feat: enhance backend security and configuration

- Updated Dockerfile to improve security with a non-root user and added health checks. - Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks. - Enhanced .env.example with additional environment variables for security and configuration. - Improved FastAPI application with middleware for security headers, CORS, and body size limits. - Refactored authentication flow in auth.py to include state validation and improved error handling. - Added rate limiting to various endpoints to prevent abuse. - Updated researcher and publication handling to ensure better validation and error management.
2026-05-08 11:19:52 +02:00
parent 96e58dbd16
commit af1b8e9956
37 changed files with 1375 additions and 282 deletions
@@ -2,9 +2,16 @@ from sqlalchemy.orm import Session
 from app.db.models import SyncJob
 from sqlalchemy.sql import func

+# ---------------------------------------------------------
+# Repositorio de trabajos de sincronización
+# ---------------------------------------------------------

 class SyncJobRepository:

+    # ---------------------------------------------------------
+    # Función auxiliar: iniciar un nuevo trabajo de sincronización
+    # ---------------------------------------------------------
+
    @staticmethod
    def start_job(db: Session, researcher_id: str):
        job = SyncJob(
@@ -17,6 +24,10 @@ class SyncJobRepository:
        db.refresh(job)
        return job

+    # ---------------------------------------------------------
+    # Función auxiliar: finalizar un trabajo de sincronización
+    # ---------------------------------------------------------
+
    @staticmethod
    def finish_job(db: Session, job: SyncJob, new_records: int, updated_records: int):
        job.status = "finished"