feat: enhance backend security and configuration
- Updated Dockerfile to improve security with a non-root user and added health checks. - Modified docker-compose.yml to set containers as read-only, restrict ports to localhost, and implement health checks. - Enhanced .env.example with additional environment variables for security and configuration. - Improved FastAPI application with middleware for security headers, CORS, and body size limits. - Refactored authentication flow in auth.py to include state validation and improved error handling. - Added rate limiting to various endpoints to prevent abuse. - Updated researcher and publication handling to ensure better validation and error management.
This commit is contained in:
Mireya Cueto Garrido
@@ -1,14 +1,16 @@
|
||||
fastapi
|
||||
uvicorn
|
||||
uvicorn[standard]
|
||||
sqlalchemy
|
||||
psycopg2-binary
|
||||
httpx
|
||||
pydantic
|
||||
pydantic-settings
|
||||
python-dotenv
|
||||
lxml
|
||||
apscheduler
|
||||
defusedxml
|
||||
APScheduler==3.10.4
|
||||
authlib
|
||||
redis
|
||||
APScheduler==3.10.4
|
||||
requests
|
||||
python-jose[cryptography]
|
||||
slowapi
|
||||
|
||||
Reference in New Issue
Block a user