papa/klg-asutk-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
891e17972c
klg-asutk-app/backend/app/api/routes
History
Yuriy 891e17972c fix(klg): безопасность, deps/security, attachments, CSP, api-client, удаление lib/api.ts 
- deps: авторизация через app.services.security (JWT/OIDC), без oidc fallback
- main: AUTH_DEPENDENCY для роутеров, RequestLoggerMiddleware, убран on_event(startup)
- attachments: защита path traversal, проверка владельца/authority
- docker-compose: SECRET_KEY обязателен, отдельная БД keycloak-db
- middleware: ужесточён CSP (без unsafe-eval в prod, без api.openai.com)
- api-client: токен только в памяти, без sessionStorage
- cert_applications: _next_number с SELECT FOR UPDATE
- Удалён lib/api.ts, импорты на @/lib/api/api-client
- docs ERROR_HANDLING: aircraftApi.list(), middleware __init__.py

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-14 23:06:22 +03:00
..
legal fix(klg): безопасность, deps/security, attachments, CSP, api-client, удаление lib/api.ts 2026-02-14 23:06:22 +03:00
modules Безопасность и качество: 8 исправлений + обновления 2026-02-14 21:29:16 +03:00
personnel refactor: legal package, personnel package, FGIS base_service, docs/SECURITY 2026-02-14 21:37:46 +03:00
__init__.py MVP: заглушки, auth, .env.example, связь с бэкендом, главная КЛГ 2026-02-13 16:43:53 +03:00
aircraft.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
airworthiness.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
attachments.py fix(klg): безопасность, deps/security, attachments, CSP, api-client, удаление lib/api.ts 2026-02-14 23:06:22 +03:00
audit.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
cert_applications.py fix(klg): безопасность, deps/security, attachments, CSP, api-client, удаление lib/api.ts 2026-02-14 23:06:22 +03:00
checklist_audits.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
checklists.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
fgis_revs.py refactor: legal package, personnel package, FGIS base_service, docs/SECURITY 2026-02-14 21:37:46 +03:00
health.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
inbox.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
ingest.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
legal_legacy.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
modifications.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
notifications.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
organizations.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
risk_alerts.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
stats.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
tasks.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00
users.py apply recommendations: security, get_db, exceptions, eslint, api-client 2026-02-14 21:48:58 +03:00