vf/vf_react
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update pay ui

Browse Source
This commit is contained in:
zzlgreat
2025-12-14 13:28:07 +08:00
parent 6bde8dd8f0
commit 893a75fab9
2 changed files with 29 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
app.py
View File

@@ -384,20 +384,23 @@ if USE_REDIS_SESSION:
Session(app) Session(app)
print("✅ Flask-Session (Redis) 已初始化,支持多 Worker 共享 session") print("✅ Flask-Session (Redis) 已初始化,支持多 Worker 共享 session")
# 确保 session 使用永久模式(解决 Flask-Session 0.8.0 默认 1 小时 TTL 问题) # 确保 session 使用永久模式并刷新 TTL(解决 Flask-Session 0.8.0 TTL 问题)
@app.before_request @app.before_request
def make_session_permanent(): def refresh_session_ttl():
"""每次请求开始时确保 session 是永久的,使用 PERMANENT_SESSION_LIFETIME 作为 TTL""" """
每次请求开始时:
1. 确保 session 是永久的,使用 PERMANENT_SESSION_LIFETIME 作为 TTL
2. 标记 session 为已修改,触发 Redis TTL 刷新
注意:必须在 before_request 中设置 session.modified = True
因为 Flask-Session 的 save_session 在 after_request 之前执行
如果在 after_request 中设置TTL 不会被刷新
"""
from flask import session from flask import session
session.permanent = True session.permanent = True
# 只有当 session 中有用户数据时才刷新 TTL避免为匿名用户创建 session
# 确保每次请求后刷新 session TTL解决 session 过早过期问题) if session.get('user_id') or session.get('_user_id'):
@app.after_request session.modified = True
def refresh_session(response):
"""每次请求后标记 session 为已修改,触发 Redis TTL 刷新"""
from flask import session
session.modified = True
return response
# 配置邮件 # 配置邮件
app.config['MAIL_SERVER'] = MAIL_SERVER app.config['MAIL_SERVER'] = MAIL_SERVER

21
nginx-110.42.32.207.conf
View File

@@ -491,16 +491,19 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
# 隐藏后端返回的 CORS 头(避免重复) # 隐藏后端返回的可能冲突的头
proxy_hide_header Access-Control-Allow-Origin; proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials; proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods; proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers; proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header Cross-Origin-Resource-Policy;
# 统一添加 CORS 头 # 解决 ORB 问题
add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always; add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always; add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always;
add_header 'Cross-Origin-Resource-Policy' 'cross-origin' always;
proxy_cache_valid 200 1d; proxy_cache_valid 200 1d;
expires 1d; expires 1d;
@@ -515,16 +518,19 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
# 隐藏后端返回的 CORS 头(避免重复) # 隐藏后端返回的可能冲突的头
proxy_hide_header Access-Control-Allow-Origin; proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials; proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods; proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers; proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header Cross-Origin-Resource-Policy;
# CORS 头(解决 ERR_BLOCKED_BY_ORB # 解决 ORB 问题
add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always; add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always; add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always;
add_header 'Cross-Origin-Resource-Policy' 'cross-origin' always;
proxy_cache_valid 200 1d; proxy_cache_valid 200 1d;
expires 1d; expires 1d;
@@ -618,16 +624,19 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
# 隐藏后端返回的 CORS 头(避免重复) # 隐藏后端返回的可能冲突的头
proxy_hide_header Access-Control-Allow-Origin; proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials; proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods; proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers; proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header Cross-Origin-Resource-Policy;
# CORS 头(解决 ERR_BLOCKED_BY_ORB # 解决 ORB 问题
add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always; add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always; add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always;
add_header 'Cross-Origin-Resource-Policy' 'cross-origin' always;
proxy_cache_valid 200 1d; proxy_cache_valid 200 1d;
proxy_cache_bypass $http_cache_control; proxy_cache_bypass $http_cache_control;