import os import time import logging from threading import Thread import smtplib from email.mime.text import MIMEText from flask import Flask, render_template, request, jsonify, g from flask_limiter import Limiter from flask_limiter.util import get_remote_address from dotenv import load_dotenv from database import init_db, get_connection, return_connection, add_email, remove_email load_dotenv() SMTP_SERVER = os.getenv('SMTP_SERVER') SMTP_PORT = int(os.getenv('SMTP_PORT', 465)) SMTP_USER = os.getenv('SMTP_USER') SMTP_PASSWORD = os.getenv('SMTP_PASSWORD') app = Flask(__name__) # Rate limiting setup limiter = Limiter( key_func=get_remote_address, app=app, default_limits=["1000 per hour", "100 per minute"], storage_uri="memory://" ) # Configure logging logging.basicConfig( level=logging.INFO, format='%(asctime)s %(levelname)s [%(name)s] %(message)s' ) # Cache configuration _newsletter_cache = {} _cache_timestamp = {} CACHE_DURATION = 300 def get_newsletters_cached(): """Get newsletters with caching to reduce database hits""" current_time = time.time() if ('newsletters' in _newsletter_cache and current_time - _cache_timestamp.get('newsletters', 0) < CACHE_DURATION): return _newsletter_cache['newsletters'] conn = None try: conn = get_connection() cursor = conn.cursor() cursor.execute( "SELECT id, subject, body, sent_at " "FROM newsletters ORDER BY sent_at DESC LIMIT 100" ) rows = cursor.fetchall() cursor.close() newsletters = [ {"id": r[0], "subject": r[1], "body": r[2], "sent_at": r[3]} for r in rows ] _newsletter_cache['newsletters'] = newsletters _cache_timestamp['newsletters'] = current_time return newsletters except Exception as e: app.logger.error(f"Database error in get_newsletters_cached: {e}") return [] finally: if conn: return_connection(conn) def get_newsletter_by_id_cached(newsletter_id): """Get single newsletter with caching""" cache_key = f'newsletter_{newsletter_id}' current_time = time.time() if (cache_key in _newsletter_cache and current_time - _cache_timestamp.get(cache_key, 0) < CACHE_DURATION): return _newsletter_cache[cache_key] conn = None try: conn = get_connection() cursor = conn.cursor() cursor.execute( "SELECT id, subject, body, sent_at " "FROM newsletters WHERE id = %s", (newsletter_id,) ) row = cursor.fetchone() cursor.close() if not row: return None newsletter = { "id": row[0], "subject": row[1], "body": row[2], "sent_at": row[3] } _newsletter_cache[cache_key] = newsletter _cache_timestamp[cache_key] = current_time return newsletter except Exception as e: app.logger.error(f"Database error in get_newsletter_by_id_cached: {e}") return None finally: if conn: return_connection(conn) def clear_newsletter_cache(): """Clear newsletter cache when data is updated""" global _newsletter_cache, _cache_timestamp keys_to_remove = [k for k in _newsletter_cache.keys() if k.startswith('newsletter')] for key in keys_to_remove: _newsletter_cache.pop(key, None) _cache_timestamp.pop(key, None) @app.before_request def before_request(): """Start timing the request and set up request context""" g.start_time = time.time() @app.after_request def after_request(response): """Log request timing and performance metrics""" total_time = time.time() - g.start_time # Log slow requests if total_time > 1.0: app.logger.warning(f"Slow request: {request.method} {request.path} took {total_time:.3f}s") elif total_time > 0.5: app.logger.info(f"Request: {request.method} {request.path} took {total_time:.3f}s") # Add performance headers for debugging response.headers['X-Response-Time'] = f"{total_time:.3f}s" return response def send_confirmation_email(to_address: str, html_body: str): """ Sends the HTML confirmation email to `to_address`. html_body is pre-rendered to avoid Flask context issues. """ try: subject = "Thanks for subscribing!" msg = MIMEText(html_body, "html", "utf-8") msg["Subject"] = subject msg["From"] = SMTP_USER msg["To"] = to_address with smtplib.SMTP_SSL(SMTP_SERVER, SMTP_PORT, timeout=10) as server: server.login(SMTP_USER, SMTP_PASSWORD) server.sendmail(SMTP_USER, [to_address], msg.as_string()) app.logger.info(f"Confirmation