Adriano
dd2ebf863a
Security hardening: CORS lockdown, rate limiting middleware con sliding window e eviction IP stale, security headers (CSP, HSTS, X-Frame-Options), session cookie hardening, filename sanitization upload. i18n completion: internazionalizzati barcode.js e csv-export.js con bridge window.BARCODE_I18N/CSV_I18N, aggiornati .po IT/EN con 27 nuove stringhe. Tablet UX: touch target 44px per dispositivi coarse pointer. Test suite: 101 test totali (76 server + 25 client), copertura completa di tutti i router API, autenticazione, ruoli, CRUD, SPC, file upload, security integration. Infrastruttura SQLite async in-memory con fixtures. Fix critici: MissingGreenlet in recipe_service (selectinload eager), route ordering tasks.py, auth_service bcrypt diretto, Measurement.id Integer per SQLite. Documentazione: API.md (riferimento completo 40+ endpoint), DEPLOYMENT.md (guida produzione con Docker/Nginx/SSL), USER_GUIDE.md (manuale utente per ruolo). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
27 lines
679 B
Python
27 lines
679 B
Python
"""FastAPI middleware for TieMeasureFlow."""
|
|
from middleware.api_key import (
|
|
get_current_user,
|
|
require_role,
|
|
require_admin,
|
|
require_maker,
|
|
require_measurement_tec,
|
|
require_metrologist,
|
|
require_admin_user,
|
|
)
|
|
from middleware.logging import AccessLogMiddleware
|
|
from middleware.rate_limit import RateLimitMiddleware
|
|
from middleware.security_headers import SecurityHeadersMiddleware
|
|
|
|
__all__ = [
|
|
"get_current_user",
|
|
"require_role",
|
|
"require_admin",
|
|
"require_maker",
|
|
"require_measurement_tec",
|
|
"require_metrologist",
|
|
"require_admin_user",
|
|
"AccessLogMiddleware",
|
|
"RateLimitMiddleware",
|
|
"SecurityHeadersMiddleware",
|
|
]
|