308 lines
No EOL
9.5 KiB
Python
308 lines
No EOL
9.5 KiB
Python
import os
|
|
import time
|
|
import logging
|
|
from threading import Thread
|
|
import smtplib
|
|
from email.mime.text import MIMEText
|
|
from flask import Flask, render_template, request, jsonify, g
|
|
from flask_limiter import Limiter
|
|
from flask_limiter.util import get_remote_address
|
|
from dotenv import load_dotenv
|
|
from database import init_db, get_connection, return_connection, add_email, remove_email
|
|
|
|
load_dotenv()
|
|
|
|
SMTP_SERVER = os.getenv('SMTP_SERVER')
|
|
SMTP_PORT = int(os.getenv('SMTP_PORT', 465))
|
|
SMTP_USER = os.getenv('SMTP_USER')
|
|
SMTP_PASSWORD = os.getenv('SMTP_PASSWORD')
|
|
|
|
app = Flask(__name__)
|
|
|
|
# Rate limiting setup
|
|
limiter = Limiter(
|
|
key_func=get_remote_address,
|
|
app=app,
|
|
default_limits=["1000 per hour", "100 per minute"],
|
|
storage_uri="memory://"
|
|
)
|
|
|
|
# Configure logging
|
|
logging.basicConfig(
|
|
level=logging.INFO,
|
|
format='%(asctime)s %(levelname)s [%(name)s] %(message)s'
|
|
)
|
|
|
|
# Cache configuration
|
|
_newsletter_cache = {}
|
|
_cache_timestamp = {}
|
|
CACHE_DURATION = 300
|
|
|
|
def get_newsletters_cached():
|
|
"""Get newsletters with caching to reduce database hits"""
|
|
current_time = time.time()
|
|
|
|
if ('newsletters' in _newsletter_cache and
|
|
current_time - _cache_timestamp.get('newsletters', 0) < CACHE_DURATION):
|
|
return _newsletter_cache['newsletters']
|
|
|
|
conn = None
|
|
try:
|
|
conn = get_connection()
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"SELECT id, subject, body, sent_at "
|
|
"FROM newsletters ORDER BY sent_at DESC LIMIT 100"
|
|
)
|
|
rows = cursor.fetchall()
|
|
cursor.close()
|
|
|
|
newsletters = [
|
|
{"id": r[0], "subject": r[1], "body": r[2], "sent_at": r[3]}
|
|
for r in rows
|
|
]
|
|
|
|
_newsletter_cache['newsletters'] = newsletters
|
|
_cache_timestamp['newsletters'] = current_time
|
|
|
|
return newsletters
|
|
except Exception as e:
|
|
app.logger.error(f"Database error in get_newsletters_cached: {e}")
|
|
return []
|
|
finally:
|
|
if conn:
|
|
return_connection(conn)
|
|
|
|
def get_newsletter_by_id_cached(newsletter_id):
|
|
"""Get single newsletter with caching"""
|
|
cache_key = f'newsletter_{newsletter_id}'
|
|
current_time = time.time()
|
|
|
|
if (cache_key in _newsletter_cache and
|
|
current_time - _cache_timestamp.get(cache_key, 0) < CACHE_DURATION):
|
|
return _newsletter_cache[cache_key]
|
|
|
|
conn = None
|
|
try:
|
|
conn = get_connection()
|
|
cursor = conn.cursor()
|
|
cursor.execute(
|
|
"SELECT id, subject, body, sent_at "
|
|
"FROM newsletters WHERE id = %s",
|
|
(newsletter_id,)
|
|
)
|
|
row = cursor.fetchone()
|
|
cursor.close()
|
|
|
|
if not row:
|
|
return None
|
|
|
|
newsletter = {
|
|
"id": row[0],
|
|
"subject": row[1],
|
|
"body": row[2],
|
|
"sent_at": row[3]
|
|
}
|
|
|
|
_newsletter_cache[cache_key] = newsletter
|
|
_cache_timestamp[cache_key] = current_time
|
|
|
|
return newsletter
|
|
except Exception as e:
|
|
app.logger.error(f"Database error in get_newsletter_by_id_cached: {e}")
|
|
return None
|
|
finally:
|
|
if conn:
|
|
