Skip to content

Harden config/security + wire Alembic#3

Merged
CaptainCo0L merged 1 commit into
mainfrom
harden-config-security-alembic
Jun 28, 2026
Merged

Harden config/security + wire Alembic#3
CaptainCo0L merged 1 commit into
mainfrom
harden-config-security-alembic

Conversation

@CaptainCo0L

Copy link
Copy Markdown
Owner

Summary

Follow-up to a full-stack audit. The audit found no architectural rework needed — this PR closes the real findings (config/security hygiene) and adds migration tooling. No async/TypeScript rewrite.

  • Prod secret gate — with APP_ENV=prod, the app refuses to boot while JWT_SECRET/ADMIN_PASSWORD are still the dev defaults; dev just warns (zero-.env local dev unchanged). Logs a change-password reminder after seeding the first admin.
  • Configurable CORSCORS_ORIGINS env var; default * unchanged.
  • Audit middleware — the per-mutation DB write was running on the event loop; now deferred via run_in_threadpool.
  • Validation floors — user password min_length, non-empty names, session rate > 0.
  • Alembic — wired for schema changes (baseline builds from metadata, Postgres+SQLite portable); create_all stays the zero-config boot path.

Verification

  • Backend smoke test passes (prod gate confirmed both ways).
  • alembic upgrade head builds the full schema on a fresh DB.
  • README + .env.example updated.

🤖 Generated with Claude Code

Audit found no architectural rework needed; these close the real findings:

- Refuse prod boot (APP_ENV=prod) when JWT_SECRET/ADMIN_PASSWORD are defaults;
  warn in dev. Log a change-password reminder after seeding the first admin.
- Make CORS origins configurable (CORS_ORIGINS); default unchanged.
- Move the audit-log DB write off the event loop via run_in_threadpool.
- Add validation floors: user password min_length, non-empty names, session rate>0.
- Wire Alembic for schema changes (baseline builds from metadata, Postgres+SQLite
  portable); create_all stays the zero-config boot path.

Smoke test extended for the new validation; passwords bumped to satisfy it.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@CaptainCo0L CaptainCo0L merged commit eff1430 into main Jun 28, 2026
1 check passed
@CaptainCo0L CaptainCo0L deleted the harden-config-security-alembic branch June 28, 2026 16:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant