admin/ORCID2SWORD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enhance backend security and configuration

Browse Source 
- Updated Dockerfile to improve security with a non-root user and added health checks.
- Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks.
- Enhanced .env.example with additional environment variables for security and configuration.
- Improved FastAPI application with middleware for security headers, CORS, and body size limits.
- Refactored authentication flow in auth.py to include state validation and improved error handling.
- Added rate limiting to various endpoints to prevent abuse.
- Updated researcher and publication handling to ensure better validation and error management.
This commit is contained in:
Mireya Cueto Garrido
2026-05-08 11:19:52 +02:00
parent 96e58dbd16
commit af1b8e9956
37 changed files with 1375 additions and 282 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/services/sync_service.py
+15
View File
@@ -8,12 +8,23 @@ from app.db.repositories.researcher_repository import ResearcherRepository
from app.db.repositories.publication_repository import PublicationRepository
from app.db.repositories.syncjob_repository import SyncJobRepository
# ---------------------------------------------------------
# Clase de servicio de sincronización
# ---------------------------------------------------------
class SyncService:
# ---------------------------------------------------------
# Función auxiliar: inicializar el servicio de sincronización
# ---------------------------------------------------------
def __init__(self):
self.orcid_client = ORCIDClient()
# ---------------------------------------------------------
# Función auxiliar: sincronizar las publicaciones de un investigador
# ---------------------------------------------------------
def sync_researcher(self, db: Session, orcid_id: str):
"""
Sincroniza las publicaciones de un investigador con manejo robusto de errores.
@@ -109,6 +120,10 @@ class SyncService:
"total": new_records + updated_records
}
# ---------------------------------------------------------
# Función auxiliar: sincronizar y obtener investigador + publicaciones
# ---------------------------------------------------------
def sync_and_get_full(self, db: Session, orcid_id: str):
"""
Sincroniza (si es necesario) y devuelve investigador + publicaciones.