feat: enhance backend security and configuration
- Updated Dockerfile to improve security with a non-root user and added health checks. - Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks. - Enhanced .env.example with additional environment variables for security and configuration. - Improved FastAPI application with middleware for security headers, CORS, and body size limits. - Refactored authentication flow in auth.py to include state validation and improved error handling. - Added rate limiting to various endpoints to prevent abuse. - Updated researcher and publication handling to ensure better validation and error management.
This commit is contained in:
Mireya Cueto Garrido
@@ -6,6 +6,9 @@ from datetime import datetime
|
||||
|
||||
from app.db.session import Base
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# Modelo de investigador
|
||||
# ---------------------------------------------------------
|
||||
|
||||
class Researcher(Base):
|
||||
__tablename__ = "researchers"
|
||||
@@ -18,6 +21,9 @@ class Researcher(Base):
|
||||
|
||||
publications = relationship("Publication", back_populates="researcher", cascade="all, delete-orphan")
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# Modelo de publicación
|
||||
# ---------------------------------------------------------
|
||||
|
||||
class Publication(Base):
|
||||
__tablename__ = "publications"
|
||||
@@ -65,6 +71,9 @@ class Publication(Base):
|
||||
# Legacy: descargado global (deprecado). Mantener por compatibilidad de DB.
|
||||
downloaded = Column(Boolean, nullable=False, default=False)
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# Modelo de descarga de publicación
|
||||
# ---------------------------------------------------------
|
||||
|
||||
class PublicationDownload(Base):
|
||||
"""
|
||||
|
||||
Reference in New Issue
Block a user