=' + os.urandom(24).hex())" > .env
|
||||||
|
fi
|
||||||
|
set -a; source .env; set +a
|
||||||
|
export SECRET_KEY
|
||||||
|
|
||||||
|
# 4. 自动建表(首次运行)
|
||||||
echo "初始化数据库..."
|
echo "初始化数据库..."
|
||||||
venv/bin/python -c "
|
venv/bin/python -c "
|
||||||
from database import init_db
|
from database import init_db
|
||||||
|
|||||||
Reference in New Issue
Block a user