admin/ORCID2SWORD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enhance backend security and configuration

Browse Source 
- Updated Dockerfile to improve security with a non-root user and added health checks.
- Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks.
- Enhanced .env.example with additional environment variables for security and configuration.
- Improved FastAPI application with middleware for security headers, CORS, and body size limits.
- Refactored authentication flow in auth.py to include state validation and improved error handling.
- Added rate limiting to various endpoints to prevent abuse.
- Updated researcher and publication handling to ensure better validation and error management.
This commit is contained in:
Mireya Cueto Garrido
2026-05-08 11:19:52 +02:00
parent 96e58dbd16
commit af1b8e9956
37 changed files with 1375 additions and 282 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/db/repositories/publication_repository.py
+20
View File
@@ -1,8 +1,16 @@
from sqlalchemy.orm import Session
from app.db.models import Publication
# ---------------------------------------------------------
# Repositorio de publicaciones
# ---------------------------------------------------------
class PublicationRepository:
# ---------------------------------------------------------
# Función auxiliar: obtener publicación por put_code
# ---------------------------------------------------------
@staticmethod
def get_by_put_code(db: Session, researcher_id: str, put_code: int):
"""
@@ -17,6 +25,10 @@ class PublicationRepository:
.first()
)
# ---------------------------------------------------------
# Función auxiliar: crear una nueva publicación
# ---------------------------------------------------------
@staticmethod
def create(db: Session, researcher_id: str, data: dict):
"""
@@ -37,6 +49,10 @@ class PublicationRepository:
db.refresh(pub)
return pub
# ---------------------------------------------------------
# Función auxiliar: actualizar una publicación existente
# ---------------------------------------------------------
@staticmethod
def update(db: Session, publication: Publication, data: dict):
"""
@@ -53,6 +69,10 @@ class PublicationRepository:
db.refresh(publication)
return publication
# ---------------------------------------------------------
# Función auxiliar: listar publicaciones de un investigador
# ---------------------------------------------------------
@staticmethod
def list_by_researcher(db: Session, researcher_id: str):
"""