feat: enhance backend security and configuration

- Updated Dockerfile to improve security with a non-root user and added health checks.
- Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks.
- Enhanced .env.example with additional environment variables for security and configuration.
- Improved FastAPI application with middleware for security headers, CORS, and body size limits.
- Refactored authentication flow in auth.py to include state validation and improved error handling.
- Added rate limiting to various endpoints to prevent abuse.
- Updated researcher and publication handling to ensure better validation and error management.

backend/app/db/repositories/publication_repository.py

@@ -1,8 +1,16 @@
 from sqlalchemy.orm import Session
 from app.db.models import Publication
 
+# ---------------------------------------------------------
+# Repositorio de publicaciones
+# ---------------------------------------------------------
+
 class PublicationRepository:
 
+    # ---------------------------------------------------------
+    # Función auxiliar: obtener publicación por put_code
+    # ---------------------------------------------------------
+
     @staticmethod
     def get_by_put_code(db: Session, researcher_id: str, put_code: int):
         """
@@ -17,6 +25,10 @@ class PublicationRepository:
             .first()
         )
 
+    # ---------------------------------------------------------
+    # Función auxiliar: crear una nueva publicación
+    # ---------------------------------------------------------
+
     @staticmethod
     def create(db: Session, researcher_id: str, data: dict):
         """
@@ -37,6 +49,10 @@ class PublicationRepository:
         db.refresh(pub)
         return pub
 
+    # ---------------------------------------------------------
+    # Función auxiliar: actualizar una publicación existente
+    # ---------------------------------------------------------
+
     @staticmethod
     def update(db: Session, publication: Publication, data: dict):
         """
@@ -53,6 +69,10 @@ class PublicationRepository:
         db.refresh(publication)
         return publication
 
+    # ---------------------------------------------------------
+    # Función auxiliar: listar publicaciones de un investigador
+    # ---------------------------------------------------------
+
     @staticmethod
     def list_by_researcher(db: Session, researcher_id: str):
         """

backend/app/db/repositories/researcher_repository.py

@@ -2,13 +2,24 @@ from sqlalchemy.orm import Session
 from app.db.models import Researcher
 from sqlalchemy.sql import func
 
+# ---------------------------------------------------------
+# Repositorio de investigadores
+# ---------------------------------------------------------
 
 class ResearcherRepository:
 
+    # ---------------------------------------------------------
+    # Función auxiliar: obtener investigador por ORCID ID
+    # ---------------------------------------------------------
+
     @staticmethod
     def get_by_orcid(db: Session, orcid_id: str):
         return db.query(Researcher).filter(Researcher.orcid_id == orcid_id).first()
 
+    # ---------------------------------------------------------
+    # Función auxiliar: crear un nuevo investigador
+    # ---------------------------------------------------------
+
     @staticmethod
     def create(db: Session, orcid_id: str, name: str = None):
         researcher = Researcher(orcid_id=orcid_id, name=name)
@@ -17,6 +28,10 @@ class ResearcherRepository:
         db.refresh(researcher)
         return researcher
 
+    # ---------------------------------------------------------
+    # Función auxiliar: actualizar la última sincronización
+    # ---------------------------------------------------------
+
     @staticmethod
     def update_last_sync(db: Session, researcher: Researcher):
         researcher.last_sync_at = func.now()

backend/app/db/repositories/syncjob_repository.py

@@ -2,9 +2,16 @@ from sqlalchemy.orm import Session
 from app.db.models import SyncJob
 from sqlalchemy.sql import func
 
+# ---------------------------------------------------------
+# Repositorio de trabajos de sincronización
+# ---------------------------------------------------------
 
 class SyncJobRepository:
 
+    # ---------------------------------------------------------
+    # Función auxiliar: iniciar un nuevo trabajo de sincronización
+    # ---------------------------------------------------------
+
     @staticmethod
     def start_job(db: Session, researcher_id: str):
         job = SyncJob(
@@ -17,6 +24,10 @@ class SyncJobRepository:
         db.refresh(job)
         return job
 
+    # ---------------------------------------------------------
+    # Función auxiliar: finalizar un trabajo de sincronización
+    # ---------------------------------------------------------
+
     @staticmethod
     def finish_job(db: Session, job: SyncJob, new_records: int, updated_records: int):
         job.status = "finished"