0x5t4l1n/OpenLearnX
1
0
Fork 0
mirror of https://github.com/th30d4y/OpenLearnX.git synced 2026-05-26 11:25:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): harden execution sandbox and add dedicated admin execution logs

Browse Source
This commit is contained in:
Stalin
2026-04-19 23:03:08 +05:30
parent d19c4e4d15
commit 14765d7d18
12 changed files with 1296 additions and 834 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/routes/admin.py
+94
View File
@@ -371,6 +371,100 @@ def get_admin_logs():
return jsonify({"error": str(e)}), 500 return jsonify({"error": str(e)}), 500
@bp.route("/logs/executions", methods=["GET"])
@admin_required
def get_execution_logs():
"""Query compiler/coding execution events as a dedicated log stream."""
try:
language = request.args.get("language", "").strip().lower()
status = request.args.get("status", "").strip().lower()
search = request.args.get("search", "").strip()
from_ts = request.args.get("from", "").strip()
to_ts = request.args.get("to", "").strip()
limit = min(max(int(request.args.get("limit", 100)), 1), 500)
page = max(int(request.args.get("page", 1)), 1)
query = {}
if language:
query["language"] = language
if status:
query["status"] = status
ts_filter = {}
if from_ts:
try:
ts_filter["$gte"] = datetime.fromisoformat(from_ts)
except Exception:
pass
if to_ts:
try:
ts_filter["$lte"] = datetime.fromisoformat(to_ts)
except Exception:
pass
if ts_filter:
query["timestamp"] = ts_filter
if search:
safe = re.escape(search)
query["$or"] = [
{"execution_id": {"$regex": safe, "$options": "i"}},
{"language": {"$regex": safe, "$options": "i"}},
{"source": {"$regex": safe, "$options": "i"}},
{"ip": {"$regex": safe, "$options": "i"}},
{"status": {"$regex": safe, "$options": "i"}},
{"error": {"$regex": safe, "$options": "i"}},
]
skip = (page - 1) * limit
total = db.code_execution_events.count_documents(query)
docs = list(db.code_execution_events.find(query).sort("timestamp", -1).skip(skip).limit(limit))
logs = []
for doc in docs:
item = _json_safe(doc)
item["id"] = str(item.get("_id"))
item.pop("_id", None)
if not item.get("source"):
item["source"] = "compiler"
if not item.get("request_body"):
item["request_body"] = {
"language": item.get("language", "unknown"),
"code": "Legacy log entry (request code body was not captured at execution time)",
"code_size": item.get("code_size", 0),
}
if not item.get("response_body"):
item["response_body"] = {
"success": item.get("status") == "success",
"blocked": bool(item.get("blocked")),
"execution_id": item.get("execution_id"),
"error": item.get("error", ""),
"security_violations": item.get("security_violations", []),
"execution_time": item.get("execution_time", 0),
"memory_used": item.get("memory_used", 0),
"exit_code": item.get("exit_code", 0),
"note": "Legacy log entry (response payload was not captured at execution time)",
}
logs.append(item)
return jsonify({
"success": True,
"logs": logs,
"pagination": {
"page": page,
"limit": limit,
"total": total,
"pages": (total + limit - 1) // limit,
},
})
except Exception as e:
print(f"Error getting execution logs: {str(e)}")
return jsonify({"error": str(e)}), 500
@bp.route("/users", methods=["GET"]) @bp.route("/users", methods=["GET"])
@admin_required @admin_required
def get_admin_users(): def get_admin_users():
backend/routes/coding.py
+92 -63
View File
@@ -10,6 +10,7 @@ import docker
import psutil import psutil
from pymongo import MongoClient from pymongo import MongoClient
from activity_logger import log_user_activity, resolve_user_identity from activity_logger import log_user_activity, resolve_user_identity
from services.real_compiler_service import real_compiler_service
bp = Blueprint('coding', __name__) bp = Blueprint('coding', __name__)
@@ -86,10 +87,81 @@ def execute_code():
# Log coding attempt # Log coding attempt
log_coding_attempt(session['coding_session_id'], code, language) log_coding_attempt(session['coding_session_id'], code, language)
# Execute code in secure container # Execute code in hardened Docker sandbox
result = execute_in_container(code, language, test_cases) result = real_compiler_service.execute_code(code=code, language=language, input_data="")
return jsonify(result) event_type = "coding_execution_success" if result.get("success") else "coding_execution_blocked"
severity = "info" if result.get("success") else "warning"
execution_status = "success" if result.get("success") else "failed"
if result.get("blocked"):
execution_status = "blocked"
db.security_logs.insert_one({
"timestamp": datetime.utcnow(),
"event_type": event_type,
"action": "secure_coding_execute",
"status_code": 200 if result.get("success") else 400,
"severity": severity,
"path": request.path,
"method": request.method,
"ip": request.remote_addr or "unknown",
"user_agent": request.headers.get("User-Agent", ""),
"metadata": {
"language": language,
"execution_id": result.get("execution_id"),
"blocked": bool(result.get("blocked")),
"security_violations": result.get("security_violations", []),
"execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"exit_code": result.get("exit_code", -1),
},
"metadata_text": str(result.get("security_violations", [])),
})
try:
request_payload = {
"language": language,
"code": (code or "")[:4000],
"code_size": len(code or ""),
"test_case_count": len(test_cases) if isinstance(test_cases, list) else 0,
}
response_payload = {
"success": bool(result.get("success")),
"blocked": bool(result.get("blocked")),
"execution_id": result.get("execution_id"),
"output": (result.get("output") or "")[:4000],
"error": result.get("error", ""),
"security_violations": result.get("security_violations", []),
"execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"exit_code": result.get("exit_code", -1),
}
db.code_execution_events.insert_one({
"timestamp": datetime.utcnow(),
"event_type": "execution",
"source": "coding",
"language": language,
"execution_id": result.get("execution_id"),
"execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"exit_code": result.get("exit_code", -1),
"status": execution_status,
"blocked": bool(result.get("blocked")),
"security_violations": result.get("security_violations", []),
"error": result.get("error", ""),
"request_body": request_payload,
"response_body": response_payload,
"ip": request.remote_addr or "unknown",
"user_agent": request.headers.get("User-Agent", ""),
})
except Exception:
pass
if result.get("success"):
return jsonify({"success": True, **result})
return jsonify({"success": False, **result}), 400
except Exception as e: except Exception as e:
return jsonify({"error": str(e)}), 500 return jsonify({"error": str(e)}), 500
@@ -156,66 +228,23 @@ def submit_coding_test():
return jsonify({"error": str(e)}), 500 return jsonify({"error": str(e)}), 500
def execute_in_container(code, language, test_cases): def execute_in_container(code, language, test_cases):
"""Execute code in secure Docker container""" """Backward-compatible wrapper around the hardened compiler service."""
