Multiple gunicorn workers are not supported
Flask session data is stored in the Flask instance itself, instead of a shared location. This results in behaviour relying on the Flask session storage to break when using multiple Flask instances (gunicorn workers).
A solution would be to use an extension to store the session data in a centralized place, instead of in the Flask instance. The best option IMO is flasksession
with the Redis backend.
An example of an issue that results from this flaw:
When launching zesje via
exec gunicorn zesje.wsgi:app --timeout 600 --graceful-timeout 500 --workers 5
users are unable to log in, and logs show the following error.
[2022-10-05 09:51:04,487] ERROR in app: Exception on /api/oauth/callback [GET]
Traceback (most recent call last):
File "/opt/conda/envs/zesje-dev/lib/python3.8/site-packages/flask/app.py", line 1513, in full_dispatch_request
rv = self.dispatch_request()
File "/opt/conda/envs/zesje-dev/lib/python3.8/site-packages/flask/app.py", line 1499, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
File "/opt/conda/envs/zesje-dev/lib/python3.8/site-packages/flask_restful/__init__.py", line 467, in wrapper
resp = resource(*args, **kwargs)
File "/opt/conda/envs/zesje-dev/lib/python3.8/site-packages/flask/views.py", line 83, in view
return self.dispatch_request(*args, **kwargs)
File "/opt/conda/envs/zesje-dev/lib/python3.8/site-packages/flask_restful/__init__.py", line 582, in dispatch_request
resp = meth(*args, **kwargs)
File "/app/zesje/api/oauth.py", line 63, in get
userurl = session['oauth_userurl']
File "/opt/conda/envs/zesje-dev/lib/python3.8/site-packages/flask/sessions.py", line 79, in __getitem__
return super().__getitem__(key)
KeyError: 'oauth_userurl'
Edited by Hugo Kerstens