oib/aitbc
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

chore: enhance security configuration across applications

Browse Source 
- Add root-level *.json to .gitignore to prevent wallet backup leaks
- Replace wildcard CORS origins with explicit localhost URLs across all apps
- Add OPTIONS method to CORS allowed methods for preflight requests
- Update coordinator database to use absolute path in data/ directory to prevent duplicates
- Add JWT secret validation in coordinator config (must be set via environment)
- Replace deprecated get_session dependency with Session
This commit is contained in:
oib
2026-02-13 16:07:03 +01:00
parent e9646cc7dd
commit c984a1e052
13 changed files with 434 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
apps/coordinator-api/src/app/deps.py
View File

@@ -1,21 +1,9 @@
from typing import Callable, Generator, Annotated
from typing import Callable, Annotated
from fastapi import Depends, Header, HTTPException
from sqlmodel import Session
from .config import settings
def get_session() -> Generator[Session, None, None]:
"""Get database session"""
from .database import engine
with Session(engine) as session:
yield session
# Type alias for session dependency
SessionDep = Annotated[Session, Depends(get_session)]
class APIKeyValidator:
def __init__(self, allowed_keys: list[str]):
self.allowed_keys = {key.strip() for key in allowed_keys if key}