try: result = real_compiler_service.execute_code(code=code, language=language, input_data="")
client = docker.from_env() if result.get("success"):
return {
# Language-specific container configuration "success": True,
containers = { "output": result.get("output", ""),
'python': 'python:3.9-alpine', "test_results": [],
'java': 'openjdk:11-alpine', "execution_time": result.get("execution_time", 0),
'javascript': 'node:16-alpine' "memory_used": result.get("memory_used", 0),
"execution_id": result.get("execution_id"),
} }
return {
if language not in containers: "success": False,
return {"error": "Unsupported language"} "error": result.get("error", "Execution failed"),
"security_violations": result.get("security_violations", []),
# Create temporary file "execution_id": result.get("execution_id"),
with tempfile.NamedTemporaryFile(mode='w', suffix=f'.{get_file_extension(language)}', delete=False) as f: }
f.write(code)
temp_file = f.name
try:
# Run container with security restrictions
container = client.containers.run(
containers[language],
command=get_run_command(language, temp_file),
volumes={os.path.dirname(temp_file): {'bind': '/app', 'mode': 'ro'}},
working_dir='/app',
mem_limit='128m',
cpu_period=100000,
cpu_quota=50000, # 50% CPU limit
network_mode='none', # No network access
remove=True,
timeout=10, # 10 second timeout
detach=False
)
output = container.decode('utf-8')
# Run test cases if provided
test_results = []
if test_cases:
for test in test_cases:
test_result = run_test_case(code, language, test)
test_results.append(test_result)
return {
"success": True,
"output": output,
"test_results": test_results,
"execution_time": "< 10s"
}
finally:
os.unlink(temp_file)
except docker.errors.ContainerError as e:
return {"error": f"Runtime error: {e}"}
except docker.errors.ImageNotFound:
return {"error": "Language runtime not available"}
except Exception as e:
return {"error": f"Execution failed: {str(e)}"}
def get_file_extension(language): def get_file_extension(language):
extensions = { extensions = {
backend/routes/compiler.py
+210 -530
View File
@@ -1,546 +1,226 @@
from flask import Blueprint, request, jsonify
import subprocess
import tempfile
import os
import time
import docker
from datetime import datetime from datetime import datetime
import os
bp = Blueprint('compiler', __name__) from flask import Blueprint, jsonify, request
from pymongo import MongoClient
def get_db(): from services.real_compiler_service import real_compiler_service
"""Get MongoDB database connection"""
from pymongo import MongoClient
from flask import current_app
client = MongoClient(current_app.config['MONGODB_URI'])
return client.openlearnx
@bp.route('/execute', methods=['POST', 'OPTIONS']) bp = Blueprint("compiler", __name__)
mongo_uri = os.getenv("MONGODB_URI", "mongodb://localhost:27017/")
client = MongoClient(mongo_uri)
db = client.openlearnx
def _json_response(payload, status=200):
response = jsonify(payload)
response.headers.add("Access-Control-Allow-Origin", "*")
response.headers.add("Access-Control-Allow-Headers", "Content-Type,Authorization")
response.headers.add("Access-Control-Allow-Methods", "GET,POST,OPTIONS")
return response, status
def _client_ip():
forwarded_for = request.headers.get("X-Forwarded-For", "")
if forwarded_for:
return forwarded_for.split(",")[0].strip()
return request.remote_addr or "unknown"
def _log_security(event_type, action, severity="info", status_code=200, metadata=None):
try:
log_doc = {
"timestamp": datetime.utcnow(),
"event_type": event_type,
"action": action,
"status_code": int(status_code),
"severity": severity,
"path": request.path,
"method": request.method,
"ip": _client_ip(),
"user_agent": request.headers.get("User-Agent", ""),
"metadata": metadata or {},
"metadata_text": str(metadata or {}),
}
db.security_logs.insert_one(log_doc)
except Exception as e:
print(f"Compiler security log failure: {e}")
@bp.route("/execute", methods=["POST", "OPTIONS"])
def execute_code(): def execute_code():
"""Execute code in specified language with Docker support"""
if request.method == "OPTIONS": if request.method == "OPTIONS":
response = jsonify({'status': 'ok'}) return _json_response({"status": "ok"}, 200)
response.headers.add("Access-Control-Allow-Origin", "*")
response.headers.add("Access-Control-Allow-Headers", "Content-Type,Authorization")
response.headers.add("Access-Control-Allow-Methods", "POST,OPTIONS")
return response
try:
data = request.get_json()
language = data.get('language', 'python').lower()
code = data.get('code', '').strip()
input_data = data.get('input', '')
print(f"🔧 Executing {language} code")
print(f"📝 Code length: {len(code)} characters")
if not code:
return jsonify({"success": False, "error": "No code provided"}), 400
# Execute based on language
if language == 'python':
return execute_python(code, input_data)
elif language == 'java':
return execute_java(code, input_data)
elif language == 'javascript' or language == 'js':
return execute_javascript(code, input_data)
elif language == 'cpp' or language == 'c++':
return execute_cpp(code, input_data)
elif language == 'c':
return execute_c(code, input_data)
else:
return jsonify({
"success": False,
"error": f"Language '{language}' not supported. Available: python, java, javascript, cpp, c"
}), 400
except Exception as e:
print(f"❌ Compiler error: {str(e)}")
import traceback
traceback.print_exc()
return jsonify({"success": False, "error": f"Server error: {str(e)}"}), 500
def execute_python(code, input_data=""):
"""Execute Python code"""
try: try:
# Create temporary file data = request.get_json(silent=True) or {}
with tempfile.NamedTemporaryFile(mode='w', suffix='.py', delete=False) as f: language = str(data.get("language", "python")).strip().lower()
f.write(code) code = str(data.get("code", ""))
temp_file = f.name input_data = str(data.get("input", ""))
if not code.strip():
_log_security(
"compiler_input_invalid",
"empty_code_submission",
severity="warning",
status_code=400,
metadata={"language": language},
)
return _json_response({"success": False, "error": "No code provided"}, 400)
result = real_compiler_service.execute_code(code=code, language=language, input_data=input_data)
log_metadata = {
"language": language,
"code_size": len(code),
"execution_id": result.get("execution_id"),
"exit_code": result.get("exit_code"),
"execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"blocked": bool(result.get("blocked")),
"security_violations": result.get("security_violations", []),
"error": result.get("error", ""),
}
try: try:
# Execute with subprocess status = "success"
start_time = time.time() if result.get("blocked"):
result = subprocess.run( status = "blocked"
['python3', temp_file], elif result.get("error") and not result.get("success", False):
input=input_data, status = "failed"
text=True,
capture_output=True,
timeout=10, # 10 second timeout
cwd=tempfile.gettempdir()
)
execution_time = time.time() - start_time
if result.returncode == 0:
return jsonify({
"success": True,
"output": result.stdout or "Code executed successfully (no output)",
"error": result.stderr if result.stderr else None,
"language": "python",
"execution_time": round(execution_time, 3)
})
else:
return jsonify({
"success": False,
"error": result.stderr or f"Process exited with code {result.returncode}",
"language": "python"
})
finally:
# Clean up temp file
try:
os.unlink(temp_file)
except:
pass
except subprocess.TimeoutExpired:
return jsonify({
"success": False,
"error": "Code execution timed out (10s limit)"
}), 400
except FileNotFoundError:
return jsonify({
"success": False,
"error": "Python interpreter not found. Please install Python 3."
}), 500
except Exception as e:
return jsonify({
"success": False,
"error": f"Python execution error: {str(e)}"
}), 500
def execute_java(code, input_data=""): request_payload = {
"""Execute Java code""" "language": language,
try: "code": code[:4000],
# Extract class name from code "code_size": len(code),
import re "input": input_data[:2000],
class_match = re.search(r'public\s+class\s+(\w+)', code) "input_size": len(input_data),
if not class_match:
return jsonify({
"success": False,
"error": "No public class found. Java code must contain 'public class ClassName'"
}), 400
class_name = class_match.group(1)
# Create temporary directory
temp_dir = tempfile.mkdtemp()
java_file = os.path.join(temp_dir, f"{class_name}.java")
try:
# Write Java code to file
with open(java_file, 'w') as f:
f.write(code)
# Compile Java code
compile_result = subprocess.run(
['javac', java_file],
capture_output=True,
text=True,
timeout=30,
cwd=temp_dir
)
if compile_result.returncode != 0:
return jsonify({
"success": False,
"error": f"Compilation error:\n{compile_result.stderr}",
"language": "java"
})
# Execute Java code
start_time = time.time()
result = subprocess.run(
['java', class_name],
input=input_data,
text=True,
capture_output=True,
timeout=10,
cwd=temp_dir
)
execution_time = time.time() - start_time
if result.returncode == 0:
return jsonify({
"success": True,
"output": result.stdout or "Code executed successfully (no output)",
"error": result.stderr if result.stderr else None,
"language": "java",
"execution_time": round(execution_time, 3)
})
else:
return jsonify({
"success": False,
"error": result.stderr or f"Runtime error (exit code {result.returncode})",
"language": "java"
})
finally:
# Clean up temp files
import shutil
try:
shutil.rmtree(temp_dir)
except:
pass
except subprocess.TimeoutExpired:
return jsonify({
"success": False,
"error": "Code execution timed out"
}), 400
except FileNotFoundError:
return jsonify({
"success": False,
"error": "Java compiler/runtime not found. Please install JDK."
}), 500
except Exception as e:
return jsonify({
"success": False,
"error": f"Java execution error: {str(e)}"
}), 500
def execute_javascript(code, input_data=""):
"""Execute JavaScript code"""
try:
# Create temporary file
with tempfile.NamedTemporaryFile(mode='w', suffix='.js', delete=False) as f:
# Add input handling if needed
if input_data:
js_code = f"""
const input = `{input_data}`;
const readline = {{ question: () => input }};
{code}
"""
else:
js_code = code
f.write(js_code)
temp_file = f.name
try:
# Execute with Node.js
start_time = time.time()
result = subprocess.run(
['node', temp_file],
input=input_data,
text=True,
capture_output=True,
timeout=10,
cwd=tempfile.gettempdir()
)
execution_time = time.time() - start_time
if result.returncode == 0:
return jsonify({
"success": True,
"output": result.stdout or "Code executed successfully (no output)",
"error": result.stderr if result.stderr else None,
"language": "javascript",
"execution_time": round(execution_time, 3)
})
else:
return jsonify({
"success": False,
"error": result.stderr or f"Runtime error (exit code {result.returncode})",
"language": "javascript"
})
finally:
try:
os.unlink(temp_file)
except:
pass
except subprocess.TimeoutExpired:
return jsonify({
"success": False,
"error": "Code execution timed out"
}), 400
except FileNotFoundError:
return jsonify({
"success": False,
"error": "Node.js not found. Please install Node.js."
}), 500
except Exception as e:
return jsonify({
"success": False,
"error": f"JavaScript execution error: {str(e)}"
}), 500
def execute_cpp(code, input_data=""):
"""Execute C++ code"""
try:
# Create temporary files
temp_dir = tempfile.mkdtemp()
cpp_file = os.path.join(temp_dir, "main.cpp")
exe_file = os.path.join(temp_dir, "main.exe") if os.name == 'nt' else os.path.join(temp_dir, "main")
try:
# Write C++ code to file
with open(cpp_file, 'w') as f:
f.write(code)
# Compile C++ code
compile_cmd = ['g++', '-o', exe_file, cpp_file, '-std=c++17']
compile_result = subprocess.run(
compile_cmd,
capture_output=True,
text=True,
timeout=30,
cwd=temp_dir
)
if compile_result.returncode != 0:
return jsonify({
"success": False,
"error": f"Compilation error:\n{compile_result.stderr}",
"language": "cpp"
})
# Execute compiled program
start_time = time.time()
result = subprocess.run(
[exe_file],
input=input_data,
text=True,
capture_output=True,
timeout=10,
cwd=temp_dir
)
execution_time = time.time() - start_time
if result.returncode == 0:
return jsonify({
"success": True,
"output": result.stdout or "Code executed successfully (no output)",
"error": result.stderr if result.stderr else None,
"language": "cpp",
"execution_time": round(execution_time, 3)
})
else:
return jsonify({
"success": False,
"error": result.stderr or f"Runtime error (exit code {result.returncode})",
"language": "cpp"
})
finally:
# Clean up temp files
import shutil
try:
shutil.rmtree(temp_dir)
except:
pass
except subprocess.TimeoutExpired:
return jsonify({
"success": False,
"error": "Code execution timed out"
}), 400
except FileNotFoundError:
return jsonify({
"success": False,
"error": "G++ compiler not found. Please install GCC/G++."
