- cleanup healthz logging in before_request

- Security and csrf added to eveai_ops. Otherwise the initialize_data.py script cannot initialize the Super User...

documentation/Production Setup/cluster-install.md

@@ -675,6 +675,10 @@ curl https://evie-staging.askeveai.com/verify/
 - Change A-record to CNAME pointing to CDN endpoint
 - Or update A-record to CDN IP
 
+## Bunny.net notes
+
+- In the pull zone's Caching - General settings, ensure to disable 'Strip Response Cookies'
+
 
 
 

eveai_app/__init__.py

@@ -119,15 +119,12 @@ def create_app(config_file=None):
         from flask_login import current_user
         import datetime
 
+        if request.path.startswith('/healthz'):
+            return
+
         app.logger.debug(f"Before request - URL: {request.url}")
         app.logger.debug(f"Before request - Session permanent: {session.permanent}")
 
-        # # Log session expiry tijd als deze bestaat
-        # if current_user.is_authenticated:
-        #     # Controleer of sessie permanent is (nodig voor PERMANENT_SESSION_LIFETIME)
-        #     if not session.permanent:
-        #         session.permanent = True
-
     @app.route('/debug/session')
     def debug_session():
         from flask import session

eveai_ops/__init__.py

@@ -1,10 +1,11 @@
 import logging
 import os
 from flask import Flask
+from flask_security import SQLAlchemyUserDatastore
 from werkzeug.middleware.proxy_fix import ProxyFix
 import logging.config
 
-from common.extensions import db, migrate
+from common.extensions import db, migrate, security, csrf
 from config.logging_config import configure_logging
 from config.config import get_config
 import common.models.user
@@ -12,6 +13,8 @@ import common.models.interaction
 import common.models.entitlements
 import common.models.document
 
+from common.models.user import User, Role
+
 def create_app(config_file=None):
     app = Flask(__name__, static_url_path='/static')
 
@@ -54,6 +57,10 @@ def create_app(config_file=None):
 
     register_extensions(app)
 
+    # Setup Flask-Security-Too
+    user_datastore = SQLAlchemyUserDatastore(db, User, Role)
+    security.init_app(app, user_datastore)
+
     # Register Blueprints
     register_blueprints(app)
 
@@ -77,6 +84,7 @@ def create_app(config_file=None):
 def register_extensions(app):
     db.init_app(app)
     migrate.init_app(app, db)
+    csrf.init_app(app)
 
 
 def register_blueprints(app):

scripts/initialize_data.py

@@ -120,7 +120,7 @@ def initialize_admin_user(tenant):
     admin_user = User.query.filter_by(email='yoda@flow-it.net').first()
 
     if not admin_user:
-        print("Creating admin user (yoda)")
+        print("🧡 Creating admin user (yoda)")
 
         # Create a secure password - you can replace this with your preferred default
         password = hash_password('Dagobah')
@@ -148,7 +148,9 @@ def initialize_admin_user(tenant):
         db.session.add(user_role)
         db.session.commit()
     else:
-        print(f"Admin user already exists: {admin_user.email} (ID: {admin_user.id})")
+        print(f"🧡 Admin user already exists: {admin_user.email} (ID: {admin_user.id})")
+
+    print(f"🧡 Admin user initialized successfully.")
 
     return admin_user
 
@@ -157,6 +159,6 @@ if __name__ == "__main__":
     try:
         initialize_data()
     except IntegrityError:
-        print("Error: Integrity constraint violation. Initial data already exists.")
+        print("💔 Error: Integrity constraint violation. Initial data already exists.")
     except Exception as e:
-        print(f"An error occurred during initialization: {e}")
+        print(f"💔 An error occurred during initialization: {e}")