feat: enhance backend security and configuration

- Updated Dockerfile to improve security with a non-root user and added health checks.
- Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks.
- Enhanced .env.example with additional environment variables for security and configuration.
- Improved FastAPI application with middleware for security headers, CORS, and body size limits.
- Refactored authentication flow in auth.py to include state validation and improved error handling.
- Added rate limiting to various endpoints to prevent abuse.
- Updated researcher and publication handling to ensure better validation and error management.

backend/app/db/session.py

@@ -9,6 +9,7 @@ load_dotenv()
 # -----------------------------
 # DATABASE URL
 # -----------------------------
+
 DATABASE_URL = os.getenv("DATABASE_URL")
 
 engine = create_engine(
@@ -29,6 +30,7 @@ Base = declarative_base()
 # -----------------------------
 # DB SESSION DEPENDENCY
 # -----------------------------
+
 def get_db():
     db = SessionLocal()
     try:
@@ -40,17 +42,25 @@ def get_db():
 # -----------------------------
 # INIT DB (CREA TABLAS)
 # -----------------------------
+
 def init_db():
+
     # Importa modelos para que SQLAlchemy los registre
+
     import app.db.models  # noqa
 
     # Crea todas las tablas si no existen
+
     Base.metadata.create_all(bind=engine)
 
     # Pequeñas migraciones "best-effort" para entornos sin Alembic.
     # (create_all no altera tablas existentes)
+
     _ensure_columns()
 
+# ---------------------------------------------------------
+# Función auxiliar: asegurar columnas existentes
+# ---------------------------------------------------------
 
 def _ensure_columns():
     insp = inspect(engine)