}), 500
except Exception as e:
return jsonify({
"success": False,
"error": f"C++ execution error: {str(e)}"
}), 500
def execute_c(code, input_data=""):
"""Execute C code"""
try:
# Create temporary files
temp_dir = tempfile.mkdtemp()
c_file = os.path.join(temp_dir, "main.c")
exe_file = os.path.join(temp_dir, "main.exe") if os.name == 'nt' else os.path.join(temp_dir, "main")
try:
# Write C code to file
with open(c_file, 'w') as f:
f.write(code)
# Compile C code
compile_cmd = ['gcc', '-o', exe_file, c_file, '-std=c99']
compile_result = subprocess.run(
compile_cmd,
capture_output=True,
text=True,
timeout=30,
cwd=temp_dir
)
if compile_result.returncode != 0:
return jsonify({
"success": False,
"error": f"Compilation error:\n{compile_result.stderr}",
"language": "c"
})
# Execute compiled program
start_time = time.time()
result = subprocess.run(
[exe_file],
input=input_data,
text=True,
capture_output=True,
timeout=10,
cwd=temp_dir
)
execution_time = time.time() - start_time
if result.returncode == 0:
return jsonify({
"success": True,
"output": result.stdout or "Code executed successfully (no output)",
"error": result.stderr if result.stderr else None,
"language": "c",
"execution_time": round(execution_time, 3)
})
else:
return jsonify({
"success": False,
"error": result.stderr or f"Runtime error (exit code {result.returncode})",
"language": "c"
})
finally:
# Clean up temp files
import shutil
try:
shutil.rmtree(temp_dir)
except:
pass
except subprocess.TimeoutExpired:
return jsonify({
"success": False,
"error": "Code execution timed out"
}), 400
except FileNotFoundError:
return jsonify({
"success": False,
"error": "GCC compiler not found. Please install GCC."
}), 500
except Exception as e:
return jsonify({
"success": False,
"error": f"C execution error: {str(e)}"
}), 500
@bp.route('/languages', methods=['GET', 'OPTIONS'])
def get_supported_languages():
"""Get list of supported programming languages"""
if request.method == "OPTIONS":
response = jsonify({'status': 'ok'})
response.headers.add("Access-Control-Allow-Origin", "*")
response.headers.add("Access-Control-Allow-Headers", "Content-Type,Authorization")
response.headers.add("Access-Control-Allow-Methods", "GET,OPTIONS")
return response
try:
languages = {
"python": {
"name": "Python",
"version": "3.x",
"extension": ".py",
"available": check_language_availability("python3")
},
"java": {
"name": "Java",
"version": "JDK 8+",
"extension": ".java",
"available": check_language_availability("javac")
},
"javascript": {
"name": "JavaScript",
"version": "Node.js",
"extension": ".js",
"available": check_language_availability("node")
},
"cpp": {
"name": "C++",
"version": "GCC/G++",
"extension": ".cpp",
"available": check_language_availability("g++")
},
"c": {
"name": "C",
"version": "GCC",
"extension": ".c",
"available": check_language_availability("gcc")
} }
} response_payload = {
"success": bool(result.get("success")),
return jsonify({ "blocked": bool(result.get("blocked")),
"success": True, "execution_id": result.get("execution_id"),
"languages": languages, "output": (result.get("output") or "")[:4000],
"total": len(languages), "error": result.get("error", ""),
"available_count": sum(1 for lang in languages.values() if lang["available"]) "security_violations": result.get("security_violations", []),
}) "execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"exit_code": result.get("exit_code", 0),
}
db.code_execution_events.insert_one(
{
"timestamp": datetime.utcnow(),
"event_type": "execution",
"source": "compiler",
"language": language,
"execution_id": result.get("execution_id"),
"execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"exit_code": result.get("exit_code", 0),
"status": status,
"blocked": bool(result.get("blocked")),
"security_violations": result.get("security_violations", []),
"error": result.get("error", ""),
"request_body": request_payload,
"response_body": response_payload,
"ip": _client_ip(),
"user_agent": request.headers.get("User-Agent", ""),
}
)
except Exception:
pass
if result.get("blocked"):
_log_security(
"compiler_security_block",
"static_policy_blocked_submission",
severity="warning",
status_code=400,
metadata=log_metadata,
)
return _json_response({"success": False, **result}, 400)
if result.get("error") and not result.get("success", False):
_log_security(
"compiler_execution_failed",
"secure_container_execution_failed",
severity="warning",
status_code=400,
metadata=log_metadata,
)
return _json_response({"success": False, **result}, 400)
_log_security(
"compiler_execution_success",
"secure_container_execution_completed",
severity="info",
status_code=200,
metadata=log_metadata,
)
return _json_response(result, 200)
except Exception as e: except Exception as e:
return jsonify({"success": False, "error": str(e)}), 500 _log_security(
"compiler_internal_error",
"compiler_route_exception",
severity="error",
status_code=500,
metadata={"error": str(e)},
)
return _json_response({"success": False, "error": f"Server error: {str(e)}"}, 500)
@bp.route("/languages", methods=["GET", "OPTIONS"])
def get_supported_languages():
if request.method == "OPTIONS":
return _json_response({"status": "ok"}, 200)
def check_language_availability(command):
"""Check if a language compiler/interpreter is available"""
try: try:
result = subprocess.run([command, '--version'], return _json_response({"success": True, "languages": real_compiler_service.get_supported_languages()}, 200)
capture_output=True, except Exception as e:
timeout=5) return _json_response({"success": False, "error": str(e)}, 500)
return result.returncode == 0
except (FileNotFoundError, subprocess.TimeoutExpired):
return False
@bp.route('/health', methods=['GET'])
@bp.route("/test", methods=["POST", "OPTIONS"])
def compiler_test():
if request.method == "OPTIONS":
return _json_response({"status": "ok"}, 200)
data = request.get_json(silent=True) or {}
language = str(data.get("language", "python")).strip().lower()
smoke_code = {
"python": 'print("ok")',
"javascript": 'console.log("ok")',
"java": "public class Main { public static void main(String[] args){ System.out.println(\"ok\"); } }",
"c": "#include <stdio.h>\nint main(){ printf(\"ok\\n\"); return 0; }",
"cpp": "#include <iostream>\nint main(){ std::cout << \"ok\\n\"; return 0; }",
"go": "package main\nimport \"fmt\"\nfunc main(){ fmt.Println(\"ok\") }",
"rust": "fn main(){ println!(\"ok\"); }",
}
if language not in smoke_code:
return _json_response({"success": False, "error": f"Unsupported language: {language}"}, 400)
result = real_compiler_service.execute_code(smoke_code[language], language, "")
if result.get("success"):
return _json_response(result, 200)
return _json_response({"success": False, **result}, 400)
@bp.route("/health", methods=["GET"])
def compiler_health(): def compiler_health():
"""Health check for compiler service""" docker_ok = real_compiler_service._get_docker_client() is not None and real_compiler_service.docker_available
try: return _json_response(
languages_status = { {
"python": check_language_availability("python3"), "status": "healthy" if docker_ok else "degraded",
"java": check_language_availability("javac"), "timestamp": datetime.utcnow().isoformat(),
"javascript": check_language_availability("node"), "docker_available": docker_ok,
"cpp": check_language_availability("g++"), "secure_execution_only": True,
"c": check_language_availability("gcc") "supported_languages": [l["id"] for l in real_compiler_service.get_supported_languages()],
} },
200 if docker_ok else 503,
available_languages = sum(languages_status.values()) )
total_languages = len(languages_status)
status = "healthy" if available_languages > 0 else "unavailable"
return jsonify({
"status": status,
"timestamp": datetime.now().isoformat(),
"languages": languages_status,
"available_languages": available_languages,
"total_languages": total_languages,
"docker_available": check_docker_availability()
})
except Exception as e:
return jsonify({
"status": "error",
"error": str(e),
"timestamp": datetime.now().isoformat()
}), 500
def check_docker_availability():
"""Check if Docker is available for containerized execution"""
try:
client = docker.from_env()
client.ping()
return True
except:
return False
backend/services/real_compiler_service.py
+423 -228
View File
@@ -1,117 +1,198 @@
import docker import ast
import tempfile
import os import os
import subprocess import queue
import re
import tempfile
import threading
import time import time
import uuid import uuid
import json
import threading
from typing import Dict, List, Any, Optional
from datetime import datetime from datetime import datetime
import queue from typing import Any, Dict, List, Optional, Tuple
import signal
import docker
class RealCompilerService: class RealCompilerService:
def __init__(self): def __init__(self):
self.client = None # Lazy initialization self.client = None
self.execution_queue = queue.Queue() self.execution_queue = queue.Queue()
self.active_executions = {} self.active_executions: Dict[str, Dict[str, Any]] = {}
self.max_concurrent_executions = 5 self.max_code_size = 20000
self.docker_available = False self.docker_available = False
# Enhanced language configurations with real execution # Docker is mandatory for secure execution.
self.language_configs = { self.language_configs = {
'python': { "python": {
'image': 'python:3.11-slim', "image": "python:3.11-alpine",
'file_ext': '.py', "file_name": "code.py",
'compile_command': None, # Python doesn't need compilation "compile_command": None,
'run_command': 'python /app/code.py', "run_command": "python /workspace/code.py",
'timeout': 30, "timeout": 8,
'memory_limit': '256m', "memory_limit": "128m",
'cpu_limit': '0.5' "cpu_limit": 0.35,
}, },
'java': { "javascript": {
'image': 'openjdk:17-alpine', "image": "node:20-alpine",
'file_ext': '.java', "file_name": "code.js",
'compile_command': 'javac /app/Main.java', "compile_command": None,
'run_command': 'java -cp /app Main', "run_command": "node /workspace/code.js",
'timeout': 30, "timeout": 8,
'memory_limit': '512m', "memory_limit": "128m",
'cpu_limit': '0.5' "cpu_limit": 0.35,
}, },
'cpp': { "c": {
'image': 'gcc:latest', "image": "gcc:13",
'file_ext': '.cpp', "file_name": "code.c",
'compile_command': 'g++ -o /app/program /app/code.cpp -std=c++17', "compile_command": "gcc -O2 -o /workspace/program /workspace/code.c",
'run_command': '/app/program', "run_command": "/workspace/program",
'timeout': 30, "timeout": 10,
'memory_limit': '256m', "memory_limit": "192m",
'cpu_limit': '0.5' "cpu_limit": 0.5,
}, },
'c': { "cpp": {
'image': 'gcc:latest', "image": "gcc:13",
'file_ext': '.c', "file_name": "code.cpp",
'compile_command': 'gcc -o /app/program /app/code.c', "compile_command": "g++ -O2 -std=c++17 -o /workspace/program /workspace/code.cpp",
'run_command': '/app/program', "run_command": "/workspace/program",
'timeout': 30, "timeout": 10,
'memory_limit': '256m', "memory_limit": "256m",
'cpu_limit': '0.5' "cpu_limit": 0.5,
}, },
'javascript': { "java": {
'image': 'node:18-alpine', "image": "openjdk:17-alpine",
'file_ext': '.js', "file_name": "Main.java",
'compile_command': None, "compile_command": "javac /workspace/Main.java",
'run_command': 'node /app/code.js', "run_command": "java -cp /workspace Main",
'timeout': 30, "timeout": 12,
'memory_limit': '256m', "memory_limit": "256m",
'cpu_limit': '0.5' "cpu_limit": 0.5,
}, },
'bash': { "go": {
'image': 'bash:5.2-alpine3.18', "image": "golang:1.22-alpine",
'file_ext': '.sh', "file_name": "code.go",
'compile_command': None, "compile_command": "go build -o /workspace/program /workspace/code.go",
'run_command': 'bash /app/code.sh', "run_command": "/workspace/program",
'timeout': 30, "timeout": 14,
'memory_limit': '128m', "memory_limit": "256m",
'cpu_limit': '0.3' "cpu_limit": 0.6,
}, },
'go': { "rust": {
'image': 'golang:1.21-alpine', "image": "rust:1.77-alpine",
'file_ext': '.go', "file_name": "code.rs",
'compile_command': 'go build -o /app/program /app/code.go', "compile_command": "rustc /workspace/code.rs -o /workspace/program",
'run_command': '/app/program', "run_command": "/workspace/program",
'timeout': 30, "timeout": 20,
'memory_limit': '512m', "memory_limit": "512m",
'cpu_limit': '0.5' "cpu_limit": 0.8,
}, },
'rust': {
'image': 'rust:1.75-alpine',
'file_ext': '.rs',
'compile_command': 'rustc /app/code.rs -o /app/program',
'run_command': '/app/program',
'timeout': 60, # Rust compilation can be slow
'memory_limit': '1g',
'cpu_limit': '1.0'
}
} }
# Start execution worker self.blocked_python_modules = {
"os",
"socket",
"subprocess",
"pty",
"multiprocessing",
"ctypes",
"resource",
"pwd",
"grp",
"signal",
"fcntl",
"selectors",
"pathlib",
"shutil",
}
self.blocked_python_calls = {
"eval",
"exec",
"compile",
"__import__",
"open",
"input",
"globals",
"locals",
"vars",
"getattr",
"setattr",
"delattr",
}
self.blocked_python_attrs = {
"fork",
"forkpty",
"spawn",
"spawnl",
"spawnlp",
"spawnv",
"spawnvp",
"system",
"popen",
"execl",
"execle",
"execlp",
"execv",
"execve",
"execvp",
"setsid",
"dup2",
}
self.blocked_patterns = {
"javascript": [
r"require\s*\(\s*['\"]child_process['\"]\s*\)",
r"require\s*\(\s*['\"]net['\"]\s*\)",
r"require\s*\(\s*['\"]dgram['\"]\s*\)",
r"process\.env",
r"process\.binding",
r"fs\.readFile|fs\.writeFile|fs\.open|fs\.create",
],
"java": [
r"Runtime\.getRuntime\s*\(",
r"ProcessBuilder\s*\(",
r"java\.net\.",
r"java\.nio\.file\.",
r"System\.getenv\s*\(",
],
"c": [
r"\bsystem\s*\(",
r"\bpopen\s*\(",
r"\bfork\s*\(",
r"\bexec[a-z]*\s*\(",
r"\bsocket\s*\(",
],
"cpp": [
r"\bsystem\s*\(",
r"\bpopen\s*\(",
r"\bfork\s*\(",
r"\bexec[a-z]*\s*\(",
r"\bsocket\s*\(",
],
"go": [
r"\bexec\.Command\s*\(",
r"\bnet\.",
r"\bos\.StartProcess\s*\(",
r"\bos\.Exec\s*\(",
],
"rust": [
r"std::process::Command",
r"std::net::",
r"unsafe\s*\{",
],
}
self.start_execution_worker() self.start_execution_worker()
def _get_docker_client(self): def _get_docker_client(self):
"""Lazily initialize Docker client"""
if self.client is None: if self.client is None:
try: try:
self.client = docker.from_env() self.client = docker.from_env()
self.client.ping()
self.docker_available = True self.docker_available = True
except Exception as e: except Exception:
print(f"⚠️ Docker initialization failed: {e}")
self.docker_available = False self.docker_available = False
self.client = None self.client = None
return self.client return self.client
def start_execution_worker(self): def start_execution_worker(self):
"""Start background worker for code execution"""
def worker(): def worker():
while True: while True:
try: try:
@@ -122,212 +203,326 @@ class RealCompilerService:
continue continue
except Exception as e: except Exception as e:
print(f"Execution worker error: {e}") print(f"Execution worker error: {e}")
worker_thread = threading.Thread(target=worker, daemon=True) worker_thread = threading.Thread(target=worker, daemon=True)
worker_thread.start() worker_thread.start()
def execute_code(self, code: str, language: str, input_data: str = "", def _execute_task(self, _execution_task):
execution_id: str = None) -> Dict[str, Any]: # Queue worker placeholder kept for backward compatibility.
"""Execute code with real output capture""" return None
def execute_code(self, code: str, language: str, input_data: str = "", execution_id: str = None) -> Dict[str, Any]:
language = (language or "").lower().strip()
if language == "js":
language = "javascript"
if language == "c++":
language = "cpp"
if language not in self.language_configs: if language not in self.language_configs:
return {"error": f"Language '{language}' not supported"} return {"error": f"Language '{language}' not supported"}
if not execution_id: if not execution_id:
execution_id = str(uuid.uuid4()) execution_id = str(uuid.uuid4())
config = self.language_configs[language] if not code or not code.strip():
return {"error": "No code provided", "execution_id": execution_id, "language": language}
try:
# Create execution context if len(code) > self.max_code_size:
execution_context = { return {
'execution_id': execution_id, "error": f"Code too large. Maximum size is {self.max_code_size} characters.",
'code': code, "execution_id": execution_id,
'language': language, "language": language,
'input_data': input_data, "blocked": True,
'config': config,
'start_time': datetime.now(),
'status': 'running'
} }
ok, violations = self._validate_code_static(code, language)
if not ok:
return {
"error": "Code rejected by security policy",
"execution_id": execution_id,
"language": language,
"blocked": True,
"security_violations": violations,
}
config = self.language_configs[language]
execution_context = {
"execution_id": execution_id,
"code": code,
"language": language,
"input_data": input_data or "",
"config": config,
"start_time": datetime.utcnow(),
"status": "running",
}
try:
self.active_executions[execution_id] = execution_context self.active_executions[execution_id] = execution_context
# Execute in Docker container
result = self._execute_in_container(execution_context) result = self._execute_in_container(execution_context)
execution_context["status"] = "completed"
# Update execution context execution_context["end_time"] = datetime.utcnow()
execution_context['status'] = 'completed' execution_context["result"] = result
execution_context['end_time'] = datetime.now()
execution_context['result'] = result if result.get("error"):
return {
"success": False,
"execution_id": execution_id,
"output": result.get("output", ""),
"error": result.get("error", ""),
"execution_time": result.get("execution_time", 0),
"memory_used": result.get("memory_used", 0),
"exit_code": result.get("exit_code", -1),
"language": language,
"timestamp": datetime.utcnow().isoformat(),
}
return { return {
"success": True, "success": True,
"execution_id": execution_id, "execution_id": execution_id,
"output": result.get('output', ''), "output": result.get("output", ""),
"error": result.get('error', ''), "error": "",
"execution_time": result.get('execution_time', 0), "execution_time": result.get("execution_time", 0),
"memory_used": result.get('memory_used', 0), "memory_used": result.get("memory_used", 0),
"exit_code": result.get('exit_code', 0), "exit_code": result.get("exit_code", 0),
"language": language, "language": language,
"timestamp": datetime.now().isoformat() "timestamp": datetime.utcnow().isoformat(),
} }
except Exception as e: except Exception as e:
return { return {
"error": f"Execution failed: {str(e)}", "error": f"Execution failed: {str(e)}",
"execution_id": execution_id, "execution_id": execution_id,
"language": language "language": language,
} }
finally: finally:
# Clean up self.active_executions.pop(execution_id, None)
if execution_id in self.active_executions:
del self.active_executions[execution_id]
def _execute_in_container(self, context: Dict) -> Dict[str, Any]: def _validate_code_static(self, code: str, language: str) -> Tuple[bool, List[str]]:
"""Execute code in secure Docker container""" violations: List[str] = []
code = context['code']
language = context['language'] # Generic payload patterns often used for sandbox escape and exfiltration.
input_data = context['input_data'] generic_patterns = [
config = context['config'] r"/bin/sh",
r"/bin/bash",
# Check Docker availability r"nc\s+-l|nc\s+-e",
r"reverse\s*shell",
r"bash\s+-i",
r"wget\s+http|curl\s+http",
]
for pattern in generic_patterns:
if re.search(pattern, code, flags=re.IGNORECASE):
violations.append(f"Blocked high-risk pattern: {pattern}")
if language == "python":
try:
tree = ast.parse(code)
except SyntaxError as e:
return False, [f"Python syntax error: {e}"]
for node in ast.walk(tree):
if isinstance(node, ast.Import):
for alias in node.names:
base = alias.name.split(".")[0]
if base in self.blocked_python_modules:
violations.append(f"Blocked module import: {base}")
if isinstance(node, ast.ImportFrom):
if node.module:
base = node.module.split(".")[0]
if base in self.blocked_python_modules:
violations.append(f"Blocked module import: {base}")
if isinstance(node, ast.Call):
fn = node.func
if isinstance(fn, ast.Name) and fn.id in self.blocked_python_calls:
violations.append(f"Blocked function call: {fn.id}")
if isinstance(fn, ast.Attribute) and fn.attr in self.blocked_python_attrs:
violations.append(f"Blocked dangerous call: {fn.attr}")
for pattern in self.blocked_patterns.get(language, []):
if re.search(pattern, code, flags=re.IGNORECASE | re.MULTILINE):
violations.append(f"Blocked pattern for {language}: {pattern}")
return len(violations) == 0, violations
def _execute_in_container(self, context: Dict[str, Any]) -> Dict[str, Any]:
docker_client = self._get_docker_client() docker_client = self._get_docker_client()
if docker_client is None or not self.docker_available: if docker_client is None or not self.docker_available:
return { return {
"output": "", "output": "",
"error": "Docker service is not available. Compiler service cannot execute code.", "error": "Docker service is not available. Secure execution requires Docker.",
"exit_code": -1, "exit_code": -1,
"execution_time": 0, "execution_time": 0,
"memory_used": 0 "memory_used": 0,
} }
with tempfile.TemporaryDirectory() as temp_dir: code = context["code"]
# Prepare code file language = context["language"]
filename = f"code{config['file_ext']}" if language != 'java' else "Main.java" input_data = context["input_data"]
file_path = os.path.join(temp_dir, filename) config = context["config"]
with open(file_path, 'w', encoding='utf-8') as f: with tempfile.TemporaryDirectory(prefix="openlearnx_exec_") as temp_dir:
os.chmod(temp_dir, 0o755)
code_path = os.path.join(temp_dir, config["file_name"])
with open(code_path, "w", encoding="utf-8") as f:
f.write(code) f.write(code)
os.chmod(code_path, 0o644)
# Prepare input file
input_file = os.path.join(temp_dir, 'input.txt') input_path = os.path.join(temp_dir, "input.txt")
with open(input_file, 'w', encoding='utf-8') as f: with open(input_path, "w", encoding="utf-8") as f:
f.write(input_data) f.write(input_data)
os.chmod(input_path, 0o644)
container = None
start = time.time()
try: try:
start_time = time.time() cpu_quota = int(float(config["cpu_limit"]) * 100000)
# Create and run container
container = docker_client.containers.run( container = docker_client.containers.run(
config['image'], config["image"],
command=self._build_execution_command(config, filename), command=self._build_execution_command(config),
volumes={temp_dir: {'bind': '/app', 'mode': 'rw'}}, volumes={temp_dir: {"bind": "/workspace", "mode": "rw"}},
working_dir='/app', working_dir="/workspace",
mem_limit=config['memory_limit'], mem_limit=config["memory_limit"],
memswap_limit=config["memory_limit"],
cpu_period=100000, cpu_period=100000,
cpu_quota=int(float(config['cpu_limit']) * 100000), cpu_quota=cpu_quota,
network_mode='none', # No network access pids_limit=64,
remove=True, network_mode="none",
detach=False, detach=True,
stdin_open=True, stdin_open=False,
tty=False, tty=False,
timeout=config['timeout'], cap_drop=["ALL"],
# Security options security_opt=["no-new-privileges:true"],
cap_drop=['ALL'], read_only=True,
security_opt=['no-new-privileges'], user="65534:65534",
read_only=False, tmpfs={
tmpfs={'/tmp': 'rw,noexec,nosuid,size=100m'} "/tmp": "rw,noexec,nosuid,size=64m",
},
labels={
"openlearnx.sandbox": "true",
"openlearnx.execution_id": context["execution_id"],
},
) )
execution_time = time.time() - start_time wait_result = container.wait(timeout=config["timeout"] + 2)
output = container.decode('utf-8') logs = container.logs(stdout=True, stderr=True).decode("utf-8", errors="replace")
status_code = int(wait_result.get("StatusCode", -1))
execution_time = round(time.time() - start, 3)
memory_used = self._get_memory_usage(container)
if status_code != 0:
return {
"output": "",
"error": self._sanitize_error_output(language, logs.strip() or f"Runtime exited with code {status_code}"),
"exit_code": status_code,
"execution_time": execution_time,
"memory_used": memory_used,
}
return { return {
"output": output.strip(), "output": logs.strip(),
"error": "", "error": "",
"exit_code": 0, "exit_code": 0,
"execution_time": round(execution_time, 3), "execution_time": execution_time,
"memory_used": self._get_memory_usage(container) "memory_used": memory_used,
}
except docker.errors.ContainerError as e:
return {
"output": "",
"error": f"Runtime error (exit code {e.exit_status}): {e.stderr.decode('utf-8') if e.stderr else 'Unknown error'}",
"exit_code": e.exit_status,
"execution_time": time.time() - start_time,
"memory_used": 0
}
except docker.errors.APIError as e:
return {
"output": "",
"error": f"Docker API error: {str(e)}",
"exit_code": -1,
"execution_time": 0,
"memory_used": 0
}
except Exception as e:
return {
"output": "",
"error": f"Execution error: {str(e)}",
"exit_code": -1,
"execution_time": 0,
"memory_used": 0
} }
def _build_execution_command(self, config: Dict, filename: str) -> str: except Exception as e:
"""Build the execution command for the container""" if container is not None:
commands = [] try:
container.kill()
# Add compilation step if needed except Exception:
if config.get('compile_command'): pass
commands.append(config['compile_command']) return {
"output": "",
# Add execution command with input redirection "error": self._sanitize_error_output(language, f"Execution failed or timed out: {str(e)}"),
run_cmd = config['run_command'] "exit_code": -1,
if '<' not in run_cmd: # Add input redirection if not present "execution_time": round(time.time() - start, 3),
run_cmd += ' < /app/input.txt 2>&1' "memory_used": 0,
commands.append(run_cmd) }
finally:
# Combine commands if container is not None:
return f"sh -c '{' && '.join(commands)}'" try:
container.remove(force=True)
except Exception:
pass
def _sanitize_error_output(self, language: str, raw_error: str) -> str:
if not raw_error:
return "Runtime error"
text = str(raw_error)
# Avoid leaking container-internal paths.
text = re.sub(r"/workspace/", "", text)
lines = [line.rstrip() for line in text.splitlines() if line.strip()]
if language == "python":
cleaned: List[str] = []
for line in lines:
stripped = line.strip()
if stripped.startswith("Traceback"):
continue
if stripped.startswith("File "):
continue
if stripped.startswith("^"):
continue
cleaned.append(stripped)
for line in reversed(cleaned):
if "Error" in line or "Exception" in line:
return line
if cleaned:
return cleaned[-1]
return "Python runtime error"
# Keep non-python errors concise.
tail = lines[-3:] if len(lines) > 3 else lines
sanitized = "\n".join(tail).strip()
return sanitized or "Runtime error"
def _build_execution_command(self, config: Dict[str, Any]) -> str:
commands: List[str] = []
if config.get("compile_command"):
commands.append(config["compile_command"])
run_cmd = config["run_command"]
if "< /workspace/input.txt" not in run_cmd:
run_cmd = f"{run_cmd} < /workspace/input.txt"
# ulimit adds an additional in-container CPU-time and file-size restriction.
shell_cmd = " && ".join(commands + [run_cmd])
return f"sh -c 'ulimit -t {config['timeout']} -f 1024; {shell_cmd} 2>&1'"
def _get_memory_usage(self, container) -> int: def _get_memory_usage(self, container) -> int:
"""Get memory usage from container stats"""
try: try:
stats = container.stats(stream=False) stats = container.stats(stream=False)
memory_usage = stats['memory']['usage'] return int(stats.get("memory_stats", {}).get("usage", 0))
return memory_usage except Exception:
except:
return 0 return 0
def get_supported_languages(self) -> List[Dict[str, str]]: def get_supported_languages(self) -> List[Dict[str, str]]:
"""Get list of supported languages with details"""
return [ return [
{ {
'id': lang_id, "id": lang_id,
'name': lang_id.title(), "name": lang_id.title(),
'extension': config['file_ext'], "extension": os.path.splitext(config["file_name"])[1],
'timeout': config['timeout'], "timeout": config["timeout"],
'memory_limit': config['memory_limit'] "memory_limit": config["memory_limit"],
} }
for lang_id, config in self.language_configs.items() for lang_id, config in self.language_configs.items()
] ]
def get_execution_status(self, execution_id: str) -> Optional[Dict]: def get_execution_status(self, execution_id: str) -> Optional[Dict[str, Any]]:
"""Get status of a running execution"""
return self.active_executions.get(execution_id) return self.active_executions.get(execution_id)
def cancel_execution(self, execution_id: str) -> bool: def cancel_execution(self, execution_id: str) -> bool:
"""Cancel a running execution"""
if execution_id in self.active_executions: if execution_id in self.active_executions:
# Implementation would involve stopping the Docker container
del self.active_executions[execution_id] del self.active_executions[execution_id]
return True return True
return False return False
# Create global instance
try: try:
real_compiler_service = RealCompilerService() real_compiler_service = RealCompilerService()
except Exception as e: except Exception as e:
print(f"⚠️ Failed to initialize RealCompilerService: {e}") print(f"WARNING: Failed to initialize RealCompilerService: {e}")
real_compiler_service = RealCompilerService() # Still create instance for graceful fallback real_compiler_service = RealCompilerService()
frontend/.npmignore
+10
View File
@@ -0,0 +1,10 @@
.next
node_modules
.env*
*.log
coverage
.git
.github
.vscode
.npmrc
pnpm-lock.yaml
frontend/.npmrc
+2
View File
@@ -0,0 +1,2 @@
@th30d4y:registry=https://npm.pkg.github.com
//npm.pkg.github.com/:_authToken=${GITHUB_TOKEN}
frontend/README.md
+31
View File
@@ -0,0 +1,31 @@
# OpenLearnX
OpenLearnX is an AI-powered learning platform with adaptive quizzes, coding practice, course tracking, and dashboard analytics.
## Install
```bash
npm i openlearnx
```
## Project
This package contains the OpenLearnX frontend (Next.js).
## Quick Start (development)
```bash
npm install
npm run dev
```
## Build
```bash
npm run build
npm start
```
## Repository
https://github.com/th30d4y/OpenLearnX
frontend/app/admin/logs/page.tsx
+273 -7
View File
@@ -23,6 +23,24 @@ type AdminLog = {
origin?: string origin?: string
} }
type ExecutionLog = {
id: string
timestamp: string
source?: string
language: string
execution_id?: string
status: string
exit_code?: number
execution_time?: number
memory_used?: number
blocked?: boolean
error?: string
ip?: string
request_body?: unknown
response_body?: unknown
user_agent?: string
}
const API_BASE = "http://127.0.0.1:5000" const API_BASE = "http://127.0.0.1:5000"
export default function AdminLogsPage() { export default function AdminLogsPage() {
@@ -31,8 +49,11 @@ export default function AdminLogsPage() {
const [loading, setLoading] = useState(false) const [loading, setLoading] = useState(false)
const [exporting, setExporting] = useState(false) const [exporting, setExporting] = useState(false)
const [message, setMessage] = useState("") const [message, setMessage] = useState("")
const [logView, setLogView] = useState<"security" | "execution">("security")
const [logs, setLogs] = useState<AdminLog[]>([]) const [logs, setLogs] = useState<AdminLog[]>([])
const [executionLogs, setExecutionLogs] = useState<ExecutionLog[]>([])
const [selectedLog, setSelectedLog] = useState<AdminLog | null>(null) const [selectedLog, setSelectedLog] = useState<AdminLog | null>(null)
const [selectedExecutionLog, setSelectedExecutionLog] = useState<ExecutionLog | null>(null)
const safeJson = (value: unknown) => { const safeJson = (value: unknown) => {
if (value === null || value === undefined || value === "") return "No data" if (value === null || value === undefined || value === "") return "No data"
@@ -89,6 +110,12 @@ export default function AdminLogsPage() {
search: "", search: "",
}) })
const [pagination, setPagination] = useState({ page: 1, limit: 50, total: 0, pages: 1 }) const [pagination, setPagination] = useState({ page: 1, limit: 50, total: 0, pages: 1 })
const [executionFilters, setExecutionFilters] = useState({
language: "",
status: "",
search: "",
})
const [executionPagination, setExecutionPagination] = useState({ page: 1, limit: 50, total: 0, pages: 1 })
const getToken = () => localStorage.getItem("admin_token") const getToken = () => localStorage.getItem("admin_token")
const headers = () => { const headers = () => {
@@ -142,6 +169,34 @@ export default function AdminLogsPage() {
} }
} }
const fetchExecutionLogs = async (page = 1, nextFilters = executionFilters) => {
setLoading(true)
setMessage("")
const params = new URLSearchParams()
params.set("page", String(page))
params.set("limit", String(executionPagination.limit))
if (nextFilters.language) params.set("language", nextFilters.language)
if (nextFilters.status) params.set("status", nextFilters.status)
if (nextFilters.search) params.set("search", nextFilters.search)
try {
const resp = await fetch(`${API_BASE}/api/admin/logs/executions?${params.toString()}`, { headers: headers() })
if (resp.ok) {
const data = await resp.json()
setExecutionLogs(Array.isArray(data.logs) ? data.logs : [])
if (data.pagination) {
setExecutionPagination(data.pagination)
}
} else {
setExecutionLogs([])
}
} catch {
setExecutionLogs([])
} finally {
setLoading(false)
}
}
const triggerDownload = (content: string, filename: string, mimeType: string) => { const triggerDownload = (content: string, filename: string, mimeType: string) => {
const blob = new Blob([content], { type: mimeType }) const blob = new Blob([content], { type: mimeType })
const url = URL.createObjectURL(blob) const url = URL.createObjectURL(blob)
@@ -212,11 +267,37 @@ export default function AdminLogsPage() {
return ( return (
<div className="space-y-6"> <div className="space-y-6">
<div className="rounded-xl border border-gray-200 bg-white p-6 shadow-sm dark:border-gray-800 dark:bg-gray-900"> <div className="rounded-xl border border-gray-200 bg-white p-6 shadow-sm dark:border-gray-800 dark:bg-gray-900">
<h1 className="text-2xl font-semibold text-gray-900 dark:text-white">Security and Activity Logs</h1> <h1 className="text-2xl font-semibold text-gray-900 dark:text-white">Admin Logs</h1>
<p className="mt-1 text-sm text-gray-600 dark:text-gray-400"> <p className="mt-1 text-sm text-gray-600 dark:text-gray-400">
Filter authentication, access-control, suspicious payload, and admin activity events. Switch between security/activity logs and a separate execution log stream.
</p> </p>
<div className="mt-4 flex flex-wrap gap-2"> <div className="mt-4 flex flex-wrap gap-2">
<button
onClick={() => {
setLogView("security")
setSelectedLog(null)
setSelectedExecutionLog(null)
fetchLogs(1)
}}
className={`rounded-md px-3 py-2 text-sm font-medium ${logView === "security" ? "bg-blue-600 text-white" : "bg-gray-200 text-gray-900 dark:bg-gray-700 dark:text-gray-100"}`}
>
Security and Activity
</button>
<button
onClick={() => {
setLogView("execution")
setSelectedLog(null)
setSelectedExecutionLog(null)
fetchExecutionLogs(1)
}}
className={`rounded-md px-3 py-2 text-sm font-medium ${logView === "execution" ? "bg-blue-600 text-white" : "bg-gray-200 text-gray-900 dark:bg-gray-700 dark:text-gray-100"}`}
>
Execution Logs
</button>
</div>
<div className="mt-3 flex flex-wrap gap-2">
{logView === "security" ? (
<>
<button <button
onClick={() => exportLogs("json")} onClick={() => exportLogs("json")}
disabled={exporting} disabled={exporting}
@@ -231,11 +312,14 @@ export default function AdminLogsPage() {
> >
Export Logs CSV Export Logs CSV
</button> </button>
</>
) : null}
</div> </div>
{message ? <p className="mt-2 text-sm text-gray-700 dark:text-gray-200">{message}</p> : null} {message ? <p className="mt-2 text-sm text-gray-700 dark:text-gray-200">{message}</p> : null}
</div> </div>
<div className="rounded-xl border border-gray-200 bg-white shadow-sm dark:border-gray-800 dark:bg-gray-900"> <div className="rounded-xl border border-gray-200 bg-white shadow-sm dark:border-gray-800 dark:bg-gray-900">
{logView === "security" ? (
<div className="grid grid-cols-1 gap-3 border-b border-gray-100 p-4 md:grid-cols-6 dark:border-gray-800"> <div className="grid grid-cols-1 gap-3 border-b border-gray-100 p-4 md:grid-cols-6 dark:border-gray-800">
<input <input
placeholder="Search action, path, IP" placeholder="Search action, path, IP"
@@ -293,8 +377,61 @@ export default function AdminLogsPage() {
</button> </button>
</div> </div>
</div> </div>
) : (
<div className="grid grid-cols-1 gap-3 border-b border-gray-100 p-4 md:grid-cols-5 dark:border-gray-800">
<input
placeholder="Search execution id, source, IP"
value={executionFilters.search}
onChange={(e) => setExecutionFilters({ ...executionFilters, search: e.target.value })}
className="md:col-span-2 rounded-md border border-gray-300 px-3 py-2 text-sm dark:border-gray-700 dark:bg-gray-800"
/>
<select
value={executionFilters.language}
onChange={(e) => setExecutionFilters({ ...executionFilters, language: e.target.value })}
className="rounded-md border border-gray-300 px-3 py-2 text-sm dark:border-gray-700 dark:bg-gray-800"
>
<option value="">All Languages</option>
<option value="python">Python</option>
<option value="javascript">JavaScript</option>
<option value="c">C</option>
<option value="cpp">C++</option>
<option value="java">Java</option>
<option value="go">Go</option>
<option value="rust">Rust</option>
</select>
<select
value={executionFilters.status}
onChange={(e) => setExecutionFilters({ ...executionFilters, status: e.target.value })}
className="rounded-md border border-gray-300 px-3 py-2 text-sm dark:border-gray-700 dark:bg-gray-800"
>
<option value="">All Status</option>
<option value="success">Success</option>
<option value="failed">Failed</option>
<option value="blocked">Blocked</option>
</select>
<div className="flex gap-2">
<button
onClick={() => fetchExecutionLogs(1)}
className="w-full rounded-md bg-blue-600 px-3 py-2 text-sm font-medium text-white hover:bg-blue-700"
>
Apply
</button>
<button
onClick={() => {
const reset = { language: "", status: "", search: "" }
setExecutionFilters(reset)
fetchExecutionLogs(1, reset)
}}
className="w-full rounded-md bg-gray-200 px-3 py-2 text-sm font-medium text-gray-900 hover:bg-gray-300 dark:bg-gray-700 dark:text-gray-100"
>
Clear
</button>
</div>
</div>
)}
<div className="overflow-x-auto"> <div className="overflow-x-auto">
{logView === "security" ? (
<table className="min-w-full divide-y divide-gray-200 dark:divide-gray-800"> <table className="min-w-full divide-y divide-gray-200 dark:divide-gray-800">
<thead className="bg-gray-50 dark:bg-gray-800/50"> <thead className="bg-gray-50 dark:bg-gray-800/50">
<tr> <tr>
@@ -338,23 +475,76 @@ export default function AdminLogsPage() {
)} )}
</tbody> </tbody>
</table> </table>
) : (
<table className="min-w-full divide-y divide-gray-200 dark:divide-gray-800">
<thead className="bg-gray-50 dark:bg-gray-800/50">
<tr>
<th className="px-4 py-2 text-left text-xs font-medium uppercase text-gray-500">Time</th>
<th className="px-4 py-2 text-left text-xs font-medium uppercase text-gray-500">Source</th>
<th className="px-4 py-2 text-left text-xs font-medium uppercase text-gray-500">Language</th>
<th className="px-4 py-2 text-left text-xs font-medium uppercase text-gray-500">Execution ID</th>
<th className="px-4 py-2 text-left text-xs font-medium uppercase text-gray-500">Status</th>
<th className="px-4 py-2 text-left text-xs font-medium uppercase text-gray-500">Time (s)</th>
</tr>
</thead>
<tbody className="divide-y divide-gray-100 dark:divide-gray-800">
{loading ? (
<tr>
<td className="px-4 py-4 text-sm text-gray-600" colSpan={6}>Loading execution logs...</td>
</tr>
) : executionLogs.length === 0 ? (
<tr>
<td className="px-4 py-4 text-sm text-gray-500" colSpan={6}>No execution logs found for selected filters.</td>
</tr>
) : (
executionLogs.map((log) => (
<tr
key={log.id}
onClick={() => setSelectedExecutionLog(log)}
className="cursor-pointer hover:bg-blue-50 dark:hover:bg-gray-800/60"
title="Click to view execution request and response details"
>
<td className="px-4 py-3 text-xs text-gray-700 dark:text-gray-300">{new Date(log.timestamp).toLocaleString()}</td>
<td className="px-4 py-3 text-xs text-gray-700 dark:text-gray-300">{log.source || "compiler"}</td>
<td className="px-4 py-3 text-xs text-gray-700 dark:text-gray-300">{log.language}</td>
<td className="px-4 py-3 text-xs text-gray-700 dark:text-gray-300">{log.execution_id || "-"}</td>
<td className="px-4 py-3 text-xs">
<span className={`rounded px-2 py-1 ${log.status === "success" ? "bg-green-100 text-green-700" : log.status === "blocked" ? "bg-amber-100 text-amber-700" : "bg-red-100 text-red-700"}`}>
{log.status}
</span>
</td>
<td className="px-4 py-3 text-xs text-gray-700 dark:text-gray-300">{typeof log.execution_time === "number" ? log.execution_time.toFixed(3) : "0.000"}</td>
</tr>
))
)}
</tbody>
</table>
)}
</div> </div>
<div className="flex items-center justify-between border-t border-gray-100 px-4 py-3 text-sm text-gray-600 dark:border-gray-800 dark:text-gray-300"> <div className="flex items-center justify-between border-t border-gray-100 px-4 py-3 text-sm text-gray-600 dark:border-gray-800 dark:text-gray-300">
<span> <span>
Page {pagination.page} of {pagination.pages} Total {pagination.total} {logView === "security"
? `Page ${pagination.page} of ${pagination.pages} • Total ${pagination.total}`
: `Page ${executionPagination.page} of ${executionPagination.pages} • Total ${executionPagination.total}`}
</span> </span>
<div className="flex gap-2"> <div className="flex gap-2">
<button <button
onClick={() => fetchLogs(Math.max(1, pagination.page - 1))} onClick={() => {
disabled={pagination.page <= 1} if (logView === "security") fetchLogs(Math.max(1, pagination.page - 1))
else fetchExecutionLogs(Math.max(1, executionPagination.page - 1))
}}
disabled={logView === "security" ? pagination.page <= 1 : executionPagination.page <= 1}
className="rounded bg-gray-100 px-3 py-1.5 disabled:opacity-50 dark:bg-gray-800" className="rounded bg-gray-100 px-3 py-1.5 disabled:opacity-50 dark:bg-gray-800"
> >
Previous Previous
</button> </button>
<button <button
onClick={() => fetchLogs(Math.min(pagination.pages, pagination.page + 1))} onClick={() => {
disabled={pagination.page >= pagination.pages} if (logView === "security") fetchLogs(Math.min(pagination.pages, pagination.page + 1))
else fetchExecutionLogs(Math.min(executionPagination.pages, executionPagination.page + 1))
}}
disabled={logView === "security" ? pagination.page >= pagination.pages : executionPagination.page >= executionPagination.pages}
className="rounded bg-gray-100 px-3 py-1.5 disabled:opacity-50 dark:bg-gray-800" className="rounded bg-gray-100 px-3 py-1.5 disabled:opacity-50 dark:bg-gray-800"
> >
Next Next
@@ -462,6 +652,82 @@ export default function AdminLogsPage() {
</div> </div>
</div> </div>
) : null} ) : null}
{selectedExecutionLog ? (
<div className="fixed inset-0 z-50 flex items-center justify-center bg-black/50 p-4">
<div className="w-full max-w-4xl rounded-xl border border-gray-200 bg-white shadow-xl dark:border-gray-800 dark:bg-gray-900">
<div className="flex items-center justify-between border-b border-gray-100 p-4 dark:border-gray-800">
<h2 className="text-lg font-semibold text-gray-900 dark:text-white">Execution Request and Response Details</h2>
<button
onClick={() => setSelectedExecutionLog(null)}
className="rounded-md bg-gray-200 px-3 py-1.5 text-sm text-gray-900 hover:bg-gray-300 dark:bg-gray-700 dark:text-gray-100"
>
Close
</button>
</div>
<div className="max-h-[75vh] space-y-4 overflow-auto p-4">
<div className="grid grid-cols-1 gap-3 md:grid-cols-2">
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<p className="text-xs font-semibold uppercase text-gray-500">Source</p>
<p className="mt-1 text-sm text-gray-900 dark:text-white">{selectedExecutionLog.source || "compiler"}</p>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<p className="text-xs font-semibold uppercase text-gray-500">Language</p>
<p className="mt-1 text-sm text-gray-900 dark:text-white">{selectedExecutionLog.language}</p>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<p className="text-xs font-semibold uppercase text-gray-500">Execution ID</p>
<p className="mt-1 break-all text-sm text-gray-900 dark:text-white">{selectedExecutionLog.execution_id || "-"}</p>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<p className="text-xs font-semibold uppercase text-gray-500">Status</p>
<p className="mt-1 text-sm text-gray-900 dark:text-white">{selectedExecutionLog.status}</p>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<p className="text-xs font-semibold uppercase text-gray-500">Execution Time</p>
<p className="mt-1 text-sm text-gray-900 dark:text-white">{typeof selectedExecutionLog.execution_time === "number" ? selectedExecutionLog.execution_time.toFixed(3) : "0.000"} s</p>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<p className="text-xs font-semibold uppercase text-gray-500">Client</p>
<p className="mt-1 break-all text-sm text-gray-900 dark:text-white">{selectedExecutionLog.ip || "Unknown"}</p>
<p className="mt-1 break-all text-xs text-gray-600 dark:text-gray-300">{selectedExecutionLog.user_agent || "Unknown user agent"}</p>
</div>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<div className="flex items-center justify-between">
<p className="text-xs font-semibold uppercase text-gray-500">Request Body</p>
<button
onClick={() => copyText(safeJson(selectedExecutionLog.request_body ?? { note: "No request body captured for this execution log" }))}
className="rounded bg-blue-600 px-2 py-1 text-xs text-white hover:bg-blue-700"
>
Copy
</button>
</div>
<pre className="mt-2 max-h-64 overflow-auto whitespace-pre-wrap break-words rounded bg-gray-50 p-3 text-sm leading-6 text-gray-800 dark:bg-gray-800 dark:text-gray-100">
{safeJson(selectedExecutionLog.request_body ?? { note: "No request body captured for this execution log" })}
</pre>
</div>
<div className="rounded-lg border border-gray-200 p-3 dark:border-gray-700">
<div className="flex items-center justify-between">
<p className="text-xs font-semibold uppercase text-gray-500">Response Body</p>
<button
onClick={() => copyText(safeJson(selectedExecutionLog.response_body ?? { note: "No response body captured for this execution log" }))}
className="rounded bg-emerald-600 px-2 py-1 text-xs text-white hover:bg-emerald-700"
>
Copy
</button>
</div>
<pre className="mt-2 max-h-64 overflow-auto whitespace-pre-wrap break-words rounded bg-gray-50 p-3 text-sm leading-6 text-gray-800 dark:bg-gray-800 dark:text-gray-100">
{safeJson(selectedExecutionLog.response_body ?? { note: "No response body captured for this execution log" })}
</pre>
</div>
</div>
</div>
</div>
) : null}
</div> </div>
) )
} }
frontend/next-env.d.ts
Vendored
+1 -1
View File
@@ -1,6 +1,6 @@
/// <reference types="next" /> /// <reference types="next" />
/// <reference types="next/image-types/global" /> /// <reference types="next/image-types/global" />
import "./.next/types/routes.d.ts"; import "./.next/dev/types/routes.d.ts";
// NOTE: This file should not be edited // NOTE: This file should not be edited
// see https://nextjs.org/docs/app/api-reference/config/typescript for more information. // see https://nextjs.org/docs/app/api-reference/config/typescript for more information.
frontend/package.json
+24 -5
View File
@@ -1,7 +1,7 @@
{ {
"name": "my-v0-project", "name": "openlearnx",
"version": "0.1.0", "version": "2.0.3",
"private": true, "private": false,
"scripts": { "scripts": {
"build": "next build", "build": "next build",
"dev": "next dev", "dev": "next dev",
@@ -81,5 +81,24 @@
"postcss": "^8.5", "postcss": "^8.5",
"tailwindcss": "^3.4.17", "tailwindcss": "^3.4.17",
"typescript": "^5" "typescript": "^5"
} },
} "repository": "https://github.com/th30d4y/OpenLearnX.git",
"publishConfig": {
"registry": "https://registry.npmjs.org"
},
"files": [
"README.md",
"package.json",
"app",
"components",
"context",
"hooks",
"lib",
"public",
"styles",
"next.config.mjs",
"postcss.config.mjs",
"tailwind.config.ts",
"tsconfig.json"
]
}
nohup.out
View File
start-local-secure.sh
Executable
+136
View File
@@ -0,0 +1,136 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "$0")" && pwd)"
MONGO_DBPATH="${HOME}/mongodata"
MONGO_LOG="/tmp/openlearnx_mongod.log"
BACKEND_LOG="/tmp/openlearnx_backend.log"
FRONTEND_LOG="/tmp/openlearnx_frontend.log"
FRONTEND_PID_FILE="/tmp/openlearnx_frontend.pid"
VENV_PYTHON="${ROOT_DIR}/venv_openlearnx/bin/python3"
cd "$ROOT_DIR"
echo "[1/8] Checking prerequisites"
command -v mongod >/dev/null 2>&1 || { echo "ERROR: mongod not found"; exit 1; }
command -v pnpm >/dev/null 2>&1 || { echo "ERROR: pnpm not found"; exit 1; }
command -v docker >/dev/null 2>&1 || { echo "ERROR: docker not found"; exit 1; }
[[ -x "$VENV_PYTHON" ]] || { echo "ERROR: Python venv not found at $VENV_PYTHON"; exit 1; }
ensure_docker_access() {
if docker info >/dev/null 2>&1; then
return 0
fi
echo "[Docker] Current user cannot access Docker. Attempting automatic fix..."
if ! sudo -n true >/dev/null 2>&1; then
echo "[Docker] sudo authentication required once to configure Docker access."
sudo -v
fi
sudo systemctl enable --now docker
if ! getent group docker >/dev/null 2>&1; then
sudo groupadd docker
fi
sudo usermod -aG docker "$USER"
sudo chgrp docker /var/run/docker.sock || true
sudo chmod 660 /var/run/docker.sock || true
if docker info >/dev/null 2>&1; then
return 0
fi
echo "[Docker] Group refresh required. Testing with sg docker context..."
if sg docker -c 'docker info >/dev/null 2>&1'; then
return 0
fi
echo "ERROR: Docker access is still unavailable after auto-fix."
echo "Run: newgrp docker (or log out/in) and rerun this script."
exit 1
}
run_backend() {
if docker info >/dev/null 2>&1; then
nohup "$VENV_PYTHON" backend/main.py >"$BACKEND_LOG" 2>&1 &
sleep 1
pgrep -f "python3 .*backend/main.py" | head -n1 || true
return 0
fi
# Start backend in docker group context when group refresh has not propagated.
sg docker -c "nohup '$VENV_PYTHON' '$ROOT_DIR/backend/main.py' >'$BACKEND_LOG' 2>&1 &"
sleep 1
pgrep -f "python3 .*backend/main.py" | head -n1 || true
}
echo "[2/8] Ensuring Docker access"
ensure_docker_access
echo "[3/8] Stopping old local processes"
pkill -f "mongod.*--dbpath ${MONGO_DBPATH}" 2>/dev/null || true
pkill -f "python3 .*backend/main.py" 2>/dev/null || true
pkill -f "pnpm dev" 2>/dev/null || true
pkill -f "next dev" 2>/dev/null || true
echo "[4/8] Starting MongoDB"
mkdir -p "$MONGO_DBPATH"
if pgrep -f "mongod.*--dbpath ${MONGO_DBPATH}" >/dev/null 2>&1; then
echo "MongoDB already running for ${MONGO_DBPATH}; reusing existing process"
else
set +e
mongod --dbpath "$MONGO_DBPATH" --bind_ip 127.0.0.1 --port 27017 --logpath "$MONGO_LOG" --fork >/tmp/openlearnx_mongod_fork.out 2>&1
mongo_start_code=$?
set -e
if [[ $mongo_start_code -ne 0 ]]; then
echo "WARNING: mongod --fork returned ${mongo_start_code}. Checking if service is still running..."
fi
fi
MONGO_PID="$(pgrep -f "mongod.*--dbpath ${MONGO_DBPATH}" | head -n1 || true)"
if [[ -z "$MONGO_PID" ]]; then
echo "ERROR: MongoDB did not start. Check logs: ${MONGO_LOG} and /tmp/openlearnx_mongod_fork.out"
exit 1
fi
echo "Mongo PID: ${MONGO_PID:-N/A}"
echo "[5/8] Starting backend"
BACKEND_PID="$(run_backend)"
if [[ -z "$BACKEND_PID" ]]; then
echo "ERROR: Backend did not start. Check log: $BACKEND_LOG"
exit 1
fi
echo "Backend PID: ${BACKEND_PID:-N/A}"
echo "[6/8] Starting frontend"
(
cd frontend
nohup pnpm dev >"$FRONTEND_LOG" 2>&1 &
echo "$!" >"$FRONTEND_PID_FILE"
)
FRONTEND_PID="$(cat "$FRONTEND_PID_FILE")"
echo "Frontend PID: ${FRONTEND_PID:-N/A}"
echo "[7/8] Waiting for services"
backend_code="$(curl -sS -o /tmp/openlearnx_backend_health_body.txt -w "%{http_code}" --retry 30 --retry-all-errors --retry-connrefused --retry-delay 1 http://127.0.0.1:5000/api/health || true)"
frontend_code="$(curl -sS -o /tmp/openlearnx_frontend_body.txt -w "%{http_code}" --retry 30 --retry-all-errors --retry-connrefused --retry-delay 1 http://127.0.0.1:3000 || true)"
echo "[8/8] Verifying secure compiler execution"
compiler_code="$(curl -sS -o /tmp/openlearnx_compiler_smoke.json -w "%{http_code}" -X POST http://127.0.0.1:5000/api/compiler/execute -H "Content-Type: application/json" -d '{"language":"python","code":"print(\"ok\")"}' || true)"
echo ""
echo "RESULT"
echo " Mongo PID: ${MONGO_PID:-N/A}"
echo " Backend PID: ${BACKEND_PID:-N/A}"
echo " Frontend PID: ${FRONTEND_PID:-N/A}"
echo " Backend health: ${backend_code:-000} (http://127.0.0.1:5000/api/health)"
echo " Frontend health:${frontend_code:-000} (http://127.0.0.1:3000)"
echo " Compiler smoke: ${compiler_code:-000} (/api/compiler/execute)"
echo ""
echo "Logs:"
echo " MongoDB: $MONGO_LOG"
echo " Backend: $BACKEND_LOG"
echo " Frontend: $FRONTEND_LOG"