Configuration & Environment

Configuration Overview

Atslegas uses a combination of a central configuration file (config.json) and runtime environment setup to manage its behavior. The application is designed to handle school-wide key management, necessitating specific settings for security timeouts, database persistence, and data validation.

The config.json File

The primary configuration is managed via config.json located in the root directory. This file defines how the server handles sessions, database connections, and user input constraints.

Client Sessions

The client_sessions block manages server-side session persistence. Atslegas uses filesystem-based sessions to ensure that user sessions can be revoked or inspected on the server.

| Parameter | Type | Default | Description | | :--- | :--- | :--- | :--- | | timeout_seconds | Integer | 3600 | The duration (in seconds) before a user is automatically logged out due to inactivity. | | session_storage_dir | String | %s/flask_session | The directory where session files are stored. %s is a placeholder for the application's root directory. |

Database Settings

These settings define the backend storage parameters. Atslegas utilizes SQLite with Write-Ahead Logging (WAL) enabled for improved concurrency.

| Parameter | Type | Default | Description | | :--- | :--- | :--- | :--- | | db_file | String | database.db | The filename of the SQLite database. | | schema_file | String | schema.sql | The SQL file used to initialize the database structure on the first run. |

Data Validation (Users)

To prevent database bloat and ensure API consistency, length limits are enforced for user-related strings.

| Parameter | Type | Default | Description | | :--- | :--- | :--- | :--- | | username_length_limit | Integer | 64 | Maximum character length for usernames. | | password_length_limit | Integer | 64 | Maximum character length for raw passwords. | | salt_length_limit | Integer | 64 | Maximum character length for password salts. |

{
    "client_sessions": {
        "timeout_seconds": 3600,
        "session_storage_dir": "%s/flask_session"
    },
    "db": {
        "db_file": "database.db",
        "schema_file": "schema.sql"
    },
    "users": {
        "username_length_limit": 64,
        "password_length_limit": 64,
        "salt_length_limit": 64
    },
    "secrets": {
        "flask_secret_key": "your_secure_random_key_here"
    }
}

Security & Secrets

Flask Secret Key

The application requires a secret key to sign session cookies and protect against CSRF. This is currently read from the secrets block in config.json.

Recommendation: For production environments, ensure this key is a long, random string. Do not use the default "root" or "dev" keys in a live school environment.

Environment Setup

Session Storage Lifecycle

Atslegas automatically manages the session storage directory. Upon every application restart:

1. The directory specified in session_storage_dir is created if it does not exist.
2. Warning: Existing session files in that directory are purged to ensure a clean state and to force re-authentication across the system.

Database Concurrency

The system is pre-configured for multi-user environments. You do not need to manually configure these, but the db_engine.py implements the following environment-specific behaviors:

• Busy Timeout: 5000ms (5 seconds) to prevent "Database is locked" errors during concurrent writes.
• Journal Mode: WAL (Write-Ahead Logging) is enabled automatically to allow multiple readers and a single writer to operate simultaneously without blocking.

Directory Permissions

Ensure the user running the Flask application has read/write permissions for:

• The root directory (to create/access database.db).
• The flask_session/ directory (to manage temporary session files).
• The frontend/ directory (to serve static assets).