Fix security vulnerabilities. Add logging

2026-05-09 17:52:59 +02:00
parent d803e2d7f6
commit 69e4f594de
14 changed files with 226 additions and 72 deletions
--- a/.env.example
+++ b/.env.example
@@ -8,5 +8,15 @@ SECRET_KEY=replace-with-a-random-64-char-hex-string
 # Port configuration
 APP_PORT=8000

+# CORS allowed origins (comma-separated)
+CORS_ORIGINS=http://localhost:8000
+
+# Trusted proxy IPs for correct client IP extraction (comma-separated)
+TRUSTED_PROXY_IPS=127.0.0.1
+
 # Database path (default: ./data/gates.db relative to project root)
 # DATABASE_URL=sqlite:///./data/gates.db
+
+# Logging configuration
+LOG_LEVEL=INFO
+#LOG_FILE=logs/app.log