feat: enhance backend security and configuration

- Updated Dockerfile to improve security with a non-root user and added health checks. - Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks. - Enhanced .env.example with additional environment variables for security and configuration. - Improved FastAPI application with middleware for security headers, CORS, and body size limits. - Refactored authentication flow in auth.py to include state validation and improved error handling. - Added rate limiting to various endpoints to prevent abuse. - Updated researcher and publication handling to ensure better validation and error management.
2026-05-08 11:19:52 +02:00
parent 96e58dbd16
commit af1b8e9956
37 changed files with 1375 additions and 282 deletions
@@ -0,0 +1,28 @@
+"""
+Configuración de logging estructurada y minimalista.
+
+- Formatea con timestamp, nivel y logger.
+- En producción usa nivel INFO; en desarrollo DEBUG.
+- Silencia logs ruidosos de librerías externas para no filtrar headers.
+"""
+
+from __future__ import annotations
+
+import logging
+
+from app.core.config import settings
+
+
+_LOG_FORMAT = "%(asctime)s %(levelname)s %(name)s :: %(message)s"
+
+
+def configure_logging() -> None:
+    level = logging.DEBUG if settings.DEBUG else logging.INFO
+
+    logging.basicConfig(level=level, format=_LOG_FORMAT)
+
+    for noisy in ("httpx", "httpcore", "sqlalchemy.engine.Engine"):
+        logging.getLogger(noisy).setLevel(logging.WARNING)
+
+    logging.getLogger("uvicorn.error").setLevel(level)
+    logging.getLogger("uvicorn.access").setLevel(logging.WARNING)