return_connection(conn)
|
|
|
|
def clear_newsletter_cache():
|
|
"""Clear newsletter cache when data is updated"""
|
|
global _newsletter_cache, _cache_timestamp
|
|
keys_to_remove = [k for k in _newsletter_cache.keys()
|
|
if k.startswith('newsletter')]
|
|
for key in keys_to_remove:
|
|
_newsletter_cache.pop(key, None)
|
|
_cache_timestamp.pop(key, None)
|
|
|
|
@app.before_request
|
|
def before_request():
|
|
"""Start timing the request and set up request context"""
|
|
g.start_time = time.time()
|
|
|
|
@app.after_request
|
|
def after_request(response):
|
|
"""Log request timing and performance metrics"""
|
|
total_time = time.time() - g.start_time
|
|
|
|
# Log slow requests
|
|
if total_time > 1.0:
|
|
app.logger.warning(f"Slow request: {request.method} {request.path} took {total_time:.3f}s")
|
|
elif total_time > 0.5:
|
|
app.logger.info(f"Request: {request.method} {request.path} took {total_time:.3f}s")
|
|
|
|
# Add performance headers for debugging
|
|
response.headers['X-Response-Time'] = f"{total_time:.3f}s"
|
|
|
|
return response
|
|
|
|
def send_confirmation_email(to_address: str, html_body: str):
|
|
"""
|
|
Sends the HTML confirmation email to `to_address`.
|
|
html_body is pre-rendered to avoid Flask context issues.
|
|
"""
|
|
try:
|
|
subject = "Thanks for subscribing!"
|
|
|
|
msg = MIMEText(html_body, "html", "utf-8")
|
|
msg["Subject"] = subject
|
|
msg["From"] = SMTP_USER
|
|
msg["To"] = to_address
|
|
|
|
with smtplib.SMTP_SSL(SMTP_SERVER, SMTP_PORT, timeout=10) as server:
|
|
server.login(SMTP_USER, SMTP_PASSWORD)
|
|
server.sendmail(SMTP_USER, [to_address], msg.as_string())
|
|
|
|
app.logger.info(f"Confirmation email sent successfully to {to_address}")
|
|
|
|
except Exception as e:
|
|
app.logger.error(f"Failed to send email to {to_address}: {e}")
|
|
|
|
def send_confirmation_async(email, html_body):
|
|
"""
|
|
Wrapper for threading.Thread target.
|
|
"""
|
|
send_confirmation_email(email, html_body)
|
|
|
|
@app.route("/", methods=["GET"])
|
|
def index():
|
|
"""Home page - no database access needed"""
|
|
return render_template("index.html", is_home=True)
|
|
|
|
@app.route("/subscribe", methods=["POST"])
|
|
@limiter.limit("5 per minute") # Strict rate limit for subscriptions
|
|
def subscribe():
|
|
"""Subscribe endpoint with optimized database handling"""
|
|
data = request.get_json() or {}
|
|
email = data.get("email")
|
|
|
|
if not email:
|
|
return jsonify(error="No email provided"), 400
|
|
|
|
# Validate email format (basic check)
|
|
if "@" not in email or "." not in email.split("@")[-1]:
|
|
return jsonify(error="Invalid email format"), 400
|
|
|
|
try:
|
|
if add_email(email):
|
|
# Render the template in the main thread (with Flask context)
|
|
unsubscribe_link = f"{request.url_root}unsubscribe?email={email}"
|
|
html_body = render_template(
|
|
"confirmation_email.html",
|
|
unsubscribe_link=unsubscribe_link
|
|
)
|
|
|
|
# Start email sending in background thread with pre-rendered HTML
|
|
Thread(
|
|
target=send_confirmation_async,
|
|
args=(email, html_body),
|
|
daemon=True
|
|
).start()
|
|
|
|
return jsonify(message="Email has been added"), 201
|
|
else:
|
|
return jsonify(error="Email already exists"), 400
|
|
|
|
except Exception as e:
|
|
app.logger.error(f"Error in subscribe endpoint: {e}")
|
|
return jsonify(error="Internal server error"), 500
|
|
|
|
@app.route("/unsubscribe", methods=["GET"])
|
|
@limiter.limit("10 per minute")
|
|
def unsubscribe():
|
|
"""Unsubscribe endpoint with optimized database handling"""
|
|
email = request.args.get("email")
|
|
|
|
if not email:
|
|
return "No email specified.", 400
|
|
|
|
try:
|
|
if remove_email(email):
|
|
return f"The email {email} has been unsubscribed.", 200
|
|
else:
|
|
return f"Email {email} was not found or has already been unsubscribed.", 400
|
|
|
|
except Exception as e:
|
|
app.logger.error(f"Error in unsubscribe endpoint: {e}")
|
|
return "Internal server error", 500
|
|
|
|
@app.route("/newsletters", methods=["GET"])
|
|
@limiter.limit("30 per minute")
|
|
def newsletters():
|
|
"""
|
|
List all newsletters (newest first) with caching for better performance.
|
|
"""
|
|
try:
|
|
newsletters = get_newsletters_cached()
|
|
return render_template("newsletters.html", newsletters=newsletters, is_home=False)
|
|
except Exception as e:
|
|
app.logger.error(f"Error in newsletters endpoint: {e}")
|
|
return "Internal server error", 500
|
|
|
|
@app.route("/newsletter/<int:newsletter_id>", methods=["GET"])
|
|
@limiter.limit("60 per minute")
|
|
def newsletter_detail(newsletter_id):
|
|
"""
|
|
Show a single newsletter by its ID with caching.
|
|
"""
|
|
try:
|
|
newsletter = get_newsletter_by_id_cached(newsletter_id)
|
|
|
|
if not newsletter:
|
|
return "Newsletter not found.", 404
|
|
|
|
return render_template("newsletter_detail.html", newsletter=newsletter, is_home=False)
|
|
except Exception as e:
|
|
app.logger.error(f"Error in newsletter_detail endpoint: {e}")
|
|
return "Internal server error", 500
|
|
|
|
@app.route("/admin/clear-cache", methods=["POST"])
|
|
@limiter.limit("5 per minute")
|
|
def clear_cache():
|
|
"""Admin endpoint to clear newsletter cache"""
|
|
try:
|
|
clear_newsletter_cache()
|
|
return jsonify(message="Cache cleared successfully"), 200
|
|
except Exception as e:
|
|
app.logger.error(f"Error clearing cache: {e}")
|
|
return jsonify(error="Failed to clear cache"), 500
|
|
|
|
@app.route("/health", methods=["GET"])
|
|
@limiter.limit("120 per minute")
|
|
def health_check():
|
|
"""Health check endpoint for monitoring"""
|
|
return jsonify(status="healthy", timestamp=time.time()), 200
|
|
|
|
# Rate limit error handler
|
|
@app.errorhandler(429)
|
|
def ratelimit_handler(e):
|
|
return jsonify(error="Rate limit exceeded. Please try again later."), 429
|
|
|
|
# Error handlers
|
|
@app.errorhandler(404)
|
|
def not_found(error):
|
|
return jsonify(error="Not found"), 404
|
|
|
|
@app.errorhandler(500)
|
|
def internal_error(error):
|
|
return jsonify(error="Internal server error"), 500
|
|
|
|
# Initialize database at startup
|
|
try:
|
|
init_db()
|
|
app.logger.info("Database initialized successfully")
|
|
except Exception as e:
|
|
app.logger.error(f"Failed to initialize database: {e}")
|
|
raise
|
|
|
|
if __name__ == "__main__":
|
|
app.run(host="0.0.0.0", debug=True) |