email sent successfully to {to_address}") except Exception as e: app.logger.error(f"Failed to send email to {to_address}: {e}") def send_confirmation_async(email, html_body): """ Wrapper for threading.Thread target. """ send_confirmation_email(email, html_body) @app.route("/", methods=["GET"]) def index(): """Home page - no database access needed""" return render_template("index.html", is_home=True) @app.route("/subscribe", methods=["POST"]) @limiter.limit("5 per minute") # Strict rate limit for subscriptions def subscribe(): """Subscribe endpoint with optimized database handling""" data = request.get_json() or {} email = data.get("email") if not email: return jsonify(error="No email provided"), 400 # Validate email format (basic check) if "@" not in email or "." not in email.split("@")[-1]: return jsonify(error="Invalid email format"), 400 try: if add_email(email): # Render the template in the main thread (with Flask context) unsubscribe_link = f"{request.url_root}unsubscribe?email={email}" html_body = render_template( "confirmation_email.html", unsubscribe_link=unsubscribe_link ) # Start email sending in background thread with pre-rendered HTML Thread( target=send_confirmation_async, args=(email, html_body), daemon=True ).start() return jsonify(message="Email has been added"), 201 else: return jsonify(error="Email already exists"), 400 except Exception as e: app.logger.error(f"Error in subscribe endpoint: {e}") return jsonify(error="Internal server error"), 500 @app.route("/unsubscribe", methods=["GET"]) @limiter.limit("10 per minute") def unsubscribe(): """Unsubscribe endpoint with optimized database handling""" email = request.args.get("email") if not email: return "No email specified.", 400 try: if remove_email(email): return f"The email {email} has been unsubscribed.", 200 else: return f"Email {email} was not found or has already been unsubscribed.", 400 except Exception as e: app.logger.error(f"Error in unsubscribe endpoint: {e}") return "Internal server error", 500 @app.route("/newsletters", methods=["GET"]) @limiter.limit("30 per minute") def newsletters(): """ List all newsletters (newest first) with caching for better performance. """ try: newsletters = get_newsletters_cached() return render_template("newsletters.html", newsletters=newsletters, is_home=False) except Exception as e: app.logger.error(f"Error in newsletters endpoint: {e}") return "Internal server error", 500 @app.route("/newsletter/", methods=["GET"]) @limiter.limit("60 per minute") def newsletter_detail(newsletter_id): """ Show a single newsletter by its ID with caching. """ try: newsletter = get_newsletter_by_id_cached(newsletter_id) if not newsletter: return "Newsletter not found.", 404 return render_template("newsletter_detail.html", newsletter=newsletter, is_home=False) except Exception as e: app.logger.error(f"Error in newsletter_detail endpoint: {e}") return "Internal server error", 500 @app.route("/admin/clear-cache", methods=["POST"]) @limiter.limit("5 per minute") def clear_cache(): """Admin endpoint to clear newsletter cache""" try: clear_newsletter_cache() return jsonify(message="Cache cleared successfully"), 200 except Exception as e: app.logger.error(f"Error clearing cache: {e}") return jsonify(error="Failed to clear cache"), 500 @app.route("/health", methods=["GET"]) @limiter.limit("120 per minute") def health_check(): """Health check endpoint for monitoring""" return jsonify(status="healthy", timestamp=time.time()), 200 # Rate limit error handler @app.errorhandler(429) def ratelimit_handler(e): return jsonify(error="Rate limit exceeded. Please try again later."), 429 # Error handlers @app.errorhandler(404) def not_found(error): return jsonify(error="Not found"), 404 @app.errorhandler(500) def internal_error(error): return jsonify(error="Internal server error"), 500 # Initialize database at startup try: init_db() app.logger.info("Database initialized successfully") except Exception as e: app.logger.error(f"Failed to initialize database: {e}") raise if __name__ == "__main__": app.run(host="0.0.0.0", debug=True)